Use this URL to cite or link to this record in EThOS:
Title: Enhancing the security of centralised and distributed payments
Author: Jayasinghe, Danushka
ISNI:       0000 0004 8499 999X
Awarding Body: Royal Holloway, University of London
Current Institution: Royal Holloway, University of London
Date of Award: 2017
Availability of Full Text:
Access from EThOS:
Access from Institution:
In the last few decades, the way humans engage in payment transactions and the tools they use to transact with each other have evolved dramatically. Advancement in cryptography, information security, computer networking, distributed computing, etc. provides the required tools for modern day payment solution providers to design payment technologies that can be used to carry out convenient payment transactions. Yet, the financial loss associated with financial fraud, payment related attacks and data breaches that directly affect the financial institutions, merchants and consumers is significant. Because of this, an important development in the payment evolution is the consideration towards security of payment transactions. The main focus of this thesis is to enhance the security of both EMV (Europay MasterCard Visa) based centralised payments and Bitcoin/blockchain based distributed payments while showing more emphasis on new and emerging payment technologies such as: mobile payments, tokenisation and distributed ledger technology. EMV is a standard that provides interoperability to Chip & PIN, Contactless and Tokenised payment transactions in a global scale. The thesis, investigates the current EMV payment architectures to identify potential weaknesses that pose a threat to the security of payment transactions. In our research, we were able to identify five main issues related to EMV Online PIN Verification in two deployment methods and three main issues related to EMV Tokenisation that raise security concerns. We discuss potential attack scenarios, and propose solutions that address the identified issues and enhance the security of payment transactions. The proposed solutions are subject to mechanical formal analysis and practical implementation was carried out to obtain performance measurements. The thesis, also investigates payments in distributed payment systems such as Bitcoin and blockchains. We identify issues such as fair-exchange related to distributed payments and propose solutions to improve security and anonymity. Furthermore, we explore how blockchain technology can be leveraged to enhance the security in other payment transactions such as: donation payments, humanitarian aid and SMS-based mobile payments. Finally, the thesis provides conclusion of this research and suggesting future research directions.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: Security ; Payments ; EMV ; Europay Mastercard Visa ; Tokenisation ; Blockchain ; Bitcoin ; Distributed Ledger Technology ; DLT ; Contactless ; Fair Exchange ; anonymity ; Cyber Security ; Mobile payments ; NFC ; near field communication ; Payment Attacks ; Mechanical Formal Analysis ; Formal Analysis ; security protocols ; Protocols ; Protocol analysis ; payment security ; card payments ; Philanthropy ; sms payments ; banking payments ; Enhancing security ; Online PIN Verification