Design of Secure and Efficient Electronic Payment System for Mobile Users

  • Prerna MohitEmail author
  • Ruhul Amin
  • G. P. Biswas
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 655)


The recent advancement in smart phones and its widespread popularity switches the users of traditional computing to mobile computing. In addition, to facilitate users, hand held devices such as a mobile phone application for the payment method should be accepted for practical implementation. Recently, Yang et al. proposed an electronic payment protocol using payment gateway and claims that this scheme is suitable for cloud computing, where payment gateway is placed in the cloud area and all the communication between user, merchant, bank is performed via the payment gateway. However, it is known that cloud server is not considered as completely secured entity. Hence, by putting payment gateway on cloud server the author is endangering the security of system as a consequence it is not suitable for cloud environment. In this paper, we propose an efficient electronic payment protocol for mobile environment where mobile users can directly communicate with the merchant. It has been shown that our protocol has better security performance in terms of different attacks.


e-payment Mobile commerce Security Symmetric key 


  1. 1.
    Sun, P.-C., Liu, Y.-L., Luo, J.-J.: Perceived risk and trust in online group buying context. In: 2010 3rd International Conference on Information Management, Innovation Management and Industrial Engineering, vol. 3, pp. 660–663. IEEE (2010)Google Scholar
  2. 2.
    Tsai, M.-T., Cheng, N.-C., Chen, K.-S.: Understanding online group buying intention: the roles of sense of virtual community and technology acceptance factors. Total Qual. Manage. Bus. Excellence 22(10), 1091–1104 (2011)CrossRefGoogle Scholar
  3. 3.
    Buccafurri, F., Lax, G.: Implementing disposable credit card numbers by mobile phones. Electron. Commer. Res. 11(3), 271–296 (2011)CrossRefzbMATHGoogle Scholar
  4. 4.
    Chari, S., Kermani, P., Smith, S., Tassiulas, L.: Security issues in M–commerce: a usage–based taxonomy. In: Liu, J., Ye, Y. (eds.) E-Commerce Agents. LNCS, vol. 2033, pp. 264–282. Springer, Heidelberg (2001). doi: 10.1007/3-540-45370-9_16
  5. 5.
    Lu, S., Smolka, S.A.: Model checking the secure electronic transaction (set) protocol. In: Proceedings of the 7th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, pp. 358–364. IEEE (1999)Google Scholar
  6. 6.
    Harkins, D., Carrel, D.: The internet key exchange (ike). Technical report (1998)Google Scholar
  7. 7.
    Kungpisdan, S., Srinivasan, B., Le, P.D.: Lightweight mobile credit-card payment protocol. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 295–308. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-24582-7_22
  8. 8.
    Isaac, J.T., Cámara, J.S.: Anonymous payment in a client centric model for digital ecosystems. In: 2007 Inaugural IEEE-IES Digital EcoSystems and Technologies Conference, pp. 422–427. IEEE (2007)Google Scholar
  9. 9.
    Kungpisdan, S., Srinivasan, B., Le, P.D.: A secure account-based mobile payment protocol. In: Proceedings of the International Conference on Information Technology: Coding and Computing, ITCC 2004, vol. 1, pp. 35–39. IEEE (2004)Google Scholar
  10. 10.
    Fun, T.S., Beng, L.Y., Roslan, R., Habeeb, H.S.: Privacy in new mobile payment protocol. In: Proceedings of World Academy of Science, Engineering and Technology, vol. 30, pp. 443–447. Citeseer (2008)Google Scholar
  11. 11.
    Isaac, J.T., Zeadally, S.: An anonymous secure payment protocol in a payment gateway centric model. Procedia Comput. Sci. 10, 758–765 (2012)CrossRefGoogle Scholar
  12. 12.
    Yang, J.-H., Lin, P.-Y.: A mobile payment mechanism with anonymity for cloud computing. J. Syst. Softw. 116, 69–74 (2016)CrossRefGoogle Scholar
  13. 13.
    HafizulIslam, S.K., Amin, R., Biswas, G.P., Obaidat, M.S., Khan, M.K.: Provably secure pairing-free identity-based partially blind signature scheme and its application in online e-cash system. Arab. J. Sci. Eng. 41(8), 3163–3176 (2016)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Kandukuri, B.R., Rakshit, A., et al.: Cloud security issues. In: IEEE International Conference on Services Computing, SCC 2009, pp. 517–520. IEEE (2009)Google Scholar
  15. 15.
    Krutz, R.L., Vines, R.D.: Cloud Security: A Comprehensive Guide to Secure Cloud Computing. Wiley, Indianapolis (2010)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2017

Authors and Affiliations

  1. 1.Indian Institute of Technology (ISM)DhanbadIndia
  2. 2.Thapar UniversityPatialaIndia

Personalised recommendations