Off-line generation of limited-use credit card numbers

Aviel D. Rubin; Rebecca N. Wright

doi:10.1007/3-540-46088-8_18

Off-line generation of limited-use credit card numbers

Aviel D. Rubin, Rebecca N. Wright

Research output: Contribution to journal › Article › peer-review

31 Scopus citations

Abstract

Recently, some credit card companies have introduced limited-use credit card numbers—for example, American Express’s single-use card numbers and Visa’s gift cards. Such limited-use credit cards limit the exposure of a traditional long-term credit card number, particularly in Internet transactions. These offerings employ an on-line solution, in that a credit card holder must interact with the credit card issuer in order to derive a limited-use token. In this paper, we describe a method for cryptographic off-line generation of limited-use credit card numbers. This has several advantages over the on-line schemes, and it has applications to calling cards as well. We show that there are several trade-offs between security and maintaining the current infrastructure.

Original language	English (US)
Pages (from-to)	196-209
Number of pages	14
Journal	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	2339
DOIs	https://doi.org/10.1007/3-540-46088-8_18
State	Published - 2002
Externally published	Yes

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/3-540-46088-8_18

Cite this

@article{73c38bd476794ef6bf0a0101cf457086,

title = "Off-line generation of limited-use credit card numbers",

abstract = "Recently, some credit card companies have introduced limited-use credit card numbers—for example, American Express{\textquoteright}s single-use card numbers and Visa{\textquoteright}s gift cards. Such limited-use credit cards limit the exposure of a traditional long-term credit card number, particularly in Internet transactions. These offerings employ an on-line solution, in that a credit card holder must interact with the credit card issuer in order to derive a limited-use token. In this paper, we describe a method for cryptographic off-line generation of limited-use credit card numbers. This has several advantages over the on-line schemes, and it has applications to calling cards as well. We show that there are several trade-offs between security and maintaining the current infrastructure.",

author = "Rubin, {Aviel D.} and Wright, {Rebecca N.}",

year = "2002",

doi = "10.1007/3-540-46088-8_18",

language = "English (US)",

volume = "2339",

pages = "196--209",

journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

issn = "0302-9743",

publisher = "Springer Science and Business Media Deutschland GmbH",

}

TY - JOUR

T1 - Off-line generation of limited-use credit card numbers

AU - Rubin, Aviel D.

AU - Wright, Rebecca N.

PY - 2002

Y1 - 2002

N2 - Recently, some credit card companies have introduced limited-use credit card numbers—for example, American Express’s single-use card numbers and Visa’s gift cards. Such limited-use credit cards limit the exposure of a traditional long-term credit card number, particularly in Internet transactions. These offerings employ an on-line solution, in that a credit card holder must interact with the credit card issuer in order to derive a limited-use token. In this paper, we describe a method for cryptographic off-line generation of limited-use credit card numbers. This has several advantages over the on-line schemes, and it has applications to calling cards as well. We show that there are several trade-offs between security and maintaining the current infrastructure.

AB - Recently, some credit card companies have introduced limited-use credit card numbers—for example, American Express’s single-use card numbers and Visa’s gift cards. Such limited-use credit cards limit the exposure of a traditional long-term credit card number, particularly in Internet transactions. These offerings employ an on-line solution, in that a credit card holder must interact with the credit card issuer in order to derive a limited-use token. In this paper, we describe a method for cryptographic off-line generation of limited-use credit card numbers. This has several advantages over the on-line schemes, and it has applications to calling cards as well. We show that there are several trade-offs between security and maintaining the current infrastructure.

UR - http://www.scopus.com/inward/record.url?scp=84949228414&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84949228414&partnerID=8YFLogxK

U2 - 10.1007/3-540-46088-8_18

DO - 10.1007/3-540-46088-8_18

M3 - Article

AN - SCOPUS:84949228414

SN - 0302-9743

VL - 2339

SP - 196

EP - 209

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -

Off-line generation of limited-use credit card numbers

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this