• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.11
• /
• pp.2956-2979
• /
• 2012

Along with the development of Information Technology, online transactions through Internet have become more popular for the reasons of convenience and efficiency. In order to provide secure and reliable online transactions, an effective electronic payment protocol is crucial. In this paper, we propose a novel electronic payment protocol for digital product transactions with an offline arbiter to achieve fair exchange, automated dispute resolution, customer anonymity, and customer unlinkability. In our protocol a product token is adopted to eliminate the need of key management for digital product decryption in the offline arbiter. In addition, Elliptic Curve Cryptography (ECC)-based self-certified public key is utilized to further reduce computing overheads. According to our analysis, the efficiency of our protocol can be greatly increased in comparison with previous literatures.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.6
• /
• pp.113-119
• /
• 2003

In WISA 2002, Ham et al. proposed a one-way mobile payment system. They claimed that the electronic cash of the system satisfies unforgeability and double spending prevention. In this paper, we point out that their system is not secure as they claimed by showing that the forgery of payment scripts is possible.

• Journal of Korea Multimedia Society
• /
• v.13 no.11
• /
• pp.1687-1697
• /
• 2010

The USIM-based AKA authentication process is essential to a mobile payment system on smart phone environment. In this paper a payment protocol and an AKA module are designed for mobile payment system which is suitable for openness smart phone environment. The payment protocol designs the cross authentication among components of the mobile payment system to improve the reliability of the components. The AKA module of mobile payment system based on 3GPP-AKA protocol prevents the exposure of IMSI by creating the SSK(Shared Secure Key) through advance registration and solves the SQN(SeQuence Number) synchronization problem by using timestamp. Also, by using the SSK instead of authentication vector between SN and authentication center, the existing bandwidth $(688{\times}N){\times}R$ bit between them is reduced to $320{\times}R$ bit or $368{\times}R$ bit. It creates CK and IK which are message encryption key by using OT-SSK(One-Time SSK) between MS and SN. In addition, creating the new OT-SSK whenever MS is connected to SN, it prevents the data replay attack.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.8 no.7
• /
• pp.1537-1545
• /
• 2004

As the Internet continues to transform the commerce, the method of payment is one of critical components to conduct successful business across the internet. An electronic cash has all characteristics of traditional commodity cash and ensures security for all transactions. Accordingly an internet billing system based electronic cash is expected as the secure and efficient payment method in future electronic commerce. Digital Contents such as digital goods and services have the special characteristic that both the delivery of the goods and the transfer of money ran be accomplished on the same network. This allows the optimizations in the design of an electronic commerce system. In this paper, we propose an electronic payment protocol which is especially designed to purchase digital contents through internet. The proposed protocol guarantees anonymity by using a virtual ID, and minimizes payment processing steps.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5S
• /
• pp.1676-1686
• /
• 2000

The growth of the Internet has brought may kinds of electronic payment schemes that can be applied to electronic commerce applications. Generally speaking, conventional loyalty system is not a payment system but a part of customer service. Our loyalty system, however, adds monetary functions and security mechanism to the concept of bonus point, so it can make the electronic markets user entire bonus system as an electronic payment scheme, First, we introduce the organization and the protocol structure of he loyalty system. Next, we describe monetary characteristics, security scheme and anonymity to show our loyalty system can be used a functionally complete payment system.

• Journal of Internet Computing and Services
• /
• v.20 no.3
• /
• pp.111-117
• /
• 2019

We categorize the model of simple payment into Magnetic Secure Transmission, Near Filed Communication, and App Card based on the Focus Group Interview. We also define the key drivers for the diffusion of simple payment services based on the literature review with the experts. Through Analytic Hierarchy Process our finding suggests that the degree of acceptance at the stores is the most critical factor which decides the diffusion of simple payment service model. Security is also the important driver but due to the fact that service providers should follow the information security rule and supervisory guidance, it actually did not make a big difference in terms of assessing competence of each model.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.11
• /
• pp.2588-2594
• /
• 2013

Damage is increasing by (Smishing) hacking attack Smishing you use a smart phone after entering 2013. Takeover of personal information and direct financial damage in collaboration with graphics sewing machine hacking attack has occurred. Monetary damage that leads to Internet payment service (ISP) and secure payment system in conjunction with graphics sewing machine hacking attack on a smartphone has occurred. In this paper, I will study analysis in the laboratory examples of actual infringement vinegar sewing machine hacking attack. It is a major power security measures to prevent damage to the secure payment system that a case analysis and practical principle technical nest sewing machine hacking attack, using Smishing. In this paper, I will be to research to be able to through a smart phone, to the online payment safer and more convenient.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.40 no.4
• /
• pp.55-66
• /
• 2017

Korean small and medium sized software companies have tried to export their solutions or services to overseas markets. In 2016, exports of the software industry increased by 6.0% from the previous year, and the value added of the industry was 2.2 times higher than that of the manufacturing industry. From a long-term perspective, it is important to secure a global competitive advantage in order to sustain the export high value-added of the software industry. The obstacles to entry into the overseas market of small to medium enterprises are as follows: first, difficulty in product development and localization of marketing; second, lack of investment for overseas expansion; and finally, competitiveness of software technology. In particular, To overcome such obstacles, Korean small and medium sized software companies should increase the technical perfection and secure software export competitiveness. The paper presents a payment settlement framework enabling adaptive reuse and semiautomatic development of global payment settlement services. The quantitative and qualitative evaluation results are presented with domestic and overseas case studies as follows: Firstly, semi-automatic development is realized successfully by applying the framework. Secondly, it is possible to maintain consistent quality of software and to deliver maintenance services without relying on the internal human resources. Thirdly, it is possible to reduce the project duration of the same development cope to less than 50% by applying the framework. Finally, because it is based on BPMN 2.0, which is a high level design diagram, it is expected that it will be easy to implement through components connection and reduce difficulties in technology transfer and localization. Also, at the time of runtime operation, it will be effective to understand the design idea easily and to carry out additional developments without human resource who participated in the initial project.

• Journal of Digital Convergence
• /
• v.11 no.11
• /
• pp.29-36
• /
• 2013

To accommodate the rapid growth of e-commerce transactions, non-face-to-face transactions, businesses use a wide variety of payment methods. However, many of these payment mediums are not secure as shown by increases in fraudulent transactions. In this paper, we analyze a particular e-commerce transaction medium, the Safety Transaction Service (STS). This system protects consumers through a wide variety of safeguards: safety settlement systems (escrow), consumer damage compensation insurance, payment guarantee, and secure bank settlement. In contrast to the safeguards, we identify the limitations and concerns with the STS and potential legal and political improvements. The plethora of payment methods limits the consumers ability to distinguish between the secured and unsecured transaction services. Regulation and consumer based verification of transaction services are essential to root out dangerously fraudulent systems. We propose the development of specific standards to these systems, in particular the need for consumer confirmation and clear settlement documentation. Only through the active promotion of scrutiny and improvement to STS will consumers be protected in e-commerce.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.9 no.4
• /
• pp.23-36
• /
• 1999

As the blind signature(10) does not reveal any information about the message or its signature it has been used for preventing the information leakage and for providing the anonymity in secure electronic payment systems. Unfortunately this perfect anonymity could be misused by criminals as blind signatures prevent linking the withdrawal of money nd the payment made 표 the same customer. Therefore we should provide publicly verifiable mechanism if it is required for the judge to trace the blackmailed messages. In this paper we propose a modified blind signature scheme which additionally provides the role of message recovery after analyzing the existing meta-ELGamal scheme(12) suggested by Horster. And we suggest a new fair blind multi-signature scheme based on the oblivious transfer protocol with which a judge can publicly verify its fairness and correctness if needed. Proposed scheme can also applicable to the diverse electronic payment applications.