Securing credit card transactions with one-time payment scheme

摘要

Traditional credit card payment is not secure against credit card frauds because an attacker can easily know a semi-secret credit card number that is repetitively used. Recently one-time transaction number has been proposed by some researchers and credit card companies to enhance the security in credit card payment. Following this idea, we present a practical security enhancement scheme for one-time credit card payment. In our scheme, a hash function is used in generation of one-time credit card numbers with a secret only known to the card holder and issuer. Compared with related work, our scheme places less burden on credit card issuers, and can be easily deployed in on-line or off-line payment scenarios. Analysis and simulation show that the time and space complexity is affordable to the card issuer with desired security features.