Paper 2013/725

Mobile Transaction over NFC and GSM

Muhammad Qasim Saeed and Pardis Pourghomi

Abstract

Although NFC mobile services have great potential for growth, they have raised a number of issues which are of concern to researchers and are preventing the wide adoption of this technology within society. Dynamic relationships of NFC ecosystem players in an NFC transaction process make them partners in a way that sometimes requires that they share access permission to applications that are running in the service environment. One of the technologies that can be used to ensure secure NFC transactions is cloud computing. This offers a wider range of advantages than the use of a Secure Element (SE) as a single entity in an NFC enabled mobile phone. In this paper, we propose a protocol for NFC mobile payments based on cloud Wallet model. In our protocol, the SE in the mobile device is used for customer authentication whereas the customer’s banking credentials are stored in a cloud under the control of the Mobile Network Operator (MNO). The proposed protocol eliminates the requirement for a shared secret between the Point of Sale (PoS) and the MNO before execution of the protocol, a mandatory requirement in the earlier version of this protocol. This makes it more practicable and user friendly. A detailed analysis of the protocol discusses multiple attack scenarios.

Metadata
Available format(s)
-- withdrawn --
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Contact author(s)
muhammad saeed 2010 @ live rhul ac uk
History
2014-01-14: withdrawn
2013-11-07: received
See all versions
Short URL
https://ia.cr/2013/725
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.