SlideShare una empresa de Scribd logo

Iposterminals

B
bizsolution

iPhone Point of Sale terminals

1 de 5
Descargar para leer sin conexión
7/12/2009  IPOS TERMINALS VERSION 1 iPhone Point of Sale terminals | 
iPOS Version 1  The need for protecting the digital identities of consumers & businesses is in constant demand, especially  during an age of financial uncertainty. Building trust and confidence is high on the agenda of both  consumers and businesses, providing the cost of doing so isn’t at the expense of the consumer. Businesses  need to focus and role out value added services that are robust and cost effective. SMS not only offers the  possibility for businesses to maintain relationships with their current client base but also an opportunity to  target new ones, with a minimum cost factor. Users of SMS have become entrenched in the use of txt  messaging, due to cost and ubiquity of SMS enabled devices. Teenagers to 30 something year olds, will  ensure the longevity of the txt messaging life cycle.  SMS Origin was designed to meet this market gap. A txt message based payment service that allows  customers to pay, send, and receive money?  First we'll start with some definitions. In an iPOS transaction, there are three important participants and  devices.  The 'card holder' ·  the person who wants to buy some goods or transfer money  The 'card acceptor' ·  the merchant who wants to take payment for goods  The 'card issuer' ·  the company that issued the icard to the card holder (i.e. the cardholder's bank)  I.P.O.S. terminal (Iphone Point of Service) ·  The iPOS is a remote point of service terminal that is attached to an Apple  Iphone3G. The iPOS contains a slot for an icard to be inserted.  The process of  authenticating the icard and authorising the cardholder is achieved when a txt  message has been received from the card issuer. The txt message contains encoded  messages. These encoded txt messages are decoded by the rightful icard, and viewed  by the cardholder. The cardholder enters the decoded details into a reply txt message  which is sent to the card issuer for validation. If validation is approved, the  cardholder is able to complete a number of payment services to pay, send or receive  money.  Apple Iphone3G &3GS mobile phone ·  The advance txt messaging features of an Apple Iphone3G mobile phone is used as  the connecting device to the 3G network.  Icard credit debit card
·  An icard is a cash card that contains security features to protect the identities of the  cardholder and card issuer. These security features are unique to every icard issued.  The value of each icard depends on the purchase price of the goods’ or services  sought by the cardholder.  Identity theft is a term used to refer to fraud that involves someone pretending to be someone else in  order to steal money or get other benefits. The term is relatively new and is actually a misnomer, since it  is not inherently possible to steal an identity, only to use it. The person whose identity is used can suffer  various consequences when he is held responsible for the perpetrator's actions.  Standard validation systems often use multiple inputs of samples for sufficient validation, such as  particular characteristics of the sample. This intends to enhance security as multiple different samples are  required such as security tags and codes and sample dimensions. These icards could be used for  government agencies seeking high security access online or offline, or may act as a remote back­up in the  event traditional access to offline or online resources have been compromised. SMS Origin comprises of a  rolling code (or sometimes called a hopping code) used to prevent replay attacks, where an eavesdropper  records the transmission and replays it at a later time in an attempt to make false transactions.  Level 1 Security  Existing icard technology contains a unique 8 digit Card Identification Number (CIN) marked randomly  on the icard for determining sufficient funds held  within the cardholder’s bank account. This number is  used in the initial txt message represents the identity of the cardholder in numerical form only. The name  of  the  account  holder  is  never  represented  in  alpha  form  for  security  reasons.  This  amount  is  never  declared visibly in plain text form, for security reasons.  Level 2 Security  Existing icard technology contains a balance amount mechanism for indicating to the cardholder that  sufficient funds is held in their bank account before authorising payment of goods or services or  authorising money transfers.  Level 3 Security  Existing icard technology contains an anti­phishing mechanism, for establishing the authenticity of the  card issuer’s txt message, and, as a means for indicating intent for accepting the terms of use  Level 4 Security  Existing icard technology contains an authorisation mechanism or Random Reference PIN (RRP) for  establishing the authority of the cardholder and authority to complete payment for goods or services or for  making money transfers.  Level 5 Security  Future icards contains a courier tracking mechanism marked on the card, to instantly assist the courier in  determining the authenticity of the icard, before exchanging it for the goods or services purchased by the  cardholder. The courier tracking mechanism is revealed, only, to the courier at the point of exchange for  goods or services.
Level 6 Security  Future icards may contain Radio­frequency identification (RFID) which is an automatic identification  method, relying on storing and remotely retrieving data using devices called RFID tags or transponders.  The technology requires some extent of cooperation of an RFID reader and an RFID tag. The costs to  introduce RFID into the matrix of the icards will depend largely on the cost.  Level 7 Security  Future icards has a unique anti­counterfeiting mechanism. A 3 dimensional metric identifier or  fingerprints embed into the physical matrix of the actual card itself. This fingerprint acts as a watermark  which is used for analyses purposes by the card issuer to irrefutably resolve disputes arising from  counterfeit icards and issues of provenance.  Level 8 Security  Future icards may contain Geometric features used to identify the input sample when compared to a  digital template, used in cases to identify specific icards with certain characteristics.  Possession­based ·  using one specific "token" such as a security tag or a card  Knowledge­based ·  the use of a code or password.  This txt message is first, authenticated by inserting an icard into the slot of an iPOS to decode the  authenticity of a received txt message, and later redeem the icard in exchange for goods or services  received.  Parties Involved:  The cardholder and card acceptor/issuer.  1.  Cardholder browses goods and services from an online or offline brochure  2.  Cardholder selects goods or services or opts to make payments or transfer money.  §  Cardholder creates a new txt message using the Iphone3G and enters the  8  digit identification Number of the icard (CIN): eg 35­96­24­HL  §  Then enters the 6 digit product id  §  A reply txt message is sent to the recipients Iphone acknowledging sufficient  funds held in the cardholders account  §  The cardholder needs to respond with the correct RRP number by txt  message to authorise payment or transfer of money. This number is decoded  using the iPOS in conjunction with the icard. The cardholder sends the  decoded txt message that contains an unordered placement of their personal  pin which is incorporated into an random string of numeric. The string  amount of the random positions depends on the cardholder’s election to  submit short strings of data entry or forego the tedium of long data entries.
Typically the string minimum ranges from a 12 digit combined pin to 48.  The randomisation is necessary to avoid prying cryptanalysis. If the txt  message containing the RRP is correct, the cardholder receives an encrypted  PDF document, sent to the cardholder’s email containing a proof of purchase  receipt. An encoded matrix is placed within the PDF document which is  decoded by the icard. This data matrix is used to dispute unauthorised  transactions by the cardholder.  Offline/online shopping/money transfer;  First off, the merchant enters the 8digit Card Identification Number (CIN) of the icard into a txt message  followed by the amount charged to the cardholder’s account. The txt message is sent to the acquiring  bank’s short code over a 3G network.  The cardholders, icard is then inserted into the slot of an iPOS (aka a PINreader) connected to an Iphone  terminal to authenticate the response txt message. The reply txt message contains a cryptographic  credential to establish the validity of the acquiring bank’s identity. If the credential is 100% accurate the  acquiring bank is acknowledging sufficient funds held in the cardholders account, but requires the  cardholder to authorise payment by sending a reply txt message containing the correct Random Reference  PIN (RRP).  A geometric system can provide the following two functions: ·  Verification  Authenticates its users in conjunction with an icard, dynamic pin & ID number. The geometric  template captured is compared with that stored against the registered user either on a smart  card or database for verification.  ·  Identification  Authenticates its users from the geometric characteristic alone without the use of smart cards,  usernames or ID numbers. The biometric template is compared to all records within the  database and a closest match score is returned. The closest match within the allowed threshold  is deemed the individual and authenticated.  In an effort to make passports more secure, several countries have implemented RFID in passports.  However, the encryption on UK chips was broken in less than 48 hours. Since that incident, further efforts  have allowed researchers to clone passport data while the passport is being mailed to its owner. Where a  criminal used to need to secretly open and then reseal the envelope, now it can be done without detection,  adding some degree of insecurity to the passport system. This is a noticeable opportunity for the iPOS  system to take advantage of this market gap. However, the market will ultimately, in time, determine the  merits of the iPOS system and wither or not there is a place for e­governments to utilize the iPOS system.  Logistics & Transportation could be another major area for implementing the SMSOrigin technology. For  example, Yard Management, Shipping & Freight and Distribution Centers are some areas where secure  tracking technology is required. Transportation companies around the world may value security  technology due to its impact on the business value and efficiency.

Recomendados

Fraud in bank
Fraud in bankFraud in bank
Fraud in bankPawanKumarJha7
 
Protocol Payment in M-commerce Transaction
Protocol Payment in M-commerce TransactionProtocol Payment in M-commerce Transaction
Protocol Payment in M-commerce Transactioniosrjce
 
Payment Tokenization
Payment TokenizationPayment Tokenization
Payment TokenizationHamid Ghorbani
 
E Authentication System with QR Code and OTP
E Authentication System with QR Code and OTPE Authentication System with QR Code and OTP
E Authentication System with QR Code and OTPijtsrd
 
Mb2420032007
Mb2420032007Mb2420032007
Mb2420032007IJERA Editor
 
An ATM Multi-Protocol Emulation Network
An ATM Multi-Protocol Emulation NetworkAn ATM Multi-Protocol Emulation Network
An ATM Multi-Protocol Emulation Networkdbpublications
 
Gresham Publication
Gresham PublicationGresham Publication
Gresham PublicationGresham Jnr Muradzikwa
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual Cryptographyijtsrd
 

Recomendados

Fraud in bank
Fraud in bankFraud in bank
Fraud in bankPawanKumarJha7
 
Protocol Payment in M-commerce Transaction
Protocol Payment in M-commerce TransactionProtocol Payment in M-commerce Transaction
Protocol Payment in M-commerce Transactioniosrjce
 
Payment Tokenization
Payment TokenizationPayment Tokenization
Payment TokenizationHamid Ghorbani
 
E Authentication System with QR Code and OTP
E Authentication System with QR Code and OTPE Authentication System with QR Code and OTP
E Authentication System with QR Code and OTPijtsrd
 
Mb2420032007
Mb2420032007Mb2420032007
Mb2420032007IJERA Editor
 
An ATM Multi-Protocol Emulation Network
An ATM Multi-Protocol Emulation NetworkAn ATM Multi-Protocol Emulation Network
An ATM Multi-Protocol Emulation Networkdbpublications
 
Gresham Publication
Gresham PublicationGresham Publication
Gresham PublicationGresham Jnr Muradzikwa
 
Online Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual CryptographyOnline Payment System using Steganography and Visual Cryptography
Online Payment System using Steganography and Visual Cryptographyijtsrd
 
Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment ProtocolCSCJournals
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in IndiaBinod Sinha
 
Upi training
Upi trainingUpi training
Upi trainingSaurabh Madan
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital paymentsArshit Agarwal
 
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...spirecorporate
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Hai Nguyen
 
Introduction to emv
Introduction to emvIntroduction to emv
Introduction to emvAnil Chaurasiya
 
Credit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using BiometricsCredit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using BiometricsIOSR Journals
 
Hi tech banking
Hi tech bankingHi tech banking
Hi tech bankingsaid masoud
 
FinX Digital Wallet Platform
FinX Digital Wallet PlatformFinX Digital Wallet Platform
FinX Digital Wallet PlatformAnurag Rastogi
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling FraudMike Batton
 
emv-ebook
emv-ebookemv-ebook
emv-ebookRichard Dover
 
Banking technology
Banking technologyBanking technology
Banking technologyVinay Chaithanya
 
Smart Card EMV for Dummies
Smart Card EMV for DummiesSmart Card EMV for Dummies
Smart Card EMV for DummiesSilly Beez
 
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...Axel Nennker
 
Digital wallet
Digital walletDigital wallet
Digital walletSohil Gupta
 
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...CSCJournals
 
Emv Explained in few words
Emv Explained in few words Emv Explained in few words
Emv Explained in few words Banque Populaire Du Rwanda
 
Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india Mathew Chacko
 
Digital payments
Digital paymentsDigital payments
Digital paymentsVenkatesh Kumar Maale
 
Atos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRMAtos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRMEric Lévy-Bencheton
 
Tfs
TfsTfs
Tfsbizsolution
 

Más contenido relacionado

La actualidad más candente

Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment ProtocolCSCJournals
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in IndiaBinod Sinha
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital paymentsArshit Agarwal
 
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...spirecorporate
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Hai Nguyen
 
Credit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using BiometricsCredit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using BiometricsIOSR Journals
 
FinX Digital Wallet Platform
FinX Digital Wallet PlatformFinX Digital Wallet Platform
FinX Digital Wallet PlatformAnurag Rastogi
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling FraudMike Batton
 
Smart Card EMV for Dummies
Smart Card EMV for DummiesSmart Card EMV for Dummies
Smart Card EMV for DummiesSilly Beez
 
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...Axel Nennker
 
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...CSCJournals
 
Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india Mathew Chacko
 

La actualidad más candente (20)

Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment Protocol
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in India
 
Upi training
Upi trainingUpi training
Upi training
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital payments
 
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_Acceptance & A...
 
Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462Ijcsi 9-4-2-457-462
Ijcsi 9-4-2-457-462
 
Introduction to emv
Introduction to emvIntroduction to emv
Introduction to emv
 
Credit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using BiometricsCredit Card Duplication and Crime Prevention Using Biometrics
Credit Card Duplication and Crime Prevention Using Biometrics
 
Hi tech banking
Hi tech bankingHi tech banking
Hi tech banking
 
FinX Digital Wallet Platform
FinX Digital Wallet PlatformFinX Digital Wallet Platform
FinX Digital Wallet Platform
 
Throttling Fraud
Throttling FraudThrottling Fraud
Throttling Fraud
 
emv-ebook
emv-ebookemv-ebook
emv-ebook
 
Banking technology
Banking technologyBanking technology
Banking technology
 
Smart Card EMV for Dummies
Smart Card EMV for DummiesSmart Card EMV for Dummies
Smart Card EMV for Dummies
 
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
From plastic to secured bits. A mobile wallet for virtual cards on the mobil...
 
Digital wallet
Digital walletDigital wallet
Digital wallet
 
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
 
Emv Explained in few words
Emv Explained in few words Emv Explained in few words
Emv Explained in few words
 
Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india
 
Digital payments
Digital paymentsDigital payments
Digital payments
 

Destacado

Atos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRMAtos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRMEric Lévy-Bencheton
 
Propuesta Facebook
Propuesta FacebookPropuesta Facebook
Propuesta FacebookJorge Manzo
 
Publicité dans les jeux vidéo
Publicité dans les jeux vidéoPublicité dans les jeux vidéo
Publicité dans les jeux vidéoAntoine Brault
 
Animal crossing it
Animal crossing itAnimal crossing it
Animal crossing itOctoberWolf
 
Fotorelacja Z Ogolnopolskiego Tygodnia Czytania
Fotorelacja Z Ogolnopolskiego Tygodnia CzytaniaFotorelacja Z Ogolnopolskiego Tygodnia Czytania
Fotorelacja Z Ogolnopolskiego Tygodnia CzytaniaKsiążnica Beskidzka
 
Social crm - Conférence de publication
Social crm - Conférence de publicationSocial crm - Conférence de publication
Social crm - Conférence de publicationEric Lévy-Bencheton
 

Destacado (9)

Atos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRMAtos consulting - Publicis Consultant - White Paper Social CRM
Atos consulting - Publicis Consultant - White Paper Social CRM
 
Tfs
TfsTfs
Tfs
 
Propuesta Facebook
Propuesta FacebookPropuesta Facebook
Propuesta Facebook
 
Publicité dans les jeux vidéo
Publicité dans les jeux vidéoPublicité dans les jeux vidéo
Publicité dans les jeux vidéo
 
Animal crossing it
Animal crossing itAnimal crossing it
Animal crossing it
 
Life
LifeLife
Life
 
Fotorelacja Z Ogolnopolskiego Tygodnia Czytania
Fotorelacja Z Ogolnopolskiego Tygodnia CzytaniaFotorelacja Z Ogolnopolskiego Tygodnia Czytania
Fotorelacja Z Ogolnopolskiego Tygodnia Czytania
 
Java Platform
Java PlatformJava Platform
Java Platform
 
Social crm - Conférence de publication
Social crm - Conférence de publicationSocial crm - Conférence de publication
Social crm - Conférence de publication
 

Similar a Iposterminals

Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0Nugroho Gito
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment SystemRitesh Goyal
 
electronicpaymentsystem-12697023522629-phpapp01.pdf
electronicpaymentsystem-12697023522629-phpapp01.pdfelectronicpaymentsystem-12697023522629-phpapp01.pdf
electronicpaymentsystem-12697023522629-phpapp01.pdfUjwalReddyPB
 
Man in-the-middle-defence
Man in-the-middle-defenceMan in-the-middle-defence
Man in-the-middle-defenceHai Nguyen
 
51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.pptAjaySahre
 
51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.pptKumar290483
 
Ecommerce 27-1.pptx
Ecommerce 27-1.pptxEcommerce 27-1.pptx
Ecommerce 27-1.pptxAkash588342
 
PCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commercePCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commerceAmira Serag
 
Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...IRJET Journal
 
Payment gateway testing
Payment gateway testingPayment gateway testing
Payment gateway testingAtul Pant
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 
An Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On SigncryptionAn Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On Signcryptionijcisjournal
 
15 9247 nfc based digital innovation (edit ari)
15 9247 nfc based digital innovation (edit ari)15 9247 nfc based digital innovation (edit ari)
15 9247 nfc based digital innovation (edit ari)IAESIJEECS
 

Similar a Iposterminals (20)

Electronic payment by ahmad
Electronic payment by ahmadElectronic payment by ahmad
Electronic payment by ahmad
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0
 
Electronic Payment System
Electronic Payment SystemElectronic Payment System
Electronic Payment System
 
electronicpaymentsystem-12697023522629-phpapp01.pdf
electronicpaymentsystem-12697023522629-phpapp01.pdfelectronicpaymentsystem-12697023522629-phpapp01.pdf
electronicpaymentsystem-12697023522629-phpapp01.pdf
 
Man in-the-middle-defence
Man in-the-middle-defenceMan in-the-middle-defence
Man in-the-middle-defence
 
51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt
 
51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt51775454-SMART-CARDS.ppt
51775454-SMART-CARDS.ppt
 
Ecommerce 27-1.pptx
Ecommerce 27-1.pptxEcommerce 27-1.pptx
Ecommerce 27-1.pptx
 
PCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commercePCI,Smart Card,ATM and E-commerce
PCI,Smart Card,ATM and E-commerce
 
Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...
 
P0176598101
P0176598101P0176598101
P0176598101
 
Digital wallet
Digital walletDigital wallet
Digital wallet
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Payment gateway testing
Payment gateway testingPayment gateway testing
Payment gateway testing
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity Theft
 
Tellerpass -
Tellerpass - Tellerpass -
Tellerpass -
 
An Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On SigncryptionAn Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On Signcryption
 
15 9247 nfc based digital innovation (edit ari)
15 9247 nfc based digital innovation (edit ari)15 9247 nfc based digital innovation (edit ari)
15 9247 nfc based digital innovation (edit ari)
 
Micro Finance with Smart Card
Micro Finance with Smart CardMicro Finance with Smart Card
Micro Finance with Smart Card
 
Moneypad
MoneypadMoneypad
Moneypad
 

Iposterminals

  • 1. 7/12/2009  IPOS TERMINALS VERSION 1 iPhone Point of Sale terminals | 
  • 2. iPOS Version 1  The need for protecting the digital identities of consumers & businesses is in constant demand, especially  during an age of financial uncertainty. Building trust and confidence is high on the agenda of both  consumers and businesses, providing the cost of doing so isn’t at the expense of the consumer. Businesses  need to focus and role out value added services that are robust and cost effective. SMS not only offers the  possibility for businesses to maintain relationships with their current client base but also an opportunity to  target new ones, with a minimum cost factor. Users of SMS have become entrenched in the use of txt  messaging, due to cost and ubiquity of SMS enabled devices. Teenagers to 30 something year olds, will  ensure the longevity of the txt messaging life cycle.  SMS Origin was designed to meet this market gap. A txt message based payment service that allows  customers to pay, send, and receive money?  First we'll start with some definitions. In an iPOS transaction, there are three important participants and  devices.  The 'card holder' ·  the person who wants to buy some goods or transfer money  The 'card acceptor' ·  the merchant who wants to take payment for goods  The 'card issuer' ·  the company that issued the icard to the card holder (i.e. the cardholder's bank)  I.P.O.S. terminal (Iphone Point of Service) ·  The iPOS is a remote point of service terminal that is attached to an Apple  Iphone3G. The iPOS contains a slot for an icard to be inserted.  The process of  authenticating the icard and authorising the cardholder is achieved when a txt  message has been received from the card issuer. The txt message contains encoded  messages. These encoded txt messages are decoded by the rightful icard, and viewed  by the cardholder. The cardholder enters the decoded details into a reply txt message  which is sent to the card issuer for validation. If validation is approved, the  cardholder is able to complete a number of payment services to pay, send or receive  money.  Apple Iphone3G &3GS mobile phone ·  The advance txt messaging features of an Apple Iphone3G mobile phone is used as  the connecting device to the 3G network.  Icard credit debit card
  • 3. ·  An icard is a cash card that contains security features to protect the identities of the  cardholder and card issuer. These security features are unique to every icard issued.  The value of each icard depends on the purchase price of the goods’ or services  sought by the cardholder.  Identity theft is a term used to refer to fraud that involves someone pretending to be someone else in  order to steal money or get other benefits. The term is relatively new and is actually a misnomer, since it  is not inherently possible to steal an identity, only to use it. The person whose identity is used can suffer  various consequences when he is held responsible for the perpetrator's actions.  Standard validation systems often use multiple inputs of samples for sufficient validation, such as  particular characteristics of the sample. This intends to enhance security as multiple different samples are  required such as security tags and codes and sample dimensions. These icards could be used for  government agencies seeking high security access online or offline, or may act as a remote back­up in the  event traditional access to offline or online resources have been compromised. SMS Origin comprises of a  rolling code (or sometimes called a hopping code) used to prevent replay attacks, where an eavesdropper  records the transmission and replays it at a later time in an attempt to make false transactions.  Level 1 Security  Existing icard technology contains a unique 8 digit Card Identification Number (CIN) marked randomly  on the icard for determining sufficient funds held  within the cardholder’s bank account. This number is  used in the initial txt message represents the identity of the cardholder in numerical form only. The name  of  the  account  holder  is  never  represented  in  alpha  form  for  security  reasons.  This  amount  is  never  declared visibly in plain text form, for security reasons.  Level 2 Security  Existing icard technology contains a balance amount mechanism for indicating to the cardholder that  sufficient funds is held in their bank account before authorising payment of goods or services or  authorising money transfers.  Level 3 Security  Existing icard technology contains an anti­phishing mechanism, for establishing the authenticity of the  card issuer’s txt message, and, as a means for indicating intent for accepting the terms of use  Level 4 Security  Existing icard technology contains an authorisation mechanism or Random Reference PIN (RRP) for  establishing the authority of the cardholder and authority to complete payment for goods or services or for  making money transfers.  Level 5 Security  Future icards contains a courier tracking mechanism marked on the card, to instantly assist the courier in  determining the authenticity of the icard, before exchanging it for the goods or services purchased by the  cardholder. The courier tracking mechanism is revealed, only, to the courier at the point of exchange for  goods or services.
  • 4. Level 6 Security  Future icards may contain Radio­frequency identification (RFID) which is an automatic identification  method, relying on storing and remotely retrieving data using devices called RFID tags or transponders.  The technology requires some extent of cooperation of an RFID reader and an RFID tag. The costs to  introduce RFID into the matrix of the icards will depend largely on the cost.  Level 7 Security  Future icards has a unique anti­counterfeiting mechanism. A 3 dimensional metric identifier or  fingerprints embed into the physical matrix of the actual card itself. This fingerprint acts as a watermark  which is used for analyses purposes by the card issuer to irrefutably resolve disputes arising from  counterfeit icards and issues of provenance.  Level 8 Security  Future icards may contain Geometric features used to identify the input sample when compared to a  digital template, used in cases to identify specific icards with certain characteristics.  Possession­based ·  using one specific "token" such as a security tag or a card  Knowledge­based ·  the use of a code or password.  This txt message is first, authenticated by inserting an icard into the slot of an iPOS to decode the  authenticity of a received txt message, and later redeem the icard in exchange for goods or services  received.  Parties Involved:  The cardholder and card acceptor/issuer.  1.  Cardholder browses goods and services from an online or offline brochure  2.  Cardholder selects goods or services or opts to make payments or transfer money.  §  Cardholder creates a new txt message using the Iphone3G and enters the  8  digit identification Number of the icard (CIN): eg 35­96­24­HL  §  Then enters the 6 digit product id  §  A reply txt message is sent to the recipients Iphone acknowledging sufficient  funds held in the cardholders account  §  The cardholder needs to respond with the correct RRP number by txt  message to authorise payment or transfer of money. This number is decoded  using the iPOS in conjunction with the icard. The cardholder sends the  decoded txt message that contains an unordered placement of their personal  pin which is incorporated into an random string of numeric. The string  amount of the random positions depends on the cardholder’s election to  submit short strings of data entry or forego the tedium of long data entries.
  • 5. Typically the string minimum ranges from a 12 digit combined pin to 48.  The randomisation is necessary to avoid prying cryptanalysis. If the txt  message containing the RRP is correct, the cardholder receives an encrypted  PDF document, sent to the cardholder’s email containing a proof of purchase  receipt. An encoded matrix is placed within the PDF document which is  decoded by the icard. This data matrix is used to dispute unauthorised  transactions by the cardholder.  Offline/online shopping/money transfer;  First off, the merchant enters the 8digit Card Identification Number (CIN) of the icard into a txt message  followed by the amount charged to the cardholder’s account. The txt message is sent to the acquiring  bank’s short code over a 3G network.  The cardholders, icard is then inserted into the slot of an iPOS (aka a PINreader) connected to an Iphone  terminal to authenticate the response txt message. The reply txt message contains a cryptographic  credential to establish the validity of the acquiring bank’s identity. If the credential is 100% accurate the  acquiring bank is acknowledging sufficient funds held in the cardholders account, but requires the  cardholder to authorise payment by sending a reply txt message containing the correct Random Reference  PIN (RRP).  A geometric system can provide the following two functions: ·  Verification  Authenticates its users in conjunction with an icard, dynamic pin & ID number. The geometric  template captured is compared with that stored against the registered user either on a smart  card or database for verification.  ·  Identification  Authenticates its users from the geometric characteristic alone without the use of smart cards,  usernames or ID numbers. The biometric template is compared to all records within the  database and a closest match score is returned. The closest match within the allowed threshold  is deemed the individual and authenticated.  In an effort to make passports more secure, several countries have implemented RFID in passports.  However, the encryption on UK chips was broken in less than 48 hours. Since that incident, further efforts  have allowed researchers to clone passport data while the passport is being mailed to its owner. Where a  criminal used to need to secretly open and then reseal the envelope, now it can be done without detection,  adding some degree of insecurity to the passport system. This is a noticeable opportunity for the iPOS  system to take advantage of this market gap. However, the market will ultimately, in time, determine the  merits of the iPOS system and wither or not there is a place for e­governments to utilize the iPOS system.  Logistics & Transportation could be another major area for implementing the SMSOrigin technology. For  example, Yard Management, Shipping & Freight and Distribution Centers are some areas where secure  tracking technology is required. Transportation companies around the world may value security  technology due to its impact on the business value and efficiency.