Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)

Muhammad Nasir Mumtaz Bhutta and Surbhi Bhattia and Mohammed Ali Alojail and Kashif Nisar and Yue Cao and Shehzad Ashraf Chaudhry and Zhili Sun (2022) Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS). Wireless Communications and Mobile Computing, 2022. pp. 1-10. ISSN 1530-8669 (P-ISSN) , 1530-8677 (E-ISSN)

	Text Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS).ABSTRACT.pdf Download (55kB)
	Text Towards Secure IoT-Based Payments by Extension of Payment Card Industry Data Security Standard (PCI DSS).pdf Restricted to Registered users only Download (699kB) \| Request a copy

URL: https://doi.org/10.1155/2022/9942270

Abstract

IoT emergence has given rise to a new digital experience of payment transactions where physical objects like refrigerators, cars, and wearables will make payments. These physical objects will be storing the cardholder credentials and will directly make payments with the vendors over insecure public networks. For such payment transactions, government regulations and standards organizations require to implement PCI DSS for adapting similar set of security measures at the global level. The current version of PCI DSS is not suitable for IoT-based payment systems due to characteristics of IoT such as resourceconstrained nature of devices and updating software/firmware of so many physical devices. Also, there arises an emergent need of implementing PCI DSS requirements and assessments for security of all stakeholders that store or process the user credentials in a payment. This paper is an initial effort to bring the researcher’s attention to make upcoming versions of PCI DSS suitable for IoT and thus securing the new ways of IoT-based payment systems. The paper has reviewed the traditional payment process along with considerations for IoT-based payment systems to make recommendations to modify the PCI DSS in a suitable way for IoT.

Item Type:	Article
Keyword:	IoT , Payment transactions , Payment card industry , Data security standard
Subjects:	Q Science > QA Mathematics > QA1-939 Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science > QA76.75-76.765 Computer software
Department:	FACULTY > Faculty of Computing and Informatics
Depositing User:	DG MASNIAH AHMAD -
Date Deposited:	03 Aug 2022 12:11
Last Modified:	03 Aug 2022 12:11
URI:	https://eprints.ums.edu.my/id/eprint/33665

Actions (login required)

View Item