Analysis of Security Risks in Mobile Payments : A Case Study Using DNAT

Ba, Jing

January 2013

Technology development always makes the life easier and faster thus it also impacts the way we do business in our lives. As the widespread usage of mobile devices in recent years mobile technology has created an environment in which people around the world are getting closer. Recently the popularity of personal mobile devices like Ipad and Iphone leads to the appearance of opportunities to improve payments more fast and efficient. And for the past years various services and applications for mobile payment have been developed by the companies which are eager for the leader positions in the new market. With the development of mobile payment and the important relationship between payment and our lives, a lot of security risks associated with this field should be extensively studied. This thesis aims to analyze the security risks related to the mobile payment. This thesis uses an explorative method to research the stakeholders, critical assets and vulnerabilities within mobile payment by utilizing case studies of Square and Google Wallet. The information gathered from the case studies and security analysis is further analyzed by the dynamic network analysis tool (ORA) in order to discover the security risks. The results of this thesis indicate that accounts and business data are the most critical assets in mobile payment because accounts are the foundation to perform payment transactions. Further, the mobile payment service provider, merchant and consumer are the stakeholders affected most by the security risks. And this thesis concludes that all the stakeholders should be aware of the security risks within the mobile payment environment, and further if service and device providers want to keep continuous business they should make more effort to cooperate with each other to protect the users against these risks.

Mobile Payment

Square

Google Wallet

DNAT

Security Risks

Engineering and Technology

Teknik och teknologier