QuickCash: Secure Transfer Payment Systems

Payment systems play a significant role in our daily lives. They are an important driver of economic activities and a vital part of the banking infrastructure of any country. Several current payment systems focus on security and reliability but pay less attention to users’ needs and behaviors. For example, people may share their bankcards with friends or relatives to withdraw money for various reasons. This behavior can lead to a variety of privacy and security issues since the cardholder has to share a bankcard and other sensitive information such as a personal identification number (PIN). In addition, it is commonplace that cardholders may lose their cards, and may not be able to access their accounts due to various reasons. Furthermore, transferring money to an individual who has lost their bankcard and identification information is not a straightforward task. A user-friendly person-to-person payment system is urgently needed to perform secure and reliable transactions that benefit from current technological advancements. In this paper, we propose two secure fund transfer methods termed QuickCash Online and QuickCash Offline to transfer money from peer to peer using the existing banking infrastructure. Our methods provide a convenient way to transfer money quickly, and they do not require using bank cards or any identification card. Unlike other person-to-person payment systems, the proposed methods do not require the receiving entity to have a bank account, or to perform any registration procedure. We implement our QuickCash payment systems and analyze their security strengths and properties.

[1]  Rajesh Krishna Balan,et al.  mFerio: the design and evaluation of a peer-to-peer mobile payment system , 2009, MobiSys '09.

[2]  Ramarathnam Venkatesan,et al.  Dhwani: secure peer-to-peer acoustic NFC , 2013, SIGCOMM.

[3]  Arwa Alrawais,et al.  Secure Authentication Scheme Using Dual Channels in Rogue Access Point Environments , 2014, WASA.

[4]  Barbara Carminati,et al.  Enforcing Trust Preferences in Mobile Person-to-Person Payments , 2013, 2013 International Conference on Social Computing.

[5]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[6]  Slava Gomzin Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions , 2014 .

[7]  Arwa Alrawais,et al.  A Secure and Practical Authentication Scheme Using Personal Devices , 2017, IEEE Access.

[8]  Ross J. Anderson,et al.  A Birthday Present Every Eleven Wallets? The Security of Customer-Chosen Banking PINs , 2012, Financial Cryptography.

[9]  William R. Keeton,et al.  New Person-to-Person Payment Methods: Have Checks Met Their Match? , 2012 .

[10]  Gunela Astbrink,et al.  Password sharing: implications for security design based on social practice , 2007, CHI.

[11]  Mervyn A. Jack,et al.  User perceptions of security, convenience and usability for ebanking authentication tokens , 2009, Comput. Secur..

[12]  Gierad Laput,et al.  EM-Sense: Touch Recognition of Uninstrumented, Electrical and Electromechanical Objects , 2015, UIST.

[13]  Claudio Soriente,et al.  Smartphones as Practical and Secure Location Verification Tokens for Payments , 2014, NDSS.

[14]  Joel J. P. C. Rodrigues,et al.  A hybrid NFC-Bluetooth secure protocol for Credit Transfer among mobile phones , 2014, Secur. Commun. Networks.

[15]  Wassim El-Hajj,et al.  Two factor authentication using mobile phones , 2009, 2009 IEEE/ACS International Conference on Computer Systems and Applications.

[16]  JackMervyn,et al.  User perceptions of security, convenience and usability for ebanking authentication tokens , 2009 .

[17]  Arwa Alrawais,et al.  A novel verification method for payment card systems , 2015, Personal and Ubiquitous Computing.

[18]  Arwa Alrawais,et al.  Towards More Secure Cardholder Verification in Payment Systems , 2014, WASA.

[19]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[20]  Thomas Weigold,et al.  Secure Internet banking authentication , 2006, IEEE Security & Privacy.

[21]  T. Kelly,et al.  Information and communications for development 2012 : maximizing mobile , 2012 .

[22]  Lisa Valentine Payment Innovations: Are You in? the Payments Space Is Alive with New Options like P2P. Here's a Look at the Hottest, and Possible Bank Impacts , 2012 .

[23]  M. Nakajima Payment System Technologies and Functions: Innovations and Developments , 2011 .

[24]  J. Gao,et al.  P2P-Paid: A Peer-to-Peer Wireless Payment System , 2005, Second IEEE International Workshop on Mobile Commerce and Services.

[25]  Patrick Traynor,et al.  Leveraging Cellular Infrastructure to Improve Fraud Prevention , 2009, 2009 Annual Computer Security Applications Conference.

[26]  Steven J. Murdoch,et al.  EMV: why payment systems fail , 2014, CACM.

[27]  J. Ludden,et al.  Principles and Practice , 1998, Community-based Learning and Social Movements.