Mobile Session Fixation Attack in Micropayment Systems

Mobile Session Fixation Attack in Micropayment Systems

The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security...

Full description

Bibliographic Details
Main Authors: F. Tommasi, C. Catalano, M. Fornaro, I. Taurino
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Mobile session fixation
micropayment attack
micropayment security
mobile payment systems
operator centric micropayments risks threats
Online Access:https://ieeexplore.ieee.org/document/8673952/
id doaj-1db12caa1498419aba5958d2bdf61d42
record_format Article
spelling doaj-1db12caa1498419aba5958d2bdf61d422021-04-05T17:01:41ZengIEEEIEEE Access2169-35362019-01-017415764158310.1109/ACCESS.2019.29052198673952Mobile Session Fixation Attack in Micropayment SystemsF. Tommasi0https://orcid.org/0000-0003-2419-7381C. Catalano1M. Fornaro2I. Taurino3Department of Innovation Engineering, University of Salento, Lecce, ItalyDepartment of Innovation Engineering, University of Salento, Lecce, ItalyDepartment of Innovation Engineering, University of Salento, Lecce, ItalyDepartment of Innovation Engineering, University of Salento, Lecce, ItalyThe rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security risks associated with a particular form of micropayment, operator centric micropayment (OCM). A new technique of attack, aimed at an OCM system used by millions of users and named mobile session fixation, is described. By its use, a criminal can obtain the payer's phone number and even arrange the theft of some money. The paper proposes possible countermeasures and further hints for potential threats which might be the subject of analysis.https://ieeexplore.ieee.org/document/8673952/Mobile session fixationmicropayment attackmicropayment securitymobile payment systemsoperator centric micropayments risks threats
collection DOAJ
language English
format Article
sources DOAJ
author F. Tommasi
C. Catalano
M. Fornaro
I. Taurino
spellingShingle F. Tommasi
C. Catalano
M. Fornaro
I. Taurino
Mobile Session Fixation Attack in Micropayment Systems
IEEE Access
Mobile session fixation
micropayment attack
micropayment security
mobile payment systems
operator centric micropayments risks threats
author_facet F. Tommasi
C. Catalano
M. Fornaro
I. Taurino
author_sort F. Tommasi
title Mobile Session Fixation Attack in Micropayment Systems
title_short Mobile Session Fixation Attack in Micropayment Systems
title_full Mobile Session Fixation Attack in Micropayment Systems
title_fullStr Mobile Session Fixation Attack in Micropayment Systems
title_full_unstemmed Mobile Session Fixation Attack in Micropayment Systems
title_sort mobile session fixation attack in micropayment systems
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2019-01-01
description The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security risks associated with a particular form of micropayment, operator centric micropayment (OCM). A new technique of attack, aimed at an OCM system used by millions of users and named mobile session fixation, is described. By its use, a criminal can obtain the payer's phone number and even arrange the theft of some money. The paper proposes possible countermeasures and further hints for potential threats which might be the subject of analysis.
topic Mobile session fixation
micropayment attack
micropayment security
mobile payment systems
operator centric micropayments risks threats
url https://ieeexplore.ieee.org/document/8673952/
work_keys_str_mv AT ftommasi mobilesessionfixationattackinmicropaymentsystems
AT ccatalano mobilesessionfixationattackinmicropaymentsystems
AT mfornaro mobilesessionfixationattackinmicropaymentsystems
AT itaurino mobilesessionfixationattackinmicropaymentsystems
_version_ 1721540448041828352

Similar Items