AMA

Anonymous Micropayment Authentication (AMA) in Mobile Data Network

AMA

AIM

In this paper, an innovative and practical authentication system, Anonymous Micropayments Authentication (AMA), is designed for

micropayments in mobile data network. Through AMA the customer and the merchant can authenticate each other indirectly, at the same time the merchant doesnt know the customers real identity. A customer can get fast micropayments not only from his local domain but also from a remote domain without increasing any burden on his mobile phone/smartcard. Furthermore, without increasing communication overheads in the air, computational overheads on the mobile/smartcard, which usually has limited computational capability and storage, is minimized.

AMA

Introduction

Micropayments refer to low value financial transaction ranging from several pennies to a few dollars. At present, a large portion of electronic commerce occurring in the mobile data network belong to the category of micropayments, such as ringing tone download, news subscription, etc. Although the amount of each single transaction in micropayments is small, the number of users and transactions is large. A small percentage loss due to insecure transaction on fraud will be enlarged to a big sum. Thus, an important issue of micropayments is security. Many achievements on micropayment and its security are gained by researchers and cryptographers. All these can be classified into script-based, hashchain-based and macropayment-based

categories. Millicent, a script based micropayment, introduces a kind of currency- scrip, which is digital money that is issued by a single vendor. It uses no public-key cryptography and is optimized for repeated micropayments to the same vendor. Its distributed approach allows a micropayment to be validated and double spending prevented without the overhead of contacting the broker online during purchase. Subscript, another script-based micropayment, is based on temporary customer accounts at the merchant. These accounts are prepaid by a conventional payment system. In Pay Word, a hashchain-based

micropayment, customers generate their own coins, or pay words, which are

AMA

sent to vendors and then verified by brokers. It is credit-based scheme where a users account is not debited until sometime after purchases. The pay words in the system are customer and vendor specific and the pay words in the chain have no value to another vendor, a macropayment-based micropayment, provides support for nonrepudiation by signature based on public key cryptography. Although, most of above mentioned micropayments can work very well for Internet, they are not suitable for mobile data network. Mobile environment has some limitations for micropayment, such as limited bandwidth of mobile network, limited computational capabilities and memory resources of mobile phone/smartcard. Therefore, its necessary to propose a new secure mechanism for mobile micropayments. The mobile micropayments should provide support for mutual authentication between the customer and the merchant, confidentiality of transaction data and customers privacy, cross domain authentication on roaming. Furthermore, computational overhead on the mobile phone/smartcard is minimized. AMA can meet the requirements mentioned above.

AMA

EXISTING SYSTEMS

There are several commonly used charging models available to design micropayment systems. They are billing (or subscription) model, credit card model, electronic check model, electronic currency model, and debit model. Debit model is chosen for AMA. Of course, other charging models could also be supported by AMA. The money debit model is an online system. At the present time, it is not realistic to assume that every bank will provide online transfer service to its customers. Instead, another trusted third party for micropayment systems, Clearing and Settlement Center (CS), is established to handle all fund transfers between customers and merchants.

AMA

AMA

Disadvantages:
I. Although, most of above mentioned micropayments can work very well for Internet, they are not suitable for mobile data network. Limited bandwidth of mobile network, limited computational capabilities and memory resources of mobile phone/smartcard. The mobile micropayments should provide support for mutual authentication between the customer and the merchant, confidentiality of transaction data and customers privacy, cross domain authentication on roaming

II.

III.

AMA

PROPOSED SYSTEM

Advantages:
I. Shifting as much computational effort as possible from the user side to the network side because the customer represented by a mobile phone/smartcard has limited computational capabilities and storage. Allowing customer to get micropayment services from any domain at any place as soon as possible because the response time of micropayment systems is important to the users in the business world. Allowing new users and new merchants to join at any time. Limited fairness in micropayments because the cost of complete fairness is very expensive.

II.

III. IV.

AMA

ARCHITECUTURE OF SYSTEM

AMA

10

DATA FLOW DIAGRAM

A Data Flow Diagram also known as a bubble chart provides a logical map of problem before suggesting a specific solution and they have proved to be a fast and effective method of communication among system analyst and are effective means of conducting dialog with users. A DFD shows the flow of data through a system. A system may be an organization, a manual procedure, software system, mechanical system, a hardware system or any combinations of these. A DFD shows the movement of data through different processes in the system. DFDs are made of a number of symbols, which represents system components like process, data flow and external entities.

LEVEL 0 DFD:

AMA

11

LEVEL 1 DFD:

AMA

12

AMA

13

SCHEMA DIAGRAM

Customer Table: Customer

CID

CKey

CA/Cno

CName

CAddress

CPB

Merchant Table: Merchant

MID

MKey

MA/Cno

MName

MAddress

MPB

Credential Centre: User Table: User

UID

PWD

UName

AMA

14

Clearing and Settlement Centre: Account Table: Account

AcNo

Name

Ph

Address

Bal

Transaction table: Transaction

TID

AcNo

TType

TAmt

TDate

AMA

15

Software and Hardware Requirements

Software Requirements
Operating system : Coding Language : IDE Back End Server : : : Windows XP/Windows 7 .Net Framework Visual Studio 2008 MYSQL Internet Information Server (IIS) for ASP

Hardware Requirements
System : Hand Held Device: LAN : . 3PCs with min 1 GB RAM Mobile phone with browser capability 3 PCs Connected

AMA

16

REFERENCES
[1] Amir Herzberg Payment Technologies for E-Commerce, Micropayments pp.245-280, in Editor Prof. Weidong Kou, Springer- Verlag, ISBN 3-540 44007-0, 2003. [2] T. Pedersen Electronic payments of small amounts In Fourth Cambridge Workshop on Security Protocols. Springer Verlag, Lecture Notes in Computer Science, April 1996. [3] P.M. Hallam-Baker. Micro Payment Transfer Protocol (MPTP) Version 0.1, Novermber 1995. Http://www.w3.org/TR/WD-mptp-951122. [4] Jacques Stern and Serge Vaudenay SVP: a Flexible Micropayment Scheme Financial Crypto 97, 1997: pp.161-171. [5] M. Peirce, Multi-party Micropayments for Mobile Communications, PhD Thesis, Trinity College Dublin, Ireland, Oct. 2000. [6] T. Poutanen, H. Hinton, and M. Stumm NetCents: A Lightweight Protocol for Secure Micropayments In Proceedings of the Third USENIX Workshop on Electronic Commerce. USENIX, September 1998. [7] C. Jutla, M. Yung Paytree: amortized signature for flexible micropayments In 2nd USENIX Workshop on electronic commerce, 1996, pp. 213-221. [8] G. Horn and B. Preneel, Authentication and payment in future mobile systems Computer Security - ESORICS'98, Lecture Notes in Computer Science 1485, 1998, pp. 277-293.