Paper Info
Title
Mobile Payment Fraud: A Practical View on the Technical Architecture and Starting Points for Forensic Analysis of New Attack Scenarios
Abstract
As payment cards and mobile devices are equipped with Near Field Communication (NFC) technology, electronic payment transactions at physical Point of Sale (POS) environments are changing. Payment transactions do not require the customerto insert their card into a slot of the payment terminal. The customer is able to simply swipe the payment card or mobilephone in front of a dedicated zone of the terminal to initiate a payment transaction. Secure Elements (SEs) in mobile phonesand payment cards with NFC should keep sensitive application data in a save place to protect it from abuse by attackers.Although hardware and the operating system of such a chip has to go through an intensive process of security testing, thecurrent integration of such a chip in mobile phones easily allows attackers to access the information stored. In the followingpaper we present the implementation of two different proof-of-concept attacks. Out of the analysis of the attack scenarios, wepropose various starting points for the forensic analysis in order to detect such fraudulent transactions. The presented conceptshould lead to fewer fraudulent transactions as well as protected evidence in case of fraud.
Year
DOI
Venue
2015
10.1109/IMF.2015.14
2015 Ninth International Conference on IT Security Incident Management & IT Forensics
Keywords
Field
DocType
Payment Fraud,NFC Transaction,EMV Payment,Mobile Payment
Near field communication,Payment processor,Mobile payment,Computer security,Point of sale,Payment card,Payment terminal,Payment service provider,Payment,Business
Conference
ISSN
ISBN
Citations 
2158-1339
978-1-4799-9902-6
0
PageRank 
References 
Authors
0.34
6
6
Name
Order
Citations
PageRank
Christof Kier100.34
Gerald Madlmayr2989.59
Alexander Nawratil300.34
Michael Schafferer400.34
Christian Schanes5295.15
Thomas Grechenig644964.07