Wallet Payments Recent Potential Threats and Vulnerabilities with its possible security Measures
DOI:
https://doi.org/10.26438/ijcse/v7i1.810817Keywords:
e-cash, mobile payment system, mobile walletAbstract
The volume of wallet payment transactions has considerably increased in the last decade. There are many wallets already has been developed and also new wallets coming in the market day by day for payment transactions in highly distributed environments. So far it has the focus on addressing only security issues. However, key important criteria of distributed processing such as performance, scalability, and availability. In this paper, we identify and analyze the different threats and vulnerabilities of a mobile cum web wallet application to obtain a high-level understanding of the various types of threats that may affect wallet applications with its possible security measures.
References
[1] Dahlberg, Tomi, Niina Mallat, and Anssi Öörni. "Trust enhanced technology acceptance model-consumer acceptance of mobile payment solutions: Tentative evidence." Stockholm Mobility Roundtable 22 (2003): 23.
[2] Hoofnagle, Chris Jay, Jennifer M. Urban, and Su Li. "Mobile payments: Consumer benefits & new privacy concerns." (2012).
[3] Kasiyanto, Safari. "Security Issues of New Innovative Payments and Their Regulatory Challenges." In Bitcoin and Mobile Payments, pp. 145-179. Palgrave Macmillan UK, 2016.
[4] Khiaonarong, Tanai. "Oversight issues in mobile payments.", IMF Working Paper (July 2014).
[5] Hohl, Fritz. "Time limited blackbox security: Protecting mobile agents from malicious hosts." Mobile agents and security (1998): 92-113.
[6] Simplot-Ryl, Isabelle, Issa Traoré, and Patricia Everaere. "Distributed architectures for electronic cash schemes: a survey 1." International Journal of Parallel, Emergent and Distributed Systems 24, no. 3 (2009): 243-271.
[7] Security of Mobile Payments and Digital Wallets, ENISA December 2016, https://www.enisa.europa.eu/publications/mobile-payments-security/at_download/fullReport
[8] Allen, Hellen, 2003, “Innovations in Retail Payments: E-Payments”, Bank of England Quarterly Bulletin, Winter, pp. 428-438.
[9] Diniz, Eduardo Henrique, João Porto de Albuquerque, and Adrian Kemmer Cernev. "Mobile Money and Payment: a literature review based on academic and practitioner-oriented publications (2001-2011)." (2011).
[10] Urban, Jennifer. 2016. “Mobile Payments: Consumer Benefits & New Privacy Concerns”. SocArXiv. July 18. osf.io/preprints/socarxiv/7pnxz.
[11] Papathanasiou, Christian, and Nicholas J. Percoco. "This is not the droid you`re looking for..." Def Con 18 (2010).
[12] Davis, Michael, Sean Bodmer, and Aaron LeMasters. Hacking Exposed Malware and Rootkits. McGraw-Hill, Inc., New York, NY, USA, 2009.
[13] The Great Bank Robbery: Carbanak APT https://business.kaspersky.com/the-great-bank-robbery-carbanak-apt/3598/
[14] FIDO Alliance, “Specifications Overview”, http://fidoalliance.org/specifications/overview/
[15] https://en.wikipedia.org/wiki/Mobile_payment
[16] European Central Bank, “Recommendations For The Security of Mobile Payments”, https://www.ecb.europa.eu/paym/cons/pdf/131120/ recommendationsforthesecurityofmobilepaymentsdraftpc201311en.pdf
[17] ENISA,” Mobile Identity Management”, https://www.enisa.europa.eu/publications/Mobile%20IDM
[18] Drop Labs, “Rampant: Explaining the Current State of Apple Pay Fraud”, http://www.droplabs.co/?p=1231
[19] Apple, “About EMV and Apple Pay for Merchants”, https://support.apple.com/en-us/HT205645
[20] ISACA, ”2015 Mobile Payment Security Study”, https://www.isaca.org/Pages/mobile-payment-security-study.aspx
[21] Mobile Payment in Your Business", https://www.intelligenthq.com/resources/the-3-biggest-benefits-of-implementing-mobile-payment-in-your-business/
[22] Salvador Mendoza, “Samsung Pay: Tokenized Numbers, Flaws and Issues”, https://www.blackhat.com/docs/us-16/materials/us-16-Mendoza-Samsung-Pay-Tokenized-Numbers-Flaws-And-Issues-wp.pdf
[23] Zvelo, “Google Wallet Security: PIN Exposure Vulnerability”, https://zvelo.com/google-wallet-security-pin-exposure-vulnerability/
[24] Wonder How To, “ Apple Watch Vulnerability Lets Thieves Use Apple Pay Without Your PIN”, http://ios.wonderhowto.com/how-to/apple-watch-vulnerability-lets-thieves-use-apple-pay-without-your-pin-0161940/
[25] http://viaforensics.com/mobile-security/forensics-security-analysis-google-wallet.html
[26] MIT Technology Review, “Is Google Wallet Safe ?”, https://www.technologyreview.com/s/426921/is-google-wallet-safe/
[27] Choi, Daeseon, and Younho Lee. "Eavesdropping One-Time Tokens Over Magnetic Secure Transmission in Samsung Pay." In WOOT. 2016.
[28] Trend Micro Discovers MalumPoS; Malware Targeting Hotels and other US Industries http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-malumpos-targets-hotels-and-other-us-industries/
[29] https://www.goodreturns.in/classroom/2016/11/types-mobile-wallets-their-difference-518655.html
[30] http://www.dqindia.com/top-6-mobile-wallets-in-india/2/
[31] http://www.iamwire.com/2016/11/list-of-mobile-wallets-upi-payment-apps-in-india/145172
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
