论文信息 - Ensuring the integrity and non-repudiation of remitting e-invoices in conventional channels with commercially available NFC devices

Ensuring the integrity and non-repudiation of remitting e-invoices in conventional channels with commercially available NFC devices

Despite the globally recognized advantages of e-invoicing and various efforts to implement such systems, retailers and stores may still have difficulties in promoting purely paperless e-invoices due to the lack of a convenient and secure way for consumers to receive and retrieve the e-invoices. As such, paper-based invoices may still be issued along with e-invoices, contradicting an important benefit of e-invoicing - paper consumption reduction. Thanks to the advances in smart phones and Near Field Communication (NFC) technologies, e-invoices can be delivered via NFC-enabled smartpones, allowing consumers to examine the content immediately after transactions and to easily retrieve them later on. Still, an extra security mechanism is needed to ensure the integrity and non-repudiation of the content, as invoices may bear some value and thus become the target of a security attack. In this paper, we propose a secure NFC-based e-invoice remitting scheme using standard NFC P2P communications, and discuss how it fulfills major security requirements, including authenticity, integrity, and non-repudiation. The proposed system is also implemented and tested in Taiwan's e-invoicing system.

[1] Sixto Ortiz,et al. Is near-field communication close to success? , 2006, Computer.

[2] Yan Chen,et al. Comparison between JSON and XML in Applications Based on AJAX , 2012, 2012 International Conference on Computer Science and Service System.

[3] Alan H. Karp,et al. Near-field communication-based secure mobile payment service , 2009, ICEC.

[4] K. Wouters,et al. Practical Experiences with NFC Security on mobile Phones , 2009 .

[5] M. E. Kabay,et al. Writing Secure Code , 2015 .

[6] Wei-Kai Chen,et al. On Design of Secure APIs for IoT Applications - Using Taiwan Uniform e-Invoices as Examples , 2012, RFIDSec Asia.

[7] Jouni Ikonen,et al. Remote identification and information processing with a near field communication compatible mobile phone , 2009, CompSysTech '09.

[8] Pascal Urien. LLCPS: A new security framework based on TLS for NFC P2P applications in the Internet of Things , 2013, 2013 IEEE 10th Consumer Communications and Networking Conference (CCNC).