A NEW FRAMEWORK FOR CREDIT CARD TRANSACTIONS

INVOLVING MUTUAL AUTHENTICATION BETWEEN

CARDHOLDER AND MERCHANT

OBJECTIVE:

The main role of this system is to avoid the credit card frauds, and

provide the more security for online transaction.

PROBLEM DIFINITION:

The main problem statement of our existing system is security. The

security level is relatively very low. Another problem found in our existing

system is fraud detection. That is detection and avidness’ of hackers is

comprehensible.

ABSTRACT:

Credit cards are widely used in onsite payment and online payment

system. In the onsite payment system, the user physically present in the

merchant shop and pay the bill for shopping things using credit card. In the

online payment system, the users communicate to merchant through the online

for e-shopping.

In those transaction, there are three types of credit card frauds are

available, such as Card Related Frauds, Merchants Related frauds and Internet

Based Frauds.Card related frauds include frauds such as use ofstolen cards,

counterfeit cards, shoulder surfing, account takeover etc. Merchant related

frauds include merchant collusion where a person at merchant’s side steals

credit card information of their customers. But the most severe of all the frauds

are Internet related frauds which are made during online transactions such as

site-cloning, creating false merchant sites, snooping, man-in-the-middle attack,

and denial-of-service.In this system using five types of security features for

avoiding those frauds, there are Authentication, Confidentiality, Data Integrity,

Biometric and Non-Reputation.

EXISTING SYSTEM:

In Existing system, contain only two types of authentication services.

Such as, address verification and Card Verification. It is not enough to detect

the credit card frauds.

DISADVANTAGES:

Less Security

System security is not enough to fraud detection

Address verification and card verification had insecure

PROPOSED SYSTEM:

In proposed system contain the following five security features for detect

the credit card frauds. Such as,

Authentication

Confidentiality

Data Integrity

Non-reputation

Bio-Metric

In Authentication, customer and merchant should be authenticated against

each other before the transaction takes place. In Confidentiality, sensitive data

such as credit card number and customer’s Personal Identification Number

should be inaccessible to any unauthorized user. In Data Integrity, data

transferred during the transaction should be tamper-proof. In Non-repudiation,

Denial-of-Service from any entity during the transaction should not take place.

Taking into account all security considerations, we propose a new framework

for credit card transactions based on mutual authentication and trust building

between a customer and a merchant for online transactions by integrating one-

time-password and digital signature technique using public key infrastructure

system. In Biometric, we use fingerprint verification for more secure credit card

transaction.

ADVANTAGES:

To avoid the credit card frauds.

To transfer the credit card details in secure path way.

High security performance.

Got a onetime password from gateway services for secure

communication to merchant.

Using Biometric Identity Card for Biometric authentication.

ALGORITHM USED:

1. PCA (Principle Component Analysis)

2. Triple DES (Data Encryption Standard)

ARCHITECTURE DIAGRAM:

SYSTEM REQUIREMENTS:

Hardware Requirements:

Intel Pentium IV

256/512 MB RAM

1 GB Free disk space or greater

1 GB on Boot Drive

17” XVGA display monitor

USER

MERCHANTS

Gateway

Service

Verification

System

Bank

VerificationTo

User for

Transaction

Software Requirements:

MS Windows XP/2000

MS IE Browser 6.0/later

MS .Net Framework 4.0

MS Visual Studio.Net 2005

Internet Information Server (IIS)

MS SQL Server 2005

Windows Installer 3.1

APPLICATIONS:

1. Bank

2. Online Purchasing

3. Onsite Payment