Skip to main content
SpringerLink
Log in
Book cover

International Conference on Database Systems for Advanced Applications

DASFAA 2008: Database Systems for Advanced Applications pp 596–603Cite as

Enabling Privacy-Preserving e-Payment Processing

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4947))

Abstract

The alarming increase in the number of data breaching incidents from high profile companies reflects that buying goods or services from online merchants can pose a serious risk of customers’ privacy and the merchants’ business reputation. The conventional approach of encrypting customer data at merchant side using the merchant’s secret key is no longer adequate for preserving customer privacy. An e-payment scheme that can guarantee customer authenticity while keeping the customer’s sensitive details secret from the various parties involved in the online transaction is needed. We propose here an online protocol for processing e-payments that minimizes the customer’s privacy as well as merchant business risks. Using a non-reusable password-based authentication approach, the proposed protocol allows consumers to purchase goods or services from an online merchant anonymously, thus achieving the ideal privacy environment in which to shop. The payment details sent to a merchant will become obsolete after the first use, thereby preventing any subsequent fraudulent transactions by a third party. Such protocol can be easily deployed in an e-commerce environment to strengthen the integrity of the electronic payment system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Federal Trade Commission, Consumer Fraud and Identity Theft Complaint Data, available electronically at: http://www.consumer.gov/sentinel/pubs/Top10Fraud2005.pdf

  2. Bella, G., Massacci, F., Paulson, L.C.: The verification of an industrial payment protocol: the SET purchase phase. In: Proc. of the 9th ACM CCS, pp. 12–20 (2002)

    Google Scholar 

  3. Bella, G., Massacci, F., Paulson, L.C.: Verifying the SET Registration Protocols. IEEE Journal of Selected Areas in Communications 21(1), 77–87 (2003)

    Article  Google Scholar 

  4. Bella, G., Massacci, F., Paulson, L.C.: Verifying the SET Purchase Protocols. Journal of Automated Reasoning 36(1-2), 5–37 (2006)

    Article  MATH  Google Scholar 

  5. Ruiz, C.M., Cazorla, D., Cuartero, F., Pardo, J.J.: Analysis of the SET e-commerce protocol using a true concurrency process algebra. In: Proce. ACM SAC, pp. 879–886 (2006)

    Google Scholar 

  6. Wagner, D., Schneier, B.: Analysis of the SSL 3.0 Protocol. In: Proc. of the 2nd USENIX Workshop on Electronic Commerce, pp. 29–40 (1996)

    Google Scholar 

  7. Citibank Virtual Account Number, available at: http://www.citicards.com/cards/wv/detail.do?screenID=700

  8. Boston Globe, Breach of data at TJX is called the biggest ever, available at: http://www.privacy.org/archives/2007_03.html

  9. Netscape Communication, The SSL Protocol Version 3.0, available electronically: http://wp.netscape.com/eng/ssl3/ssl-toc.html

  10. Visa Verified By Visa, available at: https://usa.visa.com/personal/security/vbv/index.html

  11. Schneier, B.: CardSystems Exposes 40 Million Identities (July 2005) available electronically at: http://www.schneier.com/blog/archives/2005/06/cardsystems_exp.html

  12. Samos, M.H.: Electronic Payment Systems (20-763), Official Course Web, available electronically at: http://euro.ecom.cmu.edu/program/courses/tcr763/2002pgh/cards7.ppt

  13. Discover Card, Secure Online Account Number available electronically at: http://www.discovercard.com/discover/data/faq/soan.shtml

  14. Mastercard & VISA. SET Secure Electronic Transaction: External Interface Guide (1997)

    Google Scholar 

  15. VeriSign Unified Authentication, available electronically at: http://www.verisign.com/products-services/security-services/unified-authentication/index.html

  16. MSN Money Online, credit cards are the only way to buy, available electronically at: http://moneycentral.msn.com/content/Banking/creditcardsmarts/P114591.asp

Download references

Author information

Authors and Affiliations

  1. Institute for Infocomm Research, 21 Heng Mui Keng Terrace, Singapore, 119613

    Mafruz Zaman Ashrafi & See Kiong Ng

Authors
  1. Mafruz Zaman Ashrafi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. See Kiong Ng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Jayant R. Haritsa Ramamohanarao Kotagiri Vikram Pudi

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ashrafi, M.Z., Ng, S.K. (2008). Enabling Privacy-Preserving e-Payment Processing. In: Haritsa, J.R., Kotagiri, R., Pudi, V. (eds) Database Systems for Advanced Applications. DASFAA 2008. Lecture Notes in Computer Science, vol 4947. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78568-2_51

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-78568-2_51

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-78567-5

  • Online ISBN: 978-3-540-78568-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation