Online Version - Last Updated - 20 Jan 2012 |
 |
| Home |
| |
| Procedures and Resources for Authors |
|
| Information and Resources for Volume Editors |
| |
| Orders and Subscriptions |
| |
| Published Articles |
|
| Upcoming Volumes |
| |
| Contact Us |
| |
| Useful External Links |
| |
| CRPIT Site Search |
Formal Analysis of Card-based Payment Systems in Mobile devices
Pasupathinathan, V., Pieprzyk, J., Wang, H. and Cho, J.Y.
To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.
Cite as: Pasupathinathan, V., Pieprzyk, J., Wang, H. and Cho, J.Y. (2006). Formal Analysis of Card-based Payment Systems in Mobile devices. In Proc. Fourth Australasian Information Security Workshop (Network Security) (AISW 2006), Hobart, Australia. CRPIT, 54. Safavi-Naini, R., Steketee, C. and Susilo, W., Eds. ACS. 213-220.
(from crpit.com)
(local if available)
