>
Pretense锛0/font>A New Threat to
Electronic Settlement Systems
INET98
Track3:
Commerce and Finance
S.Miwa
and Y.Shinoda
School
of Informational Science
JAIST
Contents
Introduction
Electronic
Settlement Systems Overview
A
new threat to ESS : 00retense00/i>
Improvements
to ESS to resist 00retense00/i>
Conclusion
Introduction
Practical
use in the near future
Various
Electronic Settlement Systems (ESS)
ESS
for Open-network systems like the Internet
But
existing ESS has drawbacks
Electronic
Settlement Systems
To
settle, an ESS must correctly communicate
information
about a payment
00ho00
00hom00and 00ow much00/font>
among
correct peers
a
payer, a payee and a settlement institution
using
2-way authentication technology to specify the correct peer
ESS
on open network systems
Exposed
to various threats
eavesdropping,
interpolation and impersonation
ESS
can prevent existing these threats with
2-way
authentication technology
cryptography
electronic
signature technology
But,
a new threat 00retense00/i> does
exist
Designation
of the payee
ESS
on open network systems are composed of
Designation,
Authentication and Communication
The Payer
The Payee
1)
Designates the Payee
2)
Authenticates mutually
3)
Communicates payment information
Can
Payer designate
the correct Payee?
Payer
cannot always specify who is the correct Payee
If
Payer already knows the correct Payee
Payer
never designates the wrong Payee
If
Payer doesn00 know the correct Payee
It
is difficult for that Payer to designate the correct Payee
Payer
Cannot always designate
the correct Payee
Malicious
entity alters the correct ID to its ID
The
correct ID
Payer
designates the correct Payee
The
ID is altered
Payer
then designates the wrong Payee
This
injustice is called 00retense00/i>
The
entity can receive the payment as a correct Payee
What
is 00mpersonation00
The Payer
1)
Designates the correct Payee
2)
Communicates payment information
The
Correct
Payee
The
Impersonated
Payee
200
Communicates payment information
Impersonation
What
is 00retense00/i>?
The Payer
1)
Designates the correct Payee
The
Correct
Payee
The
Pretended
Payee
200
Communicates payment information
100
Designates the pretended Payee
Pretense
Threat
arising from 00retense00/i>
The
correct Payee on existing ESS
Anyone
who was designated by Payer
Pretended
payee can be paid the right payment as the correct Payee
Existing
ESS are not immune to 00retense00/font>
Is
demand for a refund possible?
Key
factors for refund
Identifying
the pretended payee
The
legal basis of a refund
Is
establishing the 00retense00/i> as an imposture possible?
Identifying
the pretended payee
Payer
must identify 00hom00Payer paid
On
ESS which does not provide anonymity
Payer
may be able to identify Pretended Payee
Most
of ESS which provide anonymity
Payer
cannot identify Pretended Payee
Newer
ESS provides anonymity that is cancelable
Payer
can identify Pretended Payee
The
legal basis of a refund
If
00retense00/i> was to take place, is there any breach of contract?
The
legal basis of a refund is required
Generally,
it is breach of contract
Contract
of generic mail-order
The
Customer
The
Merchant
1)
Presentation of the goods
2)
Order
3)
Receipt of the goods
4)
Payment (Customer00 fulfillment)
5)
Delivery of the goods
(Merchant fulfillment)
Breach
of Contract
Non
fulfillment
Contract
of online-shopping
1)
Presentation of the goods
2)
Order
3)
Receipt of the goods
4)
Payment with ESS
The
Customer
The
Correct
Merchant
The
Pretended
Merchant
Pretense
400
Payment with ESS
No
Breach of Contract
Even
if Pretended Merchant
doesn00
deliver the ordered goods
Payer
cannot be refunded
under 00retense00/i>
Existing
ESS doesn00 manage Sales Contract
Even
if Payer concludes Sales Contract with Pretended Payee
Payer
cannot prove Link between Payment and Sales Contract
Payer
cannot prove breach of contract
Refund
cannot be demanded on breach of contract
00retense00/i>
as an imposture
Existing
ESS cannot prove that 00retense00was committed
can
prove only about the payment
00ho00
00hom00and 00ow much00/font>
can
do nothing against 00retense00/font>
But,
ESS must resist 00retense00/font>
ESS
to resist pretense
An
immediate and intuitive solution
Make
the information for designating Payee public
Communicate
over the secure communication route
2
improvements for ESS to resist pretense
Traceability
Contract
Function
Providing
Traceability
Some
of ESS doesn00 provide anonymity
Electronic
Check System
Secure
Credit Card Payment System
They
are already providing traceability
Newer
ESS has function to cancel anonymity
These
ESS provide traceability
With
this, Pretended payee can be identified
Providing
Contract Function
ESS
must manage the sales contract
Make
the legal basis of a refund clear
Add
a function that
Conclude
the sales contract
Manage
Link between
Sales
Contract
Payment
Conclusion
Existing
ESS cannot resist 00retense00/i>
By
examining both technical and legal aspect of 00retense00/font>
Have
proposed 2 improvements
Traceability
Contract
Function
ESS
can be made 00retense Resistant00/font>
NECS
extension
download Pretense:A New Threat to Electronic Settlement Systems
