This document provides an overview of a proposed system called UMFroDo (User Management of Coins with Fraud Resilient Device for Off-line micro-Payments) that aims to address weaknesses in an existing system called FRoDo. The proposed system extends FRoDo by adding coin management capabilities and addressing vulnerabilities that could allow sensitive customer data to be stolen. It describes modules for system construction, identity elements, coin elements, attack mitigation, and shopping. The goal is to create a more secure offline payment solution for micro-payments that is resilient against data breaches by leveraging coin management and a tamper-proof security architecture.

1. Fraud Resilient for Micro Payments
Using Coin Management

2. CONTENTS
 ABSTRACT
 INTRODUCTION
 EXISTING SYSTEM
 DIS ADVANTAGES
 PROPOSED SYSTEM
 ADVANTAGES
 MODULES
 HARDWARE REQUIREMENTS
 SOFTWARE REQUIREMENTS
 REFERENCES

3. Abstract
 Online shopping payment scheme is one of the popular in recent
years. During payment process the attackers aim to stealing the
customer data by targeting the Point of Sale (PoS) system.
 Increasing malware that can steal card data as soon as they are
read by the device.
 The proposed work is to provide secure fully off-line work is
interactivity between multiple client - server.
 Providing an exhaustive Coin Management in framing and creating
On Mobile Move Coins.

4. Introduction
 Credit and debit card data stealing is most
popular problem in cybercrime.
 The FRoDO introduces a secure off physical
unclonable function.
 FRoDO introduces coin element and identity
element.
 The main benefit is a simpler, faster, and more
secure interaction between the involved
actors/entities.

5. Existing System
 In the present method, the approach describes FRoDO,
a at ease off-line micro-cost solution that's resilient to
PoS information breaches.
 FRoDo presents a constant structure in developing and
preservation of coins.
 The FroDO solution cannot improves over up to the
moment procedures in phrases of flexibility and
protection required by using user.

6. Dis-Advantages
 The system implemented called FRoDO, was built using a static
coin architecture which are easier to hack.
 Current FroDo Does not provides Coins Management.
 FroDo is a weak prevention strategy based on data obfuscation and
did not address the most relevant attacks aimed at threatening
customer sensitive data, thus being vulnerable to many advanced
attack techniques.

7. Proposed System
 Project can be extended with Coin Management
in framing and creating On Mobile Move Coins.
 Project is extended with UmcFrodo (User
Management of Coins with Fraud Resilient
Device for Off-line micro-Payments).
 Extended Frodo provides coin management as
need of user requirements.

8. Advantages
 UMFroDo provides On Mobile Coins Management.
 UMFroDo is provides prevention strategy based on data
obfuscation and address the most relevant attacks.
 Creating on Mobile Coins provides user in generating and
managing coins when needed.

9. Modules
 System Construction Module
 Identity Element
 Coin Element
 Attack Mitigation
 Shopping Module

10. System Construction Module
 In the first module, develop the System
Construction module with the various entities:
Vendor, User, FRoDO, PUF, Attacker.
 This process is developed completely on
Offline Transaction process. Develop the
system with user entity initially.

11. Identity Element
 FRoDO does not require any special hardware
component apart from the identity and the coin
element that can be either plugged into the
customer device or directly embedded into the
device.
 Similarly to secure elements, both the identity
and the coin element can be considered
tamperproof devices with a secure storage and
execution environment for sensitive data

12. Coin Element
 In this module, develop Coin Element.
 The Key Generator is used to compute on-the-
fly the private key of the coin element.
 The Cryptographic Element used for
symmetric and asymmetric cryptographic
algorithms applied to data received in input
and send as output by the coin element;

13. Attack Mitigation
 The read-once property of the erasable PUF
used in this solution prevents an attacker from
computing the same coin twice.
 Even if a malicious customer creates a fake
vendor device and reads all the coins, it will
not be able to spend any of these coins due to
the inability to decrypt the request of other
vendors.

14. Shopping Module
 Designed Shopping Module with payment
gateway Interface.
 At payment, Frodo Coin Concept is connected
for payments.
 User can use coins at payment gateway
interface.

15. Hardware Requirements
 System : Pentium IV 2.4 GHz or More
 Hard Disk : 40 GB
 RAM : 2 GB

16. Software Requirements
 Operating System : Windows XP/7/8
 Language : Java
 Front End : JSP
 Database : My-SQL

34. Conclusion
 In this project we have introduced FRoDO that is, to the best of our
knowledge, the first data-breach-resilient fully off-line micropayment
approach.
 The security analysis shows that FRoDO does not impose
trustworthiness assumptions. Further, FRoDO is also the first
solution in the literature where no customer device data attacks can
be exploited to compromise the system.
 This has been achieved mainly by leveraging a novel erasable PUF
architecture and a novel protocol design. Furthermore, our proposal
has been thoroughly discussed and compared against the state of
the art.
 Our analysis shows that FRoDO is the only proposal that enjoys all
the properties required to a secure micro-payment solution, while
also introducing flexibility when considering the payment medium
(types of digital coins).

35. Future Scope
 Finally, some open issues have been identified
that are left as future work. In particular, we
are investigating the possibility to allow digital
change to be spent over multiple off-line
transactions while maintaining the same level
of security and usability

36. References
 [1] Vanesa Daza, Roberto Di Pietro, Flavio Lombardi, and Matteo Signorini:
“Fraud Resilient Device for Off-Line Micro-Payments,” in Ieee Transactions
On Dependable And Secure Computing, Vol. 13, No. 2, March/April 2016.
 [2] R. L. Rivest, “Payword and micromint: Two simple micropayment
schemes,” in Proc. Int. Workshop Security Protocols, 1996, pp. 69–87.
 [3] S. Martins and Y. Yang, “Introduction to bitcoins: A pseudoanonymous
electronic currency system,” in Proc. Conf. Center Adv. Stud. Collaborative
Res., 2011, pp. 349–350.
 [4] Verizon, “2014 data breach investigations report,” Verizon, Tech. Rep.,
2014, http://www.verizonenterprise.com/DBIR/2014/
 [5] T. Micro, “Point-of-sale system breaches, threats to the retail and
hospitality industries,” University of Zurich, Department of Informatics,
2010.

37. THANK U