Communications of the ACM
Grammar based off line generation of disposable credit card numbers
Proceedings of the 2002 ACM symposium on Applied computing
Ciphers with Arbitrary Finite Domains
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
MDx-MAC and Building Fast MACs from Hash Functions
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
SecureClick: A Web Payment System with Disposable Credit Card Numbers
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Off-Line Generation of Limited-Use Credit Card Numbers
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Design, implementation, and deployment of the iKP secure electronic payment system
IEEE Journal on Selected Areas in Communications
CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Localization of credential information to address increasingly inevitable data breaches
Proceedings of the 2008 workshop on New security paradigms
Attack on the GridCode one-time password
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
E-commerce: protecting purchaser privacy to enforce trust
Electronic Commerce Research
International Journal of Human-Computer Studies
Spread Identity: A new dynamic address remapping mechanism for anonymity and DDoS defense
Journal of Computer Security
Hi-index | 0.00 |
Theft of stored credit card information is an increasing threat to e-commerce.We propose a dynamic virtual credit card number scheme that reduces the damage caused by stolen credit card numbers. A user can use an existing credit card account to generate multiple virtual credit card numbers that are either usable for a single transaction or are tied with a particular merchant. We call the scheme dynamic because the virtual credit card numbers can be generated without online contact with the credit card issuers. These numbers can be processed without changing any of the infrastructure currently in place; the only changes will be at the end points, namely, the card users and the card issuers. We analyze the security requirements for dynamic virtual credit card numbers, discuss the design space, propose a scheme using HMAC, and prove its security under the assumption the underlying function is a PRF.