Journal of Internet Computing and Services (인터넷정보학회논문지)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

The secured mobile wallet system using by integrated ID

통합 아이디를 이용한 안전한 모바일 월렛 시스템

  • Nam, Choon-Sung (School of Information, Yonsei University) ;
  • Jeon, Min-Kyung (College of Information and Communication Engineering, SungKyunKwan University) ;
  • Shin, Dong-Ryeol (College of Information and Communication Engineering, SungKyunKwan University)
  • Received : 2014.05.10
  • Accepted : 2014.11.14
  • Published : 2015.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Nowadays, Smart Wallet technology trend that is able to save users' consuming costs and also retain users' redundant behaviors such as Single-tapping, One-way communication, Integrated ID, has been issued in recent Mobile Industrial Fields. As one of Smart Wallet functions, Integrated ID is proposed for users' convenience, handiness, and immediate responses. It is designed for the effective management of users' IDs which are easy to be forgot because of its unusual structures. To be detail, instead of user, Integrated ID system can certificate users identification from various online sites (where user resisted) authorization requests via one-clicking, not putting identification data in each sites. So, this technology would be helpful much to a certain user who has lots ID and its Password in multiple Online shopping companies by establishing integrated ID. However, although Integrated ID has lots advantages to be used, most Mobile Service Companies has hesitated to apply Integrated ID service in their shopping systems because this technology requires them sharing their users' data. They have worried that this service would be not helpful to gain their profits. Furthermore, Users who join in multiple shopping companies and use Integrated ID services also are difficult to decide which company they have to save their points in before payment because this system could not show any financial benefit analysis data to their users. As following facts, via this paper majorly we propose the advanced Integrated ID system which concern shopping point management. Basically, this system has a strong security payment service and secure network services like other mobile Shopping systems. Additionally, this system is able to service (or to support) shopping -point -saving guide for customers' financial benefits and conveniences.

현대의 사회는 Single tapping, 단방향 통신, 통합 아이디 등 빠름, 간편함, 편리함을 위해 최대한 사용자의 행동 패턴을 줄이고 소모시간이 적게 걸리는 기술이 우선시 되고 있다. 스마트 웰렛 시장과 마찬가지로 사용자의 편의성, 신속성, 간편성을 적용하려는 분야는 통합 아이디 시장이다. 일반적으로 사용자들이 잊어버리기 쉬운 ID와 패스워드를 통합 관리하기 위한 시스템으로서 다수의 ID와 패스워드를 보유하고 있는 사용자가 보유한 다수의 정보를 시스템에 등록하여 한 번의 로그인에 의해 다수의 서비스를 받을 수 있는 기술이다. 하지만 OpenID 시대의 도래에도 다수의 서비스들에서 해당 기술이 적용되지 않는 이유가 각 사업자의 사이트에 일일이 가입해야 하는 등 서로의 이익을 위해 기술 적용을 꺼리는 경우가 많다. 또한, 다수의 포인트 사업자에 가입이 되어 있을 경우, 어떤 포인트의 적립이나 할인이 사용자 본인에게 더 유리한지 한눈에 확인할 수 없기 때문에 스스로 포인트 카드에 맞는 유리함을 계산해야하는 어려움이 있다. 따라서 본 논문은 사용자의 편의성을 위하여 단하나의 ID로 여러 가입된 사이트 및 카드 포인트 적립, 결제와 같은 서비스를 이용할 수 있도록 안전한 통신 아이디어를 제안한다. 또한, 통합 ID를 통하여 가맹점의 혜택 카드를 일일이 찾는 수고를 줄여 보다 간편하고 효율적인 적립이나 할인을 제공할 수 있는 시스템을 제안한다.

Keywords

References

  1. Smart wallet : Google Patent http://www.google.com/patents/US20110320345
  2. C. Benninger, "A Brave New Wallet - First look at decompiling Google Wallet," Intrepidus Group Insight,Sep. 2011, http://intrepidusgroup.com/insight/2011/09/a-brave-new-wallet-first-look-at-decompiling-google-wallet/
  3. OpenID.net: OpenID Specifications, http://openid.net/developers/specs/
  4. Luca Mainetti, Luigi Patrono, and Roberto Vergallo, "IDA-Pay: a secure and efficient micro-payment system based on Peer-to-Peer NFC technology for Android mobile devices", Journal of Communications Software & Systems. Vol. 8 Issue 4, Dec2012, pp 117-125. http://connection.ebscohost.com/c/articles/87531092/ida-pay-secure-efficient-micro-payment-system-based-peer-to-peer-nfc-technology-android-mobile-devices https://doi.org/10.24138/jcomss.v8i4.166
  5. Lishoy Francis, Gerhard Hancke, Keith Mayes, Konstantinos Markantonakis, "Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones". Radio Frequency Identification: Security and Privacy Issues, 2010. pp. 35-49. http://dx.doi.org/10.1007/978-3-642-16822-2_4
  6. Michael Roland, Josef Langer, Josef Scharinger, "Applying relay attacks to Google Wallet", IEEE 5th NFC International Workshop, 2013. http://dx.doi.org/10.1109/NFC.2013.6482441
  7. Andreas Leicher, Andreas U. Schmidt, Yogendra Shah, "Smart OpenID: A Smart Card Based OpenID Protocol", 27th IFIP TC 11 Information Security and Privacy Conference, SEC 2012, Heraklion, Crete, Greece, June 4-6, 2012. Proceedings, pp 75-86. http://dx.doi.org/10.1007/978-3-642-30436-1_7
  8. David Recordon, Drummond Reed, "OpenID 2.0: a platform for user-centric identity management", DIM '06 Proceedings of the second ACM workshop on Digital identity management, 2006, pp. 11-16. http://dx.doi.org/10.1145/1179529.1179532
  9. Tsyrklevich, E., Tsyrklevich, "V.: Single Sign-On for the Internet: A Security Story, BlackHat Conference Las Vegas, 2007. http://amifan.googlecode.com/svn-history/r94/trunk/bh-usa-07-tsyrklevich-WP.pdf
  10. Urien, P.: Convergent identity: Seamless OpenID services for 3G dongles using SSL enabled USIM smart cards. In: Consumer Communications and Networking Conference (CCNC), 2011, pp. 830-831. http://dx.doi.org/10.1109/CCNC.2011.5766616
  11. Pascal Urien, "An OpenID Provider based on SSL Smart Cards", CCNC'10 Proceedings of the 7th IEEE conference on Consumer communications and networking conference, 2010, pp 444-445. http://dl.acm.org/citation.cfm?id=1834318
  12. 3GPP TS 33.220; "Generic Authentication Architecture (GAA). Generic Bootstrapping Architecture(GBA)", 2006. http://www.etsi.org/deliver/etsi_tr/133900_133999/133919/06.02.00_60/tr_133919v060200p.pdf
  13. 3GPP: 3G security; Security architecture. TS 33.102, 3rd Generation Partnership Project (3GPP), 2009. http://www.3gpp.org/ftp/tsg_sa/wg3_security/_specs/old_vsns/33102-3b0.pdf
  14. Liberty Alliance: ID-WSF Advanced Client Implementation and Deployment guidelines for SIM/UICC Card environment. Technical report, 2007. http://www.projectliberty.org/resource_center/specifications/?f=resource_center/specifications
  15. Rao, T. Venkat Narayana, and K. Vedavathi. "Authentication Using Mobile Phone as a Security Token." International Journal of Computer Science and Engineering Technology, IJCSET 1.9, 2011, pp.569-574. http://ijcset.net/docs/Volumes/volume1issue9/ijcset2011010908.pdf
  16. Seung-Hyun Seo, "One-Time Virtual Card Number Generation & Transaction Protocol using Integrated Authentication Center",Journal of the Korea Institute of Information Security and Cryptology, Vol 20, no 3. 2010, pp. 9-21. http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=JBBHCB_2010_v20n3_9
  17. Apple Inc, "Getting Started with Apple Pay - Version 1.0", 2014. https://developer.apple.com/apple-pay/Getting-Startedwith-Apple-Pay.pdf
  18. Felix Gomez Marmol, Marcus Quintino Kuhnen, Gregorio Martinez Perez, "Enhancing OpenID through a Reputation Framework", 8th International Conference, ATC 11', Banff, Canada, Proceedings, Sep 2011, pp. 1-18. http://dx.doi.org/10.1007/978-3-642-23496-5_1
  19. Supakorn Kungpisdan, Bala Srinivasan, Phu Dung Le, "Lightweight Mobile Credit-Card Payment Protocol", 4th International Conference on Cryptology in India, New Delhi, India, Dec 2003, pp. 295-308. http://dx.doi.org/10.1007/978-3-540-24582-7_22
  20. Martinez-Pelaez, Rafael, et al. "Performance Analysis of Mobile Payment Protocols over the Bluetooth Wireless Network." 6th COLLECteR Iberoamerica (2008). https://scholar.google.co.kr/scholar?q=Performance+Analysis+of+Mobile+Payment+Protocols+over+the+Bluetooth+Wireless+Network&btnG=&hl=en&as_sdt=0%2C5