Mobile Payment Based on Transaction Certificate Using Cloud Self‐Proxy Server

Recently, mobile phones have been recognized as the most convenient type of mobile payment device. However, they have some security problems; therefore, mobile devices cannot be used for unauthorized transactions using anonymous data by unauthenticated users in a cloud environment. This paper suggests a mobile payment system that uses a certificate mode in which a user receives a paperless receipt of a product purchase in a cloud environment. To address mobile payment system security, we propose the transaction certificate mode (TCM), which supports mutual authentication and key management for transaction parties. TCM provides a software token, the transaction certificate token (TCT), which interacts with a cloud self-proxy server (CSPS). The CSPS shares key management with the TCT and provides simple data authentication without complex encryption. The proposed self-creating protocol supports TCM, which can interactively communicate with the transaction parties without accessing a user's personal information. Therefore, the system can support verification for anonymous data and transaction parties and provides user-based mobile payments with a paperless receipt.

[1]  George Ghinea,et al.  A Proposed NFC Payment Application , 2013, ArXiv.

[2]  Chang-Tien Lu,et al.  Analysis of payment transaction security in mobile commerce , 2004, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, 2004. IRI 2004..

[3]  Stamatis Karnouskos,et al.  Mobile payment: A journey through existing procedures and standardization initiatives , 2004, IEEE Communications Surveys & Tutorials.

[4]  Pascal Urien,et al.  Towards a secure Cloud of Secure Elements concepts and experiments with NFC mobiles , 2013, 2013 International Conference on Collaboration Technologies and Systems (CTS).

[5]  Rajkumar Buyya,et al.  A Particle Swarm Optimization-Based Heuristic for Scheduling Workflow Applications in Cloud Computing Environments , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[6]  J.-H. Chiu,et al.  NFC Mobile Transactions and Authentication Based on GSM Network , 2010, 2010 Second International Workshop on Near Field Communication.

[7]  George Ghinea,et al.  Ecosystem scenarios for cloud-based NFC payments , 2013, MEDES.

[8]  K R Chandrasekhara Pillai,et al.  Elliptic Curve based Authenticated Session Key Establishment Protocol for High Security Applications in Constrained Network Environment , 2010 .

[9]  I Sathish,et al.  An Asymmetric Authentication Protocol for Mobile Hand held Devices using ECC over Point Multiplication Method , 2014 .

[10]  Gheorghita Ghinea,et al.  Mobile Transaction over NFC and GSM , 2013, IACR Cryptol. ePrint Arch..

[11]  Sherali Zeadally,et al.  An Anonymous Secure Payment Protocol in a Payment Gateway Centric Model , 2012, ANT/MobiWIS.

[12]  Banshidhar Majhi,et al.  An Improved Mutual Authentication Framework for Cloud Computing , 2012 .

[13]  A. W. Roscoe,et al.  The Missing Link: Human Interactive Security Protocols in Mobile Payment , 2010, IWSEC.

[14]  Carman Neustaedter,et al.  Soft trust and mCommerce shopping behaviours , 2012, Mobile HCI.

[15]  Jaecheol Ryou,et al.  User authentication using mobile phones for mobile payment , 2015, 2015 International Conference on Information Networking (ICOIN).

[16]  Niina Mallat,et al.  Exploring consumer adoption of mobile payments - A qualitative study , 2007, J. Strateg. Inf. Syst..

[17]  Jean-Marc Robert,et al.  Investigating mobile payment: supporting technologies, methods, and use , 2005, WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005..

[18]  Andrew S. Tanenbaum,et al.  Is your cat infected with a computer virus? , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[19]  Tor-Morten Grønli,et al.  Towards NFC payments using a lightweight architecture for the Web of Things , 2015, Computing.

[20]  Mohamed Kouta,et al.  Modified SET protocol for mobile payment: An empirical analysis , 2010, 2010 2nd International Conference on Software Technology and Engineering.

[21]  Hua Zhang,et al.  A novel remote user authentication and key agreement scheme for mobile client-server environment , 2013 .

[22]  Tommi Laukkanen,et al.  Mobile banking innovators and early adopters: How they differ from other online users? , 2008 .

[23]  Shuguang Zhao,et al.  Multi-Objective Task Assignment in Cloud Computing by Particle Swarm Optimization , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[24]  Gheorghita Ghinea,et al.  A Secure Cloud-based NFC Mobile Payment Protocol , 2014, IACR Cryptol. ePrint Arch..

[25]  Sakshi Kaushal,et al.  Bi-Criteria Priority based Particle Swarm Optimization workflow scheduling algorithm for cloud , 2014, 2014 Recent Advances in Engineering and Computational Sciences (RAECS).

[26]  Jesús Téllez Isaac,et al.  Anonymous Payment in a Client Centric Model for Digital Ecosystems , 2007, 2007 Inaugural IEEE-IES Digital EcoSystems and Technologies Conference.

[27]  Leau Yu Beng,et al.  A lightweight and private mobile payment protocol by using mobile network operator , 2008, 2008 International Conference on Computer and Communication Engineering.

[28]  Zuzana Kominkova Oplatkova,et al.  Symbolic regression and evolutionary computation in setting an optimal trajectory for a robot , 2007 .

[29]  Xuelei Li,et al.  A strong password-based remote mutual authentication with key agreement scheme on elliptic curve cryptosystem for portable devices , 2012 .

[30]  G. Sudha Sadhasivam,et al.  Improved cost-based algorithm for task scheduling in cloud computing , 2010, 2010 IEEE International Conference on Computational Intelligence and Computing Research.

[31]  Bala Srinivasan,et al.  A secure account-based mobile payment protocol , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[32]  Yves Pigneur,et al.  Towards a holistic analysis of mobile payments: A multiple perspectives approach , 2006, Electron. Commer. Res. Appl..