• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Cryptographically-Generated Virtual Credit Card Number for Secure Card-Not-Present Transactions

Vol. 10, No. 4, April 29, 2016
10.3837/tiis.2016.04.022, Download Paper (Free):

Abstract

Card-Not-Present (CNP) transactions taking place remotely over the Internet are becoming more prevalent. Cardholder authentication should be provided to prevent the CNP fraud resulting from the theft of stored credit card numbers. To address the security problems associated with CNP transactions, the use of a virtual card number derived from the transaction details for the payment has been proposed, instead of the real card number. Since all of the virtual card number schemes proposed so far are based on a password shared between the cardholder and card issuer, transaction disputes due to the malicious behavior of one of the parties involved in the transaction cannot be resolved. In this paper, a new virtual card number scheme is proposed, which is associated with the cardholder’s public key for signature verification. It provides strong cardholder authentication and non-repudiation of the transaction without deploying a public-key infrastructure, so that the transaction dispute can be easily resolved. The proposed scheme is analyzed in terms of its security and usability, and compared with the previously proposed schemes.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
C. Park and C. Park, "Cryptographically-Generated Virtual Credit Card Number for Secure Card-Not-Present Transactions," KSII Transactions on Internet and Information Systems, vol. 10, no. 4, pp. 1864-1876, 2016. DOI: 10.3837/tiis.2016.04.022.

[ACM Style]
Chan-Ho Park and Chang-Seop Park. 2016. Cryptographically-Generated Virtual Credit Card Number for Secure Card-Not-Present Transactions. KSII Transactions on Internet and Information Systems, 10, 4, (2016), 1864-1876. DOI: 10.3837/tiis.2016.04.022.

[BibTeX Style]
@article{tiis:21087, title="Cryptographically-Generated Virtual Credit Card Number for Secure Card-Not-Present Transactions", author="Chan-Ho Park and Chang-Seop Park and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2016.04.022}, volume={10}, number={4}, year="2016", month={April}, pages={1864-1876}}