Mobile Session Fixation Attack in Micropayment Systems

The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 7; pp. 41576 - 41583
Main Authors Tommasi, F., Catalano, C., Fornaro, M., Taurino, I.
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Computer crime
Computer security
Crime
Cybersecurity
micropayment attack
micropayment security
Micropayments
Mobile handsets
mobile payment systems
Mobile session fixation
Online banking
operator centric micropayments risks threats
Payment systems
Risk management
Security
Theft
Web servers
Online AccessGet full text

Cover

More Information
Summary:The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security risks associated with a particular form of micropayment, operator centric micropayment (OCM). A new technique of attack, aimed at an OCM system used by millions of users and named mobile session fixation , is described. By its use, a criminal can obtain the payer's phone number and even arrange the theft of some money. The paper proposes possible countermeasures and further hints for potential threats which might be the subject of analysis.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2019.2905219