A Secure Operational Model for Mobile Payments

Instead of paying by cash, check, or credit cards, customers can now also use their mobile devices to pay for a wide range of services and both digital and physical goods. However, customers' security concerns are a major barrier to the broad adoption and use of mobile payments. In this paper we present the design of a secure operational model for mobile payments in which access control is based on a service-oriented architecture. A customer uses his/her mobile device to get authorization from a remote server and generate a two-dimensional barcode as the payment certificate. This payment certificate has a time limit and can be used once only. The system also provides the ability to remotely lock and disable the mobile payment service.

[1]  Gwan-Hwan Hwang,et al.  An operational model and language support for securing XML documents , 2004, Comput. Secur..

[2]  Jörg Schwenk,et al.  All your clouds are belong to us: security analysis of cloud management interfaces , 2011, CCSW '11.

[3]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[4]  Hugh Collins,et al.  Value‐added services , 1986 .

[5]  Susan M. Phillips Statement by Susan M. Phillips, Member, Board of Governors of the Federal Reserve System, before the Committee on Banking and Financial Services, U.S> House of Representatives, September 18, 1996 , 1996 .

[6]  Ching-Nung Yang,et al.  MSRC: (M)icropayment (S)cheme with ability to (R)eturn (C)hanges , 2013, Math. Comput. Model..

[7]  Mark Bartel,et al.  Xml-Signature Syntax and Processing , 2000 .

[8]  Niina Mallat,et al.  Exploring consumer adoption of mobile payments - A qualitative study , 2007, J. Strateg. Inf. Syst..

[9]  Christina Park Consumers and Mobile Financial Services , 2016 .

[10]  Vibha Kaw Raina,et al.  A User Friendly Transaction Model of Mobile Payment with reference to Mobile Banking in India , 2012 .

[11]  Andriew S. Lim,et al.  Inter-consortia battles in mobile payments standardisation , 2008, Electron. Commer. Res. Appl..

[12]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[13]  Cristian Toma,et al.  M-Payments Issues and Concepts , 2012 .

[14]  Mihir Bellare,et al.  iKP - A Family of Secure Electronic Payment Protocols , 1995, USENIX Workshop on Electronic Commerce.

[15]  Virpi Kristiina Tuunainen,et al.  Merchant adoption of mobile payment systems , 2005, International Conference on Mobile Business (ICMB'05).

[16]  Vibhor Sharma,et al.  Near Field Communication , 2013, Encyclopedia of Biometrics.

[17]  Stamatis Karnouskos,et al.  Mobile payment: A journey through existing procedures and standardization initiatives , 2004, IEEE Communications Surveys & Tutorials.

[18]  Warwick Ford,et al.  XML Key Management Specification (XKMS) , 2001, WWW Posters.

[19]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.