• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1525-1540
• /
• 2015

Due to a rapid advancement in the electronic commerce technology, the payment method varies from cash to electronic settlement such as credit card, mobile payment and mobile application card. Therefore, financial fraud is increasing notably for a purpose of personal gain. In response, financial companies are building the FDS (Fraud Detection System) to protect consumers from fraudulent transactions. The one of the goals of FDS is identifying the fraudulent transaction with high accuracy by analyzing transaction data and personal information in real-time. Data mining techniques are providing great aid in financial accounting fraud detection, so it have been applied most extensively to provide primary solutions to the problems. In this paper, we try to provide an overview of the research on data mining based fraud detection. Also, we classify researches under few criteria such as data set, data mining algorithm and viewpoint of research.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.5-15
• /
• 2015

Electronic transactions have been increasing with the development of the high-speed Internet and wireless communication. However, in recent years financial corporations and mobile carriers were attacked by hackers. And large numbers of privacy information have been leaked. In particular, in the case of credit card information can be misused in the online transaction, and the damage of this given to cardholder. To prevent these problems, it has been proposed to use a virtual card number instead of the actual card number. But it has security vulnerability and requires additional security infrastructure. In this paper, we analyzed the proposed virtual card number schemes. and we propose a new virtual credit card number scheme. In the newly proposed scheme, cardholder generates a key pair (public key/private key) and pre-register public key to the issuer. then, cardholder can pay no additional security infrastructure while still efficiently satisfy the security requirements.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1045-1053
• /
• 2014

In this paper, we assume that the information leakage through side-channel signal may occur from the card payment terminal and newly introduce a real application attack model. The attack model is a side channel attack based on vibration signals, which are detected by a small sensor attached on card terminal by attacker. This study is similar to some other studies regarding side channel attack. However, this paper is different in that it is based on the non-language model. Because the financial transaction information such as a card number, password, mobile phone number and etc cannot have a constant pattern. In addition, there was no study about card terminal. Therefore, this new study is meaningful. We collected vibration signals on card terminal with a small wireless sensor and analyzed signal data with statistical signal processing techniques using spectrum of frequency domain and principal component analysis and pattern recognition algorithms. Finally, we evaluated the performances by using real data from the sensor.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.5
• /
• pp.931-939
• /
• 2014

The Web or Mobile channel of previous Web access authentication system for a payment only provides the authentication of remote users, and does not provide the authentication between a user and a bank/financial institution. Therefore, this paper proposes the Transaction Certificate Mode(TCM) for a payment which can preserve the mutual authentication between a user and a bank/financial institution for Web-based payment systems. The proposed system has designed for wireless network instead of Secure Electronic Transaction (SET) designed for wired electronic transaction. In addition, this system with TCM is able to support an account-based transaction for wireless networks instead of a disadvantage of SET such as a card-based transaction for wired networks. Therefore, customers can check their balances without logging on their bank's web site again due to mutual authentication between a customer and his bank/financial institution.

• Journal of the Korea Convergence Society
• /
• v.8 no.11
• /
• pp.263-269
• /
• 2017

Credit card holders are showing a higher level of psychology to show their identity beyond the means of payment. The purpose of this study is to investigate which design factors affect the 30th and 40th generation housewives when issuing credit cards. A total of 200 people in the 30s and 40s housewives who live in Seoul and the metropolitan area were selected from among the customers who use the credit card, and the effect of the design factors of the domestic credit card on the selection of the credit card, Based on previous studies, questionnaires were prepared and surveyed. As a result of the survey, it was found that the color design of the credit card design element was the achromatic system and the main image was the simple design which only used the color without emphasizing the image or the logo, and then the character type was preferred. I prefer not to have a card decoration, and I have found that a metal-like card material is the most preferred. Through this, I would like to suggest directions for the design development for 30 and 40 housewives in credit card companies.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1033-1040
• /
• 2003

In order to provode information services on M-Commerce, a payment solution with security function should be required. User's mobile terminals for using M-Commerce services are diversifying to cellular phone, PDA, Smart phone etc. Among them, intergration of PDA's interface and mobile connection overcomes the weak point of existing cullular phone depending on information via the internet. In this paper, the protocol for a credit card transaction on PDA using ECC is presented. Secure Card module on this protocol encrypts user's information such as private information, delivery information and credit card information and store them on PDA in order to free from inputting information whenever it is used. This scheme also offers security services on M-Commerce including authentication, confidentiality, integration, non-repudiation and so on.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.101-112
• /
• 2017

The purpose of this paper is the comparative analysis of factors affecting the intention to use mobile payment services. This research compares the types of mobile payment services and different age groups. The result reveals that consumers' innovativeness has a positive impact on the intention to use mobile payment services in case of smartphone-only pay and compatibility and image have a positive effect on the intention to use mobile payment services in case of online pay. There is no significant influencing factor in the case of mobile app card. Moreover, the study reveals that consumers' innovativeness, trust in other domains, and compatibility positively affect the intention to use mobile payment services in the 30-49 age group. In the 50-69 age group, image has a positive impact and perceived risk has a negative impact on the intention to use mobile payment services. There is no significant influence factor in the 10-29 age group. This study is a first-time comparative analysis of factors affecting the intention to use mobile payment services focusing on the types of mobile payment services and different age groups.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1996.11a
• /
• pp.122-132
• /
• 1996

WWW(World Wide Web)은 미래의 쇼핑수단으로 자리를 잡아가고 있다. 하지만, 현재 사용하고 있는 지불형태는 구매자의 신용카드 정보가 평문으로 네트워크를 통해 전송되는 것과 같은 보안상의 문제점을 가지고 있다. 이러한 문제점들은 개인정보에 대한 침해 딸만 아니라 정제범죄 등의 사회적 문제를 야기할 수 있다. 이러한 문제점을 재결하기 위하여 본 논문에서는 신용카드를 사용하는 새로운 전자지불 프로토콜인 SCCP(Secure Credit Card payment)를 소개한다. SCCP의 적합성을 확인하기 위하여 IBM에서 제시한 기준에 따라 수행한 결과, 본 논문에서 제시하는 방법은 안전한 전자지불 프로토콜로 판단된다.

• Proceedings of the KIEE Conference
• /
• 2001.11c
• /
• pp.450-452
• /
• 2001

In this paper, we proposed the automatic postal drop-off system based on the microprocessor board or PC. The weight of the small postal package is transmitted from the electronic scale and user-entered addresses and delivery rate are processed by the controller to calculate the fee. For 24 hour out-door operation and maintenance, non-cash payment methods such as credit card payment is used. The post stamp and receipt are printed by the thermal printer. For the electronic processing of the parcel, serial code is also printed on the stamp and receipts in bar code format. The parcel information obtained by the automatic postal drop-off system is transferred to remote central system by dial-up modem shared by the on site office. The proposed system and its control software are built for prototype model operation and the result met the design requirements. For real time processing, data reception through three serial ports is handled by interrupt routine. The proposed system is expected to be applied for commercial logistics system and pc automation system.

• Annual Conference of KIPS
• /
• 2012.04a
• /
• pp.639-641
• /
• 2012

금융 사기로 인한 피해로부터 카드 사용자의 금융 정보를 보호하기 위한 노력이 지속되고 있다. 금융 카드에 대한 보안은 IC 금융 카드의 사용 등의 방법으로 지속적으로 보완되고 향상되어 가고 있다. 이런 시점에 상대적으로 취약한 결재 시스템인 카드 단말기에 대한 보안에 또한 관심을 기울여야 하는 시점이다. 이런 의미로 카드 단말기에 대한 보안성 평가 스킴인 PCI PTS(Payment Card Industry Payment Transaction Security) 요구사항을 소개하고 카드 단말기의 필수적 키인 PEK(PIN Encryption Key)를 주입하는데 있어 PCIPTS 의 논리적 요구사항을 충족하는 방법을 제시한다.