Matching in Proximity Authentication and Mobile Payment EcoSystem : What Are We Missing?

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)12_Chapter in an edited book (Author)

View graph of relations

Author(s)

Detail(s)

Original languageEnglish
Title of host publicationRadio Frequency Identification and IoT Security
Subtitle of host publication12th International Workshop, RFIDSec 2016
EditorsGerhard P. Hancke, Konstantinos Markantonakis
PublisherSpringer Verlag
Pages163-172
Volume10155 LNCS
ISBN (Print)9783319620237
StateE-pub ahead of print - 20 Jul 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10155 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Title12th International Workshop on Radio Frequency Identification and IoT Security, RFIDSec 2016
PlaceChina
CityHong Kong
Period30-2 December 2016

Abstract

During the past decade, cybersecurity threats have drawn everyone’s attention and it’s becoming a national priority in many leading countries. With the development of sophisticated mobile technology, mobile (contactless) payment insecurity, which may cause huge financial losses, is now becoming a serious threat to our daily life. During the holiday season in 2013, China’s most welcome mobile payment system provider - Alipay - lost over 20 GB worth of customer data in a security breach, which affected at least 15 million customers. Even though the company has promised to evaluate the security of the system and to take necessary measures to protect customer’s data, are we still safe with the payment? In this paper, we investigate several security vulnerabilities for Alipay wallet, which may cause individual’s personal data and financial losses. This is due to not only less regulation by authorities but also the failure of enabling secure proximity authentication during mobile payment. By going through these surprising vulnerabilities, we come up with some ideas on how to combat them and show how to enhance the mobile payment security by enabling proximity authentication before monetary transactions.

Research Area(s)

  • Alipay wallet, Mobile payment, QR code, Security

Citation Format(s)

Matching in Proximity Authentication and Mobile Payment EcoSystem : What Are We Missing? / Zhuang, Yunhui; Man Leung, Alvin Chung; Hughes, James.

Radio Frequency Identification and IoT Security: 12th International Workshop, RFIDSec 2016. ed. / Gerhard P. Hancke; Konstantinos Markantonakis. Vol. 10155 LNCS Springer Verlag, 2017. p. 163-172 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10155 LNCS).

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)12_Chapter in an edited book (Author)