Title :
Increasing user privacy in online transactions with X.509 v3 certificate private extensions and smartcards
Author_Institution :
Program & Syst. Eng., Siemens AG, Vienna, Austria
Abstract :
Security and privacy are central issues for the acceptance of online payment methods in particular and growth of the Internet market in general. Public key infrastructure and X.509 certificates have been established as the most trustworthy methods for assuring security in online transactions. This paper proposes a new approach for increasing security by avoiding privacy violation using X.509 version 3 certificate private extensions and storing the certificate and its corresponding private key in the smartcard. The private key never leaves the smartcard and can be used for decryption and signing only after successful personal identification number presentation. The proposed approach is compared with secure electronic transaction (SET) protocol.
Keywords :
Internet; data privacy; digital signatures; public key cryptography; smart cards; transaction processing; Internet market; X.509 v3 certificate private extensions; digital signatures; online payment; online transactions; personal identification number; public key infrastructure; secure electronic transaction protocol; smartcards; user privacy; Communication channels; Credit cards; Cryptography; ISO standards; Identity-based encryption; Internet; Privacy; Protocols; Public key; Security; SET; X.509 v3 identity and attribute certificates; digital signature; encryption; non-repudiation; online transaction; privacy; security; smartcards;
Conference_Titel :
E-Commerce Technology, 2005. CEC 2005. Seventh IEEE International Conference on
Print_ISBN :
0-7695-2277-7
DOI :
10.1109/ICECT.2005.54
