Multi-Layer Defense Model for Securing Online Financial Transactions

Joseph Gualdoni, Andrew Kurtz, Ilva Myzyri, Megan Wheeler, Syed S. Rizvi
{"title":"Multi-Layer Defense Model for Securing Online Financial Transactions","authors":"Joseph Gualdoni, Andrew Kurtz, Ilva Myzyri, Megan Wheeler, Syed S. Rizvi","doi":"10.1109/ICSSA.2017.25","DOIUrl":null,"url":null,"abstract":"Purchasing items on the Internet with credit cards is risky-due to the ease of gaining the information without having the physical card. The ease of phishing, spoofing, or other ways perpetrators can obtain a consumer's credit card information. The threat of identity theft is growing as we rely more and more on the Internet to make purchases. To mitigate risk, we present a new Multi-Layer Defense (MLD) model. Our proposed MLD model combines the strong two-factor authentication capabilities with a unique random code that is only valid for an active session. Essentially, two-factor authentication is an extra layer of security used in addition to username and password to better confirm the user's identity. This code serves as a private key to authenticate such online transactions. The code can be utilized to identify users and establish secure ways of purchasing items. The proposed MLD model uses devices to log into card accounts via an application to view a generated code. The generated code is inputted on an online retailer's website to authorize the use of the credit card. This minimizes the possibility of an illegitimate user gaining access to another individual's credit card. Without a valid code, impostors cannot use the stolen card information to make purchases that could harm the account holder. To show the practicality of our scheme, we provide one case study between a Consumer A and Consumer B that explains the difference in outcome by using the proposed MLD model.","PeriodicalId":307280,"journal":{"name":"2017 International Conference on Software Security and Assurance (ICSSA)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-07-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Software Security and Assurance (ICSSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSSA.2017.25","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

Abstract

Purchasing items on the Internet with credit cards is risky-due to the ease of gaining the information without having the physical card. The ease of phishing, spoofing, or other ways perpetrators can obtain a consumer's credit card information. The threat of identity theft is growing as we rely more and more on the Internet to make purchases. To mitigate risk, we present a new Multi-Layer Defense (MLD) model. Our proposed MLD model combines the strong two-factor authentication capabilities with a unique random code that is only valid for an active session. Essentially, two-factor authentication is an extra layer of security used in addition to username and password to better confirm the user's identity. This code serves as a private key to authenticate such online transactions. The code can be utilized to identify users and establish secure ways of purchasing items. The proposed MLD model uses devices to log into card accounts via an application to view a generated code. The generated code is inputted on an online retailer's website to authorize the use of the credit card. This minimizes the possibility of an illegitimate user gaining access to another individual's credit card. Without a valid code, impostors cannot use the stolen card information to make purchases that could harm the account holder. To show the practicality of our scheme, we provide one case study between a Consumer A and Consumer B that explains the difference in outcome by using the proposed MLD model.
在线金融交易安全的多层防御模型
用信用卡在网上购物是有风险的,因为没有实体卡就很容易获得信息。网络钓鱼、欺骗或其他犯罪者可以轻易获得消费者的信用卡信息。随着我们越来越依赖互联网购物,身份盗窃的威胁也越来越大。为了降低风险,我们提出了一种新的多层防御(MLD)模型。我们提出的MLD模型将强大的双因素身份验证功能与仅对活动会话有效的唯一随机代码相结合。本质上,双因素身份验证是在用户名和密码之外使用的额外安全层,可以更好地确认用户的身份。此代码用作验证此类在线交易的私钥。该代码可用于识别用户并建立安全的购买方式。建议的MLD模型使用设备通过应用程序登录到卡帐户以查看生成的代码。生成的代码被输入到在线零售商的网站上,以授权使用信用卡。这最大限度地减少了非法用户访问另一个人的信用卡的可能性。如果没有有效的密码,骗子就不能使用被盗的信用卡信息进行购物,从而损害账户持有人的利益。为了展示我们方案的实用性,我们提供了一个消费者a和消费者B之间的案例研究,通过使用提议的MLD模型来解释结果的差异。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信