Journal ArticleOPEN ACCESS

Mobile session fixation attack in micropayment systems

IEEE Access (2019) 7 41576-41583
DOI: 10.1109/ACCESS.2019.2905219
11Citations
Citations of this article
19Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems' weaknesses to steal from users both personal data and money. This paper considers and analyzes some security risks associated with a particular form of micropayment, operator centric micropayment (OCM). A new technique of attack, aimed at an OCM system used by millions of users and named mobile session fixation, is described. By its use, a criminal can obtain the payer's phone number and even arrange the theft of some money. The paper proposes possible countermeasures and further hints for potential threats which might be the subject of analysis.

Author supplied keywords

Cite

CITATION STYLE

APA

Tommasi, F., Catalano, C., Fornaro, M., & Taurino, I. (2019). Mobile session fixation attack in micropayment systems. IEEE Access, 7, 41576–41583. https://doi.org/10.1109/ACCESS.2019.2905219

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free