Date of Award

Summer 8-2021

Document Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Cyberspace Engineering

First Advisor

Manlci Min

Abstract

Credit card fraud is one of the most critical threats affecting individuals and companies worldwide, particularly with the growing number of financial transactions involving credit cards every day. The most common threats are likely to come from database breaches and identity theft. All these threats threat put the security of financial transactions at severe risk and require a fundamental solution.

This dissertation aims to suggest a secure online payment system that significantly improves credit card security. Our system can be particularly resilient to potential cyber-attacks, unauthorized users, man-in-the-middle, and guessing attacks for credit card number generation or illegal financial activities by utilizing a secure communication channel between the cardholder and server. Our system uses a shared secret and a verification token that allow both sides to communicate through encrypted information. Furthermore, our system is designed to generate a one-time credit card number at the user’s machine that is verified by the server without sharing the credit card number over the network. Our approach combines the machine learning (ML) algorithms with unique temporary credit card numbers in one integrated system, which is the first approach in the online credit card protection system. The new security system generates a one-time-use credit card number for each transaction with a predetermined amount of money. Simultaneously, the system can detect potential fraud utilizing ML algorithm with new critical features such as the IMEI or I.P. address, the transaction’s location, and other features.

The contribution of this research is two-fold: (1) a method is proposed to generate a unique, authenticatable one-time credit card number to effectively defend against the database breaches, and (2) a credit card fraud prevention system is proposed with multiple security layers that are achieved by the integration of authentication, ML-based fraud detection, and the one-time credit card number generation.

The dissertation improves consumers’ trust and confidence in the credit card system’s security and enhances satisfaction with credit cards’ various financial transactions. Further, the system uses the current online credit card infrastructure; hence it can be implemented without tangible infrastructure cost.

Share

COinS