A secure NFC mobile payment protocol based on biometrics with formal verification Online publication date: Tue, 23-Aug-2016
by Shaik Shakeel Ahamad; Ibrahim Al-Shourbaji; Samaher Al-Janabi
International Journal of Internet Technology and Secured Transactions (IJITST), Vol. 6, No. 2, 2016
Abstract: In this paper, we propose a secure NFC mobile payment protocol based on biometrics (SNMPBs) using wireless public key infrastructure (WPKI) and universal integrated circuit card (UICC). Electronic signatures generated in this protocol are considered qualified signatures as they are generated in UICC which is tamper resistant device. A procedure for the personalisation of mobile payment application (on the UICC) (by the issuer/bank) is proposed. Our SNMPB resolves disputes efficiently among stakeholders by collecting evidence using transaction counters, transaction log, forensics mode and cryptographic audit log techniques. SNMPB ensures end-to-end security (i.e., from mobile payments application in UICC to the bank server) thereby achieving confidentiality, authentication, integrity and non-repudiation properties, prevents double spending and over spending. Our proposed SNMPB protocol withstands replay, man in the middle (MITM), impersonation and multi-protocol attacks as SNMPB is formally verified successfully using BAN logic and Scyther tool.
Online publication date: Tue, 23-Aug-2016
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Technology and Secured Transactions (IJITST):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org