NUI_ Galway by vivi07

VIEWS: 31 PAGES: 11

									Final Year Project Initial Report

Name:

Paul Killoran (01369806) 4BP1 – Electronic and Computer Engineering

Course:

Supervisor:

Fearghal Morgan

1/10/2004

1

“A secure wireless payment system to prevent credit card fraud.”

2

Contents
Introduction .................................................................................................................... 3 Functional Outline ......................................................................................................... 4 General Overview ...................................................................................................... 4 E-Card ........................................................................................................................ 4 Kiosk .......................................................................................................................... 5 Bank Server ................................................................................................................ 6 System Diagram ............................................................................................................. 7 E-Card Diagram ............................................................................................................. 8 Kiosk Diagram ............................................................................................................... 8 Server Diagram .............................................................................................................. 9 Task List......................................................................................................................... 9 Hardware ...................................................................................................................... 11 Links ............................................................................................................................ 11

Introduction
The system is designed to improve the security and simplicity of current credit card transactions. There are three main units that model the proposed system and they are namely; the E-Card, Retail Kiosk and Bank Server. Security becomes compromised when private data is given away to a 3 rd party and the practice of “good faith” is adopted. By challenging this perception and “trusting nobody” security breaches become far more difficult. Consumers freely exchange their credit card numbers, expiry dates and signatures with retailers or retailer’s agents every day. Fraud in this area has significantly increased in this area in recent years and the trend is set to continue. Visa and Mastercard have begun to introduce a new “chip and pin” system, which it is hoped will hinder the criminal groups engaging in this fraudulent activity. The new system can be cracked by simply viewing what the customer enters on the key pad or by tampering with the key pad itself to record the number sequences entered. The major credit card companies fail to recognise that by releasing customer details openly in an untrustworthy environment, the possibilities of credit card fraud increases. The only real solution is to restrict providing protected information to trusted parties alone. The proposed new system gives the customer a terminal to communicate with their bank while on the move over a secure wireless network. As retailers are generally stationary their unit will be connected over a wired banking network to their own bank. The customers unit (E-Card) and the retailers unit (Kiosk) will only communicate directly to initialise a transaction and to pass confirmation codes to complete a transaction. We must assume that the parties can trust their own banks and that’s the banks communicate with each other in a secure manner.

3

Functional Outline
General Overview
The E-Card must accept a connection from a particular Kiosk to initialise a transaction. The Kiosk will request an amount to be paid, which will be displayed on the E-Card screen. The customer will approve the transaction by keying in his/her PIN number into their personal E-Card. If the PIN number is approved the transaction is authenticated and the requested amount is transferred from the customers account to the retailers account. Both parties receive a confirmation message once this is complete.

E-Card
Each bank customer would have a unique unit specifically only for their own personal use. It essentially is a secure terminal to communicate with their bank for authenticating transactions. The customer will be presented with a friendly GUI for transaction processing and online banking. The E-Card will be designed on a Sharp Zaurus SL-5600. The module will include an 802.11b Wireless Ethernet Card for communicating with the banking network. The software will be written in C/Java providing a GUI for customer interaction. Encryption will protect the data being communicated over the link. When the E-Card enters a network it will be required to identify what node it is connected to and verify with the bank that this is a trusted node. If the bank confirms this, it will also inform the E-Card of all businesses in the locality that are using this system. The customer must select the retailer they wish to conduct business with and this will request a session with the associated Kiosk using it’s IP address. The E-Card will pass a bank and customer ID to the Kiosk so that it can proceed with the session. It will then wait and listen to be contacted by its own bank over the WiFi link. The unit will receive a message detailing the retailers name details and the requested payment amount. The customer must then confirm the transaction by entering his/her PIN number on the touch screen. To prevent a 3rd party viewing the sequence of numbers entered on the screen, the numbers will be randomly jumbled on screen so that it will not be possible to identify what number was entered by looking at the areas of the screen pressed. The customer will also be provided with a safety PIN, which will appear to authenticate the transaction but will alert the bank and the Gardai in the event a customer is forced to make the payment by unlawful or criminal means. The E-Card can then be tracked depending on the nearest node to which it is connected.

4

Shortly afterwards, the unit receives a confirmation code from its bank if the authentication was successful. The code is then transmitted to the Kiosk to finally confirm that the transaction is authentic. The E-Card will also receive another code from the Kiosk that it must decode and forward to its bank. Finally, the E-Card receives a confirmation message from its bank informing the customer that the transaction has been completed successfully. The transaction is now complete and the requested amount has been transferred from the customer’s account the retailer’s account.

Kiosk
Similar to the E-Card, the Kiosk will also be a terminal for the retailer to communicate with its own bank. This unit will be connected to the banking networking over a wired link to improve security concerns. For the purposes of the project this unit represents existing hardware currently provided to retailers in Ireland. This unit will be built on an Analog Devices ADuC7020 ARM7TDMI Development Board. The main platform will also host a keypad, LCD screen and a 10BaseT Ethernet module. The operating system running on this platform will be written in C, cross-compiled into assembly and downloaded to the board. Some form of encryption will protect data being received and transmitted to/from the Kiosk. The retailer will operate the unit using the LCD screen and keypad. The Kiosk begins by waiting for a transaction to be initiated by an E-Card in the locality. It will receive the customer’s bank ID and personal ID numbers, and stores that information on some onboard memory. The module displays the customer’s name on the LCD and awaits the retailer to enter the amount it would like to bill the customer for. It encrypts this data and sends the request to its own bank. The unit will then wait to be contacted by its bank again. A confirmation code will be received from the bank and is forwarded to the ECard. In the meantime, another code arrives from the E-Card which the Kiosk decodes and sends on to its own bank. The forwarding of the codes ensures that a complete secure loop exists. Once the bank has confirmed the codes a successful transaction message is received informing the retailer that the requested amount of money has now been debited to their account. The Kiosk returns to an idle mode waiting to be contacted by another E-Card. The process is now complete.

5

Bank Server
The banking infrastructure must support all requests from the registered retailers and customers. The server has access to all customer and retailers account details and is responsible to transferring funds between accounts if the wireless transaction has been authenticated and is secure. The server may also provide an online banking facility at a later stage. The banking infrastructure will be modelled on a standard computer supporting Ethernet, Java and MySQL. An application written in Java will handle the requests and all responses will be encrypted to ensure secure links between the bank and clients. As the Server will act as a host to client responses, it will not be require any human interaction once the program is activated. The host waits in an idle state for communication from a client. When the ECard joins the network, the server checks it credentials and verifies that it can access the network. The client will also identify to the server through which node it is connected to and the host will respond by transmitting details and IP addresses of all the retailers located near that wireless node. The Kiosk will inform the server of a pending transaction. It will respond by requesting authentication from the E-Card to credit the customer’s account with the amount requested by the retailer. The authentication is complete when the customers encrypted PIN number matches the version the bank has in its own records. The server then issues two different confirmation codes to the Kiosk and ECard. Both codes must be transmitted across the secure loop in opposite directions. They will be decoded along the way, and will eventually be returned to the server. Both modified codes will be compared with the expected values, and if they match then the server can assume the communication loop is secure and transfers the amount requested. The server finally resumes listening for other transactions once the transaction is complete.

6

System Diagram

Bank
Java MySQL Database

Ethernet

Ethernet

Ethernet Hub

Wireless Access Point

Ethernet

WiFi

Kiosk
Analog Devices ADuC702x Ethernet Module LCD Screen Keypad

E-Card
Sharp Zaurus PDA WiFi C/Java Programming

7

E-Card Diagram
Sharp Zaurus SL-5600 CF Wireless Module

Encryption

E-Card

Security

WiFi (802.11b) C/Java Programming

Touch Screen Interaction

Kiosk Diagram
Analog Devices ADuC 7020 Ethernet Module

LCD Screen

Keypad

Kiosk
Encryption Security

C Programming Operating System

Cross Compilation

8

Server Diagram
Standard PC Ethernet Module

Web Server

Security

Bank Server
Encryption Authentication

Java Programming Transaction Handler

MySQL Database

Task List
Sharp Zaurus SL-5600
Work Package 1 Research PDA and gain basic understanding of it Learn how to interface with its hardware. Refresh C/Java Write simple program to work with the touch screen. Write simple program to communicate with the Wireless Access Point

Work Package 2 Establish a link between the Server program and PDA Establish a link between the ARM and the PDA Develop basic OS to run on PDA responding to touch screen and the wireless networking

Analog Devices AduC 7020
Work Package 3 Research the boards capabilities Write Initial Code and become familiar with the board Basic I/O Write data to the LCD screen Acquire data from the Keypad

9

Work Package 4 Commission Ethernet Module Transmit data via serial/Ethernet connection

Work Package 5 Build basic OS running on the LCD, keypad, wireless data and serial/ethernet

Bank Server
Work Package 6 Refresh my current Java knowledge General planning of software architecture Do some simple network communication over TCP

Work Package 7 Establish com link between ARM and Java Program

Work Package 8 Set up the server with the wireless access point. Establish com link between server and laptop with wireless card

Work Package 9 Connect to the MySQL database and do some reads and writes to it

Work Package 10 Develop the banking transaction handler.

Encryption
Learn about encryption algorithms and how they work

Work Package 11 Establish encryption over the Server - PDA link.

Work Package 12 Encrypt the data over the ARM - PDA link.

Work Package 13 Encrypt the data over the ARM - Server link

Website
Work Package 14 Build up a simple website showing the transactions Password protect this site and give user accounts.

10

Hardware
 E-Card o Sharp Zaurus SL-5600 o Compact Flash WiFi 802.11b Card



Kiosk o Analog Devices AduC7020 ARM7TDMI o Ethernet Module o LCD Screen o Key Pad



Bank Server o Standard Windows PC o Ethernet Card



Network o Wireless Access Point o Network Switch o Cat 5e RJ45 Network Cables

Links
www.zaurus.com/dev/ www.wi-fi.org www.analog.com http://java.sun.com www.java.com http://world.std.com/~franl/crypto.html

11


								
To top