Leveraging Cellular Infrastructure to Improve Fraud Prevention

The relationship between physical security and critical infrastructure has traditionally been unidirectional - the former being necessary to sustain the latter. However, certain pieces of critical infrastructure hold the potential to significantly improve the security of individuals and their most sensitive information. In this paper, we develop a pair of mechanisms for cellular networks and mobile devices that augment the physical security of their users´ financial credentials. In particular, we create FrauVent, a multi-modal protocol that provides users with information related to a pending questionable transaction (e.g., transaction value, location, vendor) in a way that improves the available context for approving or rejecting such exchanges. Through protocol design, formal verification and implementation of an application for the Android platform, we develop a robust tool to help reduce the costs of fraud without requiring financial institutions to significantly change their extensively deployed end systems (i.e., card readers). More critically, we provide a general framework that allows cellular infrastructure to actively improve the physical security of sensitive information.