Formal analysis of card-based payment systems in mobile devices

  • Authors:

  • Vijayakrishnan Pasupathinathan;Josef Pieprzyk;Huaxiong Wang;Joo Yeon Cho

  • Affiliations:

  • Centre for Advanced Computing - Algorithms and Cryptography, Division of Information and Communication Sciences, Macquarie University, Sydney, Australia;Centre for Advanced Computing - Algorithms and Cryptography, Division of Information and Communication Sciences, Macquarie University, Sydney, Australia;Centre for Advanced Computing - Algorithms and Cryptography, Division of Information and Communication Sciences, Macquarie University, Sydney, Australia;Centre for Advanced Computing - Algorithms and Cryptography, Division of Information and Communication Sciences, Macquarie University, Sydney, Australia

  • Venue:
  • ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

To provide card holder authentication while they are conducting an electronic transaction using mobile devices, VISA and MasterCard independently proposed two electronic payment protocols: Visa 3D Secure and MasterCard Secure Code. The protocols use pre-registered passwords to provide card holder authentication and Secure Socket Layer/ Transport Layer Security (SSL/TLS) for data confidentiality over wired networks and Wireless Transport Layer Security (WTLS) between a wireless device and a Wireless Application Protocol (WAP) gateway. The paper presents our analysis of security properties in the proposed protocols using formal method tools: Casper and FDR2. We also highlight issues concerning payment security in the proposed protocols.