Security Enhanced Online Registration Prepaid Scratch Card Payment Approach



Similar documents
We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

Payments Industry Glossary

SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES

Concept of Debit Card as a means of payments in Malaysia. The acceptance of electronic payment systems among Malaysian consumers

Electronic Payment Systems. Dr Sherif Kamel

Failure to follow the following procedures may subject the state to significant losses, including:

Guidelines for Accepting Credit Cards as a Form of Payment for Education, Registration and Other Fees

Payment Systems for E-Commerce. Shengyu Jin 4/27/2005

How To Control Credit Card And Debit Card Payments In Wisconsin

FAQs on CBN Cash-less Society Policy

E-commerce refers to paperless exchange of business information using following ways.

University Policy Accepting Credit Cards to Conduct University Business

Credit card: permits consumers to purchase items while deferring payment

How To Change A Bank Card To A Debit Card

Credit Card Conditions of Use. Credit Guide.

Selecting a Secure and Compliant Prepaid Reloadable Card Program

Credit Card Conditions of Use. Credit Guide.

Welcome to the world of prepaid cards... Contents

Registry of Service Providers

Empirical Study in the Security of Electronic Payment Systems

Chapter 10. e-payments

ipayu TM Prepaid MasterCard FREQUENTLY ASKED QUESTIONS

UK Card Payments 2014

Agent Registration. Program Guidelines. (For use in Asia Pacific, Central Europe, Middle East and Africa)

Online Payment Process. Name Kathleen Kaye Acosta Nr Course E-Business Technologies SS2008 Professor Dr. Eduard Heindl

Smart Cards for Payment Systems

PAYROLL CARD FREQUENTLY ASKED QUESTIONS

Business Vantage Visa Credit Card. Conditions of Use. Effective Date: 20 May 2016

How To Understand The Cbn Cash Policy

Travel Card. Cardholder Frequently Asked Questions. June 2014 T.FQ.S E

CREDIT CARD PROCESSING GLOSSARY OF TERMS

DEBIT/ATM CARD APPLICATION

Agent Registration. Program Guide. (For use in Asia Pacific, Central Europe, Middle East, Africa)

STATE BANK OF PAKISTAN

Guideline on Debit or Credit Cards Usage

A Biometric Identification Based Scheme for Secured E-Payment

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

Electronic Commerce and E-wallet

BENEFITS GUIDE. BMO Prepaid Travel. MasterCard. Your travel payment card

Networks, Processors, and Issuers Payments Surveys (NPIPS)

It s in the Cards. Participant s Guide

Mobile Banking Questionnaire USERS

PNC PayCard Program Cardholder Website How-To Manual

Towards Designing a Biometric Measure for Enhancing ATM Security in Nigeria E- Banking System

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

Checking Account & Debit Card Simulation. Understanding Checking Accounts and Debit Card Transactions

Introduction to the similar solutions and compare with the proposed system.

Annual Analysis Card Payments

Virginia Tax Refund Debit Card Frequently Asked Questions for the Virginia Banking Community

ACQUIRER OR ACQUIRING BANK A financial institution (often a bank) where a merchant has an account to process transactions and card payments

CRM4M Accounting Set Up and Miscellaneous Accounting Guide Rev. 10/17/2008 rb

IMPACT OF E-PAYMENT IN OIL AND GAS INDUSTRY. BY Mr. GBODUME ANDREW. (ED, Finance & Admin, MRS OIL NIGERIA Plc)

CREDIT CARD PROCESSING POLICY AND PROCEDURES

qwertyuiopasdfghjklzxcvbnmqwertyui opasdfghjklzxcvbnmqwertyuiopasdfgh jklzxcvbnmqwertyuiopasdfghjklzxcvb

POLICY & PROCEDURE DOCUMENT NUMBER: DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants

What is a Checking Account? Checking Account & Debit Card Simulation. What is a Check? Bouncing a Check. Other Checking Components

Amplify Business of Conditions of Use

Solutions Payments Network

Solutions. Payments Network Enhance Consumer Loyalty, Increase Revenue and Improve Your Competitive Edge With Real-Time Payments Solutions

2 YEARS OF E-REGISTRATION: KEEPING PACE WITH I T REVOLUTION IN TESTING: THE WAEC EXPERIENCE

EMV PAYMENT TERMINAL SYSTEM FUNCTIONAL DESCRIPTION 21 October 2011 / V 4.2

PRACTICAL MONEY GUIDES PREPAID CARD BASICS. What you should know about using prepaid cards

lesson six banking services overheads

Checking Account & Debit Card Simulation and Student Worksheet. Understanding Checking Accounts and Debit Card Transactions

Guidelines for Card Issuance and Usage in Nigeria

Interoperable Mobile Payment A Requirements-Based Architecture

Payroll Card Position Paper July 2004

TOP TRUMPS Comparisons of how to pay for goods and services online

PAYMENT SYSTEMS IN GHANA

Visa Reloadable Frequently Asked Questions. EMV Travel Card

Vocabulary Financial Institutions Student Worksheet

A RE T HE U.S. CHIP RULES ENOUGH?

Electronic Cash Payment Protocols and Systems

Issues and Challenges of Electronic Payment Systems

VENTRA GROUP SALES. FAQs. What options do I have for Group Sales? Frequently Asked Questions

Card payments in Sweden

EDUCATION - TERMS 101

Frequently Asked. Questions. Cash Solution TM PIN Prepaid Debit Card

Amplify Business Credit Card Conditions of Use.

ACH, EFT, SET, SSL, IOTP

Chapter 40 - E-Commerce: Electronic Acceptance and Disbursement of State Funds/Benefits

A Study of an On-Line Credit Card Payment Processing and Fraud Prevention for e-business

Adoption of Point of Sale Terminals in Nigeria: Assessment of Consumers Level of Satisfaction Abstract Key words 1. INTRODUCTION

Who Are The Parties Involved In Credit Card Processing?

Types of Payment Systems and Instruments

Prepaid Cards. An alternative to credit and debit cards. When choosing how to pay for their purchases, consumers have many options.

u.s. bank focus card Frequently Asked Questions The Focus Card What is the Focus Card? How does the Focus Card work?

Transcription:

Available online at www.scientiaresearchlibrary.com Scientia Research Library ISSN 2348-0424 USA CODEN: JETRB4 Journal of Engineering And Technology Research, 2014, 2 (6):53-59 (http://www.scientiaresearchlibrary.com/arhcive.php) Security Enhanced Online Registration Prepaid Scratch Card Payment Approach Bello Alhaji Buhari 1, Ahmad Idris Tambuwal 2 1 Department of Mathematics, UsmanuDanfodiyo University, P.M.B. 2346, Sokoto, Nigeria 2 Department of Mathematics, UsmanuDanfodiyo University, P.M.B. 2346 Sokoto, Nigeria ABSTRACT The advent of e-commerce has created new financial needs that in many cases cannot be effectively fulfilled by traditional payment systems. Prepaid cards, originally conceived as a convenient way for consumers to pay for telephony access, are currently being repurposed for general use as payment mechanism on the Internet. The significance of Authorization and Importance of encryption influence the perceived security of E-finance transactions. In this paper we consider scratch-off card (scratch card) used for institutions online registration payment taking Nigeria as the case study. We develop a new approach for adding more security to the current prepaid scratch card payment approach used for online registrations. We added the use alphanumeric code instead of serial number, which is cumbersome considering the number of generated scratch cards every year. In addition, we employ standard security mechanism using MD5 cryptographic hash function to encrypt the scratch card details saved in the database. This will enhanced the security of the prepaid scratch card payment system. We describe the current approach and proposed approach using activity diagram. Keywords: security; prepaid scratch card; online registration; e-payment; pin number; alphanumeric code. INTRODUCTION Technological advances continue to allow more and more individuals and businesses to shift toward the electronic delivery of information instead of the exchange of paper-based documents. Examples of this migration include the use of email instead of traditional mail service, the delivery of realtime news via the Internet instead of a physical newspaper, and the payment of bills using online transfers and prepaid cards instead of mailing checks. Online registration is a system that helps to easily manage students while also providing added bonuses, with a main goal being to ease the transfer of information. The education system requires a tremendous amount of data and documentation, and this online registration solution allows institutions to focus less on processing paperwork and more on meeting the educational needs of their students by having a cost-efficient, secure registration process that allows for easy access to 53

student files [1]. Intranets and portals are supposed to provide an infrastructure through which endusers can gain effective access to information sources needed to assist in daily tasks such as effective decision making, planning and research [2]. Prepaid payment cards provide access to monetary funds that are paid in advance by the cardholder. While there are many different types of prepaid cards that are used in a variety of ways, they typically operate in the same way as a debit card and ultimately rely on access to an account. There may be an account for each card that is issued or, alternatively, there may be a pooled account that holds the funds prepaid for all cards issued. The cards may be issued by, and accounts may be held at, a depository institution or a non-bank organization; pooled accounts would be normally held by the issuer at a bank. Prepaid cards can be issued for limited or multiple purposes. Limited-purpose or closed system prepaid cards can be used for only a limited number of well-defined purposes and their use is often restricted to specific points of sale or for specific services. Examples include merchant-issued gift cards, prepaid long distance service, school registration, mobile telephony prepaid cards and mass transit system cards. These cards may either be limited to the initial value posted to the card (nonreloadable) or may allow the card holder to add value (up to a certain limit) and reuse the card (reloadable). The issuer of the card or its service provider typically operates the network on which the cards can be used. The value on the cards generally is linked to a prepaid account established by the issuer or service provider. Transactions are processed in a similar fashion to transactions involving debit or credit cards. We developed an enhanced prepaid scratch card payment approach based on closed system prepaid cards. Multipurpose or open-system prepaid cards can be used across a broader range of locations for a wider range of purposes. Such cards may be used on a national or international scale but may sometimes be restricted to a certain geographical area. Multipurpose cards may be used by the person who purchased the card or by someone else. Examples include payroll cards and general purpose cash cards for individuals without bank accounts or a credit card. These cards are usually associated with a card payment network, such as Visa or MasterCard, which permits them to be used in the same manner as a debit card to make purchases or to get cash from an automated teller machine (ATM). Some issuers do not require the cardholder to have a depository account. These cards are distributed by merchants, depository financial institutions, and money/value transfer (MVT) systems for a variety of purposes. Prepaid cards, originally conceived as a convenient way for consumers to pay for telephony access, are currently being repurposed for general use as payment mechanism on the Internet. The driving force behind this shift is the realization that the cards, which can be purchased through convenience stores and other retail outlets, address the payment needs of: Teenagers with online access, disposable income, but no credit card; Individuals who hesitate to purchase online because of privacy fears; The total size of this opportunity is hard to estimate, given the demographic overlap of targeted consumers and differences in national payment markets around the world, but it is believed to be significantly large enough that dozens of companies, both startups and incumbents, are currently vying to retool and deploy prepaid cards as an online payment mechanism. 54

Prepaid cards that are used for online payments are typically distributed as simple scratch-off cards, embossed plastic cards, or magnetic stripe cards. The cards are available in different denominations and can be purchased from a retailer with any payment mechanism, but most typically anonymous cash. As distributed to retailers, the cards are inactive and must be activated prior to use as a payment instrument. In this paper we consider scratch-off card (scratch card) used for institutions online registration payment, taking Nigeria as the case study. These include WEAC, NECO, NABTEB, JAMB and Schools and Institutions online registrations. We develop a new approach for adding more security to the current prepaid scratch card payment approach used for the mentioned online registrations. We added the use alphanumeric code instead of serial number, which is cumbersome considering the number of generated scratch cards every year. The serial number used has fixed alphabetic part with an incremental number. In addition, we employ standard security mechanism using MD5 cryptographic hash function to encrypt the scratch card details saved in the database. This will enhanced the security of the prepaid scratch card payment system. We describe the current approach and proposed approach using activity diagram. And lastly, we compare the current and proposed approach by describing the enhance component in the proposed system. RELATED WORKS Research in online registration include Olasina [1] who did a research on Students Perceptions of E-Registration at LadokeAkintola University of Technology, Cao and Budnick in [3] on what Social Factors Affect Students' Use of Online Registration, Matovu [4] in a study titled, availability, accessibility and use of ICT in management of students academic affairs in Makerere University and Adeyegbe s [5] research focused on establishing the process change resulting from the deployment of Information Technology (IT). Before the Internet really took off, several developments in the e-payments field had already taken place - all relevant to later Internet payment systems. We let the pre-history end in 1992, when the World Wide Web became a success and the number of IP-Servers exceeded one million. Prepaid cards were introduced in the payments market at the end of the 1990s as an alternative to credit cards (which require the card issuer to evaluate the cardholder s minimum level of creditworthiness) and debit cards (which entail the existence of a payment account at a bank or a financial institution). Prepaid cards began as a device used to pay for goods and services where the issuer does not need to conduct any analysis on the cardholder s credit standing, or bear the costs for opening and managing a payment account. Many prepaid cards may now be used to withdraw cash from automated teller machines (ATMs) including internationally. In addition, some of them provide the possibility of person-to-person transfers. There are researches pertaining securing of e-payments systems. The importance of Authorization and Importance of encryption influence the perceived security of E-finance transactions is agreed by Ma'aitah and shtat [6]; these features can contribute toward enhancing the perceptions of the users that the web and online transactions including E-Finance transaction are secure, and encourage them to use the online system and do financial transactions online. Tsiakis and Sthephanide [7] discussed the concept of security and trust in electronic payments. Actually e- commerce relies on security and so it has grown to be the most significant concern for its expansion [8]. These payments are done on the web, so the web security system must escape unauthorized 55

users to use the computer system and manage access to the network from inside and outside the organization [9], [10]. MATERIALS AND METHOD The advent of e-commerce has created new financial needs that in many cases cannot be effectively fulfilled by traditional payment systems. For instance, new types of purchasing relationships-such as auction between individuals online, recharge of mobile phones-have resulted in the need for peer-to-peer payment methods that allows individuals to e-mail payments to the other individual or make payment without knowledge of payer account number or much details. Recognizing this, virtually all interested parties (i.e. academicians, government, business community and financial service providers) are exploring various types of electronic payment system and issues surrounding electronic payment system and digital currency. Some proposed electronic payment systems are simply electronic version of existing payment systems such as cheques and credit cards, while, others are based on the digital currency technology and have the potential for definitive impact on today s financial and monetary system. While popular developers of electronic payment system predict fundamental changes in the financial sector because of the innovations in electronic payment system [11]. Electronic payment system refers to the automated processes of exchanging monetary value among parties in business transaction and transmitting this value over the information and communication technology networks, [12]. First, we simulate the current prepaid scratch card payment system in Nigeria with the aid of activity diagram taking WEAC, NECO, NABTEB, JAMB and schools and institutions online registrations into consideration. An Activity Diagram as defined by the Unified Modeling Language (UML) [13] models procedural actions, the sequencing of actions (control flow), and conditions for coordinating behaviors. Basic Activity Diagrams may be elaborated with UML features to describe the object flow between actions (inputs and outputs) and other relevant information. Based on the model we then look for opportunity for improving the security of the scratch card payment system approach. Second, based on the improvement opportunities highlighted from the current system, we select those that are significant. We then re-model the current model, using activity diagram, to incorporate the enhance security features, we proposed, for the new scratch card payment system approach. We support our new approach with reasons. CURRENT PREPAID SCRATCH CARD PAYMENT APPROACH All prepaid programs operate on the same core premise: a positive balance is loaded into an account associated with a card and drawn down through purchase activity. Actually, the value is not literally loaded on the card but is reflected into an account on provider s server. Prepaid programs are powerful solutions for facilitating access to and spending one s money with greater security and efficiency than cash or cheques. The institutions that issue the specific prepaid products develop the detailed features including maximum and minimum value limits, fees and terms of use. Prepaid scratch cards look and function like a credit card at the point-of-sale or on Payment Gateway on Internet, Mobile or Phone. Merchants handle the card just as they would handle a credit card. Most of the prepaid scratch cards carry the same security protection features as other Credit/debit cards. 56

In Nigeria prepaid scratch cards are used for airtime recharge. The available GSM providers are: MTN, GLO, AIRTEL, etc. In addition they are also used for examinations registration like WAEC, NECO, NABTEB, JAMB, etc. Further, most online institutions admission and registrations payments are done using prepaid scratch cards. GSM providers airtime recharges and WAEC registration used only pin number approach. But, NECO, NABTEB and JAMB add additional security of using both pin number and serial number approach. In our activity diagram model we consider online registration system to describe the current prepaid scratch card payment approach in Nigeria. This can be shown in figure 1. The institution manufactures the prepaid scratch card and save the scratch card details on the database server. Candidates including applicants and students bought the scratch card. To register with the system, they provide both pin number and serial number to the system. The system checks both whether the pin number is available in the database and the corresponding serial number is equal to the provided serial number. It also confirms whether the pin number is not already used. If the provided scratch card details are valid the system confirms the payment, update the database and allow the candidate access to registration sections. The pin number for all the examination bodies and institutions are numeric. Most serial numbers are alpha numeric but the alphabetic part is constant or fixed. The fixed alphabets are the first serial numbers digits and most are abbreviation of the examination body followed by another two numeric digits signifying year and an incremental value. PROPOSED PREPAID SCRATCH CARD PAYMENT APPROACH The current prepaid scratch card payment approach is using pin number and serial number. The serial numbers are cumbersome considering the number of candidates for each of the examination body each year. So, at time goes by, the serial number digits length will be greater than the pin number length, which is fixed mostly 12 digits. Also, the alphabetic part does not add security to the serial number because it is fixed or constant. Lastly, standard security mechanism like cryptography is not employed in saving and updating the prepaid scratch card detail to avoid security treats. Figure 1: Activity diagram form current prepaid scratch card payment approach As the result of these limitations we proposed a more secured prepaid scratch card payment approach. In our approach instead of serial number an auto generated alpha numeric code is going 57

to be used. The alpha numeric code length will be less than the pin number length, preferably 8 digits length. So, pin number and alphanumeric code are used instead of pin number and serial number. Furthermore, MD5 cryptographic hash function is used to encrypt the scratch card details and save on the database server. This will enhance the security of the payment system. The proposed prepaid scratch card payment approach can be shown in figure 2. Figure 2: Activity diagram form proposed prepaid scratch card payment approach In our proposed approach the institutions manufacture the scratch cards, encrypt the scratch card details and save on the database server. Candidates bought the scratch card. Here, they should provide pin number and alphanumeric code in order to have access to registration sections. Because the scratch card details on the database are encrypted, the provided scratch card details by the candidates has to be encrypted before they will be confirm with the saved scratch card details on the server. If the provided scratch card details are valid the system confirms the payment, update the database and allow the candidate access to registration sections. CONCLUSION The emergence of e-commerce has created new financial needs that in many cases cannot be effectively fulfilled by traditional payment systems. For instance, new types of purchasing relationships-such as auction between individuals online, recharge of mobile phones-have resulted in the need for peer-to-peer payment methods that allows individuals to e-mail payments to the other individual or make payment without knowledge of payer account number or much details. Recognizing this, virtually all interested parties (i.e. academicians, government, business community and financial service providers) are exploring various types of electronic payment system and issues surrounding electronic payment system and digital currency. Some proposed electronic payment systems are simply electronic version of existing payment systems such as cheques and credit cards, while, others are based on the digital currency technology and have the potential for definitive impact on today s financial and monetary system. While popular developers of electronic payment system predict fundamental changes in the financial sector because of the innovations in electronic payment system [11]. Prepaid cards, originally conceived as a convenient way for consumers to pay for telephony access, are currently being repurposed for general use as payment mechanism on the Internet. Prepaid cards that are used for online payments are typically distributed as simple scratch-off cards (Which are considered in this research paper), embossed plastic cards, or magnetic stripe cards. The cards are available in different denominations and can be purchased from a retailer with any payment 58

mechanism, but most typically anonymous cash. As distributed to retailers, the cards are inactive and must be activated prior to use as a payment instrument. In the current, pin number and serial number approach is used. It does not employ cryptographic hash function mechanism. But in the proposed system, pin number and alphanumeric code approach is used. The proposed approach also employs MD5 cryptographic hash function mechanism to add more security to the approach. We intended develop a formal specification for the proposed scratch card payment approach. Also, mathematical model can be developed for the approach in other to verify the correctness and fitness of the proposed model for the approach. Based on this approach an online prepaid scratch card payment system can be developed for the considered institutions in Nigeria. REFERENCES [1]. Olasina, Gbola, The Use of Web 2.0 Tools and Social networking Sites by Librarians, Information Professionals and other professionals in Workplaces in Nigeria, Pacific Northwest Library Association, PNLA Quarterly 75 (3) 2011; 11-43. (Spring) [2]. Brakel, P.V. Information Portals: A strategy for importing external content, Electronic Library, Vol. 21 ISS: 6 2003,pp. 591-600 [3]. Cao, X.; Brodnick, R. What Social Factors Affect Students Use of Online Registration: An Exploratory Study. Association for Institutional Research 42nd Annual Forum, June 2002. Toronto, Canada. [4]. Matovu, M. Availability, Accessibility and use of ICT in Management of Students Academic Affairs in Makerere University, Makerere University (2009). Available: http://docs.mak.ac.ug/sites/default/files/matovu_moses.pdf (November, 2014) [5]. Adeyegbe. 2 Years of E-Registration: Keeping Pace with IT Revolution in Testing: The WAEC Experience 2007. Available at http://www.iaea.info/documents/paper_1162a16530.pdf (November 22, 2014) [6]. AL-ma'aitah, M.; Shatat, A. Empirical Study in the Security of Electronic Payment Systems, IJCSI International Journal of Computer Science Issues, Vol. 8, Issue 4, No (2011). [7]. Tsiakis, T., and Sthephanides, G. The concept of security and trust in electronic payments, Computers & Security, Vol.24, pp: 10-15. [8]. Jun., S. and Punit, A. The more secure the better? A study of information security readiness, Industrial Management & Data Systems, Vol.111 Issue: 4, (2011), pp.570-588. [9]. Efraim, T. Michael, C.H. and Jae, L.K. "Electronic Commerce: A Managerial Perspective", Prentice Hall, 4th Ed, 2006. [10]. Hopwood, W. Security in a Web-Based Environment, Managerial Finance, Vol.26, (2001), pp.42-52. [11]. Kalakota, Ravi and Whinston, B. Andrew,Frontiers of Electronic Commerce, Singapore: Pearson Education, 1996 p. 295. [12]. Ayo, C. K; Ukpere, W. I.; Design of a Secured Unified E-payment Systems in Nigeria: A Case Study, African Journal of Business Management vol.4(9) 2010, pp 1753 1760. [13]. OMG Unified Modeling Language Superstructure Specification, version 2.1.1. Document formal/2007-02-05, Object Management Group, February 2007.http://www.omg.org/cgibin/doc?formal/2007-02-05. 59

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information