Professional Documents
Culture Documents
Important:
These suggested key points serve solely as an illustration of the possible answers for the questions in
the Specimen Exam Paper. They are designed for your easy reference only. In the actual examination,
complete answers/descriptions/explanations/discussions are expected.
Question 1
(a) Classify STEP2 based on the six attributes of payment systems. Briefly
explain your answer.
(b) Describe the guidelines for writing a security policy for STEP2.
(c) Discuss how hashing can be used to ensure the data integrity for STEP2
transaction records. Suggest two commonly used hashing algorithms.
[END OF SECTION A]
Question 2
Octopus is an electronic payment system using a contactless smart card. Octopus cards can be
used to make payments on public transport and at a wide range of retailers and facilities. Users
simply hold their Octopus cards over a reader, and the correct amount will be deducted from
their Octopus automatically without the hassle of cash. For some residential and commercial
buildings, Octopus is also used as access control.
(a) Illustrate four advantages of using Octopus cards versus cash from the
merchant’s point of view.
From the merchant’s point of view, Octopus cards has the advantages over
the cash in the following areas:
Shell - The shell of the FeliCa card is of the same size as a conventional
credit card. The material used is polyethylene terephthalate plastic.
Strengths:
• Widely used in Hong Kong
• Fast transaction
• Additional functions such as access control
Weaknesses:
• Reader device is required
• Not real time transactions
• Higher cost compared with mobile payments
• No online or P2P payment
Question 3
Suppose Bank of China is considering employing either iris or retinal recognition for its new
biometric ATM system to replace the plastic bank card.
(a) Compare the suitability of both biometric measures (iris and retinal) for
the new ATM system in terms of accuracy, cost, intrusiveness and
security level.
(b) Explain the technical differences between iris and retinal recognition.
Iris recognition:
• The iris is the colored area between the white of the eye and the
pupil, with a texture that is an individual characteristic that
remains constant for many years.
• During image acquisition, the person merely faces a camera
connected to computer about 1m away.
• Iris scanning software can be downloaded to smartphones.
• Some precautions need to be respected during image capture,
particularly to avoid reflections by ensuring uniform lighting.
• Iris recognition is typically used as a secondary identifier in
addition to fingerprint imaging.
Retinal recognition:
• The retina is a special tissue of the eye that responds to light pulses
by generating proportional electrical discharges to the optical
(c) Discuss under what conditions deep learning should be used to implement
the above biometric ATM system.
• Deep learning outperforms other techniques if the data size is
large. With small data size, traditional machine
learning algorithms are preferable.
• Deep learning techniques need to have high end infrastructure to
train in reasonable time.
• When there is lack of domain understanding for feature
introspection, deep learning techniques outshines others as you
have to worry less about feature engineering.
• Deep learning works well when it comes to complex problems
such as image classification, natural language processing, and
speech recognition.
Question 4
(a) Compare the differences between banks and Bitcoin in terms of account and
identity management, service, record management and trust.
Account and
Record
identity Service Trust
management
management
Banks Links personal Transfers Updates and Provides services by
information to money and tracks account professionals under
bank account and redeems balance regulations of
verifies ownership money government
Bitcoin Give users Send funds Updates every Provides trusted
autonomously between node, which protocol which
created and peers directly keeps its own incentivizes actors
managed identities (P2P) ledger to behave honestly
(b) Explain the four key concepts of bank (i.e., identity, transaction, record
keeping, and consensus) that can fit into Bitcoin’s architecture.
Identity: nodes use public keys to make transactions and use private keys to
spend bitcoins.
[END OF SECTION B]
[END OF EXAMINATION PAPER]