Traditional Payment System Problems
The security problems of traditional payment systems are well known:
- Money can be counterfeited;
- Signatures can be forged;
- Checks can bounce.
Electronic Payment System Problems
Electronic payment systems have the same problems as traditional systems, and more:
- Digital documents can be copied perfectly and arbitrarily often;
- Digital signatures can be produced by anybody who knows the private key;
- A payer's identity can be associated with every payment transaction.
Obviously, without additional security measures, widespread e-commerce is not viable. A properly designed electronic payment system can, however, provide better security than traditional payment systems, in addition to flexibility of use.
Adversaries in Electronic Payment Systems
Generally, in an electronic payment system, three types of adversaries can be encountered :
Outsiders eavesdropping on the communication line and misusing the collected data (e.g., credit card numbers);
Active attackers sending forged messages to authorized payment sys- tem participants in order either to prevent the system from func- tioning or to steal the assets exchanged (e.g., goods, money);
Dishonest payment system participants trying to obtain and misuse payment transaction data that they are not authorized to see or use.
Basic Security Requirements for Electronic Payment Systems
The basic security requirements for electronic payment systems can be summarized as:
- Payment authentication;
- Payment integrity;
- Payment authorization;
- Payment confidentiality.
Payment authentication implies that both payers and payees must prove their payment identities, which are not necessarily identical to their true identities. If no anonymity is required, an authentication mechanism may be used to satisfy this requirement. Authentication does not necessarily imply that a payer's identity is revealed. If anonymity is required, some special authentication mechanisms are needed.
Payment integrity requires that payment transaction data cannot be modifiable by unauthorized principals. Payment transaction data includes the payer's identity, the payee's identity, the content of the purchase, the amount, and possibly other information. For this purpose an integrity mechanism from the area of information security may be employed.
Payment authorization ensures that no money can be taken from a customer's account or smart card without his explicit permission. It also means that the explicitly allowed amount can be withdrawn by the authorized principal only. This requirement is related to access control.
Payment confidentiality covers confidentiality of one or more pieces of payment transaction data. In the simplest case it can be achieved by using one of the communication confidentiality mechanisms. In some cases, how- ever, it is required that different pieces of the transaction data be kept secret from different payment system participants. Such requirements can be satisfied by certain specially tailored payment security mechanisms.
Published on Thu 02 December 2004 by Dan Little in Security with tag(s): payment