Mobile payment security card based on distributed key

1 Introduction

Mobile payments are on the rise, and security issues are a key bottleneck in their applications. Because the encryption capability of mobile phones is limited and cannot meet the requirements of financial security, it is expected to solve this problem by enhancing the encryption capability through an external encryption card. Most mobile phones have the ability to access external devices. With the development of technology, this trend is becoming more and more obvious. Infrared, Bluetooth and data lines are almost standard devices for mobile phones, and USB support is also increasing. At the same time, due to the emergence of SIM card cloning machine, the security protection by SIM card and mobile phone itself is also severely tested. The key distribution storage through external eKey greatly enhances the security factor. Mobile phone, SIM card and eKey cross-calibration The test also greatly improved the security of mobile payments.

At present, the encryption of mobile payment is mostly realized by the encryption function of the SIM card, and the small payment based on the short message. This kind of solution needs to replace complex processes such as SIM cards, and the shortcomings such as delay and unreliability of short messages make the promotion of this service blocked. With the enhancement of the capabilities of the mobile phone itself, the use of JAVA and WAP technologies to support mobile payment through the security mechanisms of HTTPS and WAP itself is also being applied. However, because the encryption capability of mobile phones is limited, generally only 64-bit encryption strength can be achieved. For small consumption. A SIM card that can improve the encryption capability of the mobile phone itself is being studied abroad, but progress is slow because of the different standards and technical difficulties. In addition, the method of enhancing the security performance by adding external chips has also been applied, such as Weiyi's MTT (mobile POS machine), but the MTr directly changes the structure of the mobile phone, making the mobile phone huge and can only be used as a mobile POS. Lost the compact and convenient features. This article is aimed at this shortcoming, enhance the security function of the mobile phone through the plug-in external device eKey, try not to change the structure and configuration of the mobile phone itself, so that the mobile payment service is easier to carry out.

2 eKey-based mobile payment solution

In the mobile payment process, although the wireless transmission channel has its own encryption capability, it is also indispensable for encryption at the application layer. For example, the banking system uses the PKI mechanism for security protection, and it can only interface with the encrypted data through the PKI mechanism. Therefore, the application layer data must use the PKI encryption mechanism. Considering the delay and unreliability of short messages, relying on Unstructured Supplementary Service Data (USSD) can solve this problem. USSD is a new interactive data service based on GSM network. It is a new service based on GSM short message system technology. The USSD service mainly includes supplementary services (such as call barring, call forwarding) and unstructured supplementary services (such as mobile banking). Although USSD, SMS, and WAP are both circuit-bearing services, their advantages are as follows:

(1) The circuit channels they use are different: in the call state, USSD and SMS use the same signaling channel l1]1SDCCH, the data transmission rate is about 600 bps; when it is not in the call state, USSD uses FACCH signaling channel. The data transmission rate is approximately I kbps, which is higher than the SMS transmission rate;
(2) USSD maintains a wireless connection during the session, providing a transparent pipe, and does not store and forward. The SMS has no session channel on the physical bearer layer. It is only a store-and-forward system. The user needs to perform multiple session processes to complete a query. Therefore, uSSD does not need to re-establish the channel every time the message is sent, and in response time, USSD is faster than short message. Similar to USSD, WAP maintains a session process in interaction, but due to factors such as WAP server and Internet speed, its current response speed is slower than SMS;
(3) Both USSD and WAP can adjust the service content on the server side. In particular, USSD can easily modify the menu on the server side, so that operators can quickly respond to changes in market demand; Based on the STK card, you can't modify the menu options at any time, which is a bit more troublesome in terms of business development.

Through the above analysis, USSD provides a simple and inexpensive solution for mobile payment. USSD and access to external devices are functions supported by most mobile phones, and basically do not need to change any configuration of the mobile phone, and are easy to implement. We use USSD as the wireless transmission method of eKcy. The overall structure of the system is shown in Figure 1. The mobile phone sends the mobile payment data to the eKey through the serial port (for mobile phones that do not have the ability to ask external devices (such as serial ports), the mobile phone cannot support at present, and can only be realized by replacing the STK card). After eKey authenticates with mobile phones, servers, third-party authentication centers, etc., the data is encrypted and sent to the bank server through the mobile phone. The server decrypts the data through the encryption machine to complete the mobile payment operation, similar to online banking, but here is Wireless mode.

Mobile payment solution

Figure 1 Mobile payment plan


3 eKey design and implementation

3.1 Hardware Design

The eKey is positioned as the data encryption card of the mobile phone. The required size must be small and flexible, and easy to plug and unplug. In addition, considering the security of mobile payment, the eKey must implement the encryption capability of 3DES 128 bit or RSA 1 024 bit to achieve the same online banking. The level of encryption. At the same time, low-cost solutions and power management are also issues that must be considered. Through analysis, considering that the main function of asymmetric encryption RSA 1 024 bit encryption is to pass the key of 3DES, in the experimental stage, it is assumed that the security mechanism inside the bank is sufficient, even in the release stage, the user can go to the bank in person. Receive the encryption card to ensure the confidentiality of the transmission of the 3DES key.

Full text download reading address: http://Read-b3-t8555.htm

Lunch Ice Pack

Ice Pack For Lunch Box,Slim Lunch Ice Pack,Ice Pack For Lunch,Lunch Ice Pack

Changzhou Jisi Cold Chain Technology Com,Ltd , https://www.cooler-boxs.com

Posted on