Author
Listed:
- Shaik Shakeel Ahamad
(Department of Computer and Information Sciences, University of Hyderabad, Hyderabad, India & Institute for Development and Research in Banking Technology, Castle Hills, Masab Tank, Hyderabad, India)
- V. N. Sastry
(Institute for Development and Research in Banking Technology, Castle Hills, Masab Tank, Hyderabad, India)
- Siba K. Udgata
(Department of Computer and Information Sciences, University of Hyderabad, Hyderabad, India)
Abstract
This paper proposes a Secure Mobile Wallet Framework (SMWF) using WPKI (Wireless Public Key Infrastructure) and UICC (Universal Integrated Circuit Card) by defining (a) a procedure of personalizing UICC by the client, (b) a procedure of provisioning and personalization (Mutual Authentication and Key Agreement Protocol) of Mobile Payments Application (which is on UICC) by the Bank and (c) our proposed mobile wallet is will have mobile wallet manager managed by CA (acting as TSM), every mobile application is independent, protected by firewalls and encrypted data is stored in the mobile wallet application. Their proposed Mobile Wallet ensures end to end security. The authors’ proposed SMWF is compared with recent works and found to be better in terms of generating client’s credentials, implementation of WPKI in UICC, personalization of mobile payment application by the bank and in ensuring end to end security (i.e., from Mobile Payments Application in UICC to the Bank Server). The proposed mobile payment protocol originating from Mobile Payment Application (which is on UICC) to the Bank Server realizes Fair Exchange ensures Confidentiality, Authentication, Integrity and Non Repudiation, prevents double spending, over spending and money laundering, and withstands replay, Man in the Middle (MITM) and Impersonation attacks. Proposed mobile payment protocol is formally verified using AVISPA and Scyther Tool and presented with results.
Suggested Citation
Shaik Shakeel Ahamad & V. N. Sastry & Siba K. Udgata, 2012.
"A Secure Mobile Wallet Framework with Formal Verification,"
International Journal of Advanced Pervasive and Ubiquitous Computing (IJAPUC), IGI Global, vol. 4(2), pages 1-15, April.
Handle:
RePEc:igg:japuc0:v:4:y:2012:i:2:p:1-15
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:japuc0:v:4:y:2012:i:2:p:1-15. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/igg/japuc0/v4y2012i2p1-15.html
