Abstract
Mobile commerce (m-commerce) delivers value-added services to customers and creates new market opportunities. However, establishing a secure m-commerce platform that offers high level of service can be challenging. This paper proposes a concept of m-identity targeted at control the access of involved parties in an m-commerce transaction. M-identity includes both identities of a user and his/her bound mobile device which is defined as a user’s biometric feature(s) taken by his/her bound mobile camera. As an additional factor of authentication, a watermark is embedded in the captured biometric images. The embedding key of the watermark is a shared secret between mobile device and central server. Then an m-identity authentication (MA) protocol is proposed. M-identity merges mobile device identity into biometrics images. Only the genuine owner whose biometric information captured by his/her bound mobile device can pass m-identity authentication. Combined with the watermark, this makes a 2 ½ factor authentication process. Fingerprint biometrics taken with the mobile camera is used as an example to show how MA protocol works.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Schwiderski-Grosche, S., Knospe, H.: Secure Mobile Commerce. Electronics & Communication Engineering Journal, 228–238 (2002)
Kambourakis, G., Gritzalis, S., Park, J.H.: Device Authentication in Wireless and Pervasive Environments. Intelligent Automation and Soft Computing 16(3), 399–418 (2010)
Indvik, L.: 5 Big Trends in Mobile Commerce. The 2012 E-Commerce Leaders’ Playbook. Power Retail (2012), http://mashable.com/2011/06/21/mobile-commerce-trends/, http://gigaom.com/2011/08/02/check-ins-retailers-shopping/
Savitz, E.: Mobile Commerce Needs New Authentication Schemes, Forb (December 2011), http://www.forbes.com/sites/ciocentral/2011/12/16/mobile-commerce-needs-new-authentication-schemes/
Jain, A.K., Hong, L., Bolle, R.M.: On-line Fingerprint Verification. IEEE Trans. Pattern Analysis and Machine Learning 19(4), 302–314 (1997)
Dimitriadis, C.K., Polemi, D.: Biometric-Enabled Authentication in 3G/WLAN Systems. In: Proc. 39th IEEE Conference on Security Technology, pp. 164–167 (2005)
Shabeer, H., Suganthi, P.: Mobile Phone Security Using Biometrics. In: Proc. Int. Conf. on Computational Intelligence and Multimedia Applications, pp. 270–272 (2007)
Aissi, S., Dabbous, N., Prasad, A.R.: Security for Mobile Networks and Platforms. Artech House, Boston (2006)
Loretta, M.: Biometric Security for Mobile Banking. World Resource Institute, Markets Enterprise, White Paper, Washington, USA (2008)
Parziale, G., Chen, Y.: Advanced Technologies for Touchless Fingerprint Recognition. In: Handbook of Remote Biometrics, Advances in Pattern Recognition, Part I, pp. 83–109. Springer (2009)
Chen, Y., Parziale, G., Santana, E.D., Jain, A.K.: 3D Touchless Fingerpints: Compatibility with Legacy Rolled Images. In: Proc. Biometric Consortium Conf., Baltimore, MD (2006)
Lee, C., Lee, S., Kim, J.: A Study of Touchless Fingerprint Recognition System. In: Yeung, D.-Y., Kwok, J.T., Fred, A., Roli, F., de Ridder, D. (eds.) SSPR & SPR 2006. LNCS, vol. 4109, pp. 358–365. Springer, Heidelberg (2006)
Lee, C., Lee, S., Kim, J., Kim, S.-J.: Preprocessing of a Fingerprint Image Captured with a Mobile Camera. In: Zhang, D., Jain, A.K. (eds.) ICB 2005. LNCS, vol. 3832, pp. 348–355. Springer, Heidelberg (2005)
Hiew, B.Y., Teoh, A.B.J., Yin, O.S.: A Secure Digital Camera based Fingerprint Verification System. Journal of Visual Communication and Image Representation 21(3), 219–231 (2010)
Su, Q., Tian, J., Chen, X., Yang, X.: A Fingerprint Authentication System Based on Mobile Phone. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 151–159. Springer, Heidelberg (2005)
Derawi, M.O., Yang, B., Busch, C.: Fingerprint Recognition with Embedded Cameras on Mobile Phones. In: Prasad, R., Farkas, K., Schmidt, A.U., Lioy, A., Russello, G., Luccio, F.L. (eds.) MobiSec 2011. LNICST, vol. 94, pp. 136–147. Springer, Heidelberg (2012)
Han, F., Hu, J., Alkhathami, M., Xi, K.: Compatibility of Photographed Images with Touch based Fingerprint Verification Software. In: Proc. 6th IEEE Conf. on Industrial Electronics and Applications, Beijing, China, pp. 1034–1039 (2011)
Chen, Y., Han, F., Liu, H., Lu, J.: 3D Reconstruction from Planar Points: A Candidate Method for Authentication of Fingerprint Images Captured by Mobile Devices. In: Proc. Int. Symp. Circuits and Systems, ISCAS (2012)
Cox, I., Miller, M., Bloom, J., Fridrich, J., Kalker, T.: Digital Watermarking and Steganography. Morgan Kaufman (2007) ISBN 978-0123725851
Al-Gindy, A., Al-Ahmad, H., Qahwaji, R., Tawfik, A.: A New Watermarking Scheme for Color Images Captured by Mobile Phone Cameras. Int. Journal of Computer Science and Network Security 9(7), 248–253 (2009)
Moreno, O., Tirkel, A., Van Schyndel, R., Parampalli, U.: New Families of 2D & 3D Arrays for Sub-Image Watermarking. In: Network and Systems Security (NSS 2010), Melbourne, Australia (2010)
Wong, P.W.: A Public Key Watermark for Image Verification and Authentication. In: Proc. IEEE Int. Conf. Image Processing, Chicago, USA, pp. 425–429 (1998)
Schmidt, A.U., Kuntze, N., Kasper, M.: On the Deployment of Mobile Trust Modules. In: WCNC, pp. 3169–3174 (2008)
Kim, M., Ju, H., Kim, Y., Park, J., Park, Y.: Design and Implementation of Mobile Trusted Module for Trusted Mobile Computing. IEEE Trans. Consumer Electronics 56(1), 134–140 (2010)
Ratha, N., Connell, J., Bolle, R.M.: Enhancing Security and Privacy in Biometric-based Authentication Systems. IBM Syst. Journal 40(3), 614–634 (2001)
Ahmad, T., Han, F.: Cartesian and Polar Transformation-based Cancellable Fingerprint Template. In: Proc. 37th IEEE Annual Conference on Industrial Electronics Society (IECON), Melbourne, Australia (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Han, F., van Schyndel, R. (2012). M-Identity and Its Authentication Protocol for Secure Mobile Commerce Applications. In: Xiang, Y., Lopez, J., Kuo, CC.J., Zhou, W. (eds) Cyberspace Safety and Security. CSS 2012. Lecture Notes in Computer Science, vol 7672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35362-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-35362-8_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35361-1
Online ISBN: 978-3-642-35362-8
eBook Packages: Computer ScienceComputer Science (R0)