NUST Institutional Repository
Security Protocol for NFC Enabled Mobile Devices Used in Financial Applications
- DSpace Home
- →
- E-Theses
- →
- SEECS
- →
- Computer Science
- →
- MS
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Faridoon, Osama Bin | |
| dc.date.accessioned | 2020-11-02T07:30:24Z | |
| dc.date.available | 2020-11-02T07:30:24Z | |
| dc.date.issued | 2015 | |
| dc.identifier.uri | http://10.250.8.41:8080/xmlui/handle/123456789/8231 | |
| dc.description | Supervisor: Dr. Abdul Ghafoor Abbasi | en_US |
| dc.description.abstract | The fostering of NFC in everyday tasks and with growth in applications involving contactless transactions based on NFC; there is a requirement from users and industry to address the security issues affecting mobile payments. The current NFC security standards ECMA-385 and ECMA-386 are inadequate to address most of the security concerns such as privacy infringements, unauthorized access to financial data, theft of mobile data exchanged between terminal and mobile device. By considering the current and future security requirements, we designed a NFC based security protocol for financial applications, which addresses security requirements holistically and provides local and remote mutual authentication, confidentiality, integrity and non-repudiation. It is based on some common and extended security features which help to increase the reliability of NFC based systems. After designing, we verified our protocol using formal verification tools like Scyther and established our designed protocol resists against spoofing attack, man-in-the-middle attack, replay and skimming attacks. It ensures the secrecy of transaction data, privacy of the users and also ensures that only authenticated and authorized NFC device holder and PoS terminals are securely exchanging financial data to perform the transaction. As a proof of concept, we implemented our solution using Java Technology for Android based NFC mobile devices and successfully deployed it in our local environment to test its correctness and behavior. We also provided a comprehensive comparison of our protocol with other NFC based financial protocols. We found that the mutual authentication, confidentiality, integrity, authorization and non-repudiation services help to protect against most of the security attacks related to mobile financial transactions. Since this protocol is flexible, generalized and reliable, so the whole system is not depended on the third parties and any prior knowledge. | en_US |
| dc.publisher | SEECS, National University of Science & Technology | en_US |
| dc.subject | Security Protocol, NFC Enabled Mobile Devices, Computer and Communication Security | en_US |
| dc.title | Security Protocol for NFC Enabled Mobile Devices Used in Financial Applications | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
MS [375]