In previous sections, we have introduced a formal model for a practical and secure payment system. The proposed model not only focuses on reasoning about mobile payment systems, but it can also be used to analyze fixed-network payment systems. In this section, we briefly demonstrate how the proposed model is used to analyze a payment system. Later in this thesis, our mobile payment framework and payment protocols will be proposed. The detailed analyses of our proposed mobile payment systems based on the proposed formal model will be presented.
Given a systemS, from the Definition 3.15,S will be considered as a prac- tical and secure mobile payment system if it satisfies the following parameters: G, CE, P T, Goals, P R, T Sec, andT rust. Moreover,T PSmust be greater than or equal to AT P. From the above conditions, it can be seen that:
1. A payment system is normally composed of {G, CE, P T}. Generally, S should satisfy G and CE. Then, we consider whether or not the transaction in S is related to fund transfer. If so, it satisfies P T stated by the model.
2. As mentioned in section 1.4, a payment system which satisfies account- ability property will satisfy all fundamental security properties stated in T Sec. We therefore analyze T Sec of S by using an accountability logic. The details of the logic will be presented in chapter 7.
3. To analyze Goals and P R, it can be seen that in the Definition 3.7 and Definition 3.9, Goals andP Rcan be formalized into proof statements of
Kungpisdan et al. (KP)’s accountability logic [KP02]. Therefore, ifS is successfully analyzed by KP’s logic, Goals and P R will be satisfied. 4. To analyzeT rust, we consider initial trust relationships among engaging
parties in S whether they satisfy T rust stated in the Definition 3.11. If they are not mentioned in the system, we consider each protocol step whether there is sensitive information of any party revealed to any unau- thorized party.
5. To analyze T PS, we first state AT P and then compare all related vari- ables ofS with those ofAT P. The example of this comparison has been illustrated in section 3.2.1.
6. If all the above parameters are satisfied by S, it can be concluded that S is a practical and secure payment system.
3.4
Summary
In this chapter, we have shown that a mobile payment system is a subset of an electronic payment system whereby at least one engaging party performs a payment transaction over a wireless network using a wireless device. We have introduced a formal model for a practical and secure mobile payment system in that:
• It is practical if it provides transaction performance which is acceptable by users. In particular, a mobile user is the party that must be most concerned in the system.
• It is secure if it satisfies all necessary security-related properties.
Such security-related properties can be satisfied by applying cryptographic operations to the information transferred in the system. However, on one
hand, applying high computational operations such as asymmetric-key oper- ations may not be applicable to mobile users who hold low computational capability mobile devices. On the other hand, low computational symmetric- key operations lack non-repudiation which is an essential property for financial transaction.
In the next chapters, we will investigate several techniques that can be used to design practical and secure mobile payment systems by using the proposed model as a major guideline for evaluation.
Later in this thesis, from chapters 4 to 6, we will present a mobile payment framework and mobile payment protocols, and analyze primarily their trans- action performance and trust relationships among engaging parties, whereas in chapter 7, transaction security, goals of engaging parties, and party’s re- quirements of the proposed framework and protocols will be formally analyzed based on the proposed model.
Note that accountability property plays an important role in the proposed model. That is, it is used as a major analysis tool in our formal model to analyze a payment system on Goals, P R, and T Sec. As previously discussed in section 1.4 that existing accountability logics [Kai96, KN98, KP02] are inadequate to analyze mobile payment protocols, in chapter 7, we will propose an accountability logic for mobile payment protocols and use it to analyze various kinds of mobile payment protocols.
Chapter 4
A Framework for Practical and
Secure Mobile Payment
There have been several attempts to devise practical and secure solutions for mobile payment. As discussed in section 2.4.4, several frameworks have been proposed to enable payment transactions in wireless environments. In par- ticular, proxy-based and agent-based frameworks aim to enable mobile pay- ment transactions with the payment protocols originally designed for fixed networks, whereas non proxy-based framework aims to deploy the payment protocols which operate well in wireless environments without any assistance (either from proxy server or mobile agent).
In this chapter, we evaluate the existing frameworks based on the proposed formal mobile payment model presented in chapter 3 to show that the payment systems based on the existing frameworks are not considered as the practical and secure mobile payment systems stated in the formal model. We then present a new framework which satisfies the formal model. Our framework not only incorporates the main features of the existing frameworks, but also solves their problems. As SET protocol [Mas97] has been applied to both proxy- based and agent-based frameworks, we demonstrate the practical usefulness of the proposed framework by applying SET protocol to it and comparing it with the SET payment systems based on the existing frameworks.
This chapter is organized as follows. Section 4.1 discusses the reason why the existing mobile payment frameworks do not satisfy our formal model. Sec- tion 4.2 introduces our framework which satisfies the formal model. In sec- tion 4.3, we apply the proposed framework to enable mobile SET transactions. Section 4.4 discusses issues related to security and practicability of our frame- work. Section 4.5 summarizes the chapter.
4.1
Evaluation of Existing Frameworks
In this section, we examine existing mobile payment frameworks namely agent- based, proxy-based, and non proxy-based frameworks whether they satisfy the formal model presented in chapter 3. To provide concrete evaluation, the SET payment systems based on the existing frameworks will be used. Recall that several systems based on agent-based framework [RdS98, WLY99] and proxy- based framework [WSZ01] have been proposed by deploying the SET protocol as their underlying payment protocol. Sections 4.1.1 and 4.1.3 demonstrate the details of the evaluation.
4.1.1
Agent-Based Framework
Recall that SET protocol [Mas97] is one of the most well-known credit-card payment protocols introduced by Mastercard and VISA, two major credit- card companies. Although the SET protocol is successfully implemented in fixed-network environments, it is not easy to implement it in the wireless ones because of the nature of the SET protocol itself and the wireless environments. Note that the problems of SET protocol and the constraints of wireless environ- ments have been previously discussed in sections 2.3.1 and 1.3.1, respectively. To overcome such constraints, Romao et al. [RdS98] proposed an agent- based SET payment system (called SET/A). Note that the details of SET/A have been presented in section 2.4.2. Applying mobile agent technology to
SET/A, a mobile agent containing a SET wallet plays the client’s role during the transaction. Thus, the client needs to connect to the Internet for short periods during the entire transaction. However, SET/A is vulnerable to attacks because the agent is required to bring the SET wallet with it to perform operations at a merchant’s environment which is considered to be hostile.
Comparing to the formal model, it can be seen that SET/A does not satisfy the model in that it is prone to the lack of transaction privacy stated in the Definition 3.10 because of the key generation in the merchant’s environment. Moreover, according to the trust relationships among engaging parties stated in the Definition 3.11 of the model, the merchant is not trusted by the client not to impersonate as the client to perform transactions.
Wanget al. [WLY99] proposed another agent-based SET payment system (called SET/A+) to solve the problems of SET/A. SET/A+ operates in a larger scenario than that of SET/A, in that, it includes brokering and negoti- ation phase, which naturally requires the capability of mobile agent, in SET protocol. A client’s PReq (refer to the details of SET protocol descriptions presented in section 2.3.1) is completely generated at the client before it is brought with an agent to perform a payment transaction at a merchant. How- ever, performing cryptographic operations, including public-key operations, at the client’s mobile device results in the problem of high computational load which is not likely to satisfy acceptable transaction performance stated in the Definition 3.14 of the formal model.
4.1.2
Proxy-Based Framework
As well as agent-based framework, the payment systems based on proxy-based framework, such as 3D SET for Mobiles [WSZ01], was applied to enable pay- ment transactions in wireless environments. Note that the details of 3D SET for Mobiles have been presented in section 2.4.1. In this section, we discuss a
proxy-based SET payment system called 3D SET for Mobiles whether it satis- fies the formal model. In this system, the function of proxy server located in a fixed network is operated by an issuer. The proxy server contains all payment- related information of its clients. To make a payment, a mobile client sends the issuer a request to perform a SET transaction on her behalf. However, the problem of trustworthiness of the issuer arises because the sensitive informa- tion of the client needs to be stored on the issuer’s proxy server. The client is required to fully trust the issuer that it will not impersonate as the client to perform transactions with merchants.
It is obvious that this system does not satisfy the trust relationships among engaging parties stated in the Definition 3.11 of the formal model, that is, the partial trust relationship between the client and the issuer should be estab- lished. That is, the issuer is not trusted by the client not to impersonate as the client to perform transactions.
4.1.3
Non Proxy-Based Framework
Non proxy-based framework is out of scope of our consideration because the framework itself suffers from the constraints of wireless environments. Secu- rity and performance of mobile payment transactions on the non proxy-based framework therefore primarily rely on the underlying payment protocol.
Later in this chapter, we will present a mobile payment framework that solves the problems of the existing frameworks and apply the proposed frame- work to enable SET transactions in wireless environments.