Abstract
The standard protocol of near field communication (NFC) has concentrated primarily on the speed of communication while ignoring security properties. Message between an NFC-enabled smartphone and a point of sale are exchanged over the air (OTA), which is a message considered an authentication request for payment, billing, ticketing, loyalty services, identification or access control. An attacker who has an antenna can intercept or manipulate the exchanged messages to take advantage of these. In order to solve this problem, many researchers have suggested authentication methods for NFC communications. However, these remain inadequate transaction security and fairness. In this paper, we will propose a technique that ensures mutual authentication, security properties, and strong fairness. Mutual authentication is a security property that prevents replay attacks and man-in-the-middle attacks. Both fair exchange and transaction security are also significant issues in electronic transactions with regards to creating trust among the parties participating in the transaction. The suggested protocol deploys a secure offline session key generation technique to increase transaction security and, importantly, make our protocol lightweight while maintaining the fairness property. Our analysis suggests that our protocol is more effective than others regarding transaction security, fairness, and lightweight protocol. The proposed protocol checks robustness and soundness using Burrows, Abadi and Needham (BAN) logic, the Scyther tool, and automated validation of internet security protocols and applications (AVISPA) that provide formal proofs for security protocols. Furthermore, our protocol can resolve disputes in case one party misbehaves.
Highlights
Until recently, many smartphones have built-in near field communication (NFC) to allow short-range communication and small data transfers
In the card emulation mode, NFC works as a radio frequency identification (RFID) tag installed in portable hardware
We introduced a protocol that ensures mutual authentication for NFC mobile payment to all engaged parties using lightweight cryptographic operations for running on mobile devices
Summary
Many smartphones have built-in near field communication (NFC) to allow short-range communication and small data transfers. El Madhoun et al [5] proposed a secure authentication protocol for contactless-NFC payment based on a Cloud infrastructure to solve security vulnerabilities detected in the Europay Mastercard Visa (EMV). Symmetric encryption is utilized the confidentiality of bank data in the authentication steps This proposed protocol uses the Scyther tool to verify security protocols. The management, authentication server (MAS) in this protocol provides authentication of the payment transactions, and to achieve mutual authentication between parties, both the NFC-enabled mobile device and the point of sale terminal. The proposed protocol offers advantages including scalability, simplicity, cost-effectiveness, and low computational processing Those NFC authentication protocols that have been proposed do not possess sufficient fairness and security properties. The proposed protocol deploys a secure offline session key generation technique to enhance the protocol’s security
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
