Multi-Layer Defense Model for Securing Online Financial Transactions

Joseph Gualdoni, Andrew Kurtz, Ilva Myzyri, Megan Wheeler, Syed Rizvi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Scopus citations

Abstract

Purchasing items on the Internet with credit cards is risky-due to the ease of gaining the information without having the physical card. The ease of phishing, spoofing, or other ways perpetrators can obtain a consumer's credit card information. The threat of identity theft is growing as we rely more and more on the Internet to make purchases. To mitigate risk, we present a new Multi-Layer Defense (MLD) model. Our proposed MLD model combines the strong two-factor authentication capabilities with a unique random code that is only valid for an active session. Essentially, two-factor authentication is an extra layer of security used in addition to username and password to better confirm the user's identity. This code serves as a private key to authenticate such online transactions. The code can be utilized to identify users and establish secure ways of purchasing items. The proposed MLD model uses devices to log into card accounts via an application to view a generated code. The generated code is inputted on an online retailer's website to authorize the use of the credit card. This minimizes the possibility of an illegitimate user gaining access to another individual's credit card. Without a valid code, impostors cannot use the stolen card information to make purchases that could harm the account holder. To show the practicality of our scheme, we provide one case study between a Consumer A and Consumer B that explains the difference in outcome by using the proposed MLD model.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 International Conference on Software Security and Assurance, ICSSA 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages75-79
Number of pages5
ISBN (Electronic)9781538648087
DOIs
StatePublished - Jun 21 2018
Event3rd International Conference on Software Security and Assurance, ICSSA 2017 - Altoona, United States
Duration: Jul 24 2017Jul 25 2017

Publication series

NameProceedings - 2017 International Conference on Software Security and Assurance, ICSSA 2017

Other

Other3rd International Conference on Software Security and Assurance, ICSSA 2017
Country/TerritoryUnited States
CityAltoona
Period7/24/177/25/17

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Multi-Layer Defense Model for Securing Online Financial Transactions'. Together they form a unique fingerprint.

Cite this