Research On Security Strategy And Technology For New Mobile Payment

With the rapid development of mobile communication technology and terminal equipment,mobile e-commerce came into being. Mobile commerce did the business with the advantages ofboth convenient and fast. Once came out, it received a wide range of favor, became a new directionof electronic commerce, and had great market prospects. However, with the particularity ofwireless network and limitation of terminal computing power, mobile payment security hasbecome the main problems that to be solved. This paper has done some research on securitystrategy and technology for mobile payment, and taken mobile banking for example to discuss thesecurity technology of mobile payment.Firstly, this paper studied the development and technology implementation of mobile banking,and then obtained the advantages of client implementation by compare with SMS, STK and WAP.Based on the above considerations, this paper chosed encryption method from applicationlayer, and then designed a connection scheme of mobile banking based on encryption SDKey.People used SDKey to achieve authentication and both communication parties transmittedinformation by using encrypted message. And then this paper did some research on systemstructure of encryption SD cards, it designed functions of encryption SD card which can meet therequirements of mobile payment. It also optimized algorithms using in SD card, introduced pre-screening algorithm in the process of finding large prime numbers that greatly reduced the numberof prime test, and used the Chinese remainder theorem to improve the efficiency of RSA modularexponential. In the final chapter, it described the SD card’s attacks and preventive measures.Secondly, this paper studied the security strength of authentication system through increasingthe number of factors. Then it proposed an authentication method based on SDKey in standardWPKI environment. It stored user certificate and private key in the SD card and did bothauthentications with server. An end-to-end security was achieved. In addition, hybrid encryption ofcommunication was proposed.In the end, this thesis developed mobile phone bank system in the latest android platformbased on proposal connection scheme, which was proved feasibility and high safety.