NFC-mobile Payment System Based on POS Terminal Authentication
Abstract
Payment development has increased rapidly in recent years. A most recent development is contactless mobile payment systems that use NFC-enabled phones. Therefore, many researchers have proposed payment systems that use NFC-enabled phones in attempt to achieve availability, simplicity, security, and privacy in a transaction. Moreover, NFC can be subject to a number of attacks and more specifically a recent attack called relay attack. In this situation, an attacker will extend the range of communication using NFC devices and make an unauthorized payment with the victim’s device. This thesis proposes a new mobile payment system using an NFC-enabled phone. Our proposed system is based on POS authentication by using the ability of NFC devices to read tags, where this tag will contain a random message generated by the POS. The proposed system also uses a new cryptography approach that offers a dynamic pre-shared symmetric key mechanism to protect banking information.