anonymous micropayment authentication
TRANSCRIPT
-
7/30/2019 Anonymous Micropayment Authentication
1/16
AMA 1
Anonymous Micropayment
Authentication (AMA) in Mobile Data
Network
-
7/30/2019 Anonymous Micropayment Authentication
2/16
AMA 2
AIM
In this paper, an innovative and practical authentication system,
Anonymous Micropayments Authentication (AMA), is designed for
micropayments in mobile data network. Through AMA the customer and the
merchant can authenticate each other indirectly, at the same time the merchant
doesnt know the customers real identity. A customer can get fast
micropayments not only from his local domain but also from a remote domain
without increasing any burden on his mobile phone/smartcard. Furthermore,
without increasing communication overheads in the air, computational
overheads on the mobile/smartcard, which usually has limited computational
capability and storage, is minimized.
-
7/30/2019 Anonymous Micropayment Authentication
3/16
AMA 3
Introduction
Micropayments refer to low value financial transaction ranging from
several pennies to a few dollars. At present, a large portion of electronic
commerce occurring in the mobile data network belong to the category of
micropayments, such as ringing tone download, news subscription, etc.
Although the amount of each single transaction in micropayments is small, the
number of users and transactions is large. A small percentage loss due to
insecure transaction on fraud will be enlarged to a big sum. Thus, an important
issue of micropayments is security. Many achievements on micropayment and
its security are gained by researchers and cryptographers. All these can be
classified into script-based, hashchain-based and macropayment-based
categories. Millicent, a script based micropayment, introduces a kind of
currency- scrip, which is digital money that is issued by a single vendor. It uses
no public-key cryptography and is optimized for repeated micropayments to the
same vendor. Its distributed approach allows a micropayment to be validated
and double spending prevented without the overhead of contacting the broker
online during purchase. Subscript, another script-based micropayment, is based
on temporary customer accounts at the merchant. These accounts are prepaid by
a conventional payment system. In Pay Word, a hashchain-based
micropayment, customers generate their own coins, or pay words, which are
-
7/30/2019 Anonymous Micropayment Authentication
4/16
AMA 4
sent to vendors and then verified by brokers. It is credit-based scheme where a
users account is not debited until sometime after purchases. The pay words in
the system are customer and vendor specific and the pay words in the chain
have no value to another vendor, a macropayment-based micropayment,
provides support for nonrepudiation by signature based on public key
cryptography. Although, most of above mentioned micropayments can work
very well for Internet, they are not suitable for mobile data network. Mobile
environment has some limitations for micropayment, such as limited bandwidth
of mobile network, limited computational capabilities and memory resources of
mobile phone/smartcard. Therefore, its necessary to propose a new secure
mechanism for mobile micropayments. The mobile micropayments should
provide support for mutual authentication between the customer and the
merchant, confidentiality of transaction data and customers privacy, cross
domain authentication on roaming. Furthermore, computational overhead on the
mobile phone/smartcard is minimized. AMA can meet the requirements
mentioned above.
-
7/30/2019 Anonymous Micropayment Authentication
5/16
AMA 5
EXISTING SYSTEMS
There are several commonly used charging models available to design
micropayment systems. They are billing (or subscription) model, credit card
model, electronic check model, electronic currency model, and debit model.
Debit model is chosen for AMA. Of course, other charging models could also
be supported by AMA. The money debit model is an online system. At the
present time, it is not realistic to assume that every bank will provide online
transfer service to its customers. Instead, another trusted third party for
micropayment systems, Clearing and Settlement Center (CS), is established to
handle all fund transfers between customers and merchants.
-
7/30/2019 Anonymous Micropayment Authentication
6/16
AMA 6
-
7/30/2019 Anonymous Micropayment Authentication
7/16
AMA 7
Disadvantages:
I. Although, most of above mentioned micropayments can work verywell for Internet, they are not suitable for mobile data network.
II. Limited bandwidth of mobile network, limited computationalcapabilities and memory resources of mobile phone/smartcard.
III. The mobile micropayments should provide support for mutualauthentication between the customer and the merchant,
confidentiality of transaction data and customers privacy, crossdomain authentication on roaming
-
7/30/2019 Anonymous Micropayment Authentication
8/16
AMA 8
PROPOSED SYSTEM
Advantages:
I. Shifting as much computational effort as possible from the userside to the network side because the customer represented by amobile phone/smartcard has limited computational capabilities and
storage.
II. Allowing customer to get micropayment services from any domainat any place as soon as possible because the response time ofmicropayment systems is important to the users in the business
world.
III. Allowing new users and new merchants to join at any time.IV. Limited fairness in micropayments because the cost of complete
fairness is very expensive.
-
7/30/2019 Anonymous Micropayment Authentication
9/16
AMA 9
ARCHITECUTURE OF SYSTEM
-
7/30/2019 Anonymous Micropayment Authentication
10/16
AMA 10
DATA FLOW DIAGRAM
A Data Flow Diagram also known as a bubble chart provides a logical
map of problem before suggesting a specific solution and they have proved to
be a fast and effective method of communication among system analyst and are
effective means of conducting dialog with users.
A DFD shows the flow of data through a system. A system may be an
organization, a manual procedure, software system, mechanical system, ahardware system or any combinations of these. A DFD shows the movement of
data through different processes in the system. DFDs are made of a number of
symbols, which represents system components like process, data flow and
external entities.
LEVEL 0 DFD:
-
7/30/2019 Anonymous Micropayment Authentication
11/16
AMA 11
LEVEL 1 DFD:
-
7/30/2019 Anonymous Micropayment Authentication
12/16
AMA 12
-
7/30/2019 Anonymous Micropayment Authentication
13/16
AMA 13
SCHEMA DIAGRAM
Customer Table:
Customer
CID CKey CA/Cno CName CAddress CPB
Merchant Table:
Merchant
MID MKey MA/Cno MName MAddress MPB
Credential Centre:
User Table:
User
UID PWD UName
-
7/30/2019 Anonymous Micropayment Authentication
14/16
AMA 14
Clearing and Settlement Centre:
Account Table:
Account
AcNo Name Ph Address Bal
Transaction table:
Transaction
TID AcNo TType TAmt TDate
-
7/30/2019 Anonymous Micropayment Authentication
15/16
AMA 15
Software and Hardware Requirements
Software Requirements
Operating system : Windows XP/Windows 7 Coding Language : .Net Framework IDE : Visual Studio 2008 Back End : MYSQL Server : Internet Information Server (IIS) for ASP
Hardware Requirements
System : 3PCs with min 1 GB RAM Hand Held Device: Mobile phone with browser capability LAN : 3 PCs Connected
.
-
7/30/2019 Anonymous Micropayment Authentication
16/16
AMA 16
REFERENCES
[1] Amir Herzberg Payment Technologies for E-Commerce,Micropaymentspp.245-280, in Editor Prof. Weidong Kou, Springer-Verlag, ISBN 3-540
44007-0, 2003.
[2] T. Pedersen Electronic payments of small amountsIn Fourth CambridgeWorkshop on Security Protocols. Springer Verlag, Lecture Notes in Computer
Science, April 1996.
[3] P.M. Hallam-Baker. Micro Payment Transfer Protocol (MPTP) Version 0.1,
Novermber 1995.Http://www.w3.org/TR/WD-mptp-951122.
[4] Jacques Stern and Serge Vaudenay SVP: a Flexible Micropayment
SchemeFinancial Crypto 97, 1997: pp.161-171.
[5] M. Peirce, Multi-party Micropayments for Mobile Communications,PhD
Thesis, Trinity College Dublin, Ireland, Oct. 2000.
[6] T. Poutanen, H. Hinton, and M. Stumm NetCents: A Lightweight Protocol
for Secure MicropaymentsIn Proceedings of the ThirdUSENIX Workshop on
Electronic Commerce. USENIX, September 1998.
[7] C. Jutla, M. Yung Paytree: amortized signature for flexiblemicropaymentsIn 2nd USENIX Workshop on electronic commerce, 1996,
pp. 213-221.
[8] G. Horn and B. Preneel, Authentication and payment in future mobile
systems Computer Security - ESORICS'98, Lecture Notes in ComputerScience
1485, 1998, pp. 277-293.
http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122http://www.w3.org/TR/WD-mptp-951122