The increasing development of wireless networks and
the widespread popularity of handheld devices such as Personal
Digital Assistants (PDAs), mobile phones and wireless tablets
represents an incredible opportunity to enable mobile devices as a
universal payment method, involving daily financial transactions.
Unfortunately, some issues hampering the widespread acceptance of
mobile payment such as accountability properties, privacy protection,
limitation of wireless network and mobile device. Recently, many
public-key cryptography based mobile payment protocol have been
proposed. However, limited capabilities of mobile devices and
wireless networks make these protocols are unsuitable for mobile
network. Moreover, these protocols were designed to preserve
traditional flow of payment data, which is vulnerable to attack and
increase the user-s risk. In this paper, we propose a private mobile
payment protocol which based on client centric model and by
employing symmetric key operations. The proposed mobile payment
protocol not only minimizes the computational operations and
communication passes between the engaging parties, but also
achieves a completely privacy protection for the payer. The future
work will concentrate on improving the verification solution to
support mobile user authentication and authorization for mobile
payment transactions.
[1] Abad-Peiro J. L., Asokan N., Steiner M. & Waidner M, "Designing a
generic payment service", IBM System Research Journal, Vol.37(1),
1998, Pp. 72-88.
[2] Bellare, M., Garay, J., Hauser, R., Herzberg, A., Steiner, M., Tsudik, G.,
Van Herreweghen, E., and Waidner, M, "Design,Implementation, and
Deployment of the iKP Secure Electronic Payment system", IEEE
Journal of Selected Areas in Communications, 2000, pp. 611-627.
[3] C. Wang & H-f. Leung, "A Private and Efficient Mobile Payment
Protocol", London: Springer-Verlag, LNAI, 2005, pp.1030-1035.
[4] http://www.setco.org/set_specifications.html
[5] Jun Liu, Jianxin Liao, Xiaomin Zhu, "A System Model and Protocol for
Mobile Payment", Proceedings of the IEEE International Conference on
e-Business Engineering (ICEBE-05), 2005.
[6] Krueger, M, The future of M-Payments-business options and policy
issues, Seville. Spain, 2001.
[7] Kungpisdan, S., Srinivasan, B., and Phu Dung, L, "Lightweight Mobile
Credit-Card Payment Protocol", Berlin Heidelberg: Springer -Verlag,
2003a, pp. 295-308.
[8] Kungpisdan, S., Srinivasan, B., and Phu Dung, L., "A Practical
Framework for MobileSET Payment", Proceedings of International ESociety
Conference, 2003b, pp. 321-328.
[9] Kungpisdan S., Srinivasan B., and Phu Dung Le, "A Secure Accountbased
Mobile Payment Protocol", Proceedings of the International
Conference on Information Technology: Coding and Computing, Vol. 1,
Las Vegas, USA, 2004a, pp. 35-39.
[10] M. Ding and C. Unnithan, Mobile Payments (mPayments) -An
Exploratory Study of Emerging Issues and Future Trends, Deakin
University, 2002.
[11] Mohony D.O., Peirce M. and Tewari Histesh, Electronic Payment
Systems for E-Commerce, Artech House, United States of America,
2001.
[12] Panko R. R, Corporate Computer and Network Security, Prentice Hall,
Upper Saddle River, New Jersey, 2004.
[13] Pousttchi, K, "Conditions for Acceptance and Usage of Mobile Payment
Procedures", Proceedings of the M-Business Conference, 2003.
[14] Tellez J. & Sierra J, "Anonymous Payment in a Client Centric Model for
Digital Ecosystem", IEEE DEST, 2007, pp. 422-427.
[15] Tiwari, A., Sanyal, S., Abraham, A., Knapskog, J. S. & Sanyal, S., "A
Multi-factor Security Protocol for Wireless Payment-Secure Web
Authentication Using Mobile Devices", IADIS International Conference
Applied Computing, pp.160-167, 2007.
[1] Abad-Peiro J. L., Asokan N., Steiner M. & Waidner M, "Designing a
generic payment service", IBM System Research Journal, Vol.37(1),
1998, Pp. 72-88.
[2] Bellare, M., Garay, J., Hauser, R., Herzberg, A., Steiner, M., Tsudik, G.,
Van Herreweghen, E., and Waidner, M, "Design,Implementation, and
Deployment of the iKP Secure Electronic Payment system", IEEE
Journal of Selected Areas in Communications, 2000, pp. 611-627.
[3] C. Wang & H-f. Leung, "A Private and Efficient Mobile Payment
Protocol", London: Springer-Verlag, LNAI, 2005, pp.1030-1035.
[4] http://www.setco.org/set_specifications.html
[5] Jun Liu, Jianxin Liao, Xiaomin Zhu, "A System Model and Protocol for
Mobile Payment", Proceedings of the IEEE International Conference on
e-Business Engineering (ICEBE-05), 2005.
[6] Krueger, M, The future of M-Payments-business options and policy
issues, Seville. Spain, 2001.
[7] Kungpisdan, S., Srinivasan, B., and Phu Dung, L, "Lightweight Mobile
Credit-Card Payment Protocol", Berlin Heidelberg: Springer -Verlag,
2003a, pp. 295-308.
[8] Kungpisdan, S., Srinivasan, B., and Phu Dung, L., "A Practical
Framework for MobileSET Payment", Proceedings of International ESociety
Conference, 2003b, pp. 321-328.
[9] Kungpisdan S., Srinivasan B., and Phu Dung Le, "A Secure Accountbased
Mobile Payment Protocol", Proceedings of the International
Conference on Information Technology: Coding and Computing, Vol. 1,
Las Vegas, USA, 2004a, pp. 35-39.
[10] M. Ding and C. Unnithan, Mobile Payments (mPayments) -An
Exploratory Study of Emerging Issues and Future Trends, Deakin
University, 2002.
[11] Mohony D.O., Peirce M. and Tewari Histesh, Electronic Payment
Systems for E-Commerce, Artech House, United States of America,
2001.
[12] Panko R. R, Corporate Computer and Network Security, Prentice Hall,
Upper Saddle River, New Jersey, 2004.
[13] Pousttchi, K, "Conditions for Acceptance and Usage of Mobile Payment
Procedures", Proceedings of the M-Business Conference, 2003.
[14] Tellez J. & Sierra J, "Anonymous Payment in a Client Centric Model for
Digital Ecosystem", IEEE DEST, 2007, pp. 422-427.
[15] Tiwari, A., Sanyal, S., Abraham, A., Knapskog, J. S. & Sanyal, S., "A
Multi-factor Security Protocol for Wireless Payment-Secure Web
Authentication Using Mobile Devices", IADIS International Conference
Applied Computing, pp.160-167, 2007.
@article{"International Journal of Information, Control and Computer Sciences:61911", author = "Tan Soo Fun and Leau Yu Beng and Rozaini Roslan and Habeeb Saleh Habeeb", title = "Privacy in New Mobile Payment Protocol", abstract = "The increasing development of wireless networks and
the widespread popularity of handheld devices such as Personal
Digital Assistants (PDAs), mobile phones and wireless tablets
represents an incredible opportunity to enable mobile devices as a
universal payment method, involving daily financial transactions.
Unfortunately, some issues hampering the widespread acceptance of
mobile payment such as accountability properties, privacy protection,
limitation of wireless network and mobile device. Recently, many
public-key cryptography based mobile payment protocol have been
proposed. However, limited capabilities of mobile devices and
wireless networks make these protocols are unsuitable for mobile
network. Moreover, these protocols were designed to preserve
traditional flow of payment data, which is vulnerable to attack and
increase the user-s risk. In this paper, we propose a private mobile
payment protocol which based on client centric model and by
employing symmetric key operations. The proposed mobile payment
protocol not only minimizes the computational operations and
communication passes between the engaging parties, but also
achieves a completely privacy protection for the payer. The future
work will concentrate on improving the verification solution to
support mobile user authentication and authorization for mobile
payment transactions.", keywords = "Mobile Network Operator, Mobile payment protocol,
Privacy, Symmetric key.", volume = "2", number = "11", pages = "3942-5", }