@ {4275, title = {Technical Feasibility of Context-Aware Passive Payment Authorization for Physical Points of Sale}, journal = {Personal and Ubiquitous Computing}, volume = {21}, year = {2017}, pages = {1113{\textendash}1125}, abstract = {In this work, the technical feasibility of passive secure payments for brick-and-mortar points of sale is analyzed. The core element of the proposed approach is a new application for context-based risk and trust assessment. It allows for dynamic selection of payment authorization methods that constitutes accurate trade-off between security and convenience. Particularly, the payments can be performed and authorized in the background using biometric means (face recognition), without user{\textquoteright}s explicit action. Generally, in the proposed approach, multiple devices are used for authorization: mobile, wearables, or stationary, client{\textquoteright}s or seller{\textquoteright}s, and multiple authorization methods are used: biometric, knowledge-based, and possession-based. The reported research includes requirement identification, novel architecture and protocol proposition, proof-of-concept prototype system deployment, and evaluation-based lessons learned. The research confirms that with the proposed approach, it is possible to take advantage of client-seller trust dynamism to simplify the payment process while maintaining the security level.}, keywords = {Authorization rules, Biometric identification, Context-aware authorization, Deviceless payments, Passive payments, Payment authorization}, doi = {10.1007/s00779-017-1035-z}, url = {https://link.springer.com/article/10.1007/s00779-017-1035-z}, author = {A. W{\'o}jtowicz and Jacek Chmielewski} }