Design of secure mobile payment protocols for restricted connectivity scenarios

The emergence of mobile and wireless networks made posible the extensión of electronic commerce to a new area of research: mobile commerce called m-commerce, which includes mobile payment), that refers to any e-commerce transaction made from a mobile device using wireless networks. Most of the mobile payment systems found in the literatura are based on the full connectivity scenario where all the entities are directly connected one to another but do not support business models with direct communication restrictions between the entities of the system is not a impediment to perform comercial transactions. It is for this reason that mobile payment systems that consider those situations where direct communications between entities of the system is not posible (temporarily or permanently) basically due to the impossibility of one of the entities connected to the Internet are required. In order to solve the current shortage in the scientific world of previous research works that address the problema of on-line payment from mobile devices in connectivity restricted scenarios, in this thesis we propose a set of secure payment protocols (that use both symmetric and non-traditional asymmetric cryptography), which have low computational power requirements, are fit for scenarios with communications restrictions (where at least two of the entities of the system cannot exchange information in a direct way and must do it through another entity) and offer the same security capabilities as those protocols designed for full connectivity scenarios. The proposed protocols are applicable to other types of networks, such as vehicular ad hoc network (VANETs), where services exist which require on-line payment and scenarios with communication restrictions.On the other hand, the implementation (in a multiplatform programming language) of the designed protocols shows that their performance is suitable for devices with limited computational power.Postprint (published version

An Endorsement-Based Mobile Payment System for a Disaster Area

AINA-2015 : IEEE 29th International Conference on Advanced Information Networking and Applications , Mar 24-27, 2015 , Gwangju, KoreaA payment system in a disaster area is essential for people to buy necessities such as groceries, clothing, and medical supplies. However, existing payment systems require the needed communication infrastructures (like wired networks and cellular networks) to enable transactions, so that these systems cannot be relied on in disaster areas, where these communication infrastructures may be destroyed. In this paper, we propose a mobile payment system, adopting infrastructure less mobile adhoc networks (MANETs), which allow users to shop in disaster areas while providing secure transactions. Specifically, we propose an endorsement-based scheme to guarantee each transaction and a scheme to provide monitoring based on location information, and thus achieve transaction validity and reliability. Our mobile payment system can also prevent collusion between two parties and reset and recover attacks by any user. Security is ensured by using location-based mutual monitoring by nearby users, avoiding thereby double spending in the system

The Future of the Internet III

Presents survey results on technology experts' predictions on the Internet's social, political, and economic impact as of 2020, including its effects on integrity and tolerance, intellectual property law, and the division between personal and work lives

Spending time with money: from shared values to social connectivity

This article has been made available through the Brunel Open Access Publishing Fund.There is a rapidly growing momentum driving the development of mobile payment systems for co-present interactions, using near-field communication on smartphones and contactless payment systems. The design (and marketing) imperative for this is to enable faster, simpler, effortless and secure transactions, yet our evidence shows that this focus on reducing transactional friction may ignore other important features around making payments. We draw from empirical data to consider user interactions around financial exchanges made on mobile phones. Our findings examine how the practices around making payments support people in making connections, to other people, to their communities, to the places they move through, to their environment, and to what they consume. While these social and community bonds shape the kinds of interactions that become possible, they also shape how users feel about, and act on, the values that they hold with their co-users. We draw implications for future payment systems that make use of community connections, build trust, leverage transactional latency, and generate opportunities for rich social interactions

Electronic security - risk mitigation in financial transactions : public policy issues

This paper builds on a previous series of papers (see Claessens, Glaessner, and Klingebiel, 2001, 2002) that identified electronic security as a key component to the delivery of electronic finance benefits. This paper and its technical annexes (available separately at http://www1.worldbank.org/finance/) identify and discuss seven key pillars necessary to fostering a secure electronic environment. Hence, it is intended for those formulating broad policies in the area of electronic security and those working with financial services providers (for example, executives and management). The detailed annexes of this paper are especially relevant for chief information and security officers responsible for establishing layered security. First, this paper provides definitions of electronic finance and electronic security and explains why these issues deserve attention. Next, it presents a picture of the burgeoning global electronic security industry. Then it develops a risk-management framework for understanding the risks and tradeoffs inherent in the electronic security infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovation, privacy, quality of service, and security in designing an electronic security policy framework. Finally, it outlines issues in seven interrelated areas that often need attention in building an adequate electronic security infrastructure. These are: 1) The legal framework and enforcement. 2) Electronic security of payment systems. 3) Supervision and prevention challenges. 4) The role of private insurance as an essential monitoring mechanism. 5) Certification, standards, and the role of the public and private sectors. 6) Improving the accuracy of information on electronic security incidents and creating better arrangements for sharing this information. 7) Improving overall education on these issues as a key to enhancing prevention.Knowledge Economy,Labor Policies,International Terrorism&Counterterrorism,Payment Systems&Infrastructure,Banks&Banking Reform,Education for the Knowledge Economy,Knowledge Economy,Banks&Banking Reform,International Terrorism&Counterterrorism,Governance Indicators