CREDIT CARD FRAUD PREVENTION SYSTEM USING E–ID

(KEY PAD) MATRIX & BIOMETRIC (FINGER PRINT)

Abstract

Several online shopping systems serve internet users all around the world and
enable people to get the products they need with a small effort. In Internet shopping most
used media are online credit card transaction systems. Several different methodologies
have been developed for credit card transactions. However, research has shown that most
of internet users do not fully trust credit card payment systems because of financial risks
such as loss of money. Various approaches have been performed in order to gain the
consumers’ trust in credit card transactions; but no foolproof solution has been found to
overcome the weaknesses in those systems. This paper proposes a new solution that
combines biometric ID card with online credit card transactions. Since the
implementation details such as the type and the matching algorithm of the biometrics data
might vary between countries because of the project requirements and laws, the proposed
system remains local for the each country that might adopt the solution. To elucidate the
proposed system and provide a concrete example, we used Turkish e-ID pilot system as
the identity verification module since it best fits the requirements of the framework.

1. System Study

1.1 Existing system

In the existing system there is no verification procedure for authenticate the
merchant as well as the buyer. By having any one’s credit card with his pin number any
one can perform the online shopping. Here there is no authentication for the buyer. Like
wise the buyer doesn’t know whether the merchant is a genuine person or not. Therefore
security and confidentiality are the major issues in the existing systems.
1.2 Proposed System
This System proposes a framework that combines Turkish e-ID system, which
provides a biometric ID card, and online credit card transactions and leaves the low-level
security issues to the e-ID system implementation. Using the capabilities of biometric ID
card, this framework proposes a safer shopping environment for both consumer and the
merchant, which sells products and service over the web. Since the e-ID system provides
a ready to use security and identification infrastructure, the banks and the merchants need
to spend less effort in integrating the framework then implementing security mechanisms
themselves. Though being a local solution because of the specific e-ID implementation,
the framework both provides identity verification for the consumers via multi factor
authentication and verifies the merchants’ institutional info to ensure a safe path of
payment from the consumers’ bank accounts to the merchants’ bank accounts.
Advantages of the proposed system
By combining more than one biometrics cards higher security is provided to the user as
well as merchant.
2. System Specification
2.1 Software specifications:

 Java, J2EE(JSP, Servlets)

 Embedded C

 Tomcat 6.0

 Windows 98 or more.

 MS-SQL Server

 Finger print STK 2007

2.2 Hardware specifications:

 Hard disk : 40 GB

 RAM : 128mb

 Processor : Pentium
  keypad

 Mobile phone with data cable

 Finger print

System design
System Architecture

Merchant’s website
Merchant is valid Buyer is a valid
person /invalid person/invalid

Client User pin + accno + Request to validate the Bankserver

Fingerprint client
Dataflow Diagram

Buyer browses the merchant’s

website and requests a order

Buyer has to enter his Credit

card PIN using keypad

Buyer has to input his finger

print using sensor

Merchant create a VIP and

sends the input details to Bank
server’s IVS

IVS validate the client’s Certificate

and sends the result to Bank server

Additionally the IVS validate the

merchant’s certificate also.

No
If both client and
merchant are
authenticated
persons

Yes

Bank server transfer the amount to the

merchant’s account and informs this to
the merchant as well as client

Proceeding further transactions

Stop the transaction

REFERENCES
[1] A. F. Salam, H. R. Rao and C. C. Pegels, Consumer-Perceived Risk in E-Commerce
Transactions, Communications of the ACM Vol. 46, No.12ve. Dec. 2003.

[2] S. M. Forsythe, B. Shi, Consumer patronage and risk perceptions in Internet

shopping, Auburn University, 308 Spidle Hall, Auburn, AL 36849, USA: Journal of
Business Research 56 (2003) 867– 875, 2003.

[3] S. Banerjee, S. Karforma, A Prototype Design for DRM based Credit Card
Transaction in E-Commerce, Department of Computer Science, University of Burdwan,
Golpbag, Burdwan: ACM Ubiquity, Vol. 9, Issue 18, 2008.

[4] L. O’Gorman, Comparing Passwords, Tokens, and Biometrics for User

Authentication, Avaya Labs, basking Ridge, NJ, USA: Proceedings of the IEEE, Vol. 91,
No. 12, Dec. 2003.

[5] A. Ross and A. K. Jain, Biometrics: When Identity Matters, West Virginia University,
Morgantown, WV 26506 USA, Michigan State University, East Lansing, MI 48824
USA: Springer-Verlag Berlin Heidelberg, 2004.

[6] Q. Xiao, Security Issues in Biometric Authentication, Workshop on Information

Assurance and Security. United States Military Academy, West Point, NY, USA:
Proceedings of the IEEE, 2005.

[7] Verified By Visa, A simple password protected identity checking service.

http://www.visaeurope.com/merchant/handlingvisapayments/cardnotp
resent/verifiedbyvisa.jsp

[8] MasterCard SecureCode, Credit Card Security: Safe & Secure Online Shopping.
http://www.mastercard.com/us/personal/en/cardholderservices/secure code/index.html

[9] JCB Global Site, E-Commerce Solution J/Secure. http://www.jcb-

global.com/english/solution/ec.html 03.12.2009

[10] An article by Miles Brignal, Verified by Visa scheme confuses thousands of internet
shoppers, Money news & features, The Guardian, 21 April 2007.
http://www.guardian.co.uk/money/2007/apr/21/creditcards.debt

[11] Turkish Electronic Card Distribution System. http://www.ekds.gov.tr 03.12.2009

[12] TUBITAK UEKAE, National Research Institute of Electronics and Cryptology.

http://www.uekae.tubitak.gov.tr/home.do?lang=en 03.12.2009