Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR

Sarah Abu Ghazalah; Konstantinos Markantonakis; Keith Mayes

Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR

Sarah Abu Ghazalah, Konstantinos Markantonakis, Keith Mayes

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

328 Downloads (Pure)

Abstract

Near Field Communication (NFC) mobile phones
can be used as payment devices and can emulate credit cards.
Although NFC mobile services promise a fruitful future, several
issues have been raised by academics and researchers. Among
the main concerns for the use and deployment of NFC-enabled
mobile phones is the potential loss of security and privacy. More
specifically, mobile phone users involved in a payment transaction
conducted over a mobile handset require that such a system
does not reveal their identity or any sensitive data. Furthermore,
that all entities participating in the transaction are legitimate.
To this end, we proposed a protocol that meets the mobile user’s
requirements. The proposed protocol attempts to address the
main security concerns and protects the customer privacy from
any third party involved in the transaction. We formally analysed
the protocol using CasperFDR and did not find any feasible
attacks.

Original language	English
Title of host publication	The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14)
Publisher	IEEE Computer Society
Publication status	Published - 26 Sept 2014

Access to Document

NFC-mobilepaymentSubmitted manuscript, 232 KB

Cite this

@inproceedings{0b86feca9e16490ab0ef794ba49def88,

title = "Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR",

abstract = "Near Field Communication (NFC) mobile phonescan be used as payment devices and can emulate credit cards.Although NFC mobile services promise a fruitful future, severalissues have been raised by academics and researchers. Amongthe main concerns for the use and deployment of NFC-enabledmobile phones is the potential loss of security and privacy. Morespecifically, mobile phone users involved in a payment transactionconducted over a mobile handset require that such a systemdoes not reveal their identity or any sensitive data. Furthermore,that all entities participating in the transaction are legitimate.To this end, we proposed a protocol that meets the mobile user{\textquoteright}srequirements. The proposed protocol attempts to address themain security concerns and protects the customer privacy fromany third party involved in the transaction. We formally analysedthe protocol using CasperFDR and did not find any feasibleattacks.",

author = "{Abu Ghazalah}, Sarah and Konstantinos Markantonakis and Keith Mayes",

year = "2014",

month = sep,

day = "26",

language = "English",

booktitle = "The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14)",

publisher = "IEEE Computer Society",

}

Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR. / Abu Ghazalah, Sarah; Markantonakis, Konstantinos ; Mayes, Keith.
The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14). IEEE Computer Society, 2014.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Secure Mobile Payment on NFC-Enabled Mobile Phones Formally Analysed Using CasperFDR

AU - Abu Ghazalah, Sarah

AU - Markantonakis, Konstantinos

AU - Mayes, Keith

PY - 2014/9/26

Y1 - 2014/9/26

N2 - Near Field Communication (NFC) mobile phonescan be used as payment devices and can emulate credit cards.Although NFC mobile services promise a fruitful future, severalissues have been raised by academics and researchers. Amongthe main concerns for the use and deployment of NFC-enabledmobile phones is the potential loss of security and privacy. Morespecifically, mobile phone users involved in a payment transactionconducted over a mobile handset require that such a systemdoes not reveal their identity or any sensitive data. Furthermore,that all entities participating in the transaction are legitimate.To this end, we proposed a protocol that meets the mobile user’srequirements. The proposed protocol attempts to address themain security concerns and protects the customer privacy fromany third party involved in the transaction. We formally analysedthe protocol using CasperFDR and did not find any feasibleattacks.

AB - Near Field Communication (NFC) mobile phonescan be used as payment devices and can emulate credit cards.Although NFC mobile services promise a fruitful future, severalissues have been raised by academics and researchers. Amongthe main concerns for the use and deployment of NFC-enabledmobile phones is the potential loss of security and privacy. Morespecifically, mobile phone users involved in a payment transactionconducted over a mobile handset require that such a systemdoes not reveal their identity or any sensitive data. Furthermore,that all entities participating in the transaction are legitimate.To this end, we proposed a protocol that meets the mobile user’srequirements. The proposed protocol attempts to address themain security concerns and protects the customer privacy fromany third party involved in the transaction. We formally analysedthe protocol using CasperFDR and did not find any feasibleattacks.

M3 - Conference contribution

BT - The 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-14)

PB - IEEE Computer Society

ER -