Mobile Secure Payment Solution Based On Encrypted Sms Verification Code

With the rapid development of Mobile Payment,more and more mobile phones become people’s "second wallet".In the process of rapid development of mobile payment transactions,due to the high timeliness,easy to achieve and so on,SMS verification code has become a commonly used security verification process in the payment process.In the payment process,the principle of SMS authentication code is to allow users to perceive the payment transaction is taking place,thereby enhancing the security of the account.But the SMS verification code as the main means of security verification,has its outstanding weaknesses: clear text transmission,in the communication on the way to be intercepted and forward that is lost security,there are various types of fraud due to cheating the user to verify the scam or the user itself is not When the value of the verification code leak,are for this weakness.Aiming at the problem that payment verification code is easy to leak during the process of mobile payment,a two-factor mobile payment system based on encrypted SMS is proposed.The main work of this thesis is as follows:(1)Compared the characteristics of different mobile payment types,discuss the contents of SMS verification code verification,the characteristics of SMS verification code verification and the specific methods of SMS verification.Aiming at the security problem faced by the SMS verification code in the specific payment process,a new SMS authentication mobile payment scheme is proposed,which is intended to make the SMS verification code can not be used directly after its leakage,to reduce the risk of property damage caused by SMS verification code leakage.(2)This scheme improves the PKI/CA authentication hybrid encryption mechanism in the traditional scheme,and replaces the 3DES algorithm with AES algorithm to enhance enhance the security of the information transmission in the verification phase,by comparing the AES algorithm hybrid encryption mechanism with the traditional hybrid encryption mechanism,it is proved that the hybridencryption mechanism using AES algorithm in the verification phase is superior to the traditional 3DES hybrid encryption mechanism.(3)In the payment verification phase use the RSA algorithm to encrypt the verification code twice to ensure the security of the verification code transmission,the algorithm is described in the verification phase and the payment phase of the encryption and decryption,compare the performance of the encrypted SMS authentication code and the SMS authentication code call interface.The results show that the mobile security payment model proposed in this thesis is effective to improve the security of SMS authentication by comparing the performance of the experiment with the response time and the concurrent access.