An enhanced user authentication solution for mobile payment systems using wearables

Kok Seng Wong, Myung Ho Kim

Research output: Contribution to journalArticle

2 Citations (Scopus)

Abstract

As technology continues to evolve, banks and other enterprises are restructuring their businesses to provide services to customers anywhere and anytime. However, it is challenging to move from conventional payment systems toward digital wallets across a range of payment services. Mobile devices are easily lost or stolen, so the rapid adoption of mobile devices for payment systems requires protection against unauthorized access to private applications and data. When mobile devices communicate with merchant point-of-sale systems, there is a risk of data leakage because third party applications in point-of-sale systems might access private data stored on the device without the user's knowledge or permission. We thus propose the use of wearable devices to store partial private data for the user and to participate in the user authentication. In this paper, we design a practical user authentication solution for mobile payment systems, and the main idea is to split the user's private data, such as credit card and banking information, and then store them across two separate devices (e.g., a smartphone and a wearable device). Our solution can improve the security of existing mobile payment systems that utilize user biometrics as an authentication factor, such as Apple Pay and Samsung Pay.

Original languageEnglish
Pages (from-to)4639-4649
Number of pages11
JournalSecurity and Communication Networks
Volume9
Issue number17
DOIs
Publication statusPublished - Nov 25 2016

Fingerprint

Mobile devices
Authentication
Sales
Smartphones
Biometrics
Industry

Keywords

  • biometrics-based authentication
  • mobile devices
  • mobile payment systems
  • secret splitting
  • wearable devices

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications

Cite this

An enhanced user authentication solution for mobile payment systems using wearables. / Wong, Kok Seng; Kim, Myung Ho.

In: Security and Communication Networks, Vol. 9, No. 17, 25.11.2016, p. 4639-4649.

Research output: Contribution to journalArticle

@article{071736f813aa42479970f9ebe64e7823,
title = "An enhanced user authentication solution for mobile payment systems using wearables",
abstract = "As technology continues to evolve, banks and other enterprises are restructuring their businesses to provide services to customers anywhere and anytime. However, it is challenging to move from conventional payment systems toward digital wallets across a range of payment services. Mobile devices are easily lost or stolen, so the rapid adoption of mobile devices for payment systems requires protection against unauthorized access to private applications and data. When mobile devices communicate with merchant point-of-sale systems, there is a risk of data leakage because third party applications in point-of-sale systems might access private data stored on the device without the user's knowledge or permission. We thus propose the use of wearable devices to store partial private data for the user and to participate in the user authentication. In this paper, we design a practical user authentication solution for mobile payment systems, and the main idea is to split the user's private data, such as credit card and banking information, and then store them across two separate devices (e.g., a smartphone and a wearable device). Our solution can improve the security of existing mobile payment systems that utilize user biometrics as an authentication factor, such as Apple Pay and Samsung Pay.",
keywords = "biometrics-based authentication, mobile devices, mobile payment systems, secret splitting, wearable devices",
author = "Wong, {Kok Seng} and Kim, {Myung Ho}",
year = "2016",
month = "11",
day = "25",
doi = "10.1002/sec.1654",
language = "English",
volume = "9",
pages = "4639--4649",
journal = "Security and Communication Networks",
issn = "1939-0114",
publisher = "John Wiley and Sons Inc.",
number = "17",

}

TY - JOUR

T1 - An enhanced user authentication solution for mobile payment systems using wearables

AU - Wong, Kok Seng

AU - Kim, Myung Ho

PY - 2016/11/25

Y1 - 2016/11/25

N2 - As technology continues to evolve, banks and other enterprises are restructuring their businesses to provide services to customers anywhere and anytime. However, it is challenging to move from conventional payment systems toward digital wallets across a range of payment services. Mobile devices are easily lost or stolen, so the rapid adoption of mobile devices for payment systems requires protection against unauthorized access to private applications and data. When mobile devices communicate with merchant point-of-sale systems, there is a risk of data leakage because third party applications in point-of-sale systems might access private data stored on the device without the user's knowledge or permission. We thus propose the use of wearable devices to store partial private data for the user and to participate in the user authentication. In this paper, we design a practical user authentication solution for mobile payment systems, and the main idea is to split the user's private data, such as credit card and banking information, and then store them across two separate devices (e.g., a smartphone and a wearable device). Our solution can improve the security of existing mobile payment systems that utilize user biometrics as an authentication factor, such as Apple Pay and Samsung Pay.

AB - As technology continues to evolve, banks and other enterprises are restructuring their businesses to provide services to customers anywhere and anytime. However, it is challenging to move from conventional payment systems toward digital wallets across a range of payment services. Mobile devices are easily lost or stolen, so the rapid adoption of mobile devices for payment systems requires protection against unauthorized access to private applications and data. When mobile devices communicate with merchant point-of-sale systems, there is a risk of data leakage because third party applications in point-of-sale systems might access private data stored on the device without the user's knowledge or permission. We thus propose the use of wearable devices to store partial private data for the user and to participate in the user authentication. In this paper, we design a practical user authentication solution for mobile payment systems, and the main idea is to split the user's private data, such as credit card and banking information, and then store them across two separate devices (e.g., a smartphone and a wearable device). Our solution can improve the security of existing mobile payment systems that utilize user biometrics as an authentication factor, such as Apple Pay and Samsung Pay.

KW - biometrics-based authentication

KW - mobile devices

KW - mobile payment systems

KW - secret splitting

KW - wearable devices

UR - http://www.scopus.com/inward/record.url?scp=84995906541&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84995906541&partnerID=8YFLogxK

U2 - 10.1002/sec.1654

DO - 10.1002/sec.1654

M3 - Article

VL - 9

SP - 4639

EP - 4649

JO - Security and Communication Networks

JF - Security and Communication Networks

SN - 1939-0114

IS - 17

ER -