Threat Modeling and Vulnerability Analysis of Securepay E-Payment

Verified

Added on 2023/06/12

AI Summary

This report identifies and analyzes the various risks and vulnerabilities present in electronic payment systems, focusing on the Securepay application. It details how Securepay operates, from customer registration using biometrics to transaction processing. The report highlights threats such as improper data storage, key-logger attacks, and potential job losses in the banking sector due to the shift to online payments. Vulnerabilities include hackers gaining access to the system during transactions and difficulties for individuals unfamiliar with smartphones. The report concludes that while online payment systems offer convenience, they also pose significant security risks. Recommendations include providing user-friendly instructions and ensuring robust security measures to maintain customer trust. The analysis includes references to academic research and real-world examples, emphasizing the importance of addressing these threats and vulnerabilities.

Running head: RISK IN ELECTRONIC PAYMENT
Risk in electronic payment
Name of the Student
Name of the University
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
RISK IN ELECTRONIC PAYMENT
Introduction:
The report presents the various risks and the vulnerabilities that are present in the various
electronic payment systems. The organization that has been chosen is the Securepay
organization. All the people nowadays with the advancement in technology, are dependent on the
usage of electronic system methods for the making of the payments and carrying out the various
transactions. The report presents the various risks that are offered by the use of the electronic
payment systems. The solutions that may be used for the removal of these vulnerabilities is put
forward in this report. The use of the various methods such as the use of the technologies of
artificial intelligence may be made for the obtaining of the solutions that is related to security in
the transaction process. There are various applications that are used for the making of the
transactions nowadays, which contribute in the involvement of the more number of loopholes for
the attack on the system.
Working of Securepay application:
The Securepay is an application that involves the making of the online payment by the
large number of users. The SecurePay application, while the registration of a new customers
requires the signing in of the customer by the authentication of the customer. The use of
biometrics are made for the storage of the various information that is related to the customer. The
use of the information stored in the biometrics are required for the logging in of the customer.
Henceforth, any form of transaction gets stored in the database that is opened in the name of the
customer. The details of the customer that involve the bank and the personal details of the
customer. The customer is then logged in and the bank account of the customer is linked with the
online portal. The use of the online portal is just made as a medium for the carrying out of the

2
RISK IN ELECTRONIC PAYMENT
transaction while the actual deduction or the addition of the amount being done to the bank
account. When the user wants to carry out any transaction then the pin of the user is entered and
the transaction is proceeded with accordingly. The Appendix A shows the logo of the Securepay
application, which conducts the online payment system.
Identification of threat:
The proper identification of the threats is important for the protection of the important
data and the important files. The use of the various technologies are made in order to get rid of
these threats. Of the large number of threats that are involved in the online payment system, the
most common form of threat is the getting the access of the systems of the organization. The
various threats involved in the Securepay application are:
 The other threat that is involved is the improper storage of the data. A proper database
has to be maintained in order to store the various information about the customers and the
various transactions that is carried out by the customers that, which are maintained for the
proper updating when there are transactions taking place.
 The installation of the key- logger application by the hacker often leads to the getting
hold of the information regarding the password and the other important information
regarding the customer’s bank information. The key- logger helps in the tracking of the
information of the customer when the customer enters the information. The use of the
key- logger helps in the automatic copying of the information that is entered by the
customer. Appendix B shows the case of a key- logger system, which is installed in the
user system to track the information of the user.

3
RISK IN ELECTRONIC PAYMENT
 There may be problems that the organizations that does not implement the online
transaction may face due to the introduction of the online payment. There may be a
number of loss of jobs in the banking sector. The stoppage of the usage of the traditional
method of the transaction will prevent the safeguarding of the jobs of the employees who
are working in the various banks. The use online payment method has often resulted in
the facing of the problem of losing the track of the account of the costing and the saving.
Vulnerability of SecurePay:
Apart from the threats there are a number of vulnerabilities that are involved. The various
vulnerabilities may be stated as:
 The hackers may attack the system may get access of the system of the organization
while the transaction is going on. This may not only result in the getting hold of the
amount that is being transferred but also will help the hacker in the obtaining of the
information of the data about the people who are carrying out the transaction.
 There may be a number of problem using the online payment method for those people
who do not know the use of the smart phones. The aged people specially would prefer
going to the bank for the carrying out the various banking operations. This would result
in the business of the banking sector to go down. There are few number of young people
who handle the bank accounts. Thus, there may be a downfall in the business of the
SecurePay. The Appendix C image shows the image representing the banking sector to
go for a downfall as all the bills are being paid through the online mode.
 With the increase in the number of the cyber attacks it is difficult for the people to trust
the online mode as the various personal bank details of the customer has to be entered for

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
RISK IN ELECTRONIC PAYMENT
the usage of the online portal. There are a large number of cyber attack that are taking
place and due to these records of cyber attacks it may become difficult for the people to
trust the online transaction model.
Conclusion:
From the report, it may be concluded that the usage of the online payment system may be
made for the carrying out of the transactions in an easy manner. The use of the online portal
helps in the easing of the work of the common people and the organizations. A large number of
people makes the usage of the online module for the making of the payment. However, the usage
of the online payment system of the SecurePay may pose a large number of threats that is stated
in the report. Other than the most common form of threat that involves security and data loss the
other threats may be the loss of jobs for the employees of the SecurePay. The usage of the
SecurePay is made by the various organizations in order to carry out the transactions in a proper
manner.
Recommendations:
If the online transaction is to be done, the SecurePay organization should have the
options of providing the instructions on how to carry out the procedure as the use of the online
payment module may be new a number of people. The use of the SecurePay may be made by the
various organization to follow the proper transaction process in an efficient manner. The
SecurePay organization should thus ensure that the security is strong enough so that the
customers do not have to face any issue with regards to security.

5
RISK IN ELECTRONIC PAYMENT
Bibliography:
Majumder, A., Goswami, J., Ghosh, S., Shrivastawa, R., Mohanty, S.P. and Bhattacharyya, B.K.,
2017. Pay-Cloak: A Biometric Back Cover for Smartphones: Facilitating secure contactless
payments and identity virtualization at low cost to end users. IEEE Consumer Electronics
Magazine, 6(2), pp.78-88.
Roy, S. and Venkateswaran, P., 2014, March. Online payment system using steganography and
visual cryptography. In Electrical, Electronics and Computer Science (SCEECS), 2014 IEEE
Students' Conference on (pp. 1-5). IEEE.
Rouibah, K., Lowry, P.B. and Hwang, Y., 2016. The effects of perceived enjoyment and
perceived risks on trust formation and intentions to use online payment systems: New
perspectives from an Arab country. Electronic Commerce Research and Applications, 19, pp.33-
43.
Tien, A., Chu, P.Z., Tanaka, R.H. and Chen, S.S., PayPal Inc, 2017. Method and system to
facilitate securely processing a payment for an online transaction. U.S. Patent 9,542,671.
Siegal, J., Rowell, S. and Hintz, T., Open Invention Network LLC, 2018. Method and system for
providing online authentication utilizing biometric data. U.S. Patent 9,911,146.
Fleishman, J. and Fuerstenberg, Z., Acxsys Corp, 2015. Online payment transfer and identity
management system and method. U.S. Patent 9,159,058.

6
RISK IN ELECTRONIC PAYMENT
Wang, Y., Hahn, C. and Sutrave, K., 2016, February. Mobile payment security, threats, and
challenges. In Mobile and Secure Services (MobiSecServ), 2016 Second International
Conference on (pp. 1-5). IEEE.
Jonkers, H. and Quartel, D.A., 2016, June. Enterprise Architecture-Based Risk and Security
Modelling and Analysis. In International Workshop on Graphical Models for Security(pp. 94-
101). Springer, Cham.