Skip to main content
Springer Nature Link
Log in

A Light Number-Generation Scheme for Feasible and Secure Credit-Card-Payment Solutions

  • Conference paper
E-Commerce and Web Technologies (EC-Web 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5183))

Included in the following conference series:

Abstract

Disposable-number credit card is a recent approach to contrasting the severe problem of credit card fraud, nowadays constantly growing, especially in credit-card-based e-commerce payments. Whenever the solutions cannot rely on a secure extra communication channel between cardholder and issuer, the only possibility is to generate new numbers on the basis of some common scheme, starting from secret shared initial information. However, in order to make the approach feasible, the computational load both on issuer and customer side should be minimized, also to reduce the cost of user-side devices, keeping yet an adequate security level. In this paper we present a disposable-number credit card scheme meeting the above goals, going a step ahead w.r.t. the state of the art.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: the insecurity of 802.11. In: MobiCom 2001: Proceedings of the 7th annual international conference on Mobile computing and networking, pp. 180–189. ACM Press, New York (2001)

    Chapter  Google Scholar 

  2. ECMA. ECMA-182: Data Interchange on 12,7 mm 48-Track Magnetic Tape Cartridges — DLT1 Format (December 1992)

    Google Scholar 

  3. Hill, J.R.: A table driven approach to cyclic redundancy check calculations. SIGCOMM Comput. Commun. Rev. 9(2), 40–60 (1979)

    Article  Google Scholar 

  4. Li, Y., Zhang, X.: A security-enhanced one-time payment scheme for credit card. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE 2004), pp. 40–47 (2004)

    Google Scholar 

  5. Li, Y., Zhang, X.: Securing credit card transactions with one-time payment scheme. Electronic Commerce Research and Applications 4, 413–426 (2005)

    Article  Google Scholar 

  6. Luhn, H.P.: Computer for verifying numbers. U.S. Patent 2, 950, 048 (1960)

    Google Scholar 

  7. NIST/NSA. Fips 180-2 secure hash standard (SHS). NIST/NSA (August 2002)

    Google Scholar 

  8. Dynamic passcode authentication, http://www.visaeurope.com

  9. Private Payments, http://www10.americanexpress.com

  10. Paypal, http://www.paypal.com

  11. Peterson, W.W.: Error-correcting codes. MIT Press and J. Wiley & Sons (1961)

    Google Scholar 

  12. Ramabadran, T.V., Gaitonde, S.S.: A tutorial on crc computations. IEEE Micro. 8(4), 62–75 (1988)

    Article  Google Scholar 

  13. Rubin, A., Wright, N.: Off-line generation of limited-use credit card numbers. In: Proceedings of the Fifth International Conference on Financial Cryptography, pp. 165–175 (2001)

    Google Scholar 

  14. Sarwate, D.V.: Computation of cyclic redundancy checks via table look-up. Commun. ACM 31, 1008–1013 (1988)

    Article  Google Scholar 

  15. SET Secure Electronic Transaction LLC. SET Secure Electronic Transaction Specification, http://www.setco.org

  16. Shamir, A.: Secureclick: A web payment system with disposable credit card numbers. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 232–242. Springer, Heidelberg (2002)

    Google Scholar 

  17. Singh, A., dos Santos, A.L.M.: Grammar based off line generation of disposable credit card numbers. In: SAC 2002: Proceedings of the 2002 ACM symposium on Applied computing, pp. 221–228. ACM Press, New York (2003)

    Google Scholar 

  18. Singh, A., dos Santos, A.L.M.: Context free grammar for the generation of one time authentication identity. In: FLAIRS Conference (2004)

    Google Scholar 

  19. Stubblefield, A., Ioannidis, J., Rubin, A.D.: A key recovery attack on the 802.11b wired equivalent privacy protocol (wep). ACM Trans. Inf. Syst. Secur. 7(2), 319–332 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DIMET, University of Reggio Calabria, via Graziella, Località Feo di Vito, 89122, Reggio Calabria, Italy

    Francesco Buccafurri & Gianluca Lax

Authors
  1. Francesco Buccafurri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gianluca Lax
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Giuseppe Psaila Roland Wagner

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Buccafurri, F., Lax, G. (2008). A Light Number-Generation Scheme for Feasible and Secure Credit-Card-Payment Solutions. In: Psaila, G., Wagner, R. (eds) E-Commerce and Web Technologies. EC-Web 2008. Lecture Notes in Computer Science, vol 5183. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85717-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-85717-4_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-85716-7

  • Online ISBN: 978-3-540-85717-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics