A Secure and Optimized Proximity Mobile Payment Framework With Formal Verification

A Secure and Optimized Proximity Mobile Payment Framework With Formal Verification

Shaik Shakeel Ahamad (KL University, India), V.N. Sastry (Institute for Development and Research in Banking Technology (IDRBT), India) and Siba K. Udgata (Institute for Development and Research in Banking Technology and University of Hyderabad, India)
Copyright: © 2018 |Pages: 29
DOI: 10.4018/978-1-5225-2599-8.ch010
OnDemand PDF Download:
$37.50

Abstract

In this paper the authors propose a Secure and Optimized Proximity Mobile Payment (SOPMP) Framework using NFC (Near Field Communication) technology, WPKI (Wireless Public Key Infrastructure), UICC (Universal Integrated Circuit Card). The novelty of this proposed mobile payment framework is messages are exchanged in the form of Digital Signature with Message Recovery (DSMR) and merchant sends Invoice in the form of Digital Invoice Certificate (DIC) (which is digitally signed by the merchant). The communication link between mobile phone and merchant POS (Point Of Sale) is NFC. Digital Signature with Message Recovery based on ECDSA eliminates the need of adopting PKI cryptosystems thereby reducing the consumption of resources i.e. it consumes less computational and communication cost. DSMR eliminates the need of certificates validation and removes the hurdle of PKI thereby reducing storage space, communication cost and computational cost. The authors proposed protocol ensures Authentication, Integrity, Confidentiality and Non Repudiation, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, and prevents Double Spending, Overspending and Money laundering. In addition to these our proposed protocol withstands Replay, Man in the Middle and Impersonation attacks. The security properties of the proposed protocol have been verified using AVISPA and Scyther Tools and presented with results.
Chapter Preview
Top

1. Introduction

Near field communication (NFC) is a short-range wireless technology which is the advanced development of RFID technology. NFC’s fundamental advantages compared to other wireless technologies like Bluetooth is the availability of the data storage facility known as the NFC tag. NFC is not just a replacement data cable as Bluetooth, but also as a means of store of data. Referring to the NFC Forum, NFC technology is currently used in three areas, namely sharing, pairing, and transaction. NFC operates between two devices over a very short communication range. NFC communication uses the 13.56 MHz spectrum as in RFID. Currently data transfer speed options are 106, 212, and 424 kbps. NFC technology operates in different operating modes; reader/writer, peer-to peer, and card emulation where communication occurs between an NFC mobile on one side, and a passive RFID tag (NFC tag), an NFC mobile or an NFC reader on the other side. Michahelles et al. (2007) and Ondrus, J. and Pigneur, Y. (2009) gives a good overview of NFC, Context and Foundations of RFID and NFC.

Table 1.
Comparison of NFC with other wireless technologies Chang, Y. et al. (2010)
Wireless Technologies

Parameter
RFIDBluetoothZigBeeNFC
SecurityHighLowLowHigh
PersonalizationHighMediumLowHigh
FlexibilityLowHighHighHigh
Power ConsumptionNoHighMediumLow

Complete Chapter List

Search this Book:
Reset