Browse > Article
http://dx.doi.org/10.13089/JKIISC.2014.24.5.931

Mobile Payment System Design with Transaction Certificate Mode  

Sung, Soon-Hwa (Chungnam National University, Software Research Center(SOREC))
Ryou, Jae-Cheol (Chungnam National University, Software Research Center(SOREC))
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.24, no.5, 2014 , pp. 931-939 More about this Journal
Abstract
The Web or Mobile channel of previous Web access authentication system for a payment only provides the authentication of remote users, and does not provide the authentication between a user and a bank/financial institution. Therefore, this paper proposes the Transaction Certificate Mode(TCM) for a payment which can preserve the mutual authentication between a user and a bank/financial institution for Web-based payment systems. The proposed system has designed for wireless network instead of Secure Electronic Transaction (SET) designed for wired electronic transaction. In addition, this system with TCM is able to support an account-based transaction for wireless networks instead of a disadvantage of SET such as a card-based transaction for wired networks. Therefore, customers can check their balances without logging on their bank's web site again due to mutual authentication between a customer and his bank/financial institution.
Keywords
mobile payment; transaction certificate; mutual authentication; user-based payment;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. Lamport, "Password Authentication with Insecure Communication," Communication of the ACM, vol. 24, no. 11, pp.770-772, 1981.   DOI   ScienceOn
2 M. S. Hwang and L. H. Li, "A New Remote User Authentication Scheme using Smart Cards," IEEE Transactions on Consumer Electronics, vol. 46, no. 1, pp. 28-30, 2000.   DOI   ScienceOn
3 E. J. Yoon, E. K. Ryu, and K. Y. Yoo, "Further Improvement of an Efficient Password based Remote User Authentication Scheme using Smart Cards," IEEE Transactions on Consumer Electronics, vol. 50, no. 2, pp. 612-614, 2004.   DOI   ScienceOn
4 M. L. Das, A. Saxena, and V. P. Gulati, "A Dynamic ID-based Remote User Authentication Scheme," IEEE Transactions on Consumer Electronics, vol. 50, no.2, pp.629-631, 2004   DOI   ScienceOn
5 C. W. Lin, C. S. Tsai, and M. S. Hwang, "A New Strong-Password Authentication Scheme using One-way Hash Function," Journal of Computer and Systems Sciences International, vol. 45, no. 4, pp. 623-626, 2006.   DOI   ScienceOn
6 C. S. Bindu, P. Reddy, and B. Satyanarayana, "Improved Remote User Authentication Scheme Preserving User Anonymity," International Journal of Computer Science and Network Security, vol. 83, pp.62-66, 2008.
7 J. Gao, J. Cai, K. Patel, and S.Shim, "Wireless Payment," Proceedings of the Second International Conference on Embedded Software and Systems (ICESS'05), pp.367-374, 2005.
8 S. Kungpisdan, B. Srinivasan and P.D. Le, "A Secure Account-Based Mobile Payment Protocol," Proceedings of the International Conference on Information Technology: Coding and Computing, IEEE CS press, pp.35-39, 2004.
9 Y.B. Lin, M.F.. Chang, H.C.H. Rao, "Mobile prepaid phone services," IEEE Personal Communications, Vol.7, pp.6-14, 2000.
10 A. Fourati, H.K.B. Ayed, F. Kamoun, A. Benzekri, "A SET Based Approach to Secure the Payment in Mobile Commerce," In Proceedings of 27th Annual IEEE Conference on Local Computer Networks, pp.136-140, 2002.
11 Huang Z., Chen K., "Electronic Payment in Mobile Environment," In Proceedings of 13th International Workshop on Database and Expert Systems Application (DEXA'02), pp.413-417, 2002.
12 W. Adi, A. Mabrouk, A. Al-Qaye야, A. Zahro, "Combined Web/Mobile Authentication for Secure Web Access Control," Wireless Communications and Networking Conference, IEEE Communications Society, pp.667-681, 2004.
13 Ayu Tiwari, Sudip Sanyal, Ajith Abraham, Svein Johan Knapskog, and Sugata Sanyal, "A Multi-Factor Security Protocol for Wireless payment Secure Web Authentication using Mobile Devices," IADIS International Conference Applied Computing 2007, pp.160-167, 2007.
14 J. Hall, S. Kibank, M. Barbe며, E. Kranakis, "WPP: A Secure Payment Protocol for Supporting Credit- and Debit-Card Transactions over Wireless Networks," IEEE International Conference on Telecommunications (ICT), 2001.
15 V. Pasupathinathan, J. Pieprzyk, H. Wang and J.Y. Cho, "Formal Analysis of Card-based Payment Systems in Mobile devices," Fourth Australasian Information Security Workshop, Conferences in Research and Practice in Information Technology, Vol.54, pp.213-220, 2006.
16 S. Kungpisdan, B. Srinivasan, and P.D. Le, "Lightweight mobile credit-card payment protocol," The 4th International Conference on Cryptology in India (Progress in Cryptology - INDOCRYPT 2003), pp.295-308, 2003.
17 L. Albert, K.C. Kaya, "CONSEPP: Convenient and Secure Electronic Payment Protocol Based on X9.59," 17th Annual Computer Security Applications Conference, IEEE press, pp.286-295, 2001.
18 P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Proceedings of Advances in Cryptology, pp.388-397, 1999.
19 T. S. Messerges, E. A. Dabbish, and R. H. Sloan, "Examining Smart-Card Security under the Threat of Power Analysis Attacks," IEEE Transactions on Computers, vol. 51, no.5, pp. 541-552, 2002.   DOI   ScienceOn
20 T. S. Fun, L. Y. Beng, J. Likoh, and R. Roslan, "A lightweight and private mobile payment protocol by using mobile network operator," The International Conference on Computer and Communication Engineering, pp162-166, 2008.
21 Jesus Tellez Isaac and Sherali Zeadally, "An Anonymous Secure Payment Protocol in a payment Gateway Centric Model," The 9th International Conference on Mobile Web Information Systems (MobiWIS), Procedia Computer Science 10, pp758-765, 2012.