The power of credit card numbers and long CVVs

Valentim Oliveira*, Tito Silva

*Autor correspondente para este trabalho

    Resultado de pesquisarevisão de pares

    Resumo

    Many protocols have been proposed to guarantee the security of payments on the internet, however their adoption has failed. Meanwhile the credit card number together with the expiry date and the CVV2 has been widely adopted.In recent years cybercriminals have been able to break into systems and intercept communications harvesting hundreds of millions of records of card data or payment transactions. This study proposes a complementary approach that withdraws value out of payment transaction data so that in the case of compromise the criminals will have limited success in executing fraudulent transactions. The proposed technique makes use of a Long CVV (LCVV) to substitute the CVV2. In each transaction only parts of the LCVV will be used thus not revealing the entirety of the secret in possession of the cardholder. Implementation of the proposed scheme is of very low impact, user friendly and has a very high degree of effectiveness against most relevant attacks.
    Idioma originalEnglish
    Título da publicação do anfitriãoProceedings - 2011 5th International Conference on Network and System Security, NSS 2011
    Páginas290-294
    Número de páginas5
    DOIs
    Estado da publicaçãoPublicado - 2011
    Evento2011 5th International Conference on Network and System Security, NSS 2011 - Milan
    Duração: 6 set. 20118 set. 2011

    Série de publicação

    NomeProceedings - 2011 5th International Conference on Network and System Security, NSS 2011

    Conferência

    Conferência2011 5th International Conference on Network and System Security, NSS 2011
    País/TerritórioItaly
    CidadeMilan
    Período6/09/118/09/11

    Impressão digital

    Mergulhe nos tópicos de investigação de “The power of credit card numbers and long CVVs“. Em conjunto formam uma impressão digital única.

    Citação