Arnab, Alapan and Hutchison, Andrew (2007) Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions, Proceedings of IFIP TC-11, 22nd International Information Security Conference (Sec 2007), 14 - 16 May 2007, Sandton, South Africa, New Approaches For Security, Privacy and Trust in Complex Environments, 277-288, Springer Verlag.
PDF
arnab-hutchison-ifipsec2007.pdf Download (130kB) |
Abstract
Because many current payment systems are poorly implemented, or of incompetence, private data of consumers such as payment details, addresses and their purchase history can be compromised. Furthermore, current payment systems do not offer any non-repudiable verification to a completed transaction, which poses risks to all the parties of the transaction -- the consumer, the merchant and the financial institution. One solution to this problem was SET, but it was never really a success because of its complexity and poor reception from consumers. In this paper, we introduce a third party payment system that aims to preserve privacy by severing the link between their purchase and payment records, while providing a traceable transaction that maintains its integrity and is non-repudiable. Our system also removes much of the responsibilities placed on the merchant with regards to securing sensitive data related to customer payment, thus increasing the potential of small businesses to take part in e-commerce without significant investments in computer security.
Item Type: | Conference paper |
---|---|
Additional Information: | Book Title: New Approaches For Security, Privacy and Trust in Complex Environments |
Date Deposited: | 30 May 2007 |
Last Modified: | 10 Oct 2019 15:34 |
URI: | http://pubs.cs.uct.ac.za/id/eprint/395 |
Actions (login required)
View Item |