• Journal of Digital Contents Society
• /
• v.14 no.1
• /
• pp.81-88
• /
• 2013

The increase of the smartphone users has popularized the mobile payment and the mobile credit card users are rapidly getting increased. The mobile credit cards that currently used provide its users with the service through downloading mobile credit card information into USIM. The mobile credit card saved in USIM has the minimized information for the security and is based on PKI. However certificate-based payment system has a complicated procedure and costs a lot of money to manage the certificates and CRL(Certificate Revocation List). Furthermore, It can be a obstacle to develop local e-commerce in Korea because it is hard for foreigners to use them. We propose the secure and efficient mobile credit card payment protocol based on certificateless signcryption which solve the problem of certificate use.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.33-40
• /
• 2016

Credit card is means of payment used like cash in terms of function and its users have increased consistently. With development of Internet and electronic commerce a role as payment method of credit card has been growing. But as the risk which results from centralized information and online increases, credit card fraud is also growing. Card theft and loss are decreasing due to countermeasure of card companies and financial supervisory authorities, while card forge and identity theft are increasing. Recently because of frequent personal information leakage and deregulation of financial security following easy-to-use payment enforcement, customer's anxiety about card fraud is growing. And the increase of card fraud lowers trust on credit system as well as causes social costs. In this paper, the security problems of card operating system are addressed in depth and the measures such as immediate switch to IC card terminals, introduction of new security technology, supervision reinforcement of the authorities are proposed.

• Proceedings of the CALSEC Conference
• /
• 2004.02a
• /
• pp.75-82
• /
• 2004

Recently introduced by the major credit card associations as replacements for the decommissioned SET and 3DSET protocols, the new payment models, 3DSecure and UCAF/SPA, have been designed to provide online merchants with a solution to an existing problem in online credit card transactions - the lack of an effective and efficient means of authenticating cardholders. The expected benefits arising from this added level of security from the merchant′s perspective are increased consumer confidence, significant reduction in the levels of fraud and charge backs and "liability shift". Using data gleaned from preliminary interviews, discussion forums and promotional material, we present a critical analysis of the potential barriers and facilitators that will impact on the widespread traction of these programs in the marketplace in the coming years.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1175-1186
• /
• 2015

Financial fraud has been increasing along with credit card usage. Magnetic stripe cards have vulnerabilities in that credit card information is exposed in plaintext and cardholder verification is untrustworthy. So they have been replaced by a smart card scheme to provide enhanced security. Furthermore, the FinTech that combines the IT with Financial product is being prevalent. For that reason, many mobile device based payment schemes have been proposed for card present transaction. In this paper, we propose a virtual credit card number payment scheme based on public key system for efficient authentication in card present transaction. Our proposed scheme is able to authenticate efficiently in card present transaction by pre-registering virtual credit card number based on cardholder's public key without PKI. And we compare and analyze our proposed scheme with EMV.

• The Journal of Information Technology
• /
• v.3 no.3
• /
• pp.77-88
• /
• 2000

Electronic Commerce increased rapidly according to the growing popularity of Internet. but payment system are not changed. Now main payment system of electronic commerce are credit card and cyber banking system. Then credit card has some problems safety, privacy etc, and cyber banking system has some problem also. We need new payment system to Electronic Commerce. The merit of electronic money are more capacity, more secure, more reliable, quick and easy to update, secure off-line processing, enabling technology etc than credit card and cyber banking system. And so many countries began using experiment of electronic money and our country began July KOEX building. But it has some problems (standardization, safety of payment, etc). Therefor we must make nile about electronic money in order to standardization and safety of payment. After then electronic money are used widely in electronic commerce.

• Proceedings of the KIEE Conference
• /
• 2005.05a
• /
• pp.269-271
• /
• 2005

EMV was formed in February 1999 by Europay International, MasterCard International and Visa International to manage, maintain and enhance the EMV Integrated Circuit Card Specifications for Payment Systems as technology advances and the implementation of chip card programs become more prevalent. The formation of EMV ensures that single terminal and card approval processes are developed at a level that will allow cross payment system interoperability through compliance with the EMV specifications. A credit card environment of the domestic market adopted the standard Local-EMV to have the compatibility with EMV international standard and the EMV migration have been carried out b,# the step-by-step process. It may be possible to adopt various kinds of cryptographic algorithms, however, RSA public key algorithm is currently used. In this paper, as a public key algorithm for the authentication process, Elliptic Curve Cryptographic algorithm is applied to the EMV process. Implementation results is shown. and the possible changes necessary to accommodate Elliptic Curve Cryrtography is proposed.

• The Journal of Information Systems
• /
• v.26 no.4
• /
• pp.137-161
• /
• 2017

Purpose In this study, the difficulties were analyzed with the field data from two domestic and interview with industry practitioners. And We presented initiatives with feasibilities to overcome the hurdle for progress of easy-payment. Design/methodology/approach We collected industry data from two domestic credit card companies and analyzed that data to prove 7 proposition in detail. Also We had interview data from industry practitioners who can understand the relationship between stakeholders. For this analysis, we used the causal loop diagram to find activation inhibition and activation elements about easy-payment. Findings The Fintech easy-payment industry has been organically involved in various partners such as customers, merchants, PGs, VANs, credit card issuers, banks, payment providers, terminal manufacturers, etc. and they have been competing against each other to hold leader position in the easy-payment market. Because of the reasons, the easy-payment does not spread out as much as it expects. In this study, the difficulties were analyzed with the field data and interview with industry practitioners and proposed five initiatives with feasibilities to overcome the hurdle for progress of easy-payment. This study helps to understand current situation and issues of Fintech and easy-payment for related research in future.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.3
• /
• pp.563-572
• /
• 2016

Recently, a plenty of credit card payment protocols have been proposed in Korea. Several features of proposed protocols include: using passwords for user authentication in stead of official certificate for authenticity, and no need to download additional security module via ActiveX into user's devices. In this paper, we suggest two new credit card payment protocols that use both SSL(Security Socket Layer) as a standardized secure transaction protocol and password authentication to perform online shopping and payment. The first one is for the case where online shopping mall is different from PG(Payment Gateway) and can be compared to PayPal-based payment methods, and the second one is for the case where online shopping mall is the same as PG and thus can be compared to Amazon-like methods. Two proposed protocols do not require users to perform any pre-registration process which is separate from an underlying shopping process, instead users can perform both shopping and payment into a single process in a convenient way. Also, users are asked to input a distinct payment password, which increases the level of security in the payment protocols. We believe that two proposed protocols can help readers to better understand the recent payment protocols that are suggested by various vendors, and to analyze the security of their payment protocols.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.4
• /
• pp.51-62
• /
• 2019

Recently, as the number of Smart Phone users increase, the simple payment system has been able to make payments using only card information such as a registered password without extra authorized certificate authentication or input of card information. In this paper, it will examine and analyze simple payment system provided by IT companies and financial institutions and the simple payment system that operates global online payment system by case view of operational direction. Then with this examination, it will study ways to improve the problems with terms of convenience and stability in terms of users. In this paper, it will analyze the inconvenient problem in using the QR code system that recently introduced and will propose solutions. Also, it will propose suggestions to solve inconvenience that caused by system that supports NFC simple payment terminal in Korea is not universalize by analyze case study on the overseas simple payment system. It will also propose opinions on the matters that customer having responsible for event of a small financial accident related to loss or theft when using the simple payment system. Then it will suggest expected requirements to prepare new security technical countermeasures and solve the conditions of meeting expectation satisfaction of users.

• Journal of Advanced Navigation Technology
• /
• v.11 no.3
• /
• pp.337-342
• /
• 2007

This paper proposes Electronic Credit Card(EMV) processing procedures for a credit payment method which can be applied to Korean ETCS(Electrical Toll Collection System). In Korea, Korea Highway Corporation services contactless ETCS's called by Hi-Pass and Touch-Pass system at present. These systems operate on a pre-paid payment method similar to electronic money. On the other side, a credit payment method based on credit card has an advantage which does not require pre-paid. The introduction of credit payment method to ETCS is in preparation. In this paper, we propose EMV processing methods based on a credit payment method which can be applied on ETCS.