Identity Authentication Mechanism Based On Blockchain In Mobile Payment

Mobile payment is a product of the combination of mobile Internet technology and offline real economy,which completely subverts the traditional payment method.With the progress in science and technology and the development of the market economy,people's demand and dependence on mobile payment are greatly enhanced.Furthermore,China's mobile payment business volume is experiencing a booming expansion.The development of mobile payment not only promotes some rising industries,including third-party payment platforms,sharing economy,and digital currency,etc.,but also made mobile users' demands for convenience,flexibility and diversity of life constantly maximized satisfy.Unfortunately,numerous security issues such as privacy disclosure and identity impersonation remain unsolved.Mobile payment security has attracted much attention and in-depth research from international scholars.In the current stage of mobile payment security research,security enhancement methods such as passwords,biometrics,USB-KEY,and mobile phone shields are widely used to improve payment security from the perspective of identity authentication.Unfortunately,most of the current banks only issue certificates to their own users.If the same user has accounts from different banks,they need to apply for multiple certificates,and the authentication mechanisms that supports cross-bank applications is lacked.According to the research of mobile identity authentication technology and the future application requirements of the market,this thesis proposes a blockchain-based identity authentication scheme based on key security.The alliance blockchain is maintained by different bank nodes,and this distributed platform can not only provide a trust foundation between different bank nodes,but also provide them with a unified digital signature-based authentication.This decentralized system can replace existing banks' own CA systems,and users only need a pair of keys to realize payment authentication of different online banking.The benefits of this scheme include reducing bank equipment overhead and maintenance costs,simplifying client installation,and transaction tracking.The work content of this thesis includes the following points:First,this thesis proposes a distributed security key management scheme.Relying on the security features of TEE and the distributed hash network structure of the blockchain,this solution combines technologies such as device fingerprints,key segmentation,and smart contracts to fundamentally solve the security and convenience problems in mobile identity authentication.After the key pair is safely generated in the TEE environment,we complete the reliable distribution and secure storage of the user's private key on the mobile terminal and the blockchain based on the key segmentation process,and complete the reconstruction and use of the distributed private key based on the threshold idea.The important data storage and calculation related to the private key in this solution are all carried out in the TEE environment of a mobile terminal.This can not only ensure the security of private keys,master key factors and other private information in storage and calculation,but also reduce computing power consumption caused by blockchain network consensus.Next,this thesis proposes a secure and convenient unified identity authentication scheme.Based on the distributed security key management scheme,this scheme is designed from three aspects of binding user image information,distributed SM2 digital signature,and Fabric chain-code,and finally realizes device binding,unified identity management,and distributed accounting and other functions.Based on blockchain technology,we provide a trust mechanism for mobile users,application service providers and blockchain nodes,and adopt cryptographic techniques such as digital signatures and hash functions to ensure the integrity,unforgeability,non-repudiation,and traceability of transaction data transmission.And we also provide mutual authentication between the user side,server side and blockchain side.Therefore,the proposed authentication scheme can achieve unified identity authentication in cross-bank transfers.Security analysis shows that the mobile identity authentication scheme in this thesis can effectively resist many typical security threats such as identity impersonation and man-in-the-middle attacks in the mobile payment process.Finally,we implement and test the mobile identity authentication scheme introduced in this thesis.Developing a simple version of the mobile banking system,we simulated two important implementation processes of user signing and transaction signature,and tested the function and performance of this system.This test verifies the security and feasibility of this thesis.The mobile identity authentication scheme introduced in this thesis is designed based on the distributed security key management scheme.We make full use of the security features of the TEE environment,use the mobile terminal as a carrier,and reconstruct the private key information required by each transaction signature in real time based on the threshold technology.Here we complete the key management and identity authentication in the process of mobile payment with software implementation.This solution increases the security and convenience of mobile payment,and has the characteristics of versatility and low cost.In the current stage of mobile identity authentication research,the blockchain-based solution proposed in this thesis has certain reference value for the exploration of mobile payment problems such as centralization and trust.