Find in Library

The rapid spread of micropayment systems, together with some peculiarity of their typical use, have attracted computer criminals and dishonest companies aiming at exploiting the systems&#x2019; weaknesses to steal from users both personal data and money. This paper considers and analyzes some security risks associated with a particular form of micropayment, <italic>operator centric micropayment</italic> (OCM). A new technique of attack, aimed at an OCM system used by millions of users and named <italic>mobile session fixation</italic>, is described. By its use, a criminal can obtain the payer&#x2019;s phone number and even arrange the theft of some money. The paper proposes possible countermeasures and further hints for potential threats which might be the subject of analysis.