BioPay: Your fingerprint is your credit card

Abstract

In recent years, credit and debit cards have become a very convenient method of payment. The growing use of card payments, hereafter referred to as credit cards, is evident in the daily use with many applications, such as withdrawing money from an Automated Teller Machine (ATM) and making payments in a store. Online payment has been very common these days, where the transaction is made across a great distance, allowing for online shopping. This has increased chance of credit cards experiencing a risk of cybersecurity attacks, particularly if the transaction amount is big enough. Another problem that arises is the potential fraud should a thief try to impersonate the credit card owner's identity. To overcome these obstacles, we propose a BioPay scheme that uses the fingerprint biotoken to replace the current plastic credit card. The BioPay scheme uses the biometric data (fingerprint), revocable fingerprint biotokens (Biotope), and Bipartite token to provide high authentication, non-repudiation, security and privacy for all payment transactions including money withdrawal from an ATM. The BioPay scheme collects biometric data (i.e. fingerprint) from users and embeds fourdigit authentication numbers inside the encoding biometric data (i.e. fingerprint), finally distributing them over clouds. In the payment/withdrawal process, a user provides his/her fingerprint to complete the transaction. BioPay scheme insures that the transaction process performs on an encrypted form to provide security and privacy for the customer's bank information. Our experiment shows that BioPay has comparable accuracy and significant performance gain for performing the transaction process.