Security Analysis of Transaction Authorization Methods for Next Generation Electronic Payment Services

Wilusz, Daniel; Wójtowicz, Adam

doi:10.1007/978-3-030-77392-2_8

Cited by 4 publications

(11 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Phishing According to Wilusz and Wójtowicz [35], phishing is a form of social engineering where attackers deceive victims into revealing sensitive information or installing malware. In the field of blockchain, the variants of asking for the private key, credentials, or cryptocurrency (as exchange or contribution) exist, according to Weber et al [129].…”

Section: Social Engineeringmentioning

confidence: 99%

See 1 more Smart Citation

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Pöhn,

Grabatin,

Hommel

2023

Applied Sciences

View full text Add to dashboard Cite

Self-sovereign identity (SSI) is a digital identity management model managed in a decentralized manner. It allows identity owners to manage and store their digital identities in a software wallet, for example, on a smartphone, without relying on centralized providers. This approach tries to enhance the security and privacy of digital identities and, thereby, their owners. With the new eIDAS regulation, elements of SSI, such as the wallet, are being pushed onto the market. However, since the model is relatively new, the security threats are still not fully known. This is shown by a brief security analysis of selected existing SSI wallets. In order to get a picture of the known threats, we systematically analyze and categorize related work in the field of SSI and elements applied by SSI. We then evaluate their application to current SSI systems and identify future work.

show abstract

Section: Social Engineeringmentioning

confidence: 99%

“…This could happen in blockchain use cases after phishing, but also following data breaches and other attacks. Wilusz and Wójtowicz [35] outline password guessing and biometric side-passing. Do et al [36] apply deep fakes against liveliness detection during biometric authentication.…”

Section: Social Engineeringmentioning

confidence: 99%

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Pöhn,

Grabatin,

Hommel

2023

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…Instead, authentication process should rely on knowledge factor or biometric factor (Wilusz & W ojtowicz, 2021) constituting strong 2FA. Additionally, in order to protect the user against a distinct risk of key loss (key carrier that becomes lost, not supported anymore or out of order), BIP-39 mnemonic phrase solution is proposed to be applied.…”

Section: Security Analysismentioning

confidence: 99%

“…The authentication mechanism does not rely on another possession factor (key or certificate) since successful intrusion can affect both possession factors at once. Instead, authentication process should rely on knowledge factor or biometric factor (Wilusz & Wójtowicz, 2021) constituting strong 2FA. Additionally, in order to protect the user against a distinct risk of key loss (key carrier that becomes lost, not supported anymore or out of order), BIP‐39 mnemonic phrase solution is proposed to be applied.…”

Section: Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

Secure protocols for smart contract based insurance services

Wilusz

Wójtowicz

2022

Expert Systems

Self Cite

View full text Add to dashboard Cite

Cryptocurrency‐based transactions are exposed to serious security risks, usually higher than risks related to traditional online transactions. The threats range from unintentional credential leaks, through fraudulent cryptocurrency exchanges and poorly implemented protocols, to broken private keys. Therefore, there is a business need for insurance services dedicated to cryptocurrencies that would be technologically as well as economically secure for both insuring and insured party. In this paper an architecture for cryptocurrency insurance framework along with a set of corresponding communication protocols and a smart contract template that jointly reduce various security risks are proposed. The detailed description of the solution is followed by the security analysis section. Also, the description of the presented solution is preceded by a general risk analysis related to cryptocurrency unit security and countermeasures analysis related to those risks. The authors believe that the presented technological solution can potentially enable new business models based on crypto‐insurance services.

show abstract

Towards Automated Creation of Adaptive Continuous Authentication Systems for Telework Scenarios

Gałązkiewicz,

Wójtowicz

2024

Communications in Computer and Information Science

View full text Add to dashboard Cite

Security Analysis of Transaction Authorization Methods for Next Generation Electronic Payment Services

Cited by 4 publications

References 21 publications

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Analyzing the Threats to Blockchain-Based Self-Sovereign Identities by Conducting a Literature Survey

Secure protocols for smart contract based insurance services

Towards Automated Creation of Adaptive Continuous Authentication Systems for Telework Scenarios

Contact Info

Product

Resources

About