Secure Protocol for Financial Transactions Using Smartphones - SPFT - Formally Proved by AVISPA

Shizra Sultan; Abdul Ghafoor Abbasi; Awais Shibli; Ali Nasir

doi:10.5220/0005059903870392

Secure Protocol for Financial Transactions Using Smartphones - SPFT - Formally Proved by AVISPA

Shizra Sultan, Abdul Ghafoor Abbasi, Awais Shibli, Ali Nasir

2014

Abstract

Smartphones are overpowering the IT world by rising as a prerequisite for other technologies. Emerging technology paradigms such as Cloud computing, web data services, online banking and many others are revamping them as compatibility to smartphones. Banking is a vital and critical need in daily life. It involves routine financial transactions among sellers, buyers and third parties. Several payment protocols are designed for mobile platforms which involve hardware tokens, PIN, credit cards, ATMs etc. for secure transactions. Many of them are not properly verified and have hidden flaws .Numerous vulnerabilities have been found in existing solutions which raise a big question about the defense capability of smartphones to protect user’s data. In this paper we propose a secure payment protocol for smartphones without using any hardware token. It implicates bank as a transparent entity and users rely on a payment gateway to mark a successful transaction. Suggested protocol uses symmetric keys, Digital certificates X.509, and two-factor authentication to make a secure financial deal. To prove the secrecy and authentication properties of the protocol we have formally verified it by AVISPA.

Download

Paper Citation

in Harvard Style

Sultan S., Abbasi A., Shibli A. and Nasir A. (2014). Secure Protocol for Financial Transactions Using Smartphones - SPFT - Formally Proved by AVISPA . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 387-392. DOI: 10.5220/0005059903870392

in Bibtex Style

@conference{secrypt14,
author={Shizra Sultan and Abdul Ghafoor Abbasi and Awais Shibli and Ali Nasir},
title={Secure Protocol for Financial Transactions Using Smartphones - SPFT - Formally Proved by AVISPA},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={387-392},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005059903870392},
isbn={978-989-758-045-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Secure Protocol for Financial Transactions Using Smartphones - SPFT - Formally Proved by AVISPA
SN - 978-989-758-045-1
AU - Sultan S.
AU - Abbasi A.
AU - Shibli A.
AU - Nasir A.
PY - 2014
SP - 387
EP - 392
DO - 10.5220/0005059903870392