Security Research On Mobile Payment Based On The Third Party

Mobile payment is a convenient mean of economic transactions, which is used withmobile terminal to complete payment. Due to the rapid development of the intelligentterminals in recent years, mobile payment demand is rising in the field of social from allwalks of life, and the unprecedented demand for it is raising. And the third party mobilepayment method is the fastest growing one and takes up the largest percentage in the mobilepayment market. But the security problems in the process of mobile payments have been oneof the biggest factors to hinder its development, so this paper choose the security research formobile payment based on the third party.In this paper, important technical and theory about mobile payment based on the thirdparty are done in-depth research. The content includes Two-dimension code technology anddigital encryption technology, and the theory of formal verification, which is used to verifyproject safety from the angle of theory.This paper studies and analyses the existing mobile payment scheme based on the thirdparty, and discovers two potential safety hazard: secure input problem on mobile terminal andsecurity problem in the process of short range payment transformed to remote payment. Andit makes the research and analysis to the security problems, and puts forward the dynamicinput and composite encryption scheme, the third party certification scheme and dedicatedcomposite encryption scheme to improve the security performance, and redesigns thepayment process and encryption scheme in interaction, so that comprehensively improvessecurity and effectiveness on the payment process. To the logged-in users in the process ofmobile payment, this paper chooses the Kerberos authentication protocol, and uses thedynamic password and Diffie-Hellman algorithm to improve the encryption mean for ticket.So logged-in users only need to input dynamic password when they want to use other serviceson this platform. In this method, payment security and efficiency both have been made goodimprovement.Finally, with formal verification theory including model checking and formal logicverification, this paper verifies security of the redesigned scheme in theory. And this papersimulates experiment to achieve the key modules, and completes the critical step in thepayment process, and demonstrates the feasibility of the redesigned scheme.