Global ETD Search

371	Säkerhetsstandard för ett mjukvarubaserat säkerhetselement Kabir, Sanzida January 2013 (has links) Researchers today anticipate that in the near future, the majority of the owners of a smartphone will use it as a wallet, i.e. for contactless payment. The technology that enables contactless payment today is “Near Field Communication” (NFC), which is increasingly embedded in smartphones. Applications like mobile payment between a phone and a terminal use NFC. With Mobile payment the user’s credit and banking information gets saved and it’s extremely important for a user that the saved data doesn’t fall into the wrong hands. How should then a user of an NFC equipped device ensure that end-to-end security is strong enough when they use NFC technology? Can user feel safe enough to keep their private documents on the phone without getting “robbed”? NFC uses a security element “Secure Element” (SE) that offers the user safety for their mobile purchases but also in other applications such as transportation tickets. The security element comes in three forms: SD card based, SIM card based or embedded in the smartphone. Over time, the technology behind the secure element is further developed and a new phenomenon has emerged, a new type of secure element. The new technology is an application based secure element: “Software Emulation Card” (Soft-SE), which offers security without a physical SE This thesis will deal with the Secure Element’s area to see if the Soft-SE are so confident that we can count it as an option when we do our mobile purchases in the store. A number of threats and attacks that an SE or generally an NFC device can be exposed to will be mentioned and some will also be described and some possible threats and attacks against Soft-SE. In addition, a few pros and cons of applying Soft-SE will be discussed. The analysis is based on how a user can get more out of the existing SE instead of applying the Soft-SE. Based on the facts, pros and cons, and the analysis that has been treated, it has been concluded that the Soft-SE is not a more secure alternative than the SE that is already used by NFC phones. Since Soft-SE is still new, it has not yet developed to protect themselves against the possible attacks that they may be exposed to. It is strongly recommended that users of Google Wallet adhere to the Secure Element that the smartphone use instead of applying Soft-SE. / Dagen forskare förutser att inom en snar framtid kommer majoriteten av ägarna till smarttelefon använda den som sin plånbok, det vill säga använda sig utav kontaktlös betalning. Tekniken som möjliggör kontaktklös betalning idag är närfältkommunikation (Engelska: “Near Field Communication” - NFC) som finns inbäddad i smarttelefoner. Applikationer som mobila betalningar mellan en telefon och terminal använder sig av NFC. Vid mobila betalningar sparas användarens kredit- och bankinformation och det är ytterst viktigt för en användare att dess sparade data inte kommer i fel händer. Hur ska då en användare av NFC vara säker på att säkerhetsutvecklingen går hand i hand med NFC-tekniken? Kan en användare känna sig tillräckligt säker för att spara sina privata handlingar på telefonen utan att bli bestulen? NFC använder sig utav ett säkerhetselement (Engelska: “Secure Element” - SE) som erbjuder användaren säkerhet vid alla mobilköp men även i andra applikationer som till exempel färdmedelsbiljetter. Säkerhetselementet kommer i tre olika former: SD-kortbaserat, SIM-kortbaserat eller inbäddad i smarttelefonen. Med tiden har tekniken bakom SE vidareutvecklats och ett nytt fenomen har uppstått, nämligen ett nytt slags säkerhetselement. Den nya tekniken är ett applikationsbaserat säkerhetselement: mjukvarubaserad kortemulering (Engelska: “Software Card Emulation” - Soft SE), som erbjuder säkerhet utan ett fysiskt SE. Denna avhandling kommer behandla säkerhetselementets område och se över om Soft-SE är så pass säker att vi kan räkna det som ett alternativ vid våra mobilköp i affären. Ett antal hot och attacker som ett SE eller allmänt en NFC-enhet kan utsättas för kommer att nämnas och en del kommer även att beskrivas samt möjliga hot och attacker mot Soft-SE. Utöver det kommer ett par för- och nackdelar med att tillämpa Soft-SE att diskuteras. Analysen är baserat på hur en användare kan få ut mer av den existerande SE istället för att tillämpa Soft-SE. Utifrån fakta, för- och nackdelar och analysen som har behandlats drogs slutsatsen att Soft-SE inte är ett säkrare alternativ än den SE som redan används av NFC-telefoner. Eftersom Soft-SE fortfarande är något nytt har den inte ännu utvecklats tillräckligt för att skydda sig mot de möjliga attacker som den kan utsättas för. Det är starkt rekommenderat att användarna av Google Wallet håller sig till det säkerhetselement som smarttelefonen använder sig utav istället för att tillämpa Soft-SE. NFC SE Soft-SE contactless payment NFC säkerhetselement mjukvarubaserad kortemulering kontaktlös betalning Communication Systems Kommunikationssystem
372	Analysis of Security Risks in Mobile Payments : A Case Study Using DNAT Ba, Jing January 2013 (has links) Technology development always makes the life easier and faster thus it also impacts the way we do business in our lives. As the widespread usage of mobile devices in recent years mobile technology has created an environment in which people around the world are getting closer. Recently the popularity of personal mobile devices like Ipad and Iphone leads to the appearance of opportunities to improve payments more fast and efficient. And for the past years various services and applications for mobile payment have been developed by the companies which are eager for the leader positions in the new market. With the development of mobile payment and the important relationship between payment and our lives, a lot of security risks associated with this field should be extensively studied. This thesis aims to analyze the security risks related to the mobile payment. This thesis uses an explorative method to research the stakeholders, critical assets and vulnerabilities within mobile payment by utilizing case studies of Square and Google Wallet. The information gathered from the case studies and security analysis is further analyzed by the dynamic network analysis tool (ORA) in order to discover the security risks. The results of this thesis indicate that accounts and business data are the most critical assets in mobile payment because accounts are the foundation to perform payment transactions. Further, the mobile payment service provider, merchant and consumer are the stakeholders affected most by the security risks. And this thesis concludes that all the stakeholders should be aware of the security risks within the mobile payment environment, and further if service and device providers want to keep continuous business they should make more effort to cooperate with each other to protect the users against these risks. Mobile Payment Square Google Wallet DNAT Security Risks Engineering and Technology Teknik och teknologier
373	Security for Mobile Payment Transaction Desta, Girmay January 2012 (has links) The advancement of ICT in a variety of sectors helped in improving the time consuming and rigid service into fast and flexible service that is closer to the reach of individuals. For instance, mobile applications have evolved in different sectors such as healthcare patient support, geographic mapping and positioning, banking, e-commerce payment services and others. This study focuses on one of the most sensitive applications, which is mobile payment. Mobile payment system being one of the widely expanding mobile services, it has security concerns that prevented its wide acceptance. Some of the main security services given prior attention in mobile payment are issues of privacy, authentication and confidentiality. The research concentrates on the strong authentication of a mobile client to its server, securing the credit card* information and use of mobile card reader while making payments that enable customers to protect privacy of financial credentials. The strong authentication mechanism mainly follows the NIST standard publications namely, FIPS PUB 201 and FIPS 196; which are standards on Entity Authentication using public key cryptography and PKI credential storage Personal Identity Verification (PIV) card respectively. The proposed secure Credit Card Information (CCI) storage is in a secure element in order to prevent tampering of stored data. The secure element options are microSD, UICC, Smartcard (together with digital certificate and service ticket). During making payments, the payment information encrypted using a shared key is securely sent to payment server. A demo mobile application as proof of concept was implemented in a simulated lab (KTH SecLab), which has all the necessary infrastructure setup (servers, card reader) for testing the proposed solution. The paper was able to proof the concept of secure payment by enhancing the authentication, confidentiality and privacy of payment information. However, the demo for Strong Authentication did not completely succeed as expected due to unexpected bugs in the early version of card reader SDK. Strong Authentication mobile security PIV mobile PKI payment privacy EMV security Engineering and Technology Teknik och teknologier
374	The Swedish mobile Payment market: An analysis from a consumer’s perspective Eriksson Talls, Martin, Trinh, Van January 2012 (has links) The objective of this research is to understand how consumers perceive mobile payment services and the consumers’ maturity level to adopt mobile payments in the Swedish market. To reach our objective interviews were conducted asking about consumers experience with current payment methods and how consumers perceive mobile payment services. Questions from the interviews are derived from theories about technology adoption mainly from Diffusion of Innovations and Technology Acceptance Model. In addition questions about how consumers perceive mobile payment services are based on existing and concept based features. The results show that consumers are open to, and can even consider paying to use the mobile phone as a payment instrument. At the moment mobile payment services are either based on Near Field Communication (NFC) or Quick Response (QR) code technologies at Point of Sale(POS) purchases. Consumer perceive each payment solution differently; NFC based payments were perceived as more convenient while QR code were perceived as more secure. In addition mobile payment services have the potential to incorporate additional features that can increase its attractiveness, such as storing loyalty cards digitally and the ability to transfer moneybetween accounts. The maturity level among the consumers are in an early stage because their knowledge about mobile payment services is very low at the moment, due to that the interviewees did not consider themselves as early adopters when new technologie s are introduced. mobile payments the Swedish mobile payment market consumers’ perspective diffusion of innovation Economics and Business Ekonomi och näringsliv
375	Propuesta para mejorar la confianza en el uso del Bitcoin como medio de pago en las empresas peruanas, 2019 / Proposal to improve confidence in the use of Bitcoin as a means of payment in Peruvian companies, 2019 Arce Castelo, Jose Ramiro, Salas Nuñez, Maria del Carmen, Zegarra Machicao, Marco Iván 01 July 2019 (has links) El intercambio de las personas, en relación a los bienes y servicios, registra modificaciones, de medios y lugares; se aprecia el trueque, el patrón de metales preciosos, el papel de los chinos del siglo IX, …, también, como se pasa de las plazas de las ciudades, los buques, …, a la internet. Las personas fueron depositando confianza en cada cambio que se registra en la historia. Estos cambios llegan el día de hoy a las denominadas monedas virtuales o criptomonedas. Esto es lo que origina el objetivo del presente trabajo, desarrollar una propuesta para que el uso del Bitcoin sea empleado como medio de pago en las empresas peruanas. Para ello, se consideró la entrevista a personas que usan Bitcoin en sus transacciones comerciales en el Perú y la entrevista desarrollada a 61 empresarios escogidos bajo la muestra de conveniencia, ubicados en la ciudad de Arequipa. La criptomoneda más empleada es el Bitcoin que aparece en el 2009. Las criptomonedas no tienen ley, ni le pertenecen a nadie, es solo la confianza que se tiene en estas, las que pueden hacerla posicionar. Para lograr mejorar esta confianza, se proponen estrategias de comunicación y capacitación, para crear una oportunidad alguna persona, natural o jurídica, que apoye a las empresas que deseen hacer uso del Bitcoin, siendo el 4.9% del total que existen. Las empresas que usan bitcoin, los motiva el hecho que un cliente desee pagar con ello y la falta de conocimiento, es la principal causa para que no lo usen. / The exchange of people, in relation to goods and services, registers changes, of means and places; Barter is appreciated, the pattern of precious metals, the role of the Chinese of the ninth century, ..., also, as it passes from the squares of the city, ships, ..., to the internet. People were placing confidence in every change that is recorded in the story. These changes come today to so-called virtual currencies or cryptocurrencies. This is what originates the objective of this work, to develop a proposal so that the use of Bitcoin is used as a means of payment in Peruvian companies. For this, the interview was considered to people who use Bitcoin in their commercial transactions in Peru and the interview developed to 61 businessmen chosen under the convenience sample, located in the city of Arequipa. The most used cryptocurrency is the Bitcoin that appears in 2009. The cryptocurrencies have no law, nor belong to anyone, it is only the confidence that you have in these, which can make it position. In order to improve this trust, communication and training strategies are proposed, to create an opportunity for any individual, natural or legal, that supports companies that wish to use Bitcoin, 4.9% of the total that exist. Companies that use bitcoin, are motivated by the fact that a customer wants to pay with it and the lack of knowledge, is the main cause for not using it. / Trabajo de investigación Criptomoneda Bitcoin Dinero virtual Medios de pago Cryptocurrency Virtual money Payment methods
376	Differential Default Risk Among Traditional and Non-Traditional Mortgage Products and Capital Adequacy Standards Lin, Che Chun, Prather, Larry J., Chu, Ting Heng, Tsay, Jing Tang 01 April 2013 (has links) We develop a framework to quantify credit risks of non-traditional mortgage products (NMPs). Ex ante probabilities of default are caused by willingness-to-pay and ability-to-pay problems and the high default rates for NMPs confirm that payment shock is a critical default risk indicator. Monte Carlo simulations are conducted using three correlated stochastic variables (mortgage interest rate, home price, and household income) under normal and stressed economies. Results confirm that the default risk of 2/28 and option ARM contracts requiring a minimum monthly interest payment have a greater probability of default than other mortgage products in all economic scenarios. Additionally, the credit risk of NMPs is primarily systematic risk, suggesting that these products should require higher risk-based capital. Due to the non-linear distribution of credit risk, even the advanced internal-based rating approach of the Basle II framework can understate the risk involved in these NMPs. credit risk default option payment shock risk-based capital systematic risk Economics and Finance
377	Differential Default Risk Among Traditional and Non-Traditional Mortgage Products and Capital Adequacy Standards Lin, Che Chun, Prather, Larry J., Chu, Ting Heng, Tsay, Jing Tang 01 April 2013 (has links) We develop a framework to quantify credit risks of non-traditional mortgage products (NMPs). Ex ante probabilities of default are caused by willingness-to-pay and ability-to-pay problems and the high default rates for NMPs confirm that payment shock is a critical default risk indicator. Monte Carlo simulations are conducted using three correlated stochastic variables (mortgage interest rate, home price, and household income) under normal and stressed economies. Results confirm that the default risk of 2/28 and option ARM contracts requiring a minimum monthly interest payment have a greater probability of default than other mortgage products in all economic scenarios. Additionally, the credit risk of NMPs is primarily systematic risk, suggesting that these products should require higher risk-based capital. Due to the non-linear distribution of credit risk, even the advanced internal-based rating approach of the Basle II framework can understate the risk involved in these NMPs. credit risk default option payment shock risk-based capital systematic risk Economics and Finance
378	Inställning till den smarta elcykeln som tjänst : Finns det samband? Smedberg, Johanna January 2020 (has links) Vi befinner oss i en transformation där elcykeln tillför en ny dimension av mobilitet. Samtidigt sker ett teknologiskifte där Internet of Things (IoT) möjliggör uppkoppling av produkter till varandra och från produkt till människa, på ett sätt som tillför nya värden. Elcykeln är inget undantag. Med IoT blir elcykeln intelligent; den smarta elcykeln är här. Smarta elcyklar är nytt på den svenska marknaden. För att förstå hur affärsmodeller och betalningsmodeller kan skapas kring denna nya produkt undersöks inställning till, och drivkrafter för, den smarta elcykeln. Vidare prövas inställningen till olika betalningsmodeller.Resultaten visar att elcykelcyklisten är intresserad av att skaffa sig en smart elcykel och helst vill man betala hela beloppet direkt vid köpet, även om man är öppen för alternativa betalformer som bygger på cykeln som tjänst.I arbetet konstateras att det finns samband mellan teknikintresse och inställningen till smarta elcyklar liksom samband mellan inställning till olika betalningsmodeller och inställning till den smarta elcykeln.Arbetet utgör en grund för vidare forskning kring den smarta elcykeln och affärsmodeller baserade på elcyklar uppkopplade genom IoT. Internet of Things (IoT) Technology adaptation Payment methods E-bike Information Systems
379	The contribution of sociodemographic and clinical factors to length of stay in hospitalized children Hasan, Fareesa 17 June 2016 (has links) BACKGROUND: There is continued attention towards using patient demographic and clinical characteristics available in health administrative data when case mix adjusting the measurement of length of stay (LOS) for hospitalized children. However, little is known about what proportion of children’s LOS is explained by these characteristics. OBJECTIVES: The objectives of the study were to quantify the amount of variation in LOS within and across hospitals that is explained by demographic and clinical factors of hospitalized pediatric patients. METHODS: A retrospective cohort analysis was completed of 818,848 hospitalizations for any reason occurring from 1/1/2014 to 12/31/2014 in one of 44 freestanding children’s hospitals in the Pediatric Health Information Systems (PHIS) dataset. A generalized linear model was derived to simultaneously regress demographic factors [age, race/ethnicity, payer, rural residence, health professional shortage area (HPSA) residence, income, and distance traveled], and clinical factors (severity of illness, type and number of chronic conditions) on LOS. The percentage of LOS attributable to each characteristic within each hospital was quantified using the covariance test of the hospital random effect. RESULTS: The factors with the greatest impact on LOS were severity of illness and chronic condition type and number, with a median (interquartile range) of 16.8% (IQR 15.0%-19.4%) and 4.0% (IQR 2.9%-4.5%) of LOS, respectively, explained by these characteristics across hospitals. LOS varied significantly (p<0.05) with both severity of illness and chronic condition type and number for all 44 hospitals in the cohort. All patient demographic factors, (age, race/ethnicity, payer, rural residence, HSPA residence, income, and distance traveled) had minimal impact on LOS, with <0.1% of LOS explained by each characteristic. Across hospitals, 78.3% (IQR 75.8-80.2%)] of LOS remained unexplained by the patient characteristics under study. CONCLUSIONS: Patients’ clinical characteristics ascertained from administrative data account for approximately one-fifth of LOS whereas their demographic characteristics account for a negligible amount. Efforts to optimize the efficiency of inpatient care for hospitalized children might benefit from uncovering how much of the vast amount of unexplained LOS is due to modifiable aspects of care quality. / 2018-06-16T00:00:00Z Public health Risk adjustment Hospital payment Length of stay Pay-for-performance Quality improvement Sociodemographic
380	Relationship Between Medicare Alternative Payment Methodology and Hospital Program Service Revenue Gubbine, Sandra J 01 January 2017 (has links) Medicare paid $388.7 billion to acute care hospitals in 2014 representing the largest portion of the health care sector in the United States. Medicare implemented an innovative reimbursement model called Value Based Purchasing (VBP) to ensure hospitals provide quality care for the dollars spent. This correlation study used the VBP theoretical framework developed by Dudley as the foundation for the reimbursement model implemented by Medicare in 2013. The data used for this study came from the Centers of Medicare and Medicaid, as well as from Guidestar. The data focused on acute care, nonprofit hospitals located in New Jersey, New York, and Pennsylvania. Data trending and scatter plot graphs were used to analyze trends and basic correlation. Pearson correlation coefficient tests were performed to confirm correlation. The results showed no statistically significant relationship between program service revenue and the VBP domains for years 2013 and 2015. A weak positive relationship existed between 2014 program service revenue and the process of care domain; however, no statistically significant relationship existed between the remaining domains. The results from this study showed that quality metrics for acute care hospitals did not improve as the VBP criteria from Medicare expanded across the institutions included in the study. Hospital quality metrics are publicly accessible to everyone and allows patients to see actual results rather than the only resource being positive marketing campaigns. Accessibility to actual data has a positive influence on social change because patients can make informed choices for their personal health care needs. Alternative Payment Methodology APM Hospital Program Service Revenue Value Based Purchasing VBP Health and Medical Administration

Search results