Research And Implementation Of Mobile Security Payment System Based On Android

In recent years,mobile Internet technology has developed rapidly,and the hardware level of smart phone has been continuously improved.Mobile applications are becoming more and more hot,and mobile payment has attracted a lot of attention as a very important field in mobile development.It has entered our life and changed our original way of life.However,the mature Internet payment technology does not work well on mobile platforms due to the limitation of usage scenarios and hardware of the mobile payment platform.An endless stream of system loopholes and mobile trojans have been a major threat to mobile payment security.It not only brings the failed user experience to the user,but also brings a big threat to the user's property privacy and security.Therefore,how to reduce the resource consumption of secure payment as much as possible under the premise of ensuring payment security has become the focus of many scholars.In this dissertation,aiming at the existing mobile payment security issues,the data encryption algorithms and security protocols for mobile platforms are studied.Based on the previous research results,a mobile payment scheme based on improved mobile platform payment protocol with certificate-free public-key cryptography and an improved ECC elliptic curve encryption algorithm is proposed.Finally,according to the proposed scheme,the mobile payment client is designed and implemented on the Android platform,and the application server selects Tomcat.The main work of this paper is as follows:This paper proposes a certificateless public key cryptosystem that is suitable for mobile payment environment.The implementation of public key cryptography is based on the improved ECC algorithm,called MPECC(Mobile Payment Elliptic Curves Cryptography).The mobile payment scheme uses a "pre-trusted" mobile payment model to reduce the number of identities of participating parties.The MPECC elliptic curve encryption algorithm involved in this scheme improves the dot-product algorithm of ECC encryption algorithm.Improve the performance of encryption and decryption on the mobile terminal,and reduce resource consumption.Security analysis shows that the program can effectively deal with the threat of replay attacks and man-in-the-middle attacks,and supports the non-repudiation of both parties.According to performance analysis,the program implementation of high efficiency,low resource consumption,suitable for mobile low-power environmentAccording to the payment business activities,this article has a summary of the design,business needs analysis,draw the use case diagram.Then in the detailed design,introduces each module in the system,and the interaction of each module is described in the way of time sequence diagram.The Android client is written by Idea+genymotion,and it uses the Http protocol of "request response" to exchange data with the server.