A Security Framework Model with Communication Protocol Translator Interface for Enhancing NFC Transactions

With the recent technological advances of Near Field Communication (NFC) enabled mobile phones it is now possible to introduce additional transactions of value, including those originating from contact-based security tokens within the existing infrastructure. We propose a low cost security framework including a PKI based security protocol, which can be used to integrate transactions involving external contact-based smart cards, for the purposes of e-identification, e-payment, e-ticketing, and communication services. We then designed and implemented a secure Communications Protocol Translator Interface (CPTI), which allows an NFC enabled mobile phone to access and use, over a contact less interface, any additional smart cards (or secure elements (SE)) which are externally available on a contact based interface and vice-versa. By using CPTI, it is now possible to have communication and interaction between passive security tokens as well as to use external contact based security tokens in the NFC environment, such as a contact based payment smart card.

[1]  Gerhard P. Hancke,et al.  Confidence in smart token proximity: Relay attacks revisited , 2009, Comput. Secur..

[2]  Alan H. Karp,et al.  Near-field communication-based secure mobile payment service , 2009, ICEC.

[3]  Gerhard P. Hancke,et al.  Potential misuse of NFC enabled mobile phones with embedded security elements as contactless attack platforms , 2009, 2009 International Conference for Internet Technology and Secured Transactions, (ICITST).

[4]  Bart Preneel,et al.  Offline NFC payments with electronic vouchers , 2009, MobiHeld '09.

[5]  K. Markantonakis,et al.  An Architecture to Support Multiple Subscriber Identity Applications Accessing Multiple Mobile Telecommunication Access Network Systems , 2008, 2008 Third International Conference on Convergence and Hybrid Information Technology.

[6]  Srividya Gopalan,et al.  Mobile phone based RFID architecture for secure electronic Payments using RFID credit cards , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[7]  W. Garner Identity cards for foreign nationals , 2008 .

[8]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[9]  Keith Mayes,et al.  A Secure Channel Protocol for Multi-Application Smart Cards Based on Public Key Cryptography , 2004, Communications and Multimedia Security.

[10]  Keith Mayes,et al.  Smart Cards, Tokens, Security and Applications , 2010 .