anonymous micropayment authentication

7/30/2019 Anonymous Micropayment Authentication

1/16

AMA 1

Anonymous Micropayment

Authentication (AMA) in Mobile Data

Network


2/16

AMA 2

AIM

In this paper, an innovative and practical authentication system,

Anonymous Micropayments Authentication (AMA), is designed for

micropayments in mobile data network. Through AMA the customer and the

merchant can authenticate each other indirectly, at the same time the merchant

doesnt know the customers real identity. A customer can get fast

micropayments not only from his local domain but also from a remote domain

without increasing any burden on his mobile phone/smartcard. Furthermore,

without increasing communication overheads in the air, computational

overheads on the mobile/smartcard, which usually has limited computational

capability and storage, is minimized.


3/16

AMA 3

Introduction

Micropayments refer to low value financial transaction ranging from

several pennies to a few dollars. At present, a large portion of electronic

commerce occurring in the mobile data network belong to the category of

micropayments, such as ringing tone download, news subscription, etc.

Although the amount of each single transaction in micropayments is small, the

number of users and transactions is large. A small percentage loss due to

insecure transaction on fraud will be enlarged to a big sum. Thus, an important

issue of micropayments is security. Many achievements on micropayment and

its security are gained by researchers and cryptographers. All these can be

classified into script-based, hashchain-based and macropayment-based

categories. Millicent, a script based micropayment, introduces a kind of

currency- scrip, which is digital money that is issued by a single vendor. It uses

no public-key cryptography and is optimized for repeated micropayments to the

same vendor. Its distributed approach allows a micropayment to be validated

and double spending prevented without the overhead of contacting the broker

online during purchase. Subscript, another script-based micropayment, is based

on temporary customer accounts at the merchant. These accounts are prepaid by

a conventional payment system. In Pay Word, a hashchain-based

micropayment, customers generate their own coins, or pay words, which are


4/16

AMA 4

sent to vendors and then verified by brokers. It is credit-based scheme where a

users account is not debited until sometime after purchases. The pay words in

the system are customer and vendor specific and the pay words in the chain

have no value to another vendor, a macropayment-based micropayment,

provides support for nonrepudiation by signature based on public key

cryptography. Although, most of above mentioned micropayments can work

very well for Internet, they are not suitable for mobile data network. Mobile

environment has some limitations for micropayment, such as limited bandwidth

of mobile network, limited computational capabilities and memory resources of

mobile phone/smartcard. Therefore, its necessary to propose a new secure

mechanism for mobile micropayments. The mobile micropayments should

provide support for mutual authentication between the customer and the

merchant, confidentiality of transaction data and customers privacy, cross

domain authentication on roaming. Furthermore, computational overhead on the

mobile phone/smartcard is minimized. AMA can meet the requirements

mentioned above.


5/16

AMA 5

EXISTING SYSTEMS

There are several commonly used charging models available to design

micropayment systems. They are billing (or subscription) model, credit card

model, electronic check model, electronic currency model, and debit model.

Debit model is chosen for AMA. Of course, other charging models could also

be supported by AMA. The money debit model is an online system. At the

present time, it is not realistic to assume that every bank will provide online

transfer service to its customers. Instead, another trusted third party for

micropayment systems, Clearing and Settlement Center (CS), is established to

handle all fund transfers between customers and merchants.


6/16

AMA 6


7/16

AMA 7

Disadvantages:

I. Although, most of above mentioned micropayments can work verywell for Internet, they are not suitable for mobile data network.

II. Limited bandwidth of mobile network, limited computationalcapabilities and memory resources of mobile phone/smartcard.

III. The mobile micropayments should provide support for mutualauthentication between the customer and the merchant,

confidentiality of transaction data and customers privacy, crossdomain authentication on roaming


8/16

AMA 8

PROPOSED SYSTEM

Advantages:

I. Shifting as much computational effort as possible from the userside to the network side because the customer represented by amobile phone/smartcard has limited computational capabilities and

storage.

II. Allowing customer to get micropayment services from any domainat any place as soon as possible because the response time ofmicropayment systems is important to the users in the business

world.

III. Allowing new users and new merchants to join at any time.IV. Limited fairness in micropayments because the cost of complete

fairness is very expensive.


9/16

AMA 9

ARCHITECUTURE OF SYSTEM


10/16

AMA 10

DATA FLOW DIAGRAM

A Data Flow Diagram also known as a bubble chart provides a logical

map of problem before suggesting a specific solution and they have proved to

be a fast and effective method of communication among system analyst and are

effective means of conducting dialog with users.

A DFD shows the flow of data through a system. A system may be an

organization, a manual procedure, software system, mechanical system, ahardware system or any combinations of these. A DFD shows the movement of

data through different processes in the system. DFDs are made of a number of

symbols, which represents system components like process, data flow and

external entities.

LEVEL 0 DFD:


11/16

AMA 11

LEVEL 1 DFD:


12/16

AMA 12


13/16

AMA 13

SCHEMA DIAGRAM

Customer Table:

Customer

CID CKey CA/Cno CName CAddress CPB

Merchant Table:

Merchant

MID MKey MA/Cno MName MAddress MPB

Credential Centre:

User Table:

User

UID PWD UName


14/16

AMA 14

Clearing and Settlement Centre:

Account Table:

Account

AcNo Name Ph Address Bal

Transaction table:

Transaction

TID AcNo TType TAmt TDate


15/16

AMA 15

Software and Hardware Requirements

Software Requirements

Operating system : Windows XP/Windows 7 Coding Language : .Net Framework IDE : Visual Studio 2008 Back End : MYSQL Server : Internet Information Server (IIS) for ASP

Hardware Requirements

System : 3PCs with min 1 GB RAM Hand Held Device: Mobile phone with browser capability LAN : 3 PCs Connected

.


16/16

AMA 16

REFERENCES

[1] Amir Herzberg Payment Technologies for E-Commerce,Micropaymentspp.245-280, in Editor Prof. Weidong Kou, Springer-Verlag, ISBN 3-540

44007-0, 2003.

[2] T. Pedersen Electronic payments of small amountsIn Fourth CambridgeWorkshop on Security Protocols. Springer Verlag, Lecture Notes in Computer

Science, April 1996.

[3] P.M. Hallam-Baker. Micro Payment Transfer Protocol (MPTP) Version 0.1,

Novermber 1995.Http://www.w3.org/TR/WD-mptp-951122.

[4] Jacques Stern and Serge Vaudenay SVP: a Flexible Micropayment

SchemeFinancial Crypto 97, 1997: pp.161-171.

[5] M. Peirce, Multi-party Micropayments for Mobile Communications,PhD

Thesis, Trinity College Dublin, Ireland, Oct. 2000.

[6] T. Poutanen, H. Hinton, and M. Stumm NetCents: A Lightweight Protocol

for Secure MicropaymentsIn Proceedings of the ThirdUSENIX Workshop on

Electronic Commerce. USENIX, September 1998.

[7] C. Jutla, M. Yung Paytree: amortized signature for flexiblemicropaymentsIn 2nd USENIX Workshop on electronic commerce, 1996,

pp. 213-221.

[8] G. Horn and B. Preneel, Authentication and payment in future mobile

systems Computer Security - ESORICS'98, Lecture Notes in ComputerScience

1485, 1998, pp. 277-293.
http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122

anonymous micropayment authentication

Documents