220 likes | 338 Views
Pretense : A New Threat to Electronic Settlement Systems. INET98 Track3: Commerce and Finance S.Miwa and Y.Shinoda School of Informational Science JAIST. Contents. Introduction Electronic Settlement Systems Overview A new threat to ESS : “Pretense”
E N D
Pretense:A New Threat to Electronic Settlement Systems INET98 Track3: Commerce and Finance S.Miwa and Y.Shinoda School of Informational Science JAIST
Contents • Introduction • Electronic Settlement Systems Overview • A new threat to ESS : “Pretense” • Improvements to ESS to resist “Pretense” • Conclusion
Introduction • Practical use in the near future • Various Electronic Settlement Systems (ESS) • ESS for Open-network systems like the Internet • But existing ESS has drawbacks
Electronic Settlement Systems • To settle, an ESS must correctly communicate • information about a payment • “who”, “whom” and “how much” • among correct peers • a payer, a payee and a settlement institution • using 2-way authentication technology to specify the correct peer
ESS on open network systems • Exposed to various threats • eavesdropping, interpolation and impersonation • ESS can prevent existing these threats with • 2-way authentication technology • cryptography • electronic signature technology • But, a new threat “Pretense” doesexist
Designation of the payee 1) Designates the Payee • ESS on open network systems are composed of • Designation, Authentication and Communication 2) Authenticates mutually 3) Communicates payment information The Payer The Payee
Can Payer designate the correct Payee? • Payer cannot always specify who is the correct Payee • If Payer already knows the correct Payee • Payer never designates the wrong Payee • If Payer doesn’t know the correct Payee • It is difficult for that Payer to designate the correct Payee
Payer Cannot always designate the correct Payee • Malicious entity alters the correct ID to its ID • The correct ID • Payer designates the correct Payee • The ID is altered • Payer then designates the wrong Payee • This injustice is called “Pretense” • The entity can receive the payment as a correct Payee
What is “Impersonation”? 1) Designates the correct Payee 2) Communicates payment information Impersonation The Correct Payee The Payer 2’) Communicates payment information The Impersonated Payee
What is “Pretense”? 1) Designates the correct Payee Pretense 1’) Designates the pretended Payee The Correct Payee The Payer 2’) Communicates payment information The Pretended Payee
Threat arising from “Pretense” • The correct Payee on existing ESS • Anyone who was designated by Payer • Pretended payee can be paid the right payment as the correct Payee • Existing ESS are not immune to “Pretense”
Is demand for a refund possible? • Key factors for refund • Identifying the pretended payee • The legal basis of a refund • Is establishing the “Pretense” as an imposture possible?
Identifying the pretended payee • Payer must identify “whom” Payer paid • On ESS which does not provide anonymity • Payer may be able to identify Pretended Payee • Most of ESS which provide anonymity • Payer cannot identify Pretended Payee • Newer ESS provides anonymity that is cancelable • Payer can identify Pretended Payee
The legal basis of a refund • If “Pretense” was to take place, is there any breach of contract? • The legal basis of a refund is required • Generally, it is breach of contract
Contract of generic mail-order 1) Presentation of the goods 2) Order 3) Receipt of the goods 4) Payment (Customer’s fulfillment) The Customer The Merchant 5) Delivery of the goods (Merchant fulfillment) Non fulfillment Breach of Contract
Contract of online-shopping 1) Presentation of the goods 2) Order 3) Receipt of the goods 4) Payment with ESS Pretense The Customer The Correct Merchant 4’) Payment with ESS Even if Pretended Merchant doesn’t deliver the ordered goods The Pretended Merchant No Breach of Contract
Payer cannot be refundedunder “Pretense” • Existing ESS doesn’t manage Sales Contract • Even if Payer concludes Sales Contract with Pretended Payee • Payer cannot prove Link between Payment and Sales Contract • Payer cannot prove breach of contract • Refund cannot be demanded on breach of contract
“Pretense” as an imposture • Existing ESS cannot prove that “Pretense” was committed • can prove only about the payment • “who”, “whom” and “how much” • can do nothing against “Pretense” • But, ESS must resist “Pretense”
ESS to resist pretense • An immediate and intuitive solution • Make the information for designating Payee public • Communicate over the secure communication route • 2 improvements for ESS to resist pretense • Traceability • Contract Function
Providing Traceability • Some of ESS doesn’t provide anonymity • Electronic Check System • Secure Credit Card Payment System • They are already providing traceability • Newer ESS has function to cancel anonymity • These ESS provide traceability • With this, Pretended payee can be identified
Providing Contract Function • ESS must manage the sales contract • Make the legal basis of a refund clear • Add a function that • Conclude the sales contract • Manage Link between • Sales Contract • Payment
Conclusion • Existing ESS cannot resist “Pretense” • By examining both technical and legal aspect of “Pretense” • Have proposed 2 improvements • Traceability • Contract Function • ESS can be made “Pretense Resistant” • NECS extension