Abstract
In recent years, with the rapid development of mobile Internet technology, and the increasing popularity of mobile payment, the security of mobile payment terminal is becoming more and more significant. Even if mobile payment has gained popularity worldwide due to its convenience, it is also facing many threats and security challenges. This paper is targeted at mobile payment security on Android platforms. In detail, we first introduce the current development of mobile payment application, and then we analyze two main threats of mobile payment security, namely near-field payment security and remote payment security. We also focus on phishing attacks on mobile platforms, by analyzing the behavior, characteristics, common techniques and attack methods of these attacks. Finally, we develop a defense strategy based on monitoring running applications, aimed at alerting users when malicious applications are leaking payment information, and we test the feasibility of this strategy on a dataset of Alipay application.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bott, J., Milkau, U.: A market for payments—payment choice in the 21st century digital economy. In: Górka, J. (ed.) Transforming Payment Systems in Europe (2016)
Murdoch, S.J., Anderson, R.: Security protocols and evidence: where many payment systems fail. In: Christin, N., Safavi-Naini, R. (eds.) International Financial Cryptography Association. FC 2014. LNCS, vol. 8437, pp. 21–32 (2014)
Purnomo, A.T., Gondokaryono, Y.S., Kim, C.-S.: Mutual authentication in securing mobile payment system using encrypted QR code based on public key infrastructure. In: 2016 IEEE 6th International Conference on System Engineering and Technology (ICSET), Bandung, Indonesia, 3–4 October 2016 (2016)
Faruki, P., Bharmal, A., Ganmoor, V., Gaur, M.S., Conyi, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutorials 17(2), 998–1022 (2015)
Zhang, Y., Wang, K., Yang, H., Fang, Z., Wang, Z., Cao, C.: Survey of Android OS security. J. Comput. Res. Dev. 51(7), 1385–1396 (2014)
Fernandes, E., Chen, Q.A., Paupore, J., Essl, G., Halderman, J.A., Mao, Z.M., Prakash, A.: Android: UI deception revisited: attacks and defenses. In: Grossklags, J., Preneel, B. (eds.) International Financial Cryptography Association 2017. FC 2016, LNCS, vol. 9603, pp. 41–59 (2017)
Acknowledgements
This paper is supported by Postgraduate Research and Practice Innovation Program of Jiangsu Province (KYCX17_0798), and NUPT STITP (No. XZD2017057).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Yin, S., Sheng, J., Wang, T., Xu, H. (2019). Analysis on Mobile Payment Security and Its Defense Strategy. In: Barolli, L., Xhafa, F., Javaid, N., Enokido, T. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing. IMIS 2018. Advances in Intelligent Systems and Computing, vol 773. Springer, Cham. https://doi.org/10.1007/978-3-319-93554-6_95
Download citation
DOI: https://doi.org/10.1007/978-3-319-93554-6_95
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93553-9
Online ISBN: 978-3-319-93554-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)