Skip to main content

The Missing Link: Human Interactive Security Protocols in Mobile Payment

R. Kainda With C. Bangdao A.W. Roscoe

Abstract

A new family of protocols, based on communication over human-based side channels, permit secure pairing or group formation in ways that no party has to prove its name. These protocols are particularly suitable for authentication on mobile phones where PKI or trusted third party solutions are not practical to cover all scenarios. Rather, individuals are able to hook up devices in their possession to others that they can identify by context. By using one of these Human-Interactive Security Protocols (HISPs), we present a new design of mobile payment system to improve on the security of existing solutions, while providing a reliable and ubiquitous foundation for mobile security in general.

Journal
Proceedings of the 5th International Workshop on Security‚ IWSEC
Year
2010