A Purchase Protocol with Live Cardholder Authentication for Online Credit Card Payment

While online shopping are becoming more accepted by people in modern life, cardholders are more concerned about card fraud and the lack of cardholder authentication in the current online credit card payment. This paper proposes a purchase protocol with live cardholder authentication for online transaction which combines telephone banking and online banking together The order information and payment information are sent though the Internet and encrypted by asymmetric key encryption. The cardholder is authenticated by the card issuing bank ringing back to the customer's phone number and the cardholder inputting the secure PIN and the amount to pay. The live cardholder authentication makes the cardholder feel securer and card fraud difficult. Furthermore, the protocol does not require the cardholder to obtain a public key certificate or install additional software for the online transaction.