A Key-Based Mutual Authentication Framework for Mobile Contactless Payment System Using Authentication Server

1 March 2021

journal article
research article
Published by IGI Global in Journal of Organizational and End User Computing

Vol. 33 (2), 1-16
https://doi.org/10.4018/joeuc.20210301.oa1

Abstract

This paper presents a framework for mutual authentication between a user device and a point of sale (POS) machine using magnetic secure transmission (MST) to prevent the wormhole attack in Samsung pay. The primary attribute of this method is authenticating the POS terminals by an authentication server to bind the generated token to a single POS machine. To secure the system from eavesdropping attack, the data transmitted between the user device and the machine is encrypted by using the Elgamal encryption method. The keys used in the method are dynamic in nature. Furthermore, comparison and security analysis are presented with previously proposed systems.

Keywords

This publication has 10 references indexed in Scilit:

A Survey on Contactless Smart Cards and Payment System
Journal of Global Information Management, 2020
Multi Factor Two-way Hash-Based Authentication in Cloud Computing
International Journal of Cloud Applications and Computing, 2020
Ensure Hierarchal Identity Based Data Security in Cloud Environment
International Journal of Cloud Applications and Computing, 2019
A taxonomy of various attacks on smart card–based applications and countermeasures
Concurrency and Computation: Practice and Experience, 2018
Eavesdropping of Magnetic Secure Transmission Signals and Its Security Implications for a Mobile Payment Protocol
IEEE Access, 2018
Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework
Future Generation Computer Systems, 2018
Model Driven Approach to Secure Optimized Test Paths for Smart Samsung Pay using Hybrid Genetic Tabu Search Algorithm
International Journal of Information System Modeling and Design, 2018
Efficient yet robust biometric iris matching on smart cards for data high security and privacy
Future Generation Computer Systems, 2017
Designing and Proving an EMV-Compliant Payment Protocol for Mobile Devices
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2017
Location Authentication based on Wireless Access Point Information to Prevent Wormhole Attack in Samsung Pay
Advances in Electrical and Computer Engineering, 2017

Cited by 5 articles