Acta academica karviniensia 2013, 13(4):146-152 | DOI: 10.25142/aak.2013.071

QR-CODE BASED NON-REPUDIATION TRANSACTION VERIFICATION SYSTEM

Jakub Nantl
Silesian University in Opava, School of Business Administration in Karvina, Univerzitní nám. 1934/3, 733 40 Karviná, Email: jakub.nantl@forever.cz

The state-of-the-art methods for securing e-commerce transactions resistant even to compromised client workstation are based on using independent security devices or separate communication channels. These systems either do not support non-repudiation and/or are expensive and thus suitable only for special cases, where such additional costs are justified. In this article a new cheaper transaction verification method, which supports non-repudiation, is described. A cell phone or tablet communicating with the client workstation using qr-codes is used as an independent security device. There are no additional costs for service providers except for initial SW implementation. The proposed method brings better transaction verification to the areas where the usage of current methods is uneconomical.

Keywords: bar-code, e-commerce, man in the browser, man in the middle, non-repudiation, qr-code, transaction verification
JEL classification: L86

Received: October 2, 2012; Accepted: September 11, 2013; Published: December 30, 2013  Show citation

ACS AIP APA ASA Harvard Chicago Chicago Notes IEEE ISO690 MLA NLM Turabian Vancouver
Nantl J. QR-CODE BASED NON-REPUDIATION TRANSACTION VERIFICATION SYSTEM. Acta academica karviniensia. 2013;13(4):146-152. doi: 10.25142/aak.2013.071.
Share...
Download citation
  • BibTeX (.bib)
  • Bookends (.ris)
  • EasyBib (.ris)
  • EndNote (.enw)
  • EndNote 8 (.xml)
  • ISI WoS (.isi)
  • Medlars (.medlars)
  • Mendeley (.ris)
  • MODS (.xml)
  • Papers (.ris)
  • RefWorks (.txt)
  • RefManager (.ris)
  • RIS (.ris)
  • MS Word (.xml)
  • Zotero (.ris)
    • Open full article

    References

    1. STARNBERGER, G., L. FROIHOFER and K. M. GOESCHKA, 2009. QR-TAN: Secure mobile transaction authentication. International Conference on Availability, Reliability and Security. ARES '09, 578-583 Go to original source...
    2. ZETTER, K, 2010. Google hack attack was ultra sophisticated, new details show.[Online] Wired Magazine. [cit. 19th September 2012]. Accessible from: http://www.wired.com/threatlevel/2010/01/operation-aurora
    3. LANGNER, R, 2011. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy 9 (3), 49-51. Go to original source...
    4. FARWELL, J. P. and R. ROHOZINSKI, 2011. Stuxnet and the Future of Cyber War, Survival, 53(1), 23-40. Go to original source...
    5. PEREZ, D. and J. PICO, 2011. A practical attack against GPRS/EDGE/UMTS/HSPA mobile data communications. [Online] Black Hat DC. [cit. 19th September 2012] Accessible from: https://media.blackhat.com/bh-dc-11/Perez-Pico/BlackHat_DC_2011_Perez-Pico_Mobile_Attacks-wp.pdf
    6. FIELDING, R., J. GETTYS, J. MOGUL, H. FRYSTYK, L. MASINTER, P. LEACH and T. BERNERS-LEE, 1999. RFC 2616: Hypertext Transfer Protocol-HTTP/1.1. IETF. [Online] [cit. 19th September 2012] Accessible from: http://www.ietf.org/rfc/rfc2616.txt Go to original source...
    7. RESCORLA, E, 2000. RFC 2818: HTTP Over TLS. IETF. [Online] [cit. 19 September 2012] Accessible from: http://www.ietf.org/rfc/rfc2818.txt
    8. DIERKS, T. and E. RESCORLA, 1999. RFC 2246 The Transport Layer Security (TLS) Protocol Version 1. IETF. [Online] [cit. 19th September 2012] Accessible from: http://www.ietf.org/rfc/rfc2246.txt

    Return to the content