StoredAccount Payment Systems

1
Stored-Account Payment Systems

• Payment Systems that support SET
• Backed by Visa and MasterCard
• American Express also adopted SET
• SET market acceptance is wanting
• Complexity of the specification complex software
• PKI all participants need certificates
• Legacy system of financial industry is not
  compatible with SET
• Using SET with smart cards in Europe
• Simplifying SET is ongoing
• Payment systems over SSL
• Merchant can be authenticated by its certificate
• Prevent attackers masquerades merchant to capture
  card details
• Buyer-merchant communication is encrypted
• Prevent attackers intercepts card details

2
Centralized Account Payment

• Both the payer and payee hold accounts at the
  same centralized on-line financial institution
• The payer securely connects to the bank, and
  informs it to move a certain amount from the
  payers account into the payees account
• The bank subtract an amount from one account and
  add the amount to another account
• Drawback all participants must have an account
  with the same payment system
• Centralized account model is popular on the
  internet
• PayPal, Yahoo! PayDirect, InternetCash, CyberGold
• Used by Amazon.com, eBay, AOL QuickCash

3
Funding the Account

• The on-line accounts are not real bank account
• They are not governed by national banking
  regulations
• They do not provide the facilities of a real
  certified bank
• They are typically limited 10,000 or less
• The most popular method of funding an on-line
  account is to use a payment card
• Credit card or debit card
• Authentication of credit card owner is necessary
• Other methods of funding
• Transfer funds from a regular bank account
• Prepaid card from a physical store

4
Card Owner Authentication

• International credit card owner authentication by
  PayPal
• The user sign up
• PayPal sends two credit lodgments to the credit
  card account
• Each deposit is a small random amounts between 1
  cent to 99 cents
• Each transaction is labeled with two different
  unique PayPal merchant identifiers
• The user query his/her credit card account
  statement to obtain the credit amounts and
  merchant identifiers
• The user present them to PayPal to prove that
  he/she is indeed the genuine card holder

5
Account Transfer Authentication

• User-to-User payment
• Account holder is authenticated using an account
  identifier and a password
• Email address may be used as account identifier
• All communication is over SSL
• Payment procedure
• Payer log on the centralized account system
• Payer authorize payment transfer
• The payee are notified by email
• A email confirmation is sent to payer
• Payee log on the centralized account system to
  verify the payment

6
Account Transfer Authentication (continued)

• User-to-Merchant payment
• Customer shop inside merchants website
• Customer select payment system
• Merchants web server redirect the costumer to
  payment system with transaction details
• Customer log on payment system and authorize the
  payment
• Payment system redirect customer to merchants
  website and send payment indication to merchants
  server
• Merchant deliver goods or service

7
CyberCash

• http//www.cybercash.com
• Founded in 1994 to provide software and service
  solutions for secure financial transactions over
  the Internet
• Acquired by VeriSign in 2001
• CyberCash wallet
• A client software runs alongside browser
• Aims to make purchase as transparent as possible
  to the user by hiding the details of the payment
  steps and message
• CyberCash persona
• Unique CyberCash ID and pass phrase for every
  user (customer and merchant)
• Map the user's private/public key pair
• Unlock wallet
• Emergency close-out in case of fraud

8
CyberCash Model
From Donal OMahony, et al., "Electronic Payment
Systems"
9
Payment steps
Consumer
Merchant
CyberCash Server
Finish shopping
Order form
Credit-card data
Forward details
Authorize clear with bank
Issue receipt
Log transaction
10
Payment steps (continued)

• A CyberCash purchase
• Customer click on "Pay" in a browser
• Payment-Req (PR)
• From the merchant to the buyer to launch the
  CyberCash wallet
• Contains summary of the order signed by the
  merchant
• The signature is verified by CyberCash server
  later
• Credit card payment (CH1)
• From the buyer to the merchant
• Contains card data, a hash code of the order, and
  merchant's signature on the order
• encrypted by public key of CyberCash server
  (PKcs)
• Signed by the buyer

11
Payment steps (continued)

• Auth-Capture
• The merchant forward the encrypted data to
  CyberCash server
• The server verify
• Buyer's signature and card data
• Merchant's signature on the order details
• Charge-Action-Response
• After having authorized and captured the purchase
  in the bank network
• From the server to the merchant
• Contains unsigned receipts for the merchant and
  buyer
• Charge-Card-Response (CH2)
• The merchant forwards the unsigned receipt from
  the server to the buyer

12
Payment steps (continued)

• Binding credit cards
• A cardholder must register his/her credit card to
  CyberCash persona
• Message from customer to CyberCash server
• Kdes(card detail), PKcs(Kdes)
• Validation with issuer
• Message from CyberCash server to the customer
• Kdes(Success/Failure, card detail)
• CyberCash plan to update their payment protocol
  to be SET-compatible

13
Stored-Value Payment Systems

• What is it?
• Electronic Cash
• Hard-currency systems over an electronic medium
• Pros and cons
• Payment can be instantaneous and potentially
  anonymous
• Cost per transaction is smaller
• Support low-value transaction
• The proximity of payer and payee is not an issue
  for electronic payments
• Anonymous but traceable
• Provides privacy of purchases while discouraging
  illicit sales

14
Stored-Value Payment Systems (continued)

• High-security risks
• Anonymous payment is the favorite method of all
  criminals
• The key is to balance upholding individual
  privacy with discouraging illicit activities
• Counterfeit money is indistinguishable from
  e-cash minted by an authorized issuing bank
• If it is generate from compromised secret key
• High potential for undetected fraud
• Off-line stored-value payment system double
  spending

15
How E-cash works

• E-cash is typically stored in an electronic
  device
• hardware token
• Secure processor and nonvolatile memory
• Load the token with money
• Connect to bank bank terminal and withdraw from
  their own account
• Similar to taking cash out of an ATM
• Make payment using e-cash
• Offline transaction
• Buyer's hardware token interface with seller's
  device
• Buyer's device decrease while seller's device
  increase by the equivalent amount
• Online transaction
• Buyer's hardware token connect to seller's bank
  account
• Buyer's device decrease while seller's account
  increase by the equivalent amount

16
Securing E-Cash

• Main security concern
• Physical tampering of the device to add value
• Physically shield the device
• Protocol-based attack that mimics a paying device
• Replay attack
• To counter the replay attack secure
  authentication protocol by using a key
• Symmetric key Encryption
• Symmetric key shared by paying device and
  receiving device
• Bank issue a randomly generated master key to all
  of its hardware devices
• The symmetric key for the transaction is a
  function of each device's unique identifier and
  the master key

17
Securing E-Cash (continued)

• The receiving device can regenerate the symmetric
  key based on unique identifier and the master key
• Can trace and effectively blacklist compromised
  key
• To counter replay attack challenge (nonce)
  response system
• Public key Encryption
• Public key of receiving device for encryption
• Private key of paying device for signature
• To counter replay attack A challenge is signed
  by paying device

18
Representing E-Cash

• Register-based cash
• A value stored in a counter of a hardware device
• To counter physical attack
• Encode the data stored in memory
• Electronic coins
• Discrete values of cryptographic tokens
• Each of some denomination
• A unique serial number is assigned to each coin
  and signed by the issuing bank
• A different signature is used for each currency
  denomination
• Each coin can only be used one time
• Recipient can no longer spend the coin but can
  redeem it with the issuing bank for a new
  electronic coin

19
eCash?

• eCash (www.ecash.com)
• A stored-value cryptographic coin system for
  internet-based commerce
• eCash can withdraw from consumer's bank account,
  store in his computer, and transfer to another
  person
• Double spending
• Digital representation of money can be perfectly
  duplicated
• Counter double spending issuing bank
  authentication
• Verify the coins being used in a transaction has
  not already been spent before while protect
  payer's privacy
• Key technique Blind signature

20
Blind Signature

• Sample steps in purchase of eCash
• Customer generate a note number of the eCash,
  usually via a random number generator
• Consumer mint his/her own eCash
• Bank digitally signs on the note number, after
  getting money from customer, this create the
  eCash
• To protect consumer's privacy, the bank must be
  infeasible to know the note number
• Blind signature technique is used banks signs
  on something he doesnt know the detail !!!
• Customer got the eCash
• The value of coin is represented by the bank's
  digital signature

21
Using eCash

• Main problem how to prevent double spending
• The bank is involved in order to authenticate
  eCash
• Trilateral transactions
• Customer sends 'notes' to merchant, (i.e., M)
• Customer does not sign the 'notes'
• Merchant sends 'notes' to bank
• Bank verifies that the 'notes' is not used before
• A global database for spent eCash
• Bank issues new e-cash to merchant, or credit
  merchant's account
• Bank records customer's 'notes' is spent
• Disadvantages
• needs a global database of spent e-cash, hard to
  be cost-effective for micro-payment

22
Using eCash (continued)

• eCash provides the payer anonymity but not
  anonymity of receiving eCash
• Make purchasing illegal goods or services
  possible over the internet with impunity
• Cannot identify the purchaser
• Provides little incentive for selling illegal
  goods or services
• Purchaser knows the note number of the eCash
• Bank records the note number when the payee
  authenticates them
• The purchaser can indisputable "finger" a seller
  of illegal goods and merchandise on the internet
• The fingering also implicate the purchaser

23
Perfect Crime with eCash

• Bruce Schneier's description of a perfect crime
• An anonymous kidnapper takes a hostage
• The kidnapper then prepares a large number of
  blinded coins
• These are sent anonymously to the bank as a
  ransom demand
• The bank signs the coins due to the hostage
  situation
• The kidnapper demands that the signed blinded
  coins be published in a public place such as a
  newspaper or on television
• This will prevent the pick-up being traced.
  Nobody else can unblind the coins
• The kidnapper can safely take the blinded coins
  from the newspaper or television and save them on
  computer
• The coins are then unblinded and the kidnapper
  now has a fortune in anonymous eCash

24
Next Session Highlights

• Internet Security