The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Dynamic Virtual Credit Card Numbers

Download

Download PDF Document
PDF

Author

Ian Molloy, Jiangtao Li, and Ninghui Li

Tech report number

CERIAS TR 2007-46

Entry type

inproceedings

Abstract

Theft of stored credit card information is an increasing threat to e-commerce. We propose a dynamic virtual credit card number scheme that reduces the damage caused by stolen credit card numbers. A user can use an existing credit card account to generate multiple virtual credit card numbers that are either usable for a single transaction or are tied with a particular merchant. We call the scheme dynamic because the virtual credit card numbers can be generated without online contact with the credit card issuers. These numbers can be processed without changing any of the infrastructure currently in place; the only changes will be at the end points, namely, the card users and the card issuers. We analyze the security requirements for dynamic virtual credit card numbers, discuss the design space, propose a scheme using HMAC, and prove its security under the assumption that HMAC is a PRF.

Download

PDF

Date

2007

URL

http://homes.cerias.purdue.edu/~jtli/paper/fc07.pdf

Key alpha

Molloy

Note

In Proceeding of 11th Financial Cryptography and Data Security Conference (FC), Lowlands, Scarborough, Trinidad and Tobago, February

Publication Date

2007-01-01

Contents

1. Introduction 2. Related Work 3. Problem Description 4. Our Proposed Scheme 5. Security 6. Closing Remarks

Keywords

e-commerce, credit card theft

Language

English

Subject

Credit Card Fraud Prevention

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.