Cover Image

Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)

IoT emergence has given rise to a new digital experience of payment transactions where physical objects like refrigerators, cars, and wearables will make payments. These physical objects will be storing the cardholder credentials and will directly make payments with the vendors over insecure public...

Full description

Saved in:
Bibliographic Details
Main Authors: Muhammad Nasir Mumtaz Bhutta, Surbhi Bhattia, Mohammed Ali Alojail, Kashif Nisar, Yue Cao, Shehzad Ashraf Chaudhry, Zhili Sun
Format: Article
Language:English
English
Published: John Wiley & Sons, Inc 2022
Subjects:
QA76.75-76.765 Computer software
Online Access:https://eprints.ums.edu.my/id/eprint/33665/1/Towards%20secure%20IoT-based%20payments%20by%20extension%20of%20payment%20card%20industry%20data%20security%20standard%20%28PCI%20DSS%29.ABSTRACT.pdf
https://eprints.ums.edu.my/id/eprint/33665/2/Towards%20Secure%20IoT-Based%20Payments%20by%20Extension%20of%20Payment%20Card%20Industry%20Data%20Security%20Standard%20%28PCI%20DSS%29.pdf
https://eprints.ums.edu.my/id/eprint/33665/
https://doi.org/10.1155/2022/9942270
https://doi.org/10.1155/2022/9942270
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.ums.eprints.33665
record_format eprints
spelling my.ums.eprints.336652022-08-03T04:11:38Z https://eprints.ums.edu.my/id/eprint/33665/ Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS) Muhammad Nasir Mumtaz Bhutta Surbhi Bhattia Mohammed Ali Alojail Kashif Nisar Yue Cao Shehzad Ashraf Chaudhry Zhili Sun QA76.75-76.765 Computer software IoT emergence has given rise to a new digital experience of payment transactions where physical objects like refrigerators, cars, and wearables will make payments. These physical objects will be storing the cardholder credentials and will directly make payments with the vendors over insecure public networks. For such payment transactions, government regulations and standards organizations require to implement PCI DSS for adapting similar set of security measures at the global level. The current version of PCI DSS is not suitable for IoT-based payment systems due to characteristics of IoT such as resourceconstrained nature of devices and updating software/firmware of so many physical devices. Also, there arises an emergent need of implementing PCI DSS requirements and assessments for security of all stakeholders that store or process the user credentials in a payment. This paper is an initial effort to bring the researcher’s attention to make upcoming versions of PCI DSS suitable for IoT and thus securing the new ways of IoT-based payment systems. The paper has reviewed the traditional payment process along with considerations for IoT-based payment systems to make recommendations to modify the PCI DSS in a suitable way for IoT. John Wiley & Sons, Inc 2022-01-24 Article PeerReviewed text en https://eprints.ums.edu.my/id/eprint/33665/1/Towards%20secure%20IoT-based%20payments%20by%20extension%20of%20payment%20card%20industry%20data%20security%20standard%20%28PCI%20DSS%29.ABSTRACT.pdf text en https://eprints.ums.edu.my/id/eprint/33665/2/Towards%20Secure%20IoT-Based%20Payments%20by%20Extension%20of%20Payment%20Card%20Industry%20Data%20Security%20Standard%20%28PCI%20DSS%29.pdf Muhammad Nasir Mumtaz Bhutta and Surbhi Bhattia and Mohammed Ali Alojail and Kashif Nisar and Yue Cao and Shehzad Ashraf Chaudhry and Zhili Sun (2022) Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS). Wireless Communications and Mobile Computing, 2022. pp. 1-10. ISSN 1530-8669 (P-ISSN) , 1530-8677 (E-ISSN) https://doi.org/10.1155/2022/9942270 https://doi.org/10.1155/2022/9942270
institution Universiti Malaysia Sabah
building UMS Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Malaysia Sabah
content_source UMS Institutional Repository
url_provider http://eprints.ums.edu.my/
language English
English
topic QA76.75-76.765 Computer software
spellingShingle QA76.75-76.765 Computer software
Muhammad Nasir Mumtaz Bhutta
Surbhi Bhattia
Mohammed Ali Alojail
Kashif Nisar
Yue Cao
Shehzad Ashraf Chaudhry
Zhili Sun
Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
description IoT emergence has given rise to a new digital experience of payment transactions where physical objects like refrigerators, cars, and wearables will make payments. These physical objects will be storing the cardholder credentials and will directly make payments with the vendors over insecure public networks. For such payment transactions, government regulations and standards organizations require to implement PCI DSS for adapting similar set of security measures at the global level. The current version of PCI DSS is not suitable for IoT-based payment systems due to characteristics of IoT such as resourceconstrained nature of devices and updating software/firmware of so many physical devices. Also, there arises an emergent need of implementing PCI DSS requirements and assessments for security of all stakeholders that store or process the user credentials in a payment. This paper is an initial effort to bring the researcher’s attention to make upcoming versions of PCI DSS suitable for IoT and thus securing the new ways of IoT-based payment systems. The paper has reviewed the traditional payment process along with considerations for IoT-based payment systems to make recommendations to modify the PCI DSS in a suitable way for IoT.
format Article
author Muhammad Nasir Mumtaz Bhutta
Surbhi Bhattia
Mohammed Ali Alojail
Kashif Nisar
Yue Cao
Shehzad Ashraf Chaudhry
Zhili Sun
author_facet Muhammad Nasir Mumtaz Bhutta
Surbhi Bhattia
Mohammed Ali Alojail
Kashif Nisar
Yue Cao
Shehzad Ashraf Chaudhry
Zhili Sun
author_sort Muhammad Nasir Mumtaz Bhutta
title Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
title_short Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
title_full Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
title_fullStr Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
title_full_unstemmed Towards secure IoT-based payments by extension of payment card industry data security standard (PCI DSS)
title_sort towards secure iot-based payments by extension of payment card industry data security standard (pci dss)
publisher John Wiley & Sons, Inc
publishDate 2022
url https://eprints.ums.edu.my/id/eprint/33665/1/Towards%20secure%20IoT-based%20payments%20by%20extension%20of%20payment%20card%20industry%20data%20security%20standard%20%28PCI%20DSS%29.ABSTRACT.pdf
https://eprints.ums.edu.my/id/eprint/33665/2/Towards%20Secure%20IoT-Based%20Payments%20by%20Extension%20of%20Payment%20Card%20Industry%20Data%20Security%20Standard%20%28PCI%20DSS%29.pdf
https://eprints.ums.edu.my/id/eprint/33665/
https://doi.org/10.1155/2022/9942270
https://doi.org/10.1155/2022/9942270
_version_ 1760231192908529664
score 13.18916

Similar Items