CONCLUSION

The goal of this chapter is to research the area of mobile payment and to understand the concepts and emerging technologies that can benefit the mobile payments with respect mobile payment usability and security.

However, it has not yet become a mainstream approach for making payments. Non-secured mobile payments are simply not acceptable.

Although the technologies in the development of mobile payments have improved and are experi - encing a significant development, mobile devices and wireless networks are still “resource-limited” compared to PCs and fixed-line network? The difficulty in building mobile payment systems lies in how to provide payment transactions with security and practicality.

The contribution of this chapter is as follows: The security mechanism is understood thoroughly and is concluded that these systems provide secu­rity at transaction, network level and application level. The Payment Systems developed should provide the security at each and every level to improve the customer satisfaction as well as value chain of an organization.

REFERENCES

Advanced Encryption Standard (AES) Federal In­formation Processing Standards Publication 197. (2001, November 26). Retrieved from http://csrc. nist.gov/publications/fips/fips197/fips-197.pdf

AlShaali & Varshney. (2005). On the usability of mobile commerce. International Journal of Mo­bile Communications, 3(1), 29-37.

Barkan., et al. (2003). Instant ciphertext-only cryptanalysis of GSM encrypted communication. In Proceedings of CRYPTO 2003. Academic Press.

Biryukov., et al. (2000). Real time cryptanalysis of A5/1 on a PC. In Proceedings of Fast Software Encryption Workshop. Academic Press.

Bocan., et al. (2006). Mitigating denial of service threats in GSM networks. In Proceedings of 1st IEEE International Conference on Availability, Reliability and Security (ARES^,06). IEEE.

Breakthroughs in the European Mobile Payment Market. (n.d.). Retrieved from http://www.atos. net/nr/rdonlyres/5d50edc1-4e05.../wp_mobile_ payment.pdf

Buhan., et al. (n.d.). Mobile payments in m­commerce. Telecom Media Networks. Retrieved from www.citeseerx.ist.psu.edu/viewdoc/ download?doi=10.1.1.5.1804...

Chandra. (2005). Bulletproof wireless security, GSM, UMTS, 802.11 and ad hoc security. Lon­don: Elsevier.

Delfs, H., & Knebl, H. (2002). Introduction to cryptography: Principles and applications. New York, NY: Springer. doi:10.1007/978-3-642- 87126-9

Fourat., et al. (2002). A SET based approach to secure the payment in mobile commerce. In Pro­ceedings of the 27th Annual IEEE Conference on Local Computer Networks. IEEE.

Innopay. (n.d.). Mobile payments 2010. Retrieved from http://admin.nacha.org/userfiles/File/ The_Internet_Council/Resources/Mobile%20 payments%202010%20-%20Innopay.pdf

ISO/IEC7810. (n.d.). Retrieved from http://webstore.iec.ch/preview/info_ isoiec7810%7Bed3.0%7Den.pdf

ISO/IEC7816. (n.d.). Retrieved from www.iso.org/ iso/iso_catalogue/catalogue_tc/catalogue_detail. html

Karnouskos., et al. (2004). The European per­spective on mobile payments. In Proceedings of IEEE Symposium on Trends in Communications (SympoTIC '04). Bratislava, Slovakia: IEEE.

Lee., et al. (2006). A payment & receipt business model in u-commerce environment. In Proceed­ings of ACM International Conference on Elec­tronic Commerce. ACM.

Leger., et al.

Li & Wang. (n.d.). Secure electronic transaction (SETprotocol). Retrieved from http://people.dsv. su. se/~matei/courses/IK2001_SJE/li-wang_S ET. pdf

Lin., et al. (2000). Mobile prepaid phone services. IEEE Personal Communications, 7(3), 6-14. doi:10.1109/98.847918

Mallat., et al. (2004). Mobile banking services. Communications of the ACM, 47(5), 42-46. doi:10.1145/986213.986236

Me., et al. (2006). Mobile local micropayments: Security and prototyping. IEEE Pervasive Com- puting/IEEE Computer Society [and] IEEE Communications Society, 94-100. Retrieved from www.computer.org/pervasive doi:10.1109/ MPRV.2006.78

Mobile Payment Forum. (n.d.). Retrieved from www.mpf.org

Models of Mobile Payments. (n.d.). Retrieved from www.techrepublic.com/whitepapers/.../mobile.../ mobile+payments

Nambiar., et al. (2004). Analysis of payment transaction security in mobile commerce. In Proceedings of the International Conference on Information Reuse and Integration. IEEE.

Pallikondan. (n.d.). Infrastructure support for mo­bile computing. Retrieved from http://pdf.aminer. org/000/296/084/specifying_a_mobile_comput- ing_infrastructure_and_services.pdf

PayPal Web Site. (n.d.). Retrieved from http:// www.paypal.com

Research Online. (n.d.). Retrieved from http:// www.ro.uow.edu.au/infopapers/728

RSA Algorithm. (n.d.). Retrieved from http://www. rsa.com/rsalabs/node.asp?id=2146

Scenarios, P. M. P. B. Research Report on Stake­holder Perspectives. (2008). A smart card alliance contactless payments council white paper. Author.

Schneier. (1996). Applied cryptography (2^nd ed.). New York: Wiley Publication.

Security of Smart Phones. (n.d.). Retrieved from www.mulliner.org/mobilesecurity/2006_mul- liner_MSThesis.pdf

SET.

SET. (n.d.b). Retrieved from http://www.lyle.smu. edu∕~nair∕courses∕7349∕SET.ppt

SET Protocol. (n.d.). Retrieved from http://www. isaca.org/Journal/Past-Issues/2000/Volume-6/ Pages/Secure-Electronic-Transaction-SET- Protocol.aspx

Smart Card Tutorial. (n.d.). Retrieved from http:// www.smartcard.co.uk/tutorials/sct-itsc.pdf

Stallings, W. (2006). Cryptography and network security: Principles and practice (3rd ed.). Upper Saddle River, NJ: Pearson Prentice Hall.

Stamp, M. (2006). Information security principles and practice. New York: Wiley Publications.

Thanh., et al. (2007). Using the mobile phone as a security token for unified authentication. In Pro­ceedings of Second International Conference on Systems and Networks Communications. ICSNC.

Van der Merwe. (2003). Mobile commerce over GSM: A banking perspective on security. Author.

Varshney & Vetter. (2002). Mobile com­merce: Framework, applications and net­working support. Retrieved from http:// docis.info/docis/lib/goti/rclis/dbl/monetm/ (2002)%253C185%253AFAANS%253E∕www. cis.gsu.edu%252F~uvarshne%252Fpapers%252 FMONET1.pdf

Varshney. (2003). Location management for mobile commerce applications in wireless inter­net environment. ACM Transactions on Internet Technology, 3(3), 236-255.

Varshney, Vetter, & Kalakota. (n.d.). Mobile commerce: A new frontier. Retrieved from http:// www.csee.umbc.edu/courses/graduate/666/mo- bile_commerce.pdf

Venkataram & Babu B. (1996). Wireless & mo­bile network security. New Delhi: McGraw Hill Publications.

ADDITIONAL READING

Andreou, S., Chrysostomou, C., Leonidou, C., Mavromoustakos, S., & Pitsillides, A. Mobile Commerce Applications and Services: A Design and Development Approach. http://seacorn.cs.ucy. ac.cy/papers/files/m-commerce-final_revised.pdf

Kavassalis., et al. (2003). A Mobile permission marketing: Faming the market inquiry.

Lee., et al. (2003) A System Model for Mobile Commerce. Proceedings ofthe 23rd International Conference on Distributed Computing Systems Workshops (ICDCSW’03).

Munusamy and Leang. (2002). Characteristics of Mobile Devices and an Integrated M-Commerce Infrastructure for M-Commerce Deployment. Proceedings ofthe Second International Workshop on Internet Computing and E-Commerce (ICECE 2002), Florida, USA.)

Raina., et al. (2011) Technological Background of GSM on Application of Mobile Commerce through Mobile Payments. Proceedings of Inter­national Conference on Information Technology and Business Intelligence, (ITBI-Nov’2011).

Stanoevska-Slabeva, K. (2003) Towards a refer­ence model for m-commerce applications. Pro­ceedings of ECIS 2003 Conference, Neaples, Jun, 2003. Rajnish Tiwari, Stephan Buse and Cornelius Herstatt. From Electronic To Mobile Commerce: Technology Convergence Enables Innovative Business Services.http://mobileprospects.com/ publications/files/E2M-Commerce.pdf

Tarasewich, P., et al. (2002). Issues in Mobile E­Commerce. Communications of the Association for Information Systems, 8, 41-64.

Tsalgatidou and Veijalainen. (2000). Mobile Electronic Commerce: Emerging Issues Ist International Conference on E-Commerce and Web Technologies, London, Greenwich, UK, September 4-6, 2000, Lecture Notes in Computer Science, pp. 477-486.

Zheng and Chen. (2003). Study of Mobile Pay­ments System. Proceedings of the IEEE Interna­tional Conference on E-Commerce (CEC'03).

This work was previously published in Electronic Payment Systems for Competitive Advantage in E-Commerce, edited by Fran­cisco Liebana-Cabanillas, Francisco Munoz-Leiva, Juan Sanchez-Fernandez, and Myriam Martlnez-Fiestas, pages 186-222, copyright 2014 by Business Science Reference (an imprint of IGI Global).

APPENDIX

List of Acronyms

A3: Authentication Algorithm

A5: Ciphering Algorithm

A8: Ciphering Key generating Algorithm

ADSL: Asymmetric Digital Subscriber Line

AES: Advanced Encryption Standard

AFIS: Automated Fingerprint Identification System

AMPS: Advanced Mobile Phone System

API: Application Programming Interface

ATM: Automated Teller Machine

AuC: Authentication Centre

CA: Certificate Authority

CDMA: Code Division Multiple Access

COMP-128: Hash Function

CPU: Central Processing Unit

DES: Data Encryption Standard

DSA: Digital Signature Authority

DSS: Digital Signature Systems

ECC: Elliptic Curve Cryptography.

ECMA: European Association for Standardizing Information and Communication Systems.

EMV: Electronic Master Visa

ICCID: Security Authentication and Ciphering Information

IES: Integrated Encryption Scheme

IMT-Advanced: International Mobile Telecommunications Advanced

ISO: International Standard Organization

ITU-R: International Telecommunication Union Radio communication sector

IVR: Interactive Voice Response

MAC: Message Authentication Code

M-Commerce: Mobile Commerce

MD5: Message Digest

ME: Mobile Equipment

MEID: Mobile Equipment Identifier

MIDP: Mobile Information Device Profile

MIM: Mobile Inventory Management

MIMO: Multiple Input Multiple Output

MITM: Man in the Middle Attack

MMS: Multimedia Messaging Services

MNO: Mobile Network Operator

MPN: Mobile Phone Network

MPSP: Mobile Payment Service Provider

MSC: Mobile Switching Centre

MSISDN: Mobile Station ISDN number

MSRN: Mobile Station Roaming Number

OMA: Open Mobile Alliance

OTA: Over the Air

P2P: Peer to Peer

PAN: Personal Area Network

PCMCIA: Personal Computer Memory Card International Association

PDA: Personal Digital Assistant

PIN: Personal Identification Number

PIN: Personal Identification Number

PKI: Public key Infrastructure

PLMN: Public Land Mobile Network

PLS: Product Location and Search

POS: Point Of Sale

POTS: Plain Old Telephone Service

PSM: Proactive Service Management

PSP: Payment Service Provider

PSTN: Public Switched Telephone Network

PT2MP: Point-to-Multipoint

PTP: Point-to-Point

PUK: Personal Unblocking Code

RAN: Radio Access Network

RAND: Random number

RC5: Ron’s Code encryption algorithm

RFID: Radio Frequency Identification

RSA: Rivest-Shamir-Adelman

SE: Secure Element

SET: Secure Electronic Transactions

SHA-1: Secure Hash Algorithm ver.1.0

SIM: Subscriber Identity Module

SMS-G: SMS Gateway

SRES: Signed Response

SSH: Secure Shell Network Protocol for Secure Data Communication

SSL: Secure Socket Layer Protocol

SWP: Single Wire Protocol

218