Table of Contents Author Guidelines Submit a Manuscript
The Scientific World Journal
Volume 2014, Article ID 864571, 19 pages
http://dx.doi.org/10.1155/2014/864571
Research Article

Security Enhanced EMV-Based Mobile Payment Protocol

Department of Information & Computer Engineering, Chung Yuan Christian University, 200 Chung Pei Road, Chung Li, Taoyuan County 32023, Taiwan

Received 15 May 2014; Accepted 8 August 2014; Published 15 September 2014

Academic Editor: Jiguo Li

Copyright © 2014 Ming-Hour Yang. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Near field communication has enabled customers to put their credit cards into a smartphone and use the phone for credit card transaction. But EMV contactless payment allows unauthorized readers to access credit cards. Besides, in offline transaction, a merchant’s reader cannot verify whether a card has been revoked. Therefore, we propose an EMV-compatible payment protocol to mitigate the transaction risk. And our modifications to the EMV standard are transparent to merchants and users. We also encrypt the communications between a card and a reader to prevent eavesdropping on sensitive data. The protocol is able to resist impersonation attacks and to avoid the security threats in EMV. In offline transactions, our scheme requires a user to apply for a temporary offline certificate in advance. With the certificate, banks no longer need to lower customer’s credits for risk control, and users can have online-equivalent credits in offline transactions.