Abstract
Instead of the traditional credit card payment system, we propose a new electronic payment system for use in a mobile environment. The idea behind this payment service is that a user (customer) applies a message delivery service to obtain a varied authentication token from a servicing bank through his cell phone. The token is used to ensure the validity of the transaction and the legality of the user. On the other hand, because only the user knows the authentication token, he/her cannot later deny that he/her made the transaction. Therefore, in addition to authentication, the property of non-repudiation can also be achieved by using our proposed scheme. Most importantly, our scheme does not require any credit card or tamper-resistant device (i.e. smart card) to store critical information. Consequently, the electronic payment system enhances the security of the traditional credit card payment system. The proposed scheme eliminates the risks of losing a card and duplicating the content of a user’s card by a dishonest merchant.
Similar content being viewed by others
References
Hwang M.S., Lu E.J.L., Lin I.C., (2002.) “Adding timestamps to the secure electronic auction protocol”. Data and Knowledge Engineering. 40(2): 155–162
K.F. Hwang, I.C. Lin, and C.C. Chang, “A credit card-based mobile payment system”, Proceedings of 2002 International Conference on Information Security (InfoSecu02), pp. 82–88, Shanghai, China, July 2002.
M. Bellare, J.A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E.V. Herreweghen, and M. Waidner, “Design, implementation, and deployment of the iKP secure electronic payment system”, IEEE Journal on Selected Areas in Communications, Vol. 18, No. 4, pp. 611–627, April 2000.
M. Bellare, J.A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M. Waidner, “iKP – a family of secure electronic payment protocols”, Proceedings of the 1st USENIX Workshop on Electronic Commerce, New York, July 1995, see http://www.usenix.net/publications/library/ proceedings/ec95/krawczyk.html.
Chaum D., Fiat A., Naor M., “Untraceable electronic cash”, Lecture Notes in Computer Science-Advances in Cryptology-Crypto 88. Springer Verlag, Germany, Vol. 403, pp. 319–327, 1990.
J. Doggest, “Electronic check project”, Financial Services Technology Consortium (FSTC), see http://macke.wiwi.hu-berlin/IMI/micropayments.html, 1995.
J.P. Boly et al., “The ESPRIT project CAFE-high security digital payment system”, Lecture Notes in Computer Science-Computer Security (ESOLICS’94). Springer Verlag, Germany, Vol. 875, pp. 217–230, Nov. 1994.
Hwang M.S., Lin I.C., Li L.H., (2001). “A simple micro-payment scheme”. The Journal of Systems and Software, 55(3): 221–229
Mastercard and Visa, “SET: secure electronic transactions protocol”, version 1.0 ed., May 1997, Book One: Business Specifications, Book Two: Technical Specification, Book Three: Formal Protocol Definition.
M. Sirbu and J.D. Tygar, “Netbill: An internet commerce system optimized for network delivered services”, IEEE Personal Communications, Vol. 2, No. 4, pp. 34–39, Aug. 1995.
Wang C.T., Chang C.C., Lin C.H., (2002). “A new micro-payment system using general payword chain”. Electronic Commerce Research 2(2): 159–168
Wayner P., (1994). “Digital cash”Byte, 19(10): 126
D. O’Mahony, M. Peirce, and H. Tewari, Electronic Payment Systems. Artech House, 1997.
M. Hendry, Smart Card Security and Applications. Artech House, 1997.
Jones H.W.E., Watson A.C., O’Neill T.J., (1998). “Vehicle security using smart cards”. Security Journal, 10(2): 79–87
S. Suzuki and K. Nakada, “An authentication technique based on distributed security management for the global mobility network”, IEEE Journal on Selected Areas in Communications, Vol. 15, No. 8, pp. 1608–1617, Oct. 1997.
Singelee D., Preneel B., (2005). “The Wireless Application Protocol”. International Journal of Network Security, 1(3): 161–165
H. Maass, “Location-aware mobile applications based on directory services”, Mobile Networks and Applications, Vol. 3, No. 2, pp. 157–173, Aug. 1998.
Zhang Y., Fujise M., (2006). “Security Management in the Next Generation Wireless Networks”. International Journal of Network Security, 3(1): 1–7
Itani W., Kayssi A., Chehab A., Gaspard C., (2006) “A Policy-driven, Content-based Security Protocol for Protecting Audit Logs on Wireless Devices”. International Journal of Network Security, 3(2): 120–131
R.L. Rivest, A. Shamir, and L.M. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications of the ACM, Vol. 21, No. 2, pp. 120–126, Feb. 1978.
D. Chaum, “Blind signatures for untraceable payment”, Advances in Cryptology-Crypto 82. Plenum Press, New York, pp. 199–203, 1983.
B. Schneier, Applied Cryptography, 2nd edition, John Wiley and Sons, 1996.
W. Diffie and M. E. Hellman, “New directions in cryptography”, IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644–654, Nov. 1976.
T. ElGamal, “A public-key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Transactions on Information Theory, Vol. 31, No. 4, pp. 469–472, 1985.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lin, IC., Chang, CC. A Practical Electronic Payment System for Message Delivery Service in the Mobile Environment. Wireless Pers Commun 42, 247–261 (2007). https://doi.org/10.1007/s11277-006-9176-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-006-9176-9