Skip to main content

2017 | OriginalPaper | Buchkapitel

4. Security in Mobile Payment Systems

verfasst von : Jesús Téllez, Sherali Zeadally

Erschienen in: Mobile Payment Systems

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Without the assurance that the information exchanged during a payment transaction is secure, the entities involved in a mobile payment system will not trust mobile commerce. This chapter presents a brief review of some of the most commonly used cryptography schemes for secure communications among the parties of typical mobile payment systems. This chapter also discusses some of the issues that make the design of secure mobile payment systems a major challenge.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
3.
Zurück zum Zitat S. Agarwal, M. Khapra, B. Menezes, N. Uchat, Security issues in mobile payment systems, in 5th International Conference on E-Governance (2007), pp. 142–152 S. Agarwal, M. Khapra, B. Menezes, N. Uchat, Security issues in mobile payment systems, in 5th International Conference on E-Governance (2007), pp. 142–152
4.
Zurück zum Zitat A. Ali, A study of security in wireless and mobile payments. Master’s thesis, Department of Electrical Engineering, Linköping University (2010) A. Ali, A study of security in wireless and mobile payments. Master’s thesis, Department of Electrical Engineering, Linköping University (2010)
6.
Zurück zum Zitat M. Al-Meaither, Secure electronic payments for Islamic finance. Ph.D. thesis, Royal Holloway, University of London (2004) M. Al-Meaither, Secure electronic payments for Islamic finance. Ph.D. thesis, Royal Holloway, University of London (2004)
9.
Zurück zum Zitat N. Asokan, P.A. Janson, M. Steiner, M. Waidner, The state of the art in electronic payment systems. IEEE Comput. 30(9), 28–35 (1997)CrossRef N. Asokan, P.A. Janson, M. Steiner, M. Waidner, The state of the art in electronic payment systems. IEEE Comput. 30(9), 28–35 (1997)CrossRef
26.
Zurück zum Zitat W. Chou, L. Washington, Elliptic curve cryptography and its applications to mobile devices, in IEEE INFOCOM 2004 (2004) W. Chou, L. Washington, Elliptic curve cryptography and its applications to mobile devices, in IEEE INFOCOM 2004 (2004)
51.
Zurück zum Zitat M. Girault, Self-certified public keys, in EUROCRYPT (1991), pp. 490–497 M. Girault, Self-certified public keys, in EUROCRYPT (1991), pp. 490–497
54.
Zurück zum Zitat J.A.O. Gonzalez, Multi-party non-repudation protocols and applications. Ph.D. thesis, University of Malaga, Campus de Teatinos (2006) J.A.O. Gonzalez, Multi-party non-repudation protocols and applications. Ph.D. thesis, University of Malaga, Campus de Teatinos (2006)
58.
Zurück zum Zitat W. Ham, H. Choi, Y. Xie, M. Lee, K. Kim1, Secure one-way mobile payment system keeping low computation in mobile devices, in The Third International Workshop on Information Security Applications (WISA 2002) (2002), pp. 287–301 W. Ham, H. Choi, Y. Xie, M. Lee, K. Kim1, Secure one-way mobile payment system keeping low computation in mobile devices, in The Third International Workshop on Information Security Applications (WISA 2002) (2002), pp. 287–301
59.
Zurück zum Zitat K. Hansen, T. Larsen, K. Olsen, On the efficiency of fast RSA variants in modern mobile phones. Int. J. Comput. Sci. Inf. Secur. (IJCSIS) 6(3), 136–140 (2009) K. Hansen, T. Larsen, K. Olsen, On the efficiency of fast RSA variants in modern mobile phones. Int. J. Comput. Sci. Inf. Secur. (IJCSIS) 6(3), 136–140 (2009)
69.
Zurück zum Zitat R.-J. Hwang, F.-F. Su, L.-S. Huang, Fast firmware implementation of RSA-like security protocol for mobile devices. Wirel. Pers. Commun. 42(2), 213–223 (2007)CrossRef R.-J. Hwang, F.-F. Su, L.-S. Huang, Fast firmware implementation of RSA-like security protocol for mobile devices. Wirel. Pers. Commun. 42(2), 213–223 (2007)CrossRef
72.
Zurück zum Zitat J.T. Isaac, J.S. Camara, A.I. Manzanares, M.C. Castro, Payment in a kiosk centric model with mobile and low computational power devices, in International Conference of Computational Science and Its Applications (ICCSA 2006) (2006), pp. 798–807 J.T. Isaac, J.S. Camara, A.I. Manzanares, M.C. Castro, Payment in a kiosk centric model with mobile and low computational power devices, in International Conference of Computational Science and Its Applications (ICCSA 2006) (2006), pp. 798–807
76.
Zurück zum Zitat J.T. Isaac, S. Zeadally, Secure mobile payments. IT Professional 16(3), 36–43 (2014, in press) J.T. Isaac, S. Zeadally, Secure mobile payments. IT Professional 16(3), 36–43 (2014, in press)
80.
Zurück zum Zitat ISO/IEC 9594-8, ITU-T X.509 recommendation. Information Technology — Open Systems Interconnection — The Directory: Authentication Framework (1993) ISO/IEC 9594-8, ITU-T X.509 recommendation. Information Technology — Open Systems Interconnection — The Directory: Authentication Framework (1993)
85.
Zurück zum Zitat S. Kadhiwal, M.A.U.S. Zulfiquar, Analysis of mobile payment security measures and different standards. Comput. Fraud Secur. 2007(6), 12–16 (2007)CrossRef S. Kadhiwal, M.A.U.S. Zulfiquar, Analysis of mobile payment security measures and different standards. Comput. Fraud Secur. 2007(6), 12–16 (2007)CrossRef
90.
Zurück zum Zitat N. Kshetri, Mobile payments in emerging markets. IT Professional 14(4), 9–13 (2012)CrossRef N. Kshetri, Mobile payments in emerging markets. IT Professional 14(4), 9–13 (2012)CrossRef
92.
Zurück zum Zitat S. Kungpisdan, Modelling, design, and analysis of secure mobile payment systems. Ph.D. thesis, Monash University (2005) S. Kungpisdan, Modelling, design, and analysis of secure mobile payment systems. Ph.D. thesis, Monash University (2005)
96.
Zurück zum Zitat X. Lai, J.L. Massey, A proposal for a new block encryption standard, in Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology (EUROCRYPT 1990) (1991), pp. 389–404 X. Lai, J.L. Massey, A proposal for a new block encryption standard, in Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology (EUROCRYPT 1990) (1991), pp. 389–404
100.
Zurück zum Zitat Y. Lei, D. Chen, Z. Jiang, Generating digital signatures on mobile devices, in 18th International Conference on Advanced Information Networking and Applications (AINA’2004) (2004), pp. 532–535 Y. Lei, D. Chen, Z. Jiang, Generating digital signatures on mobile devices, in 18th International Conference on Advanced Information Networking and Applications (AINA’2004) (2004), pp. 532–535
128.
Zurück zum Zitat T.N.T. Nguyen, P. Shum, E.H. Chua, Secure end-to-end mobile payment system, in 2nd International Conference on Mobile Technology, Applications and Systems (2005) T.N.T. Nguyen, P. Shum, E.H. Chua, Secure end-to-end mobile payment system, in 2nd International Conference on Mobile Technology, Applications and Systems (2005)
139.
Zurück zum Zitat H. Petersen, P. Horster, Self-certified keys: concepts and applications, in Third International Conference on Communications and Multimedia Security (1997), pp. 102–116 H. Petersen, P. Horster, Self-certified keys: concepts and applications, in Third International Conference on Communications and Multimedia Security (1997), pp. 102–116
148.
Zurück zum Zitat R. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefMATH R. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefMATH
150.
Zurück zum Zitat A. Romão, M. Mira da Silva, An agent-based secure Internet payment system for mobile computing, in International IFIP/GI Working Conference on Trends in Distributed Systems for Electronic Commerce (TREC 1998) (1998), pp. 80–93 A. Romão, M. Mira da Silva, An agent-based secure Internet payment system for mobile computing, in International IFIP/GI Working Conference on Trends in Distributed Systems for Electronic Commerce (TREC 1998) (1998), pp. 80–93
153.
Zurück zum Zitat N. Sadeh, M-Commerce, Technologies, Services, and Business Models (Wiley, New York, 2002) N. Sadeh, M-Commerce, Technologies, Services, and Business Models (Wiley, New York, 2002)
174.
Zurück zum Zitat J. Téllez, J. Sierra, A. Izquierdo, M. Carbonell, Anonymous payment in a kiosk centric model using digital signature scheme with message recovery and low computational power devices. J. Theor. Appl. Electron. Commer. Res. 1(2), 1–11 (2006) J. Téllez, J. Sierra, A. Izquierdo, M. Carbonell, Anonymous payment in a kiosk centric model using digital signature scheme with message recovery and low computational power devices. J. Theor. Appl. Electron. Commer. Res. 1(2), 1–11 (2006)
181.
Zurück zum Zitat Y-M. Tseng, J.K. Jan, H.-Y. Chien, Digital signature with message recovery using self-certified public keys and its variants. Appl. Math. Comput. 136(2–3), 203–214 (2003) Y-M. Tseng, J.K. Jan, H.-Y. Chien, Digital signature with message recovery using self-certified public keys and its variants. Appl. Math. Comput. 136(2–3), 203–214 (2003)
183.
Zurück zum Zitat U. Varshney, Mobile payments. IEEE Comput. 35(12), 120–121 (2002)CrossRef U. Varshney, Mobile payments. IEEE Comput. 35(12), 120–121 (2002)CrossRef
200.
Zurück zum Zitat Y. Zhu, A new architecture for secure two-party mobile payment transactions. Master’s thesis, Faculty of Arts and Science, University of Lethbridge (2010) Y. Zhu, A new architecture for secure two-party mobile payment transactions. Master’s thesis, Faculty of Arts and Science, University of Lethbridge (2010)
Metadaten
Titel
Security in Mobile Payment Systems
verfasst von
Jesús Téllez
Sherali Zeadally
Copyright-Jahr
2017
DOI
https://doi.org/10.1007/978-3-319-23033-7_4

Premium Partner