DOI QR코드

DOI QR Code

Comparative Analysis of ViSCa Platform-based Mobile Payment Service with other Cases

스마트카드 가상화(ViSCa) 플랫폼 기반 모바일 결제 서비스 제안 및 타 사례와의 비교분석

  • 이준엽 (경희대학교 대학원 경영학과) ;
  • 이경전 (경희대학교 경영대학)
  • Received : 2014.06.16
  • Accepted : 2014.06.23
  • Published : 2014.06.30

Abstract

Following research proposes "Virtualization of Smart Cards (ViSCa)" which is a security system that aims to provide a multi-device platform for the deployment of services that require a strong security protocol, both for the access & authentication and execution of its applications and focuses on analyzing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service by comparing with other similar cases. At the present day, the appearance of new ICT, the diffusion of new user devices (such as smartphones, tablet PC, and so on) and the growth of internet penetration rate are creating many world-shaking services yet in the most of these applications' private information has to be shared, which means that security breaches and illegal access to that information are real threats that have to be solved. Also mobile payment service is, one of the innovative services, has same issues which are real threats for users because mobile payment service sometimes requires user identification, an authentication procedure and confidential data sharing. Thus, an extra layer of security is needed in their communication and execution protocols. The Virtualization of Smart Cards (ViSCa), concept is a holistic approach and centralized management for a security system that pursues to provide a ubiquitous multi-device platform for the arrangement of mobile payment services that demand a powerful security protocol, both for the access & authentication and execution of its applications. In this sense, Virtualization of Smart Cards (ViSCa) offers full interoperability and full access from any user device without any loss of security. The concept prevents possible attacks by third parties, guaranteeing the confidentiality of personal data, bank accounts or private financial information. The Virtualization of Smart Cards (ViSCa) concept is split in two different phases: the execution of the user authentication protocol on the user device and the cloud architecture that executes the secure application. Thus, the secure service access is guaranteed at anytime, anywhere and through any device supporting previously required security mechanisms. The security level is improved by using virtualization technology in the cloud. This virtualization technology is used terminal virtualization to virtualize smart card hardware and thrive to manage virtualized smart cards as a whole, through mobile cloud technology in Virtualization of Smart Cards (ViSCa) platform-based mobile payment service. This entire process is referred to as Smart Card as a Service (SCaaS). Virtualization of Smart Cards (ViSCa) platform-based mobile payment service virtualizes smart card, which is used as payment mean, and loads it in to the mobile cloud. Authentication takes place through application and helps log on to mobile cloud and chooses one of virtualized smart card as a payment method. To decide the scope of the research, which is comparing Virtualization of Smart Cards (ViSCa) platform-based mobile payment service with other similar cases, we categorized the prior researches' mobile payment service groups into distinct feature and service type. Both groups store credit card's data in the mobile device and settle the payment process at the offline market. By the location where the electronic financial transaction information (data) is stored, the groups can be categorized into two main service types. First is "App Method" which loads the data in the server connected to the application. Second "Mobile Card Method" stores its data in the Integrated Circuit (IC) chip, which holds financial transaction data, which is inbuilt in the mobile device secure element (SE). Through prior researches on accept factors of mobile payment service and its market environment, we came up with six key factors of comparative analysis which are economic, generality, security, convenience(ease of use), applicability and efficiency. Within the chosen group, we compared and analyzed the selected cases and Virtualization of Smart Cards (ViSCa) platform-based mobile payment service.

Acknowledgement

Supported by : 산업통상자원부

References

  1. Kim, T. H., Y.-r. Kang, "Mobile Payment Trends and Discussion of Implication for Service Activation," Korea Association for Telecommunication Polices, Vol.22, No.18, (2010), 1-36.
  2. Kim, D. K., J. S. Park, and S. G. Lee, "Analysis on the Reception Intention of Mobile Payment Service Based on User's Type:Focused on Card-based Solution and Card less-based Solution," Proceedings of the The Korea Society of Management Information Systems, (2003), 553-559.
  3. Kim, T. H., Threat of Mobile Payment Security in Chaina, Boannews, 2014.05.01. Available at http://www.boannews.com/media/view.asp?idx=40843&kind=0
  4. Kim, H., J. H. Huh, and Anderson R. "On the Security of Internet Banking in South Korea," Dept. of Com-puter Science, Oxford Univ., 2010.
  5. Krueger, M., "The Future of M-payment: Business Options and Policy Issues," Electronic Payment Systems Observatory (ePSO), Background Paper No.2, (2001)
  6. Lee, K. J., M. H. Choi, and S. H. Kwon, "Current Status and Future of Mobile Payment Business Models," Korea Payment & Settlement Association, Vol.5, No.2, (2011), 63-83.
  7. Lee, S. H., H. Kim, and D. H. Lee, "Two-Factor Authentication Scheme based on Mobile Messenger with Improved Usability," Journal of Security Engineering, Vol.10, No.5, (2013), 549-566. https://doi.org/10.14257/jse.2013.10.5.02
  8. Min, C. H., and W. S. Ko, "The Empirical Research on Mobile Payment Commonplace Characteristics from the Recognition of Mobile Security Services," Korea Academic Society of e-Business, Vol.6, No.2, (2005), 43-53.
  9. Park, A.-r., and K. J. Lee, "Case study on Critical Success factor of noble payment service," Proceedings of the The Korea Society of Management Information Systems, (2013), 591-605.
  10. Seung, J. M., Y. T. Kim, Y. H. Jin, T. H. Kim, and J. H. Sa, "Investigation Report on Overseas Internet Banking Security Condition," Financial Security Association (FSA) Investigation Report, 2010.
  11. Dahlberg, T., N. Mallat, J. Ondrus and A. Zmijewska, "Past, present and future of mobile payments research: A literature review," Electronic Commerce Research and Applications, Vol.7, No.2, (2008), 165-181. https://doi.org/10.1016/j.elerap.2007.02.001
  12. Cearly, D., Top 10 Strategic Technology Trends for 2014, Gartner, 2013. Available at http://www.gartner.com/technology/research/top-10-technology-trends/?fnl=search&srcId=1-3478922254
  13. Choi, P. J., S. S. Park, and D. G. Kim, "Mobile Payment & Biometrics Convergence Technology Trends," Korea Institute of Information Security & Cryptology, Vol.22, No.4, (2012), 21-28.
  14. Dahlberg, T. and N. Mallat, "Mobile payment service development-managerial implications of consumer value perceptions," Proceeding of 10th European conference on Information Systems, (2002), 649-657.
  15. Finnin, H., "Second Major security flaw found in Google Wallet....Rooted or not No One is safe," The Smartphone Champ, (2012.02.09.) Available at http://thesmartphonechamp.com/second-majorsecurity-flaw-found-in-google-wallet-rooted-or-not-no-one-is-safe-video/
  16. Insight Report: Investors in Cards and Payments, Timetric, 2014. Available at http://marketreportsstore.com/insight-report-investors-in-cards-and-payments/
  17. Janessa, R., Gartner Says Worldwide Mobile Payment Transaction Value to Surpass $235 Billion in 2013, Gartner, 2013.06.04. Available at: http://www.gartner.com/newsroom/id/2504915
  18. Jang, S. H., J. H. Lee, G. Y. Seung, and J. M. Oh, M-Payment: All about Mobile Payments, Cloud Nine, 2014
  19. Jo, H. K., Security Threats around the Mobile Card, AsiaToday, 2014.05.12. Available at http://www.asiatoday.co.kr/view.php?key=20140512010003357
  20. Joo, J. H., "An Analysis of Success Factors Important to Electronic Payment Systems Considering the Electronic Commerce Environment over the Internet in Korea," Asia Pacific Journal of Information Systems, Vol.9, No.1, (1999), 77-98.
  21. Kang, H. C., "Financial 마이크로SD-based Mobile Payment Service," The Institute of Electronics and Information Engineers, Vol.40, No.8, (2013), 55-63.
  22. Kang, W. J., "Latest Authentication Technology Trends and Prospects," Financial Security Association (FSA) Investigation Report, 2011.
  23. Armbrust, M., A. Fox, R. Griffith, A. D. Joseph, R. Katz, A Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, M. Zaharia, "A view of cloud computing," Communications of The ACM, Vol.53, No.4, (2010).
  24. Bae, D. H., and C. J. Kim, "A Secure SMS Self-Authentication Method in Mobile Networks," Internet and Information Security, Vol.1, No.2, (2010), 24-41.