PPT

Table of Contents ABSTRACT 4 1. Introduction 5 1.1 Background 5 1.2 Research aim and objectives 7 1.3 Research questions 7 Research question 1 7 Research question 2 8 Research question 3 8 1.4 Problem statement 8 1.5 Significance of the study 10 1.6 Relationship to CPT 11 LITERATURE REVIEW 11 MOBILE PAYMENT SYSTEMS 12 Mobile payment platform 13 Independent mobile payment system 14 MOBILE PAYMENT SECURITY 15 THREATS IN MOBILE PAYMENT SYSTEMS 17 Research Background and Rationale 18 Research Aims and Objectives 19 Research Questions 19 Research Methodology 19 Ethical Considerations 22 Limitations of the Research 23 Research Timeline 23 CONCLUSION 24 References 25

In the present decade and the modern age, mobile payments as a medium for financial transactions have gained much popularity. Mobile technology has emerged as a clear and new channel in the space of banking and payment transactions. With the significant advancement in the field of technology have made this field as one of the burgeoning growth in the financial services. People are involved in the application of the widespread smartphone technology and the customers are very comfortable with their mobile devices as a form of communicating device and this has resulted in the increased interest in the rate of mobile payments.

Moreover, with the advancement in the process of software and hardware, security services and techniques have made it possible to made trusted financial transactions possible from the mobile phone application. However, though the system has gained enough popularity, people are making immense use of the technology and there are certain security services available in case of mobile transactions certain key challenges have also developed in this field. There are of course issues related to the lack of security risks related to this form of services. The security risks that are related to the mobile payment methodologies need to be identified and resolved. The discussion paper below examines the present state of the mobile payment market, the major relevant technologies that have evolved, and the relevant security, risk, and assurance factors related to this technique.

The major goal of this research paper is to study and understand the concept of mobile scan payments security issues and strategies. The paper also aims to find out certain solutions available to resolve these issues of security. In order to make the analysis, certain research questions have been developed and the problem statement has been defined. The research significance has been identified with a detailed description of the mobile payment system.

In the present time, there is the huge development of very advanced digital technologies along with the creation of devices and services with newer innovative ideas. As the speed of the digital network has become faster, it has made the world much smaller. It has largely reduced the cost of data transfer. These days the devices such as tablets, smartphones and other embedded platforms have a capacity of huge computational power(Becher et al., 2011). These devices can be available online most of the time. Most of the internet services can be used by these devices. Some of the services can be free whereas some of the services may not be free.

The service provider and the service bills define the user, and this information is integrated with the profile of the user. This provides the selection of the services according to the interest and preferences of the user. In the mobile payment system, several parties are involved(Chang, 2014). Some of the parties are financial service providers, technology vendors, wireless carriers, etc. all these parties completely understand the complex dynamics that are required for the processing of the mobile payment market.

The state of the art of mobile payment is defined as the method of using online application services in mobile to pay the bills. Several parties are involved with the mobile payment services such as financial service provider, technology vendors and more. Remote transaction and local transaction are involved(Correa, 2016). The smartphone devices possess the ability to remain online constantly. This feature has made it popular for integrating several services and application for the data transfer. The privacy of the user is quite difficult to maintain since the users provides lots of information to the service provider that are sensitive and personal(Dahlberg, Guo, & Ondrus, 2015).

As the e-commerce and the internet, technology has expanded and grown there is a huge increase in the availability of the personal and sensitive information with the government and other concerned corporations. The data and information that are collected by these organizations are used for tracking the usage. These data and information are also shared by these organizations with other external parties which increases the issues of privacy. The sharing of the personal and sensitive information is often done with the acknowledgment of the respective customer(Suryotrisongko, Sugiharsono, & Setiawan, 2012).

The links with higher speed and the devices with larger storage capacity have made this fashion of sharing data and information more popular. For marketing and surveillance, the private tools such as cookies and web bugs are shared with the third parties. These data can be combined with other offline data to estimate the need, future purchases and the interest of the customers. It is a huge privacy issue.

The aim of this project is to do the research and understand the concept of mobile scan payments security issues and strategies.

The objectives of this research paper are as follows:

· To understand the idea of mobile scan payments security issues and strategies.

· To propose solutions in the form of application to uproot the mobile scan payment system

· To understand the working of the mobile payment system-based application and acknowledges the privacy issues.

The research questions that can be arisen from the study of mobile scan payments security issues and strategies are as follows:

How has the implementation of mobile scan payment security system affected and made an impact on the financial services market structures?

What is the privacy and the security issues with the mobile scan payment system and how can these security issues to be mitigated?

What are the additional features that can be incorporated into the mobile scan payment system to make them more efficient in performance?

The Smartphone devices possess the ability to remain online constantly(Tellez Isaac & Sherali, 2014). This feature has made it popular for integrating several services and application for the data transfer. The privacy of the user is quite difficult to maintain since the users provide lots of information to the service provider that are sensitive and personal. As the e-commerce and the internet, technology has expanded and grown there is a huge increase in the availability of the personal and sensitive information with the government and other concerned corporations(Wadhaval, Mehta, & Gawade, 2013). The data and information that are collected by these organizations are used for tracking the usage and these data and information are also shared by these organizations with other external parties which increases the issues of privacy.

The sharing of the personal and sensitive information is often done with the acknowledgment of the respective customer. The links with higher speed and the devices with larger storage capacity have made this fashion of sharing data and information more popular. For marketing and surveillance, the private tools such as cookies and web bugs are shared with the third parties(Yoon, Jeon, & Kim, 2015). These data can be combined with other offline data to estimate the need, future purchases and the interest of the customers. It is a huge privacy issue.

The services of mobile scan payment have the risk of fraud subscription which is similar to the issues of a credit card during the situation when another subscriber is faked by someone. Another risk is the theft of the device which is similar to the issues of credit-related identity theft(Wang, Hahn, & Sutrave, 2016). During this issue, the user fails for making the bill payment since they are required to take actions to report the credit. The legitimate monthly bill of the customers includes the charges that are caused by the thief. These charges are removed by the service provider from the bill. When the stolen device gets reported, then the location of the device can be implemented to track the location of the thief. The calls on the digital cellular network are much secure than the calls on the analog networks.

There are several threats that are present in the wireless cellular network which is required to be acknowledged by the user and the service provider. Some of them are interception, man in the middle attack and the denial of service attack. The occurrence of the inception attack takes place when there is transmission of the signal over the radio medium and the receiver devices are integrated with the mobile scanners to listen to the messages. There are the chances such that the sender and the receiver are not aware of the intrusion. During the attack, interception collects the data and information from the network(Yu, Kywe, & Li, 2018).

The confidentiality and the integrity of the network are violated by the man in the middle attack. In this attack, the adversaries get access to the resources of the network by transmitting the undesired signals to the target location. In this situation, the targets send the information or the traffic to the adversaries instead of the intended destination. During the situation when the network is jammed the occurrence of the denial of service attacks takes place. Several resources interfere with the frequencies of the wireless local area network increasing the chances risk of denial of service attacks. Thus, this research mainly focuses on exploring the concept of mobile scan payments security issues and strategies.

The sharing of the private data and information of the customers without their acknowledgment with external parties can be solved with the use of several methods. The exposure of the location of the customer is also one of the bigger privacy issues. One of the solution to these issue is the solution based on the network. Firstly, the calculation is done by the cellular network in this solution. Secondly, the information regarding the position of the user is conveyed to the user. Another solution for the privacy issue in the solution based on the devices. In this solution, the location is computed by the wireless device itself.

One more solution to this issue is the hybrid solution. Some of the featured are required to be integrated with the wireless devices for tracking the locations in order to avoid the privacy issues(Sakharova, 2012). It provides services based on location. The features are target advertising and the search of the nearest items. The securities of the mobile technologies and the wireless communication technology determine the reliability of the usage of the mobile scan payment system. The wireless security maintenance can be done using the being proactive and being reactive methods.

In the proactive method, a priori is used secure the adversaries from making attacks with the use of the techniques of cryptography. In the methods of reactive method, the threats of security are detected and respective actions are done in order to prevent them from affecting the system. If one of the links is failed then there is chances of it affecting or degrading the whole security system. Several enhanced features of security are integrated with the system. These features are increased in the bandwidth (extra overhead), decrease in the performance (computational latency) and increase in complexity or extra cost. These may largely affect the performance of the system.

No CPT

This paper mainly reflects on the security issues in the process of making the payments with the mobile scanning. The innovation of the mobile devices has simplified the lifestyles of the people across the world. One of the most significant things occurred with the innovation of the mobile devices is upgrading the payment methods. Before the introduction of the mobile payment methods, the payments are done in different kinds of traditional methods such as cash, check, debit and credit cards. However, the customers find mobile payments as the best payment platform as every individual in this modern generation is carrying mobile phones with them all the time instead of carrying the cash or check-book or credit and debit cards with them (Becher, M., Freiling, F. C., 2011).

The mobile payments can be done in many ways such as Short Message Services (SMSs) and through online banking system. However, the mobile payments can be performed only through Android devices and upgraded IOS devices. With the application of the mobile payments, the customers are experiencing many numbers of benefits. Along with these benefits, there are also certain kind of threats and security concerns in the mobile payment systems. So, to control these security issues to the maximum extent, different regulation systems such as PCI DSS (Payment Card Industry Data Security Standard) are established. These regulations are to be effectively complied with the mobile payment service providers for ensuring the security in mobile payment systems (Chang, T.-K., 2014).

In general, there are five different types of mobile payment systems. Each type in the mobile payment system is briefly discussed in the below sections (Correa, D., 2016).

This method will enable the customers to make the payments with the application of their mobile phones directly at the Point of Sale (POS). Some of the significant methodologies in this type of mobile payments are Apple Pay and Google Wallet. These are also referred as the built-in payment systems. The built-in payment systems are very simple to set-up on the mobile devices. For instance, to set-up the Apple Pay on the mobile device, first the customer is required to scan the number on the credit card or the customer is required to enter the necessary data or information about the cards manually such as the card number, security code and the expiration date (Correa, D., 2016).

After doing this, Apple Pay will be involved in contacting the card issuer to ensure that all the information provided is correct and after that, some simple verification steps are followed in order to effectively set-up the card so that the card is added to the wallet. Same method is followed to set-up the Android Pay and the Samsung Pay (Dahlberg, T., Guo, J., 2015).

This method will enable the customers to use the mobile devices as the Point of Sale (POS) and to process the card payments and this method of mobile payment requires a mobile application downloaded to the mobile device and a credit card reader which is connected to the mobile device. This set-up is also simple, and this method will facilitate the customers to perform the payment card services from any place and at any time (Parker, M. & Slamanig, D., 2012).

One of the best examples of this type of mobile payment method is the ‘Square Register’. Square Register is the method which is involved in supporting the transactions by three different types of credit card readers. The first-one is the Square reader for the magnetic strip cards, the second-one is the Square reader for EMV chip cards and third-one is the square contactless chip reader (Sakharova, I., 2012).

The mobile platform method is the payment method which is involved in providing the online payment services on the mobile devices. In this method, it is required to download and install the mobile application on the mobile device. The method of mobile payment platform can also be used as a mobile wallet to perform the payments at a POS. It is also essential to link the bank account to the mobile payment account to make the payments in this type of mobile payment systems (Suryotrisongko, H., Sugiharsono, 2012).

Two of the significant systems that are involved in the online payments or transferring the funds over the internet are PayPal and Alipay systems. The PayPal and Alipay systems are most famous in the China country than other contemporary countries across the world. These two systems are mostly used in the activities like the online shopping, transfer money to other’s bank account and paying the utility bills (Taylor, E., 2016).

The method of independent mobile payment system is involved in providing identical type of mobile payment services like that of mobile payment platforms. In this method, the organization is facilitated to develop its own online payment service that can support the mobile devices and so the different systems used in this method of mobile payments are referred as the independent mobile payment systems (Taylor, E., 2016).

Some of the best examples of the independent payment mobile systems are the mobile applications which are developed by Amazon and Starbucks. In almost every aspect, the independent mobile payment systems are identical to the mobile payment platforms. However, the independent mobile payment systems differ from the mobile payment platforms only in the aspect that the independent mobile payment systems are used only by the organization itself while the mobile payment platforms are used in all the places where ever required. The independent mobile payment systems can be converted into the mobile payment platforms if the independent mobile payment systems are widely supported by the retailers and customers (Tellez Isaac, J., 2014).

Direct carrier billing is one of most effective method which is involved in enabling the users to purchase the products and services using their mobile devices. This system is free from using the credit card and the debit card. In the method of direct carrier billing, the purchase cost is directly charged or billed on the monthly phone bill of the mobile subscriber. SMS messages play a crucial role in this method of mobile payment system. In this method, during the time of purchase, the user is just required to enter his or her phone number in the website and the company verifies your phone number by sending an OTP (one-time password) to that phone number and the user must enter that OTP to successfully complete the purchasing activity (Wadhaval, A., Mehta, R., 2013).

The mobile payment security is very much essential for both the users and the services. The two important components of the mobile payment security are Mobile payment security services and Mobile payment security mechanisms.

The most effective services of the mobile payment security are Substantiation, Access control, Discretion, Integrity and Accessibility (Wang, Y., Hahn, C., & Sutrave, 2016).

Two of the significant security services of the Substantiation are user substantiation and contract data source substantiation. The different mobile payment services are involved in providing the various kinds of ways to verify both the user identity and cause of contract data (Yu, X., Kywe, S. M, 2018). The access control will make sure that only the authorized individuals can gain access to all the systems of the mobile payment. The access control systems will make the users to use fingerprints and passwords in addition to the screen lock patterns to gain the access to the mobile devices while making mobile payments (Yu, X., Kywe, S. M, 2018).

Discretion is involved in protecting the transaction data or information from the submissive attacks on the mobile payment systems (Yu, X., Kywe, S. M, 2018).

integrity is involved in preventing the alteration of the transaction data when the transaction data is under rest, transit or in use (Yu, X., Kywe, S. M, 2018).

Accessibility is involved in ensuring that the mobile payment systems are made accessible for the authorized users whenever required. Almost all the above-mentioned security services are the dependents of different cryptographic operations such as encrypting, hashing and usage of digital signatures. The cryptographic processing is also used effectively in the various types of NFC-based mobile payment methods such as Apple Pay and Google Wallet.

The major objective of all the mobile payment security mechanisms is to ensure the mobile payment security. Below are some of the significant types of the mobile payment security mechanisms. The mobile payment platforms like the Apple Pay and the Samsung Pay will majorly use the fingerprint mechanism to authorise the mobile payments (Taylor E, 2016). Both the mobile payment platforms as well as the independent mobile payment systems will mostly use the user name or password mechanisms to verify the user identity to authorize a purchase. Almost all the mobile payment systems are involved in using the multi-factor validation mechanism to authorize the mobile payments. In this mechanism, the user is required to sign into the service using a new mobile device (Taylor E, 2016).

The security mechanism of secure foundations is widely used in the NFC-based mobile payment systems to safeguard the sensitive and critical information for the cryptographic operations (Taylor E, 2016).

One of the major targets of the attackers or the cyber criminals is the mobile payment systems. So, one can identify many threats when dealing with the mobile payment systems. The threats and attacks are considered as the significant impacts of the mobile payment systems. The prominent threats of the mobile payment systems are discussed in the below sections (Dahlberg, T., Guo, J., 2015).

The malware is considered as the major threat in the mobile payment systems. In the year 2014, the Symantec organization has identified one million mobile application is subjected to the malware. Generally, the different affects and activities done by the malware on the mobile payment systems are transferring or carrying the calls and messages of the user’s mobile device to the attackers, capturing the GPS information, recording the critical and sensitive information of the mobile devices and stealing the OTPs sent by the organizations to the mobiles of the users (Dahlberg, T., Guo, J., 2015).

Zeus is the notorious malware that is developed to steal the OTPs from the user’s mobile device. The Zeus malware is more dangerous and is involved in monitoring all the SMS messages along with transferring them to the malicious website of the cybercriminals or the attackers (Dahlberg, T., Guo, J., 2015).

Almost all the mobile payment systems are highly dependent on the SSL or TLS to effectively protect the information or data in the internet. However, the implementation of the SSL or TLS also bring lot of vulnerabilities those can affect the security of the mobile payment systems.one of the most popular vulnerability that can be identified in the OpenSSL cryptographic collection is the ‘Heartbleed Bug’. The Heartbleed bug will support the attackers in the process of stealing the information which is safeguarded by the SSL or TLS encryption. The Heartbleed Bug was first developed in the year 2012 but came into limelight only after 2014 after it has shown it significant impact on the information of the mobile payment systems (Wang, Y., Hahn, C., & Sutrave, K 2016).

Data leakage is also considered as the significant threats of the mobile payment systems. The five important players that is helpful in preventing the data leakage from the mobile payment systems. First player is the mobile wallet service provider, second player is the mobile payment as POS service provider, third player is the merchant, fourth player is the acquiring bank, fifth and final player is the issuing bank. All these five players are required to collect the transaction data or information which is very essential to successfully complete the purchasing activity. The data leakage will enable the cyber criminals to acquit the easy access to the information on the payment card such as names, mail IDs, phone numbers of the users (Wang, Y., Hahn, C., & Sutrave, K 2016).

The rise of online transactions and internet retailing has led to a rapid ease in the completion of the associated operations. The increased propensity of the time management aspects has led to a rise in the use of the methods in question. Despite the various advantages of the online transactions, the presence of certain weaknesses and limitations has also been observed within the same. The determination of the main problems pertaining to the issues of security in the mobile scan payments of retail organizations such as Sainsbury’s is necessary for the sake of developing the relevant counter-strategies against the same. As such, a research of this kind can play an immensely important role in the strategy development of organizational entities. The completion of this kind of research study can lead to the further development of the companies and organizations such as Sainsbury’s in an appropriate manner (Choy, 2014).

The main aims and objectives of the given research are:

· The determination of the main security issues during the initiation of mobile scan payments in organizations such as Sainsbury’s

· Understanding the overall extent of the issues caused while implementing the process of mobile scan payments

· Understanding the overall damage and potential losses caused by the aforementioned issues

· Determining the relevant counter-strategies against the given predicament and issues

The main research questions for consideration in this research study are:

· What are the main security issues faced during the initiation of mobile scan payments in organizations such as relevant retail entities?

· What are the main losses which can be faced as a result of the said security issues?

· What are the main methods and strategies for enabling the appropriate mitigation of the security issues?

Research Philosophy

The implementation of an appropriate philosophy of the research is necessary for determining the main path that the study in question aims to take. The use of an appropriate research philosophy is necessary for the sake of enabling the smooth completion of the research project in question. Certain types of research philosophy exist, with the types in question being realism, positivism, post-positivism and interpretivism. The main research philosophy which has been used in the given research study is the positivism philosophy. The positivism philosophy has been implemented due to the fact that it can enable the use of different principles for the sake of completing the main requirements of the given study. The study of the main psychological aspects of the users of the mobile can payment services can be enabled in the given context as a result of the use of the aforementioned research philosophy type as well. As such, the determination of the main security issues in the mobile scan payment aspects and the understanding of the main tactics countering the same can be ensured in the long run (Flick, 2015).

Design of the Research

A proper research design helps in the initiation of the research study in an appropriate manner, to the point of enabling the appropriate presentation of the overall work in a coherent and appropriate manner. Research design can also be of multiple types. The main types of research design include the exploratory design, descriptive design and the explanatory design. The best kind of research design which can be implemented in a study of this nature is the descriptive research design. Descriptive design can be very helpful in the case of research studies which have a considerable magnitude of data. In addition to the aforementioned, the initiation of a better understanding of the main concepts associated with the overall topic of study can be ensured through the implementation of the chosen research design as well. The presentation of the associated materials and data can be enabled in a manner which ensures the effective completion of the main objectives of the study as well. As such, the research study under consideration can be completed in the best possible manner through the initiation of the descriptive research design (Ledford and Gast, 2018).

Research Approach

The use of a particular research approach highlights the overall plan to be implemented for the sake of completing the research study in the most effective possible manner. An appropriate and planned use of a research approach enables the appropriate highlighting of the associated concepts, theories and definitions for the efficient underpinning of the topic in question. Implementing a planned approach of research into the study in question is immensely necessary for the intricate analysis of the overall specifics and details related to the research topic. The further identification of the variable cases and associated consequences can be enabled effectively as well. Research approaches can generally be classified into two distinct types. The types in question are known as a deductive approach and an inductive approach. The necessities and requirements of the given research study lead to the observation that a deductive approach is best suited for implementation in the given case (Panneerselvam, 2014).

This is so because a deductive approach can help in the procurement of a definitive and final conclusion, with the culmination of a specific result enabling the overall success of the research study in question in the long run. Rather than an inductive approach (which starts from a particular point to give a generalized ending), a deductive approach (which provides a specific and intricate conclusion) is far more suitable in this context (Bryman and Bell, 2014).

Methods of Data Collection

The overall methods of data collection comprise two distinct types, known as the primary and the secondary methods of data collection. The primary methods of data collection enable the procurement of data which has been obtained by the researchers, with the data in question being fairly recent. In contrast, the secondary methods of data collection enable the collection of data from an existing source (at the time period when the research is being conducted), with both of the data collection types having their share of positives and advantages (Dang and Pheng, 2015). The completion of the given research study has been enabled through the collection of both the primary and the secondary data collection methods. The procurement of the primary data has been ensured through the conduction of a survey, which is a primary quantitative information gathering method. The main participants selected for the sake of procuring relevant data include the employees of Sainsbury’s, with a grand total of fifty employees and fifty customers at all levels being selected.

The primary qualitative data has been collected through the use of an interview, with the main people being interviewed in this context being three relevant managers of Sainsbury’s branches. The secondary data has been collected from external sources such as journals, books and the internet. The collection of data from a wide range of sources can help in the development of a proper, valid and accurate conclusion of the research study (Wiek and Lang, 2016).

Sampling Techniques

A sample of a population has been selected for the sake of completing the research study in question, with fifty employees (and fifty customers) being selected from a branch of Sainsbury’s. They have been selected based on their proximity to the overall process of mobile scan payments and their propensity of using the same. The main survey questionnaires have been developed in accordance with the needs and requirements of the given research study. The main sampling technique used in this context is the probability sampling, which can help in the gain of a large amount of information in a timely manner (after the use of a method such as a survey). Qualitative data has been gained using an interview, which requires detailed and trough answers. As such, the use of non-probability sampling is effective in the context of the conducted interviews (Wiek and Lang, 2016).

Techniques of Data Analysis

The different kinds of data analysis methods include the qualitative, quantitative and mixed approach. The main data analysis technique which has been initiated for the smooth completion of the given research study are the quantitative and the qualitative approaches. The initiation of the quantitative data analysis approach has been initiated for the sake of analyzing the results from the survey (conducted through a questionnaire), while the qualitative data analysis approach has been used for the sake of analyzing the answers of the interviews. The use of these methods has been helpful in the procurement of detailed and informative data, thus enabling the smooth fulfillment of the given approaches (Choy, 2014).

The main ethical considerations are:

· Permission from all the participants have been taken

· The privacy and confidentiality of the participants’’ information have been ensured

· The Data Collection Act of 1998 has been followed

The main limitations of the research in question include:

· The limited time frames

· Limited financial resources and budgets

· Limited capability in gaining information from Sainsbury’s branches of many regions

Table 1: Research Timeline

(Source: Created by Self)

The convenience is the major factor behind the development of the mobile payment scanning systems in many places across the world. Malware is considered as the most significant threat in the mobile payment systems. It is recommended for the mobile payment users to enhance the security awareness to control the effects of malware on the mobile payment systems.

The procurement of relevant data using the methodologies can prove to be beneficial for the fulfillment of the main research objectives. The presence of a greater understanding can help in the mitigation of a very serious issue in an appropriate manner. Thus, it is concluded that the management of the security issues in mobile scan payments can be helpful for retail organizations such as Sainsbury’s in the long run.

Becher, M., Freiling, F. C., Hoffmann, J., Holz, T., Uellenbeck, S., & Wolf, C. (2011). Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices. In 2011 IEEE Symposium on Security and Privacy (pp. 96–111). IEEE. https://doi.org/10.1109/SP.2011.29

Chang, T.-K. (2014). A secure operational model for mobile payments. The Scientific World Journal, 2014. https://doi.org/10.1155/2014/626243

Correa, D. (2016). Security concerns are inhibiting mobile payment adoption worldwide. Retrieved June 5, 2018, from https://www.scmagazineuk.com/security-concerns-are-inhibiting-mobile-payment-adoption-worldwide/article/527661/

Dahlberg, T., Guo, J., & Ondrus, J. (2015). A critical review of mobile payment research. Electronic Commerce Research and Applications, 14(5), 265–284. https://doi.org/10.1016/J.ELERAP.2015.07.006

Sakharova, I. (2012). Payment card fraud: Challenges and solutions. In 2012 IEEE International Conference on Intelligence and Security Informatics (pp. 227–234). IEEE. https://doi.org/10.1109/ISI.2012.6284315

Suryotrisongko, H., Sugiharsono, & Setiawan, B. (2012). A Novel Mobile Payment Scheme based on Secure Quick Response Payment with Minimal Infrastructure for Cooperative Enterprise in Developing Countries. Procedia - Social and Behavioral Sciences, 65, 906–912. https://doi.org/10.1016/J.SBSPRO.2012.11.218

Tellez Isaac, J., & Sherali, Z. (2014). Secure Mobile Payment Systems. IT Professional, 16(3), 36–43. https://doi.org/10.1109/MITP.2014.40

Wadhaval, A., Mehta, R., & Gawade, A. (2013). Mobile Commerce and Related Mobile Security Issues. International Journal of Engineering Trends and Technology, 4(4), 668–670.

Wang, Y., Hahn, C., & Sutrave, K. (2016). Mobile Payment Security, Threats, and Challenges.

Yoon, S., Jeon, Y., & Kim, J. (2015). Mobile security technology for smart devices. In 2015 International Conference on Information and Communication Technology Convergence (ICTC) (pp. 1171–1173). IEEE. https://doi.org/10.1109/ICTC.2015.7354766

Yu, X., Kywe, S. M., & Li, Y. (2018). Security Issues of In-Store Mobile Payment. In Handbook of Blockchain, Digital Finance, and Inclusion, Volume 2 (pp. 115–144). Elsevier. https://doi.org/10.1016/B978-0-12-812282-2.00006-1