See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/320442889

Secure Device for Offline Micro payment

Article  in  International Journal of Emerging Trends & Technology in Computer Science · March 2017

CITATIONS READS

0 168

2 authors:

Bazeem Ismaeil Khan Zubair Ahmed Shaikh

Dr. Babasaheb Ambedkar Marathwada University Everest college of engineering and technology aurangabad india
3 PUBLICATIONS   0 CITATIONS    3 PUBLICATIONS   0 CITATIONS   

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Secure Device for Offline payment View project

All content following this page was uploaded by Bazeem Ismaeil Khan on 22 November 2018.

The user has requested enhancement of the downloaded file.

 International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 24 Issue 4 – MARCH 2017.

Secure Device for Offline Micro payment

Bazeem Ismaeil Khan #1 and Shaikh Zubair Ahmed *2

#
PG Student (ME-CSE), Everest Educational Society's College of Engineering and Technology, Aurangabad,
India
*
PG Student (ME-CSE), Everest Educational Society's College of Engineering and Technology, Aurangabad,
India

Applications of micropayments include paying for each

Abstract— The paper introduces a novel offline payment web page visited, for music or video as it is streamed to the
system in mobile commerce using the case study of user, data traffic, and so on. Micropayment could be
micro-payments. The present paper is an extension version of implemented by electronic checks over the internet, the
our prior study addressing on implication of secure
micropayment system deploying process oriented structural
computation burden of digital signature is negligible for the
design in mobile network. The previous system has broad development of CPU, but the cost of bank’s processing is
utilization of SPKI and hash chaining to furnish reliable and really an obstacle for micropayment. For example, processing
secure offline transaction in mobile commerce. However, the a credit card transaction costs about 25 cents, whereas a
current work has attempted to provide much more light weight micropayment value may be only 1 cent, which makes the
secure offline payment system in micro-payments. The empirical traditional transaction protocol unsuitable for tiny value
operation is carried out on three types of transaction process
considering maximum scenario of real time offline cases. transaction. As for mobile network, the computation time and
Therefore, the current idea introduces two new parameters i.e. processing cost are all obstacles for micropayment [4].
mobile agent and mobile token that can ensure better security The limited memory, computing power, and battery
and comparatively less network overhead. capacity restrict the mobile terminal to execute complicated
calculation. Moreover, the overhead of communication is also
influencing the availability of micropayment scheme since
Index Terms— Micropayment System, Mobile Agent, Hash more rounds of data exchange makes the scheme is not
Function, Wireless Adhoc Network
economic. Recently, some micropayment schemes have been
proposed to satisfy the enhanced feature for different
I. INTRODUCTION requirements. Pay word is proposed by Rivest and Shamir [5],
but it has a main problem: a merchant cannot aggregate
With the development of e-commerce, electronic payment micropayments of different users.
protocols have gained tremendous popularity in the modern A non-selected micropayment will be discarded,whereas a
world. Credit/debit cards and online payments are in selected one will cause the user to debit an amount of money
widespread use. A payment scheme usually consists of three equal to 1/s. On the average, user pays what he or she should
parties involved: the user, the merchant, and the bank [1]. In during the long-term process. Rivest’s lottery overcomes the
order to assure the security of payment, cryptography disadvantage of Payword; however, it suffers from other two
techniques have been used to achieve authentication, privacy, problems: (1) interaction (the user and merchant must interact
and other requirements. Of course, some cryptography to select micropayments) and (2) user risk (the user may pay
techniques are not lightweight such as public key digital more than he or she should).
signature and verifiable random number that is introduced in MR1 scheme solves the first problem, but does not address
[2]; these techniques are usually used to transfer large sums of the second one. MR2 solves both problems, but it is possible
money, which are defined as micropayment. for the user and the merchant to collude to cheat Bank. MR3
Recently, the computer and network have developed so shifts the deterministic role from the merchant to the bank,
rapidly that complicated public crypto algorithm can be avoiding the collusion between the user and the merchant. At
efficiently executed in the fixed network platform. Nowadays, the same time, the small risk of excessive payment is also
mobile internet service providers are developing lots of shifted to the bank, which is accustomed to risk management.
innovative services to make people’s daily life more In addition, there is a main attraction: rather than trying too
convenient and interesting with the popularity of Smartphone hard to prevent cheating, the bank simply punishes or
and other hand-held computer, as a result, the number of eliminates cheating parties before they can create any
online commercial transactions involving small amount of substantial damage. Although MR2 and MR3 achieve a series
money grow fast, especially that the tiny value intangible of requirements of micropayment, there are perhaps some
goods (non-physical assets such as data and information) are difficulties for implementing them in mobile network. The
booming. These tiny value payments are defined as algorithm should be lightweight, which is a basic requirement
micropayment [3]. for mobile e-commerce protocol. Each transaction is signed
by the user and sent to the merchant; the merchant or bank
decides which transaction is payable in MR2 and MR3.

33
 International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 24 Issue 4 – MARCH 2017.

We know digital signature algorithm is more complicated effective push pull services officering SMS based mobile
than hash function and symmetric cryptographic algorithm, banking concept has been illustrated for 24 hours banking
which may affect the performance of the mobile device. convenience which helps customers stay on top of any recent
Second, each transaction signed with user’s private key may changes made in their current or deposit account or loan
reveal user’s identification such that the user’s privacy is through SMS [13].
disclosed. Third, the micropayment scheme should be Arogundade e.t. al. propose an open network system which
economic; that is, the rounds of challenge–response should be can adapt to users changing needs as well as allowing
reduced to a minimum level. In this paper, we propose an effective and secured transaction via any customers’ bank
improved lightweight micropayment scheme based on hash account. They proposed a novel approach by utilizing
chain and Lagrange interpolation formula to achieve privacy, cancelable biometric features for securely storing the
fairness, security, efficiency, and low cost of use [6]. fingerprint template by generating Secured Feature Matrix
The remainder of this paper is organized as in the following and keys for cryptographic techniques applied for data
sections. Section 2will describe the related works on data Encryption or Decryption [14].
micropayment schemes. Section 3 will present the Mohammad Al-Fayoumi discuss an important epayment
proposedmicropayment scheme method. In Section 4, we will protocol namely pay-word scheme and examine its
analyzethe results ofproposed method and compare it with advantages and limitations, which encourages the authors to
standard data micropayment methods. Finally, a brief improve the scheme that keeps all characteristics intact
conclusion will be given in Section 5. without compromise of the security robustness [15].
Kaylash Chaudhary e.t. al. have carried out an assessment
II. RELATED WORK of micro-payment against a non-micro-payment credit
Zhi-Yuan Hu et al. has designed an innovative and practical systems for file sharing applications. Charles K. Ayo and
authentication system, Anonymous Micropayments Wilfred IsiomaUkpere proposed a unified (single) smart
Authentication (AMA), is designed for micropayments in card-based ATM card with biometricbased cash dispenser for
mobile data network. But his work has a relative drawback for all banking transactions Wang proposes a novel payment
common problems of authentication mechanism based on system with smart mobile devices, wherein customers are not
symmetric key cryptography [7]. limited to purchase e-cash with the fixed face-value Currently,
Xiaoling Dai et al. has researched on micropayment researchers focus on the e-payment system such that
protocols in offline with multiple vendors. They introduced electronic cash electronic check electronic traveler’s check
several micro-payment schemes based on one-way hash chain and so on. Moreover, many researchers proposed the e-cash
and review some literatures on supporting multiple payment. payment protocol using plenty of computational resources
The author has also proposed a new micropayment scheme, such that exponential operation. It causes the big burden for
which achieves the following three goals: micro-payment the system [16].
multiple transactions, service providers, and anonymity [8]. Chang and Lai proposed a flexible date attachment scheme
Aboud et al. has proposed a trust model from user point of on e-cash and Juang proposed the Dcash. Curanintroduced
view and combined it with MR2 micropayment scheme and some possible additional security measures which could be
called the new scheme TMR2. This trust model is supported implemented to strengthen the overall security architecture of
by micropayment provider and assures the users that they will Bluetooth enabled devices for ecommerce applications
not be charged for in case the product is not satisfactory or it is against man-in-the middle attack and denial-of-service attacks
corrupt [9]. [17].
Min-Shiange.t. al. has studied various probabilistic Wanget al.proposed a novel payment system with smart
micropayment Scheme shows that the scheme by Rivest may mobile devices, wherein customers are not limited to purchase
reduce the administrative cost of the bank, however it brings e-cash with the fixed face-value. The amount of every
extensive computational overhead to the merchant [10]. transaction is deducted directly from the customer's account,
Lih-ChyauWuu has proposed a secure and efficient off-line eliminating the inconvenience of fixed face-value of the
micro payment scheme which uses coin chain technique to e-cash, and reducing online computation cost of a bank. Using
make coin that the verification of coin can be done quickly by a technique of trapdoor hash function to mitigate the
hash computation. This scheme also ensures that coins could computational cost, our system can be used with the mobile
only be used by their owner, and protects the privacy of the devices effectively [18].
consumer [11]. Natarajan introduced a system and method of extensible
VivekKatiyare.t. al. has discussed about role of Elliptical authentication protocols (EAPs) based on ECC and SKE with
Curve Cryptography and presents a survey on the current use a permutation technique evolved. The permutation in our
of ECC in the pervasive computing environment. Husna EAPs is a process of cubing a random number w.r.to a prime.
Osman and Hamish Taylor has discussed three key design These EAPs are compatible with 3G and 4G networks and no
considerations in implementing a fully distributed reputation certificates exchanged during the communication [19].
system for ad hoc m-commerce trading systems, namely Panjwani has analyzed two token-based authentication
relevant reputation information, its storage and reliability schemes, designed for authenticating users in banking
[12]. systems implemented over mobile networks. The first scheme
FouziaMousumi and Subrun Jamil has described cost is currently deployed in India by a mobile banking service
provider named Eko with a reach of over 50,000 customers.

34
 International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 24 Issue 4 – MARCH 2017.

The second scheme was proposed recently (in joint effort with the intermediate routers for forwarding the packets.
Eko) to fix weaknesses in the first one, and is now being
C. Initiating Payment
considered for deployment. Both systems rely on PINs and
printed codebooks (which are unique per user) for This step is about initiating payments in the system by the
authentication [20]. user. P transmits message in his network and appends a hash
Chaix explores the economic models associated to different token from sub-chains. The payment scheme in independent
mobile-payment systems. Obviously it can be seen that of increased used of hash values for multiple payments by the
majority of the work is carried on wired network with much user ensuring much less network overhead. In case the
less consideration of wireless network. The issues related to intermediate relay nodes have captivated the hash values, they
dynamic topologies of wireless adhoc network are not will not be able to decipher them without broker agreement
discussed in detailed in any of the researches described above. and its respective signature.
Although there are some effective research being done in the D. New Route Consideration
area of payment system, but there is a huge research gap in This step is performed as wireless adhoc network quite often
this area with respect to wireless mobile adhoc network [21]. changes their topology dynamically. In case of new route, the
system needs not to contact the any TTP. Overhead is reduced
III. PROPOSED WORK by observing the new nodes in the route and using only them
The proposed protocol now termed as Secure Payment in for the distributing the secure endorsement. The following
Mobile Commerce deploys the authority that has to be signed algorithm explains the route consideration policy.
by mobile agent and m-token key authorized by merchant. Input : grid, number_of_column
The authority file that is signed is utilized by merchant in
order to confirm the transaction parameters and authorized temp A (number_of_column) % 4
m-token that needs to be used in order to resist any malicious noc Å number_of_column
activity from any customer. The similar phenomenon can also if (temp = 0)
be used to determine any issues with merchants too. The two_col Å noc
proposed method contains the following modules namely, two_col_zigzag(grid,two_col)
broker agreement, cost and endorsement delivery, initiating else if(temp = 1)
payments, new route consideration, transferring tokens, and two_col Å noc-3
broker approval. The proposed methodology can be two_col_zigzag(grid,two_col)
explained in brief steps as following: three_col_path(grid)
A. Broker Agreement else if(temp = 2)
two_col Å noc-2
A broker supplies it’s registered and authorized user will a
two_col_zigzag(grid,two_col)
secure and tamper-proof token with public key pair along with
straight_up(grid,noc-1)
highly encrypted user identity. Any micropayment schemes
straight_down(grid,noc)
like credit card can be used for designing the application. The
else if(temp = 3)
user then sends a signature message consisting of hash value
two_col Å noc-1
and payment information which is encrypted with public key
two_col_zigzag(grid,two_col)
of broker. The broker generates (agreement) secret
straight_down(grid,noc)
endorsement data which consists of a random number, an
end
anchor value, length of hash chain, user-identity, and expiry
horizontal_path(grid)
of chain. These set of information is secured by private keys
of broker. Therefore the broker agreement can only be
deciphered by user’s token. However, the security of tokens E. Transferring Tokens
(smart cards) are not reliable as it can be deciphered, so the Here the intermediate relay node transmits the greater hash
broker private information is appended with expiry date in values in one chain that has spent it by the node. The user
order to restrict an unauthorized user in the range of mobile token then transmit the hash value to the consecutive broker
network to have an access on the confidential information with their endorsement digitally signed. The message and its
transacted between user and broker. highly encrypted contents are validated by the broker as well
B. Cost and Endorsement Delivery as issue an acknowledgement. 6. Broker Approval: The
proposed system does support multiple brokers for reliable
A sender node P sends the cost request message encrypted
communication which allows any user to get associated with
with digital signature using their private keys to query the
any broker available in the network. The user in the first
route of recipient node Q. All intermediate nodes attach
network receives payment chain from the broker in that
certificates so that the origin node will be able to validate the
network, it assist the same user for validating the digital
digital certificates on the cost details. The data for cost reply
certificates generated by the nodes in new network when the
message is returned to P. After estimating the cost
network topology changes. The assumption to this step is that
involvement in routing, the encrypted broker endorsement is
the user, broker and all the entities involved should first get
sent to all relay nodes in the network. These endorsements are
them registered and then perform the task.
private data, so each user encrypt with their public key, which
can be received from cost reply message. This scheme pays

35
 International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 24 Issue 4 – MARCH 2017.

IV. EXPERIMENTAL ANALYSIS results higher length of transferred chains which can reduce
To give a performance evaluation of the proposed communication costs by decreasing needed commitment
micropayment scheme, we present simulation results of messages.
proposed method and compared it with PayWord and
PPayWord schemes a computational and communicational
costs. Computational cost is considered as the overall needed
CPU cycles at broker and communicational cost is overall the
transmitted payment messages volume. Results are showed in
two typical fixed lengths of chains, 10 and 20 and a chain is
considered as partially used and is not transferable if its spent
length is less than the configured chain length.

A. Computational Cost of Broker

Figure 1 shows the comparison of broker load for proposed
work in comparison with PPaWord and PayWord. As it
seems, when most of the payments are made with transferred
chains, load of the broker is divided by two, approximately.
Figure 2.Computational cost
For both of the chain length configurations, results confirm
the latter claim since the load of the broker in PPayWord is
The secure channel information in the proposed scheme are
reduced about40 %. We use semi-online term to point the load
not specific to customer or merchant thereby permitting
of a broker in case of transferring chain between peers due to
secure offline transaction for payments evaluated for large
the fact that this transference is online but offline against
number of merchants over the network. One of the noteworthy
payments and do not affect their performance. This figure
advantages of the proposed scheme is that OSPM transfer the
shows that most of the broker workload is semi-online and
authenticated network channel issues from Mobile-agent and
there is a few job of broker in case of online checking
allocates it among the entire merchant. Hence this schema
payment accuracy and offline balancing accounts. We can
balances the network and processing overhead from merchant
adjust offline load and semi-online load of broker according
over the network. Another advantage is that it assures safe
to the system requirements. To this end, an upper bound for
exchange of legitimate m-token for credit to the merchant as
transferring every chain must be applied by adding a new
well as it also permits the merchants to concentrate on content
column to broker’s database. The value of this column is
scheduling and Mobile-agent to furnish operation related to
incremented one unit per chain transference and when it
management of amount in their registered financial
reaches to the considered upper bound, the chain cannot
institution.
further be transferred.
The transaction between mobile user and vendor has dual
benefits. Primarily, the transfer of the secure message from
M1 to M2 does not include any mobile agent and it diminishes
the network overhead of the mobile agent. Secondarily, the
consecutive secure message posses the m-token of the
authorization for which it resists the customer C from any
sorts of malicious activities while in offline even when C
swaps to another merchant M2. Exactly, this scheme thereby
renders a novel, costeffective, and secure network with better
business role in ecommerce.

V. CONCLUSION
The current work is focused on designing an offline payment
Figure 1. Computational cost system in mobile commerce specifically taking
B. Communicational Cost micro-payment as case study. Majority of the work done in
Figure 2 shows that in PPayWord communication cost prior research work is concentrated on online safety along
increases based on the length of the chains because lesser with service provider too. But, in this work, it can be seen that
chain length means we need more commitment messages. SP also requires generating secure supportive hash value for
Onthe other hand, unlike PayWord scheme wherein most of every secure channel data that is sent via smart-phone of the
the messages are sent toPPayWord: A Secure and Fast P2P customer C. Then SP forwards the legitimate secure channel
Micropayment Scheme for Video Streaming 89broker at the information and subsequent supportive hash vale to the
end of day, in PPayWord this cost is distributed over time and merchant in every transactions offline. The m-token in system
does notmake the broker as a bottleneck of the payment schema considered in customer and merchant dependent. This
system. Higher stability of peers’ linksin the overlay structure phenomenon restricts the portability of the secure channel
information to a greater extent. The current work therefore

36
 International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE)
ISSN: 0976-1353 Volume 24 Issue 4 – MARCH 2017.

has introduced a real time offline payment system from a mobile and wireless communications”, Advances in E-Activities,
Information Security and Privacy, 2011
Mobile-agent and service providers and termed the scheme. [20] Saurabh Panjwani, Prasad Naldurg, RaghavBhaskar, “Analysis of Two
The proposed scheme restricts the customers for performing a Token-Based Authentication Schemes for Mobile Banking”,
malicious activity even in offline mode using m-token. Technical Report of Microsoft Research, 2010
Therefore, the proposed system is found to satisfy all the [21] Laetitia Chaix and Dominique Torre, “Different models for mobile
payments, research paper, 2010
critical security requirements in micro-payment system. The
proposed schema is also cost-effective as it does not posses
any operation with public key for any types of purchases
being made.
REFERENCES
[1] Zygmunt J. Haas, Jing Deng, Ben Liang, Panagiotis Papadimitratos, S.
Sajama,”Wireless ad hoc Networks”, John Wiley & Sons, Inc, 2003
[2] Yuntsai Chou, Chiwei Lee and Jianru Chung, “Understanding
m-commerce payment systems through the analytic hierarchy
process”, Journal of Business Research, Volume 57, Issue 12,
December 2004, Pages 1423-1430
[3] Neal Leavitt, “Payment Applications Make E-Commerce Mobile”,
IEEE Computer Society, 2010
[4] Rafael Martínez-Peláez, Francisco Rico-Novella, Cristina Satizábal
and Jhon J. Padilla, “Performance Analysis of Mobile Payment
Protocols over the Bluetooth Wireless Network”, Whitepaper, 2008
[5] HeikoKnospe, Scarlet Schwiderski-Grosche, “Future mobile networks:
ad-hoc access based on online payment with smartcards”, IEEE, 2002
[6] Peter Tarasewich, Robert C. Nickerson, Merrill Warkentin,
“Wireless/Mobile E-commerce: technologies, applications, and
issues”, Seventh Americas Conference on Information Systems, 2001
[7] Zhi-Yuan Hu, Yao-Wei Liu, Xiao Hu, Jian-Hua Li, Anonymous
Micropayments Authentication (AMA) in Mobile Data Network,
INFOCOM 2004. Twenty-third AnnualJoint Conference of the IEEE
Computer and Communications Societies Iss: 7 March 2004,
[8] Min-Shiang Hwang, Pei-Chen Sung, A Study of Micropayment Based
on One-Way Hash Chain, International Journal of Network Security,
Vol.2, No.2, PP.81–90, Mar. 2006
[9] Al-Fayoumi, M., Aboud, S., Al-Fayoumi, M., “Practical E-Payment
Scheme”, International Journal of Computer Science Issues, vol. 7, no.
7, May. 2010
[10] Xiaoling Dai, OluwatomiAyoade, and John Grundy, Offline
Micro-payment Protocol for Multiple Vendors in Mobile Commerce,
Proceeding PDCAT '06 Proceedings of the Seventh International
Conference on Parallel and Distributed Computing, Applications and
Technologies, IEEE Computer Society Washington, 2006 R. Hauser,
M. Steiner, and M. Waidner, "Micro-payments based on iKP", in Proc.
of the 14th Worldwide Congress on Computer and Communications
Security Protection, Paris, 1996, pp.67-82,
http://www.zurich.ibm.com
[11] Lih-Chyau Wuu, Kuang-Yi Chen, Chih-Ming Lin, OffLine Micro
Payment Scheme with Dual Signature, Journal of Computers, Vol.19,
No.1, April 2008
[12] VivekKatiyar, Kamlesh Dutta, Syona Gupta, A Survey on Elliptic
Curve Cryptography for Pervasive Computing Environment,
International Journal of Computer Applications (0975 – 8887) Volume
11– No.10, December 2010
[13] FouziaMousumi, Subrun Jamil, Push Pull Services Offering SMS
Based m-Banking System in Context of Bangladesh, International
Arab Journal of e-Technology, Vol. 1, No. 3, January 2010
[14] Arogundade O.T, Ikotun A. Motunrayo, OlaniyiAdemola, Developing
a Usage-centered e-Payment Model using Open Network System,
International Journal of Computer Applications (0975 – 8887) Volume
12– No.6, December 2010
[15] Mohammad Al-Fayoumi, SattarAboud and Mustafa AlFayoumi,
Practical E-Payment Scheme, IJCSI International Journal of Computer
Science Issues, Vol. 7, Issue 3, No 7, May 2010
[16] Kaylash Chaudhary, Xiaoling Dai and John Grundy, Experiences in
Developing a Micro-payment System for Peer-to-Peer Networks,
International Journal of Information Technology and Web
Engineering, vol. 5, no. 1, 2010
[17] C. C. Chang and Y. P. Lai, “A flexible Date-attachment Scheme on
E-cash”, Computers & Security, Vol. 22, No. 2, pp.160-166, 2003.
[18] Jian-Sen Wang, Fuw-Yi Yang, and Incheon Paik, “A Novel E-cash
Payment Protocol Using Trapdoor Hash Function on Smart Mobile
Devices”, IJCSNS International Journal of Computer Science and
Network Security, Vol.11 No.6, June 2011
[19] Natarajan Vijayarangan, “A system and design of Extensible
Authentication Protocols based on ECC and SKE mechanisms for

37
View publication stats