When a customer makes a purchase with a credit card, but is not physically present at the transaction processing point (for instance, when a purchase is made online or by telephone), the retailer has no way of knowing if that customer is the rightful owner of card, or a criminal using stolen credentials. Such transactions also expose the customer to the danger of the card details being stolen and misused by a sales agent or someone else involved with the transaction.
These were the problems Albert Attard set out to address in his MSc thesis at Royal Holloway University of London (RHUL), under the supervision of lecturer Adrian Leung.
Read the article
Download the article by Albert Attard and Adrian Leung on a novel contactless payment system(.pdf).
Read the full thesis (.pdf).
In an article (.pdf), published here on SearchSecurity.co.UK, Attard traces the history of electronic payments and shows how they have developed over the years to reflect new buying habits. He then proposes a new payment scheme that makes use of near-field communication and contactless cards. The contactless payment system, as Attard describes it, would replace point-of-sale terminals with two applications, one running on a mobile device and the other running on an application server. It is, Attard writes, akin to having a portable PoS terminal in the customer’s pocket, which can be used anytime and anywhere.
This feature is one of six SearchSecurity.co.UK is publishing this year in collaboration with RHUL.