Currently above 90% of the cards used are debit cards, and there are a huge number of mobile subscribers in China. The combination of mobile business and financial payment means promoted the development of mobile payment service. At present the mobile company mainly participates in the mobile payment service, while the banks are not the dominant part. The security problem still serves as the bottleneck of the advance of mobile payment. SET (Secure Electronic Transaction) protocol is the online safe transaction agreement which is established according to the widely usage condition of credit card in western countries, and the usage environment is not limited in the preliminary stage of establishment. With this background, this paper proposes an attempt to apply SET to the wireless environment based on the detailed study of SET. The main work is as follows:(1) The online personal password PIN extension standard recommended by SETCO, the message flow of extended SET protocol and the payment process of debit card are mainly investigated. The higher requirements for the PIN authentication and system processing speed are also analyzed.(2) The possibility of applying the SET protocol to the wireless environment is proposed by the analysis of WAP network construction and WTLS security protocol. The limitations of the extension application brought by the SET protocol characteristics, the mobile terminal and the wireless network are also studied.(3) An optimized strategy for electronic wallet in the mobile terminal is proposed according to the Remote M-Wallet Standards made by global commerce compatibility group (GMCIG). The traditional SET protocol "fat" electronic wallet integrating various functions is divided into the electronic wallet client and the electronic wallet server, which is installed in the mobile terminal and reserved in the card-sending banks (the third-party financial organization), respectively. The problems accompanied in the optimized strategy, i.e. the safe connection between the electronic wallet client and server in wireless environment, certification preservation and ID authentication, are solved, and a mobile payment system model is obtained based on SET protocol.(4) A software layer model of the mobile payment system based on the SET protocol is designed on the J2ME and J2EE platforms, each module and the whole process of the transaction are described. The transaction between the electronic wallet client, the electronic wallet server and the commercialist system is modeled and the processing is presented on the simulators. The extension of the proposed SET agreement on debit card, the feasibility and validity of the mobile-client electronic wallet optimization strategy are well verified.This paper is supported by Shaanxi Narural Science Funds (2006F50) and Aviation Science Funds (06ZC31001). |