Designing an efficient and secure credit card-based payment system with web services based on ANSI X9.59-2006

Cheong, Chi Po, Fong, Simon, Lei, Pouwan, Chatwin, Chris and Young, Rupert (2012) Designing an efficient and secure credit card-based payment system with web services based on ANSI X9.59-2006. Journal of Information Processing Systems, 8 (3). pp. 495-520. ISSN 1976-913X

[img] PDF
Restricted to SRO admin only

Download (1MB)

Abstract

A secure Electronic Payment System (EPS) is essential for the booming online shop-ping market. A successful EPS supports the transfer of electronic money and sensitive information with security, accuracy, and integrity between seller and buyer over the Internet. SET, CyberCash, Paypal and iKP are the most popular Credit Card-Based EPSs (CCBEPSs). Some CCBEPSs only use SSL to provide a secure communication channel. Hence they only prevent the "Man in the Middle" fraud but do not protect the sensitive cardholder information such as credit card number to be passed to the mer-chant, who may be unscrupulous. Other CCBEPSs use complex mechanisms such as cryptography, certificate authorities, etc. to fulfill the security schemes but factors such as ease of use for the cardholder and the implementation costs for each party are fre-quently overlooked. In this paper, we propose a Web service based new payment sys-tem, based on ANSI X9.59-2006 with extra features added on top of this standard. X9.59 is an Account Based Digital Signature (ABDS) and consumer-oriented payment system. It utilizes the existing financial network and financial messages to complete the payment process. However, there are a number of limitations in this standard. This research provides a solution to solve the X9.59 limitations by adding a merchant au-thentication feature during the payment cycle without any addenda records to be added in the existing financial messages. We have conducted performance testing on the proposed system via a comparison with SET and X9.59 using simulation to analyze their levels of performance and security.

Item Type: Article
Keywords: Payment Protocols; Electronic Commerce; SET; X9.59; Web Services
Schools and Departments: School of Engineering and Informatics > Informatics
Subjects: G Geography. Anthropology. Recreation > GR Folklore > GR420 By subject > GR865 Transportation, travel, commerce, etc.
H Social Sciences > HF Commerce
Q Science > QA Mathematics
Q Science > QA Mathematics > QA0075 Electronic computers. Computer science
Z Bibliography. Library Science. Information Resources > ZA Information resources
Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4450 Databases
Depositing User: Chris Chatwin
Date Deposited: 04 Mar 2013 11:23
Last Modified: 08 Mar 2017 07:44
URI: http://sro.sussex.ac.uk/id/eprint/40494

View download statistics for this item

📧 Request an update