1 SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES Sead Muftic 1, Feng Zhang 1 1Department of Computer and System Sciences, Royal Institute of Technology, Stockholm, Sweden Kasun DeZoysa 2 2Department of Computer Science, School of Computing, University of Colombo, Sri Lanka ABSTRACT Mobile financial transactions are used by more and more people due to a widespread proliferation of mobile phones and wireless technologies. One of the most important concerns with such transactions is their security. The reasons are based on weaknesses of wireless protocols and handling of financial data. These aspects make mobile financial applications even more vulnerable to fraud and illegal use than similar transactions performed over fixed networks. Therefore, one of the main prerequisites for successful, large-scale and broad deployment of mobile financial applications is their security. This paper introduces the concept of SAFE system (Secure Applications for Financial Environment) that represents a secure, convenient and reliable infrastructure for mobile financial transactions. The infrastructure comprises Mobile Wallet, three servers: Gateway, IDMS and Bank servers, security protocols, and messages between all components. KEYWORDS SAFE, mobile transactions, security, wireless protocols, security infrastructure, mobile phone 1. INTRODUCTION Mobile banking (m-banking) is based on the use of mobile phones or other mobile devices to perform various financial transactions, either directly with the recipient or indirectly, via a client s bank account. m-banking is one of the newest approaches to the provision of financial services through wireless Internet network, made possible by the widespread adoption of mobile phones especially in developing countries. The rollout and functional capabilities of mobile telephony have been rapid and have extended usage well beyond classical mobile applications (telephone calls and short messaging). There is mounting evidence of positive financial, economic and social impact of those technologies all over the world. One of the most important issues with mobile transactions is their security. Currently several mainly SIM chip vendors and banks, offer initial version of such applications for banking transactions either without security or based only on user PINs. These methods not only do not provide satisfactory level of security required for financial transactions, but create false impression of their security, thus opening possibilities for hackers to explore their vulnerabilities. When mobile financial transactions are performed internationally on a large scale without adequate security, it is certain that current financial losses due to on-line fraud will be much larger. SAFE (Secure Applications for Financial Environment) is the system that performs various financial transactions using mobile phones and other mobile hand held devices. Contrary to the current initial versions of similar systems, which provide limited client to bank transactions, the system also supports direct, client to merchant payments, person to person transactions, and other, non banking mobile applications. In addition, the distinguished feature of the system is its strong security for users, their transactions and applications.
2 2. APPLICATIONS AND PARTICIPANTS SAFE system is designed to support broad range of secure financial transactions, which may be classified in three groups: Financial transactions performed by individuals: Deposits and withdrawals of cash using client s own account with digital ATMs, Deposits and withdrawals using client s own account based on the concept of Mobile ATM in developing countries , Deposits and withdrawals of digital cash using client s own account with digital ATMs, Transfer funds between user s own accounts in the same or in different banks, The ability for third parties to make deposits into a user s account (employer, family member, merchants, loan provider or a micro-finance organization in developing countries), The ability to make retail purchases with m Commerce enabled merchants using debit and credit card payments, The ability to make retail purchases with m Commerce enabled merchants using micropayments, Provision for bill payments. The second group is corporate financial transactions: Corporate to bank transactions (m Banking), Corporate to Corporate transactions (quotes, purchase orders , invoices, payments, etc.), Corporate to individual transactions (payments, fees, various reimbursements etc.). The third group is non monetary transactions: Collecting and using bonus points, Collecting and using loyalty points, Using prepaid authorizations (gift cards, telephone air-time, etc.), Handling prepaid or purchased tickets. The participants in those transactions are the following: Banks perform registration and certification of individuals and provision of financial services, Bank agents individuals who provide financial services on behalf of banks, locally at the banks locations or remotely as banks agents, Financial Services Providers institutions providing financial services, like post offices, Western Union, currency exchange providers, etc, Security Services Providers institutions providing security services in large, international networks, like identity (registration) services, certification services, smart cards services, etc, Merchants companies selling goods and services and charging for those goods and services, Clients individuals initiating or receiving transfers as the result of financial transactions. 3. SYSTEM COMPONENTS AND ARCHITECTURE SAFE system is organized in the form of a large scale, federated security architecture. The components of that architecture are various types of servers and (static or mobile) workstations. There are five types of servers in the SAFE system: Identity Provider (Registration) Servers providing registration services and distribution of reliable identities, Certification Servers providing certification of participants, issuance of their X.509 certificates, management and distribution of those certificates, SAFE Gateway Servers specialized servers that support various secure financial transactions, used as the front end (proxies) to Bank Servers, Bank Servers interface servers in banks performing linking of the system to standard banking applications and transactions, Merchant Servers servers located at merchants premises performing direct financial transactions with clients.
3 The following stations are used in the SAFE system: Client Mobile Stations those are mobile phones loaded with secure applications, Client Static Stations those are standard PCs used by clients to perform financial transactions from static locations (home, offices, etc.), Agents Mobile Stations these stations are either smart phones or hand held devices with smart card capabilities, used by mobile banks agents, Registration Stations those stations are standard PCs enhanced with smart card capabilities and used by registration agents, Financial Services Provider Stations those stations are also PCs with smart card and used by financial services providers, Merchants Stations those are POS terminals, which are enhanced with smart card capabilities and used by merchants to perform direct financial transactions with clients. System components and the architecture are shown in the following Figure: Figure 1. Components and the Architecture of the SAFE System 4. USAGE AND SYSTEM OPERATIONS 4.1 Registration of Participants As the first step all participants in the SAFE system are registered. Registration is performed by Registration Agents. Registration data are stored in the Registration database of the IDMS server (see Figure 1). This step may be performed by the bank, by telecom operator or by any other independent ID services provider. Thus all participants in the system have reliable and verifiable registrations data used for all SAFE transactions. Registration is performed as the face to face procedure, where personal data and credentials are verified before being entered in the system. Registration Agents fill out registration form and data are stored in the
4 Registration database at the IDMS Server. At the same time registration data is transferred on line into mobile phones of customers and bank agents and also transferred to other parties for later use. 4.2 Certificates and Smart Cards In the SAFE system all participants have X.509 certificates. They are issued by the Certification Authority (CA) Server, based on registration data stored in the IDMS Server. In addition, all agents who perform security management or high value transactions are issued smart cards. Customers do not use their own smart cards, due to the high cost of mobile phones that support smart cards. For customers, key pairs are generated in their mobile phones, while for those in possession of smart cards, key pairs are generated by their cards. Certificates and smart cards are issued by banks and by all Service Providers. Certificates, issued by the CA server, are stored in mobile phones and in smart cards. Therefore, security of all transactions is based on public key cryptography, supported either by software in mobile phones or by smart cards. After reliable and verifiable registration, certification and issuance of smart cards, an instance of the SAFE system is ready for its secure operation, supporting various secure financial applications. 4.3 Cash Dispensing: Mobile and Static ATM Mobile and static ATM are two innovative approaches for dispensing of cash, especially suitable in regions where there are no standard banking ATMs. With Mobile ATM, cash is distributed by the specialized bank agents, who visit areas without standard ATMs. They dispense cash to customers upon receipt of the authorization messages from banks based on customer cash requests. The procedure is equivalent with static ATMs, where cash is dispensed by post offices, eventually merchants, and other cash distribution agencies. The sequence of steps and exchange of messages for this function are the following: Customer who needs cash comes to the location of the Mobile (Bank Agent) or Static ATM. Using his/her phone, the customer sends Cash_Request message to the specialized SAFE Server. The Server has direct connection into the banking network and verifies the status of the customer s account. If the confirmation is received from the bank, SAFE Server sends Cash_Confirmation message to the Bank Agent or corresponding cash dispensing agent (like Post Office). When the message is received, cash is given to the customer. 4.4 Stored Money and Micropayment Transactions Instead of cash, SAFE system can also distribute digital cash which is stored in mobile phone and later used for micro-payments. The prerequisite for this application is that merchants Point of Sale (POS) terminal is equipped with hardware and software supporting appropriate proximity protocol and micro payment application. If so, customers do not need cash, therefore bank agents or cash dispensers described in the previous section. The sequence of steps and transactions is the following: Customer sends Cash_Request to the SAFE server. After validation as before, digital cash is debited from customer s account, transferred to and stored in his/her mobile phone. Thus, mobile phone becomes digital wallet. When the customer comes to the POS, he/she approves payment transaction using mobile phone. The payment amount is reduced from the customer s digital wallet and transferred to the merchant s POS terminal. It sends Cash_Reclaim message to the SAFE server which contacts merchant s bank server to make deposit into the merchant s account. 4.5 Debit and Credit Card Payments These are standard debit and credit card payments, which today are performed using plastic debit/credit cards. In the SAFE system, magnetic stripe data (credit card number and other data) are stored in the mobile phone. Merchant s POS terminal must be capable to accept such data through proximity protocol. All other steps with this application are the same as in today s debit and credit card transactions. Debit/credit card data are
5 entered into the customer s mobile phone either during registration or during the process equivalent to debit/credit card issuance. The process is the following: customer uses his/her mobile phone to provide card number and other data to the merchant s POS terminal through the proximity protocol. Merchant either connects to the SAFE server to verify the authorization of the transaction or connects directly to the existing Card Payment Gateway. When the authorization is received, the payment transaction is completed. Later, merchant sends Credit_Request message to the SAFE server or Payment Gateway to request payment. 4.6 Account to Account Transactions These transactions are performed between two personal accounts or between a personal and a corporate account. In both cases one customer is the sender (initiator of the transactions) and the other customer is the recipient. These types of transactions are suitable for remittance, personal payments, bill payments, etc. They are performed between two customers with accounts in the same bank or with accounts in different banks. If the two customers have accounts in the same bank, then the sender initiates the transfer of money from his/her account to the account of the recipient. Transfer_Request message is sent from the sender s mobile phone to the SAFE server, which, after verification and effective transfer performed by the bank, informs the recipient about the transfer. If recipient s account is in another bank, then after receiving authorization for the transfer from the sender s bank, sender s SAFE server will inform recipient s SAFE server about the transfer. Recipient s SAFE server will notify recipient s bank and the recipient. 4.7 Loans: Applications and Administration SAFE system also supports various transactions for administration of loans. Those could be mortgages, home equity loans, or micro loans in developing countries. Applicants apply for the loan and after approval loan provider transfers the amount to the applicant s account using account to account transactions, described in the previous section. Applicants may also administer their loans, reviewing the status of the loan, payment schedule, initiating payments, etc. For this application, the messages are the following: applicant applies for the loan. Applicant s SAFE server will pass the application to the SAFE Server of the loan provider. When approved, applicant s SAFE server and bank server will be notified and the loan will be activated. Finally, the applicant may also use various transactions with its SAFE server to administer the loan. 5. SECURITY PROPERTIES OF THE SAFE SYSTEM One of the distinguished features of the SAFE system, which makes it different from any other similar system, is its security. All participants in the SAFE system are registered through face to face procedure, so that all identities are strongly verified. Identification information stored in IDMS servers is encrypted, thus not vulnerable to the identity theft attack. All participants in the system have personal security credentials: key pairs, certificates and other security tokens. For customers, they are safely stored in their mobile phones, encrypted and accessible only after personal authentication. Participants in the system who perform sensitive and high value transactions have cryptographic smart cards which store their personal data and security credentials and perform all cryptographic operations. Using those cryptographic credentials, all SAFE transactions are strongly protected. Each participant is authenticated before performing any transaction. All transactions are digitally signed, encrypted and enveloped for the targeted recipient. The system supports authorization based on identities and roles, thus all applications can be accessed and used only by authorized individuals. Finally, identification, financial and authorization data are stored in databases in the encrypted form. Therefore, they cannot be illegally accessed by hackers or other unauthorized individuals.
6 The system keeps encrypted logs of all its operations, so all transactions can be undeniably traced to their originators. Thus, the system provides non repudiation of its transactions and data. 6. CONCLUSIONS SAFE system provides comprehensive protection for transactions in wireless environment, which includes not only strong authentication of every registered entity, but also confidentiality, integrity and availability of all sensitive data. Through federation of SAFE servers, the system can scale smoothly to global, international environments. It is compatible with all existing security features for Web transactions: SSL, SAML, secure XML, FIPS201 (PIV) smart cards and currently deployed proprietary banking security systems. With all those strong security features and advanced security technologies, SAFE system may be used not only for the financial transactions described in this paper, but also as security extension for any on-line banking system, based on Web technologies and services. Using SAFE system security features would greatly reduce identity theft and financial losses in banking and financial transactions. ACKNOWLEDGEMENT This research is sponsored by the Mobile ATM project supported by SPIDER (www.spidercentre.org) and by the Models of transnational e-finance services project supported by Vinnova. REFERENCES  Amila Karunanayake, Kasun De Zoysa and etc, Experiences on Mobile-ATM Deployment in a Developing Country. Unpublished manuscript, University of Colombo, Sri Lanka.  Kasun De Zoysa and Rasika Dayarathna, emoney Order System: The Smart Way to Pay Online. Unpublished manuscript, University of Colombo, Sri Lanka.
SETECS SAFE System Secure Mobile Transactions System Version 2.3 Operations Manual for Users, Agents and Merchants (for Smart Phone Applications) ~~~~~~~~~~~~~~~~ December 2011 Copyright 2009 2011 SETECS
Payment Systems for E-Commerce Shengyu Jin 4/27/2005 Reference Papers 1. Research on electronic payment model,2004 2. An analysis and comparison of different types of electronic payment systems 2001 3.
A TO Z JARGON BUSTER A ACQUIRER OR ACQUIRING BANK A financial institution (often a bank) where a merchant has an account to process transactions and card payments ATM Automated Teller Machine. Unattended,
Given recent payment data breaches, clients are increasingly demanding robust security and fraud solutions; and Financial institutions continue to outsource and leverage technology providers given their
CHAPTER 6 E-commerce Payment Created by, David Zolzer, Northwestern State University Louisiana Copyright 2002 Pearson Education, Inc. Slide 6-1 Copyright 2002 Pearson Education, Inc. Slide 6-2 Learning
Chapter 5 Online Payment System Copyright 2007 Pearson Education, Inc. Slide 5-64 Types of Payment Systems Cash Checking Transfer Credit Card Stored Value Accumulating Balance Copyright 2007 Pearson Education,
International Journal of Recent Research and Review, Vol. I, March 2012 Electronic Commerce and E-wallet Abhay Upadhayaya Department of ABST,University of Rajasthan,Jaipur, India Email: firstname.lastname@example.org
Mobile Wallet Platform Next generation mobile wallet solution Introduction to mwallet / Mobile Wallet Mobile Wallet Account is just like a Bank Account User s money lies with the Mobile Wallet Operator
THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit
Secure Financial Transactions Any Time, Any Place Euronet Software Solutions ATM Management System Maintain and Expand Your Automated Service Offerings with a Secure, Flexible and Powerful Solution Serving
BACKGROUND State of Wisconsin agencies accepted more than 6 million credit/debit card payments annually through the following payment channels: Point of Sale (State agency location) Point of Sale (Retail-agent
Electronic Payment Systems Michael B. Spring Department of Information Science and Telecommunications University of Pittsburgh email@example.com http://www.sis.pitt.edu/~spring Traditional Methods Traditional
TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS 1. Introduction Debit and Credit Card Receipt Standards apply to the administration
Innovation in payments an overview Surveying the Scene In developed countries, payments networks are mostly fit for purpose. However, concerns are emerging of persistently high costs and chip and security
Mobile Payment: The next step of secure payment VDI / VDE-Colloquium May 16th, 2013 G&D has been growing through continuous innovation Server software and services Token and embedded security Cards for
Chapter 2 Introduction to the similar solutions and compare with the proposed system. Chapter two contains the similar solutions done by others and these solutions have been compared with the automated
Serving millions of people worldwide with electronic payment convenience. Euronet s Internet Banking Solution Built for Today s Online Business Copyright 2010 Euronet Worldwide, Inc. All rights reserved.
The System for Secure Mobile Payment Transactions Master Thesis in Information and Communication Systems Security Behzad Pouralinazar Stockholm, Sweden 2013 TRITA-ICT-EX-2013:6 The System for Secure Mobile
The e-payment Systems Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing, sales, payment, fulfillment, customer service Electronic
Agent Registration Program Guide (For use in Asia Pacific, Central Europe, Middle East, Africa) Version 1 April 2014 Contents 1 INTRODUCTION... 3 1.1 ABOUT THIS GUIDE... 3 1.2 WHO NEEDS TO BE REGISTERED?...
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
Visa Reloadable Frequently Asked Questions EMV Travel Card How does the International Prepaid Card work? The International Prepaid Card is a reloadable prepaid Visa debit card, which means you can spend
Chapter 1 Introduction 1.1 Introduction This chapter will discuss the problem domain, motivation to the project, background materials, references and proposed solution. 1.2 Problem domain. Below mentioned
Third Party Agent (TPA) Registration Program - TPA Types and Functional Descriptions Independent Sales Organizations (ISO) ISO Merchant (ISO M) Conducts merchant account or transaction processing solicitation,
BROWN UNIVERSITY University Policy Accepting Credit Cards to Conduct University Business Purpose Brown University requires all departments that are involved with credit card handling to do so in compliance
DEBIT/ATM CARD APPLICATION APPLICANT: Last Name: First Name: M.I. Street Address: Apt. # / PO Box: City: State: Zip: Day Telephone #: Evening Telephone # Debit Card ATM Card SECOND APPLICANT: Last Name:
A point of sale application for secure financial transitions in a mobile business enviroment KAZI MASUM SADIQUE KTH Information and Communication Technology Master of Science Thesis Stockholm, Sweden 2013
SUBJECT: Policy and Procedures PAGE: 1 of 5 INTRODUCTION During fiscal year 2014, State of Wisconsin agencies accepted approximately 6 million credit/debit card payments through the following payment channels:
BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
CREDIT CARD PROCESSING GLOSSARY OF TERMS 3DES A highly secure encryption system that encrypts data 3 times, using 3 64-bit keys, for an overall encryption key length of 192 bits. Also called triple DES.
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
MOBILE CHIP ELECTRONIC COMMERCE: ENABLING CREDIT CARD PAYMENT FOR MOBILE DEVICES Marko Schuba and Konrad Wrona Ericsson Research, Germany ABSTRACT This paper describes the Mobile Chip Electronic Commerce
Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark
Visa Canada The following tables set forth the interchange reimbursement fees applied on Visa financial transactions completed in Canada. 1 Visa uses interchange reimbursement fees as transfer fees between
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.0 February 2014 Section 1: Assessment Information Instructions for Submission
PrePay Solutions Prepay Solutions (PPS) UK pioneer in prepaid leading the sector for the last 10 years with continued innovation delivering successful prepaid programs throughout Europe 2 PPS in the Digital
What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers
Serving millions of people worldwide with electronic payment convenience. Euronet s Contactless Solution Fast, Secure and Convenient Transactions with No Swiping, PIN or Signature Copyright 2011 Euronet
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.0 February 2014 Section 1: Assessment Information Instructions for Submission
Payment Card Industry (PCI) Policy Manual Network and Computer Services Forward This policy manual outlines acceptable use Black Hills State University (BHSU) or University herein, Information Technology
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
Serving millions of people worldwide with electronic payment convenience. Euronet s Telephone Banking Solution Enable Self-Service for Your Customers Copyright 2010 Euronet Worldwide, Inc. All rights reserved.
E-Commerce E-Commerce or Electronics Commerce is a methodology of modern business which fulfills the need of business organizations, vendors and customers to reduce cost and improve the quality of goods
GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY Acquiring Bank The bank or financial institution that accepts credit and/or debit card payments for products or services on behalf
Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Introduction: The Procedures that follow will allow the University to be in compliance with the Payment Card Industry
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011 On 5 th March 2010, The Association of Banks in Singapore announced key measures to adopt a holistic
1. Introduction 1.1. Purpose and Background 1.2. Central Coordinator Contact 1.3. Payment Card Industry Data Security Standards (PCI-DSS) High Level Overview 2. PCI-DSS Guidelines - Division of Responsibilities
Serving millions of people worldwide with electronic payment convenience. Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Copyright 2011 Euronet Worldwide, Inc. All
Electronic Cash Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University email: firstname.lastname@example.org URL: http://www.engr.sjsu.edu/gaojerry May, 2000 Presentation Outline - Overview
AYMENTS SYSTEM COUNCIL The Role of Banks Relative to Non-Banks in Electronic Money Operations A Paper by a Sub-committee of The Payments System Council September 2011 I Introduction Several factors have
GENERAL TERMS AND CONDITIONS FOR DEBIT CARD 1. PHRASING Words importing only the singular shall include the plural and vice versa. Where the Account is a Joint Account, reference to single customer shall
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
DEBIT CARD AGREEMENT EFFECTIVE AUGUST 1, 2013 IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A NEW ACCOUNT The USA PATRIOT Act has paved the way for financial institutions to help fight the funding
MOBILE MONEY SERVICES PRODUCT GUIDE ARTICLE 1 - ACCOUNT TYPES Easy Pay Account Easy Pay Accounts are semi-closed prepaid accounts, the funds in respect of which can be used only for Bill Payment Transactions
Burke and Herbert Bank 100 S. Fairfax Street Alexandria, VA 22314 (703) 684-1655 www.burkeandherbertbank.com ELECTRONIC FUND TRANSFER DISCLOSURE For purposes of this disclosure the terms "we", "us" and
EMP's vision is to be the leading electronic payments processing company in the emerging markets of Africa and the Middle East. EMP's mission is to be at the forefront of the region's electronic payments
PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page
Ingenious Systems Evolute System's Mobile Payment Initiative The Mobile Payment Concept A mobile payment is any payment where a mobile device is used to initiate, authorize and confirm an exchange of financial
CREDENTIAL MANAGEMENT Meeting the challenges of cyber and physical security threats is a necessity for the private and public sectors in the 21 st Century. With continually changing threats to security,
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
DATA SECURITY: EVERYTHING YOU NEED TO KNOW! Data Breaches: Where, What and Why! Federal and State Regulations to Protect Data! EMV Chip Technology! PIN or Signature?! Existing and Emerging Security Options!
PLACE GROUP UK LONDON STUDENT HOUSING GROUP PAYMENT CARD INDUSTRY DATA SECURITY STANDARD COMPLIANCE STATEMENT PCI DSS (09) VERSION: 2009PCIDSSP4S01 Information updated: 21 October 2012 SAFEGUARDING CARDHOLDER
DEBIT CARD AGREEMENT AND DISCLOSURE This Debit Card Agreement and Disclosure is the contract which covers your and our rights and responsibilities concerning the debit card services offered to you by Front
Interoperable Mobile Payment A Requirements-Based Architecture Dr. Manfred Männle Encorus Technologies GmbH; product management Payment Platform Summary: Existing payment methods like cash and debit/credit
September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service
E-Commerce Transaction E-commerce Payment Systems Slides from Ecommerce by Laudon and Traver Copyright 2004 Pearson Education, Inc. Slide 6-1 Points of Vulnerability PayPal: The Money s in the E-mail PayPal:
(For use in Asia Pacific, Central Europe, Middle East and Africa) January 2012 Contents 1 INTRODUCTION... 3 1.1 BACKGROUND... 3 1.2 PURPOSE OF DOCUMENT... 4 1.3 WHO NEEDS TO BE REGISTERED?... 5 1.4 WHY
RETHINKING CARDS BUSINESS Erick Ho, Head of Payment Services, SunGard 17 September 2015 Break through. Agenda 01 02 03 04 05 Trends and Growth in cards and payment business Sharpening Business Focus The
Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that
FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification
Contactless payment by mobile Table of contents 1. What is contactless payment by mobile? 2. What do I need to shop with my mobile phone? 3. How can I manage a Mobile Card? 4. How do I shop with my mobile
General Terms on Deposit Accounts 1. General... 2 2. About Arion Bank hf.... 2 3. Communicating with Arion Bank, passing on information, languages etc.... 2 4. Opening an account and powers of attorney...
QUICK REFERENCE GUIDE FUTURE PROOF TERMINAL Review this Quick Reference Guide to learn how to run a sale, settle your batch and troubleshoot terminal responses. INDUSTRY Retail and Restaurant APPLICATION
about MAMBA What is MAMBA? I-NEW Communicative Solutions delivers a mobile assisted micro broker application called MAMBA allowing service providers and distributors to let their end customers transfer