M-Identity and Its Authentication Protocol for Secure Mobile Commerce Applications

  • Fengling Han
  • Ron van Schyndel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7672)


Mobile commerce (m-commerce) delivers value-added services to customers and creates new market opportunities. However, establishing a secure m-commerce platform that offers high level of service can be challenging. This paper proposes a concept of m-identity targeted at control the access of involved parties in an m-commerce transaction. M-identity includes both identities of a user and his/her bound mobile device which is defined as a user’s biometric feature(s) taken by his/her bound mobile camera. As an additional factor of authentication, a watermark is embedded in the captured biometric images. The embedding key of the watermark is a shared secret between mobile device and central server. Then an m-identity authentication (MA) protocol is proposed. M-identity merges mobile device identity into biometrics images. Only the genuine owner whose biometric information captured by his/her bound mobile device can pass m-identity authentication. Combined with the watermark, this makes a 2 ½ factor authentication process. Fingerprint biometrics taken with the mobile camera is used as an example to show how MA protocol works.


Biometrics fingerprint identity mobile device watermark 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Schwiderski-Grosche, S., Knospe, H.: Secure Mobile Commerce. Electronics & Communication Engineering Journal, 228–238 (2002)Google Scholar
  2. 2.
  3. 3.
    Kambourakis, G., Gritzalis, S., Park, J.H.: Device Authentication in Wireless and Pervasive Environments. Intelligent Automation and Soft Computing 16(3), 399–418 (2010)Google Scholar
  4. 4.
    Indvik, L.: 5 Big Trends in Mobile Commerce. The 2012 E-Commerce Leaders’ Playbook. Power Retail (2012),,
  5. 5.
    Savitz, E.: Mobile Commerce Needs New Authentication Schemes, Forb (December 2011),
  6. 6.
    Jain, A.K., Hong, L., Bolle, R.M.: On-line Fingerprint Verification. IEEE Trans. Pattern Analysis and Machine Learning 19(4), 302–314 (1997)CrossRefGoogle Scholar
  7. 7.
    Dimitriadis, C.K., Polemi, D.: Biometric-Enabled Authentication in 3G/WLAN Systems. In: Proc. 39th IEEE Conference on Security Technology, pp. 164–167 (2005)Google Scholar
  8. 8.
    Shabeer, H., Suganthi, P.: Mobile Phone Security Using Biometrics. In: Proc. Int. Conf. on Computational Intelligence and Multimedia Applications, pp. 270–272 (2007)Google Scholar
  9. 9.
    Aissi, S., Dabbous, N., Prasad, A.R.: Security for Mobile Networks and Platforms. Artech House, Boston (2006)Google Scholar
  10. 10.
    Loretta, M.: Biometric Security for Mobile Banking. World Resource Institute, Markets Enterprise, White Paper, Washington, USA (2008) Google Scholar
  11. 11.
    Parziale, G., Chen, Y.: Advanced Technologies for Touchless Fingerprint Recognition. In: Handbook of Remote Biometrics, Advances in Pattern Recognition, Part I, pp. 83–109. Springer (2009)Google Scholar
  12. 12.
    Chen, Y., Parziale, G., Santana, E.D., Jain, A.K.: 3D Touchless Fingerpints: Compatibility with Legacy Rolled Images. In: Proc. Biometric Consortium Conf., Baltimore, MD (2006)Google Scholar
  13. 13.
    Lee, C., Lee, S., Kim, J.: A Study of Touchless Fingerprint Recognition System. In: Yeung, D.-Y., Kwok, J.T., Fred, A., Roli, F., de Ridder, D. (eds.) SSPR & SPR 2006. LNCS, vol. 4109, pp. 358–365. Springer, Heidelberg (2006)Google Scholar
  14. 14.
    Lee, C., Lee, S., Kim, J., Kim, S.-J.: Preprocessing of a Fingerprint Image Captured with a Mobile Camera. In: Zhang, D., Jain, A.K. (eds.) ICB 2005. LNCS, vol. 3832, pp. 348–355. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    Hiew, B.Y., Teoh, A.B.J., Yin, O.S.: A Secure Digital Camera based Fingerprint Verification System. Journal of Visual Communication and Image Representation 21(3), 219–231 (2010)CrossRefGoogle Scholar
  16. 16.
    Su, Q., Tian, J., Chen, X., Yang, X.: A Fingerprint Authentication System Based on Mobile Phone. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 151–159. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Derawi, M.O., Yang, B., Busch, C.: Fingerprint Recognition with Embedded Cameras on Mobile Phones. In: Prasad, R., Farkas, K., Schmidt, A.U., Lioy, A., Russello, G., Luccio, F.L. (eds.) MobiSec 2011. LNICST, vol. 94, pp. 136–147. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Han, F., Hu, J., Alkhathami, M., Xi, K.: Compatibility of Photographed Images with Touch based Fingerprint Verification Software. In: Proc. 6th IEEE Conf. on Industrial Electronics and Applications, Beijing, China, pp. 1034–1039 (2011)Google Scholar
  19. 19.
    Chen, Y., Han, F., Liu, H., Lu, J.: 3D Reconstruction from Planar Points: A Candidate Method for Authentication of Fingerprint Images Captured by Mobile Devices. In: Proc. Int. Symp. Circuits and Systems, ISCAS (2012)Google Scholar
  20. 20.
    Cox, I., Miller, M., Bloom, J., Fridrich, J., Kalker, T.: Digital Watermarking and Steganography. Morgan Kaufman (2007) ISBN 978-0123725851Google Scholar
  21. 21.
    Al-Gindy, A., Al-Ahmad, H., Qahwaji, R., Tawfik, A.: A New Watermarking Scheme for Color Images Captured by Mobile Phone Cameras. Int. Journal of Computer Science and Network Security 9(7), 248–253 (2009)Google Scholar
  22. 22.
    Moreno, O., Tirkel, A., Van Schyndel, R., Parampalli, U.: New Families of 2D & 3D Arrays for Sub-Image Watermarking. In: Network and Systems Security (NSS 2010), Melbourne, Australia (2010)Google Scholar
  23. 23.
    Wong, P.W.: A Public Key Watermark for Image Verification and Authentication. In: Proc. IEEE Int. Conf. Image Processing, Chicago, USA, pp. 425–429 (1998)Google Scholar
  24. 24.
    Schmidt, A.U., Kuntze, N., Kasper, M.: On the Deployment of Mobile Trust Modules. In: WCNC, pp. 3169–3174 (2008)Google Scholar
  25. 25.
    Kim, M., Ju, H., Kim, Y., Park, J., Park, Y.: Design and Implementation of Mobile Trusted Module for Trusted Mobile Computing. IEEE Trans. Consumer Electronics 56(1), 134–140 (2010)CrossRefGoogle Scholar
  26. 26.
    Ratha, N., Connell, J., Bolle, R.M.: Enhancing Security and Privacy in Biometric-based Authentication Systems. IBM Syst. Journal 40(3), 614–634 (2001)CrossRefGoogle Scholar
  27. 27.
    Ahmad, T., Han, F.: Cartesian and Polar Transformation-based Cancellable Fingerprint Template. In: Proc. 37th IEEE Annual Conference on Industrial Electronics Society (IECON), Melbourne, Australia (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Fengling Han
    • 1
  • Ron van Schyndel
    • 1
  1. 1.School of Computer Science and Information TechnologyRMIT UniversityMelbourneAustralia

Personalised recommendations