Abstract:
In this paper, we introduce a secure Mobile Payment
model suitable for macro transactions that compromise cost,
simplicity, security, and performance of transaction, with
minimum number of cryptography key usages, and less
encryption/decryption operations compared to other models. This
model can use symmetric and asymmetric cryptography without
the need of trusted 3rd parties or even PKI complexity. It is based
on SMS as a transport channel which provides the capability to
send transactions to payer not to payee; as usually done in most
current payment transaction models. The payer receives a secured
SMS message (invoice) waiting his/her confirmation (yes/no). Each
entity in the payment system payer/payee trusts only his/her bank
respectively, so the transaction will always go through trusted
nodes. The payer/payee can also use any bank payment instrument
(Credit Card, Debit Card, or even Current Account) without
revealing confidential data during the payment. This model can be
applied on any payment application e.g. e-check, money transfer,
e-commerce, and even normal EFTPOS transactions with leverage
infrastructure supporting the above mentioned payment
applications.