• The Journal of Society for e-Business Studies
• /
• v.2 no.1
• /
• pp.79-94
• /
• 1997

Commerce activities which are free form space and time constraint using a communication network are called Electronic Commerce(EC). Because of sending a commercial information using open network such as Internet in EC, they need the security of commerce information (payment information and purchase information), checking the integrity of transferring data and certifying all parts participated in commerce for a secure commerce. Recently Visa and MasterCard Co. released the Secure Electronic Transaction (SET) Protocol for secure payment card transaction on Internet. This paper proposes a Secure Electronic Commerce Transaction Model(SECTM) using SET in order to support the secure commerce on Internet. The proposed transaction model prevents merchant from abusing the cardholder's payment information (credit-card number etc.) and enables cardholder to shop securely in Electronic Shopping Mall.

• Proceedings of the CALSEC Conference
• /
• 1999.07b
• /
• pp.491-500
• /
• 1999

Recent increase of commercial network Integration to World Wide Web(WWW) shifts an ordinary commerce to electronic environment. This draws more people to examine re-assurance of their secure transaction. This study investigates current status of security methodology for Electronic Payment System and extracts important axis of security level for electronic payment. Using these axis as security evaluation criteria, the research proposes a security matrix which consists of four different level of security granularity, hence allowing evaluation of a nation-wide credit card based payment system. Feasible usage of this matrix contributes to security analysis of the electronic system as whole, hence providing better secured electronic environment.

• International Commerce and Information Review
• /
• v.15 no.2
• /
• pp.189-206
• /
• 2013

In this paper, we investigate if the new merchant fee system has problems. The fee was fixed by government policies and there were no processes of listening to market participants. Therefore, we suggest improvements as follows. First, large-sized stores take burdens for the rest of stores so credit card companies and the government should try to minimize the increasing rate for large-sized stores. Second, credit card firms need to give VAN companies roles of stabilizing authorizing processes. Third, periodic update requires because of credibility. Fourth, contents of merchant fee should be disclosed to merchants. Fifth, there needs discussions for merchant fees of debit cards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.5-15
• /
• 2015

Electronic transactions have been increasing with the development of the high-speed Internet and wireless communication. However, in recent years financial corporations and mobile carriers were attacked by hackers. And large numbers of privacy information have been leaked. In particular, in the case of credit card information can be misused in the online transaction, and the damage of this given to cardholder. To prevent these problems, it has been proposed to use a virtual card number instead of the actual card number. But it has security vulnerability and requires additional security infrastructure. In this paper, we analyzed the proposed virtual card number schemes. and we propose a new virtual credit card number scheme. In the newly proposed scheme, cardholder generates a key pair (public key/private key) and pre-register public key to the issuer. then, cardholder can pay no additional security infrastructure while still efficiently satisfy the security requirements.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.3
• /
• pp.1231-1245
• /
• 2015

People have transferred their business model from traditional commerce to e-commerce in recent decades. Both shopping and payment can be completed through the Internet and bring convenience to consumers and business opportunities to industry. These trade techniques are mostly set up based on the Secure Sockets Layer (SSL). SSL provides the security for transaction information and is easy to set up, which makes it is widely accepted by individuals. Although attackers cannot obtain the real content even when the transferred information is intercepted, still there is risk for online trade. For example, it is impossible to prevent credit card information from being stolen by virtual merchant. Therefore, we propose a new mechanism to solve such security problem. We make use of the disposable dynamic security code (DSC) to replace traditional card security code. So even attackers get DSC for that round of transaction, they cannot use it for the next time. Besides, we apply visual secret sharing techniques to transfer the DSC, so that interceptors cannot retrieve the real DSC even for one round of trade. This way, we can improve security of credit card transaction and reliability of online business. The experiments results validate the applicability and efficiency of the proposed mechanism.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1059-1066
• /
• 2003

In this paper, the magnetic sensing system is designed and implemented for the safe security in internet commerce system. When the payment is required inthe internet commerce system, the magnetic sensing system will get the information from a credit card without keyboard input and then encrypt and transmit the information to server. The credit card sensing system, which is proposed in this paper, is safe from keyboard hacking because it encrypts card information immediately in its internal chip and sends the information to host system. For the protection of information, the magnetic sensing system is basically based on a synchronous stream cipher cryptosystem which is related to a group of matrices. The size of matrices and the bits of keys for the best performances are determined for various cases. It is shown that for credit card payments. matrices of size 2 have good performance even at most 128bits keys with the consideration of inverse matrices. For authentication of general-purpose data, the magnetic sensing system needs more than 1.5KB data and in this case, the optimum size of matrices is 2 or 3 at more 256bits keys with consideration of inverse matrices.

• Journal of Information Technology Services
• /
• v.11 no.4
• /
• pp.233-250
• /
• 2012

In this paper, credit card delinquency means the possibility of occurring bad debt within the certain near future from the normal accounts that have no debt and the problem is to predict, on the monthly basis, the occurrence of delinquency 3 months in advance. This prediction is typical binary classification problem but suffers from the issue of data imbalance that means the instances of target class is very few. For the effective prediction of bad debt occurrence, Support Vector Machine (SVM) with kernel trick is adopted using credit card usage and payment patterns as its inputs. SVM is widely accepted in the data mining society because of its prediction accuracy and no fear of overfitting. However, it is known that SVM has the limitation in its ability to processing the large-scale data. To resolve the difficulties in applying SVM to bad debt occurrence prediction, two stage clustering is suggested as an effective data reduction method and ensembles of SVM models are also adopted to mitigate the difficulty due to data imbalance intrinsic to the target problem of this paper. In the experiments with the real world data from one of the major domestic credit card companies, the suggested approach reveals the superior prediction accuracy to the traditional data mining approaches that use neural networks, decision trees or logistics regressions. SVM ensemble model learned from T2 training set shows the best prediction results among the alternatives considered and it is noteworthy that the performance of neural networks with T2 is better than that of SVM with T1. These results prove that the suggested approach is very effective for both SVM training and the classification problem of data imbalance.

• The KIPS Transactions:PartD
• /
• v.10D no.6
• /
• pp.1033-1040
• /
• 2003

In order to provode information services on M-Commerce, a payment solution with security function should be required. User's mobile terminals for using M-Commerce services are diversifying to cellular phone, PDA, Smart phone etc. Among them, intergration of PDA's interface and mobile connection overcomes the weak point of existing cullular phone depending on information via the internet. In this paper, the protocol for a credit card transaction on PDA using ECC is presented. Secure Card module on this protocol encrypts user's information such as private information, delivery information and credit card information and store them on PDA in order to free from inputting information whenever it is used. This scheme also offers security services on M-Commerce including authentication, confidentiality, integration, non-repudiation and so on.

• International Commerce and Information Review
• /
• v.6 no.1
• /
• pp.25-50
• /
• 2004

This study attempts to find out what kind of service quality is considered important by customers in using the Internet shopping mall and suggests the way to activate the customer relationship. The findings based on empirical analysis are shown here. First, empirical analysis of the contextual factors such as gender, education, and experience levels, shows that what customers perceive as most important in the product purchase is security in terms of the payment and personal information service. The second important service quality factor perceived by customers is responsiveness, particularly the rapidity and accuracy of response to their needs and wants. The customers also considered price, quality and diversity of the product as being important. Furthermore, there is no big difference among other service quality factors. Second, in the different gender context, there is no significant difference between the genders. However, the male group shows an even distribution of factors valued in the service quality, whereas female respondents placed stronger emphases on particular aspects of service, such as security, response, reliability and product quality. Third, in the context of different education level, the payment method between graduates and non-graduates has a significant difference. That is, the non-graduates prefer the credit card and saving through ATM, while the graduates use dual payment method using credit card and another payment method together. Therefore, the various payment methods should be considered according to the customer type, namely graduates or non-graduates. Fourth, in the context of different experience level, the result of the empirical analysis of the factors of the service quality shows no great difference between experienced and inexperienced customers. Both types of customer perceive security as the most important. To sum up, the service quality perceived by the customers of Internet shopping malls is empirically analyzed in different contexts such as gender, education, and experience. Then, the device for the customer relationship activation is suggested. It can be utilized as a guideline for the continuing diffusion of the Internet shopping mall, giving it a competitive advantage against other companies.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.643-645
• /
• 2002

무선인터넷에서 다양한 서비스를 지원하기 위해서는 서비스의 특성에 알맞은 지불프로토콜이 필요하다. 본 논문에서는 신용카드를 사용한 지불 프로토콜의 익명성 제공을 위한 임시사용자 인증서를 사용하여 신용카드 지불 프로토콜을 제안하였다.