Article

On two Proposals for On-line Bankcard Payments using Open Networks: Problems and Solutions

Author:

Wenbo MaoAuthors Info & Claims

SP '96: Proceedings of the 1996 IEEE Symposium on Security and Privacy

Page 201

Published: 06 May 1996 Publication History

Publisher Site

Abstract

Recently, two major bankcard payment instrument operators VISA and MasterCard published specifications for securing bankcard payment transactions on open networks for open scrutiny. (VISA: Secure Transaction Technology, STT; MasterCard: Secure Electronic Payment Protocol, SEPP.) Based on their success in operating the existing on-line payment systems, both proposals use advanced cryptographic technologies to supply some security services that are well-understood to be inadequate in open networks, and otherwise specify systems similar to today's private-network versions. In this paper we reason that when an open network is used for underlying electronic commerce some subtle vulnerabilities will emerge and the two specifications are seen not in anticipation of them. A number of weaknesses are found as a result of missing and misuse of security services. Missing and misused services include: authentication, non-repudiation, integrity, and timeliness. We identify problems and devise solutions while trying to keep the current successful working style of financial institutions being respected.

Cited By

View all

Abadi MGordon AGraveman RJanson PNeumann CGong L(1997)A calculus for cryptographic protocolsProceedings of the 4th ACM conference on Computer and communications security10.1145/266420.266432(36-47)Online publication date: 1-Apr-1997
https://dl.acm.org/doi/10.1145/266420.266432

On two Proposals for On-line Bankcard Payments using Open Networks: Problems and Solutions
1. Social and professional topics
  1. Computing / technology policy

Recommendations

On two proposals for on-line bankcard payments using open networks: problems and solutions
SP'96: Proceedings of the 1996 IEEE conference on Security and privacy

Recently, two major bankcard payment instrument operators VISA and MasterCard published specifications for securing bankcard payment transactions on open networks for open scrutiny. (VISA: Secure Transaction Technology, STT; MasterCard: Secure ...
Double-spending fast payments in bitcoin
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to verify payments. Nowadays, Bitcoin is increasingly used in a number of fast payment scenarios, where the time between the exchange of currency and goods is short (in the ...
Securing on-line credit card payments without disclosing privacy information

Two revisions of the original Secure Electronic Transaction (SET) protocol are proposed to conceal cardholders' identities in the electronic marketplace in which cardholders' trust for banks can be reduced to a minimum. Constrained by being extensions ...

Comments

Information & Contributors

Information

Published In

SP '96: Proceedings of the 1996 IEEE Symposium on Security and Privacy

May 1996

ISBN:0818674172

Publisher

IEEE Computer Society

United States

Publication History

Published: 06 May 1996

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Abadi MGordon AGraveman RJanson PNeumann CGong L(1997)A calculus for cryptographic protocolsProceedings of the 4th ACM conference on Computer and communications security10.1145/266420.266432(36-47)Online publication date: 1-Apr-1997
https://dl.acm.org/doi/10.1145/266420.266432

Abstract

Cited By

Recommendations