A Biometric Technique to Secure Credit Card Information on Android Devices

Abstract

Advances in digital payment systems have increased the need for robust security measures, particularly on Android devices, which are more vulnerable due to their open-source nature. Current applications require authentication, but once users are authenticated, they can proceed with payments if credit card information is stored on the device. This creates a security risk in cases where a mobile device is stolen while an active payment session is active, allowing attackers to make unauthorized payments. This paper addresses the problem of securing sensitive information stored locally on devices. It proposes a technique based on fingerprint and advanced encryption standard (AES) cryptography. Fingerprint is used for authentication, while AES is used for encryption. The technique is implemented as an Android library. The goal is to help developers secure their Android mobile applications through simple APIs without dealing with the complexity of cryptography. Experimental results show that the overhead of integrating the library into applications in terms of time and memory is insignificant.