Abstract
A need for secure payment methods in the mobile and conventional Internet has arisen as a result of the increase of on-line commerce. Most of the current payment methods that can be used in conducting transactions on the Internet have major drawbacks either in terms of functionality, usability, costs or security. The widely accepted way of securely and reliably authorizing electronic payment transactions is through the use of digital signatures in a PKI framework.
Organizations like the WAP Forum and MeT Initiative have made efforts to introduce industry standards for bringing PKI capabilities to mobile phones. The WAP version 1.2.1 compliant handsets already come with support for making digital signatures using the wireless identity module WIM. These new capabilities readily lend themselves to implementing mobile payment systems.
This paper presents a system that makes use of the MeT WPKI framework in implementing electronic payment authorization. The Mobile Payment System interacts with a merchant, payer and issuer as well as supporting back-end systems in coordinating secured payment transactions. It enables securely authorizing payment transactions using a standard WAP enabled handset.
The focus in the paper is in describing the system model and the high level structure. The details of implementation aren’t discussed when not essential.
The updated original online version for this book can be found at DOI: 10.1007/978-0-387-35604-4_20
Chapter PDF
Similar content being viewed by others
Key words
References
Anon., Established players gain most out of mobile Internet, Mobile Internet, 2000, Vol. 2, No. 2
Wireless Application Forum, Ltd., WAP Forum Releases, 2001, http://www.wapforum.org/what/technical.htm [referenced 9 September 2001 ]
Wireless Application Forum, Ltd., Wireless Application Protocol - Identity Module Specification, 18 February 2000
Gladman, B., Ellison, C., Bohm, N., Digital Signatures, Certificates and Electronic Commerce, 8 June 1999, http://jya.com/bg/digsig.pdf, [referenced 8 September 2001 ]
Schneier, B., Applied Cryptography, 2nd edition, John Wiley, Sons, Inc. United States, 758 pages
Diffie, W., Hellmann, M.E., New Directions in Cryptography, IEEE Transactions on Information Theory, Volume IT-22, Number 6, November 1976
Puhakainen, P., Electronic Commerce: Market Estimates and Security Considerations, Licentiate’s thesis, Helsinki University of Technology, 2000, 121 pages
Wireless Application Forum, Ltd., Wireless Application Protocol - Public Key Infrastructure Definition, 3 March 2000
Wireless Application Forum, Ltd., Wireless Application Protocol - Wireless Transport Layer Security Specification, 18 February 2000
Wireless Application Forum, Ltd., WMLScript Crypto Library, 5 November 1999
Wireless Application Forum, Ltd., WAP Certificate and CRL Profiles, 22 May 2001
Wireless Application Forum, Ltd., WAP TLS Profile and Tunneling Specification, 24 April 2001
MeT Initiative, Mobile Electronic Transactions Initiative, http://www.mobiletransaction.org [referenced 15 September 2001 ]
Gamma, E., Helm, R., Johnson, R., Vlissides, J., Design Patterns, 1995, 1st edition, United States, Addison-Wesley, 395 pages
Howes, T., Smith, M., RFC 2255, The LDAP URL Format, December 1997
Wahl, M., Kille, S., Howes, T., RFC 2251, Lightweight Directory Protocol (v3), December 1997
Wahl, M., Kille, S., Howes, T., RFC 2252, Lightweight Directory Protocol (v3): Attribute Syntax Definitions, December 1997
Wahl, M., Kille, S., Howes, T., RFC 2253, Lightweight Directory Protocol (v3): UTF-8 String Representation of Distinguished Names, December 1997
Howes, T., RFC 2254, The String Representation of LDAP Search Filters, December 1997
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Halonen, T., Virtanen, T. (2002). A System for Secure Mobile Payment Transactions. In: Traunmüller, R. (eds) Information Systems. IFIP WCC TC8 2002. IFIP — The International Federation for Information Processing, vol 95. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35604-4_12
Download citation
DOI: https://doi.org/10.1007/978-0-387-35604-4_12
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5493-3
Online ISBN: 978-0-387-35604-4
eBook Packages: Springer Book Archive