A Secure Lightweight and Scalable Mobile Payment Framework

Abstract

Existing SIP-based mobile payment solutions do not ensure all the security properties. In this paper we propose a Secure Lightweight and Scalable Mobile Payment Framework (SLSMP) using Signcryption scheme with Forward Secrecy (SFS) based on elliptic curve scheme which combines digital signature and encryption functions (Hwang et al., 2005) [5]. It takes lower computation and communication cost to provide security functions. SLSMP is highly scalable which is attributed to SIP for data exchange. This paper uses WPKI, UICC as Secure Element and depicts system architecture and detailed protocol of SIP based mobile payment solution. Our proposed framework is suitable for both micro and macro payments. Our proposed protocol ensures End to End security i.e. ensures Authentication, Integrity, Confidentiality and Non Repudiation properties, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, prevents Double Spending, Overspending and Money laundering.