Abstract
At present, network users have to manage a set of authentication credentials (usually a username/password pair) for every service with which they are registered. Single Sign-On (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users authenticate themselves only once to an entity termed the ‘Authentication Service Provider’ (ASP) and are subsequently logged into disparate network Service Providers (SPs) without necessarily having to re-authenticate. The information about the user’s authentication status is handled between the ASP and the desired SP in a manner transparent to the user. In this paper we propose an SSO scheme where user authentication is based on payment cards conforming to the EMV industry standard. The card itself, in conjunction with the EMV architecture, takes the role of the ASP. The associated SSO protocol does not require online card issuer participation, preserves user mobility and does not put user’s financial data at risk.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
EMV. EMV 2000 Integrated Circuit Card Specification for Payment Systems Version 4.0 — Book 1: Application Independent ICC to Terminal Interface Requirements (December 2000)
EMV. EMV 2000 Integrated Circuit Card Specification for Payment Systems Version 4.0 — Book 2: Security and Key Management (December 2000)
EMV. EMV2000 Integrated Circuit Card Specification for Payment Systems Version0 — Book 3: Application Specification (December 2000)
EMV. EMV 2000 Integrated Circuit Card Specification for Payment Systems Version 4.0 — Book 4: Cardholder, Attendant and Acquirer Interface Requirements (December 2000)
Radu, C.: Implementing Electronic Card Payment Systems. Computer Security Series. Artech House, Norwood (2002)
Rescorla, E.: SSL and TLS. Addison-Wesley, Reading (2001)
Liberty Alliance. Liberty ID-FF Bindings and Profiles Specification version 1.2- 08 (April 2003)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–90 (1981)
De Clercq, J.: Single sign-on architectures. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 40–58. Springer, Heidelberg (2002)
Liberty Alliance. Liberty Architecture Overview (November 2002)
OASIS. Security Services Technical Commitee Homepage, http://www.oasis-open.org/committees/security/
Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)
Pashalidis, A., Mitchell, C.J.: Single sign-on using trusted platforms. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 54–68. Springer, Heidelberg (2003)
Khu-smith, V., Mitchell, C.J.: Using EMV cards to protect e-commerce transactions. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) EC-Web 2002. LNCS, vol. 2455, pp. 388–399. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pashalidis, A., Mitchell, C.J. (2004). Using EMV Cards for Single Sign-On. In: Katsikas, S.K., Gritzalis, S., López, J. (eds) Public Key Infrastructure. EuroPKI 2004. Lecture Notes in Computer Science, vol 3093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25980-0_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-25980-0_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22216-3
Online ISBN: 978-3-540-25980-0
eBook Packages: Springer Book Archive