Skip to main content

Advertisement

SpringerLink
Log in

Strong anonymous mobile payment against curious third-party provider

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

M-commerce provides convenient services and has developed rapidly in recent years. But security and privacy have always been major concerns for most users. Among existing payment systems, PayPal as well as Alipay has a third-party payment provider (TPP) but does not provide anonymity. Bitcoin provides anonymity but its decentralized framework without TPP causes high energy consumption and security attack issues. Further information can be deduced from the public decentralized ledger, Bitcoin cannot offer strong privacy guarantees. Therefore, unifying strong anonymity, security and efficiency is challenging in mobile payment. This paper proposes a strong anonymous mobile payment against a curious third-party provider (SATP). A ticket as a new means of payment is partially blindly signed by TPP using certificateless cryptographic primitives. SATP can ensure confidentiality of payment data, non-repudiation and revocation of payment operation, and anonymity of payer’s identity. Especially, it can enable a user to pay anonymously even in face of a curious TPP. Performance analysis shows that SATP avoids high energy consumption like Bitcoin, and its communication cost is less than that of the existing anonymous research work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Isaac, J. T., & Zeadally, S. (2014). Design, implementation, and performance analysis of a secure payment protocol in a payment gateway centric model. Computing, 96(7), 587–611.

    Article  Google Scholar 

  2. Preibusch, S., Peetz, T., Acar, G., & Berendt, B. (2016). Shopping for privacy: Purchase details leaked to PayPal. Electronic Commerce Research and Applications, 15, 52–64.

    Article  Google Scholar 

  3. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.

  4. Bohannon, J. (2016). The Bitcoin Busts. Science, 351(6278), 1144–1146. https://doi.org/10.1126/science.351.6278.1144.

    Article  Google Scholar 

  5. Conti, M., Lal, C., & Ruj, S. (2017). A survey on security and privacy issues of Bitcoin. arXiv preprint arXiv:1706.00916.

  6. Miyazaki, A. D., & Fernandez, A. (2001). Consumer perceptions of privacy and security risks for online shopping. Journal of Consumer Affairs, 35(1), 27–44.

    Article  Google Scholar 

  7. Specification, S. S. E. T. (1997). Book 3: Formal protocol definition. In SET Secure Electronic Transaction LLC, Version (p. 1).

  8. Bellare, M., Garay, J. A., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., et al. (2000). Design, implementation, and deployment of the iKP secure electronic payment system. IEEE Journal on Selected Areas in Communications, 18(4), 611–627.

    Article  Google Scholar 

  9. Pukkasenung, P., & Chokngamwong, R. (2016). Review and comparison of mobile payment protocol. Advances in parallel and distributed computing and ubiquitous services (pp. 11–20). Singapore: Springer.

    Chapter  Google Scholar 

  10. Han, J., Yang, Y., Huang, X., Yuen, T. H., Li, J., & Cao, J. (2016). Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption. Information Sciences, 345, 143–155.

    Article  Google Scholar 

  11. Isaac, J. T., Zeadally, S., & Cámara, J. S. (2012). A lightweight secure mobile payment protocol for vehicular ad-hoc networks (VANETs). Electronic Commerce Research, 12(1), 97–123.

    Article  Google Scholar 

  12. Isern-Deya, A. P., Magdalena Payeras-Capella, M., Mut-Puigserver, M., & Ferrer-Gomila, J. L. (2012). Anonymous, secure and fair micropayment system to access location-based services. In Trustworthy ubiquitous computing (pp. 227–247).

  13. Sekhar, V. C., & Sarvabhatla, M. (2012). Secure lightweight mobile payment protocol using symmetric key techniques. In International Conference on Computer Communication and Informatics (pp. 1–6).

  14. Gong, P., & Li, P. (2015). Further improvement of a certificateless signature scheme without pairing. International Journal of Communication Systems, 27(10), 2083–2091.

    Article  Google Scholar 

  15. Yeh, K. H. (2017). A secure transaction scheme with certificateless cryptographic primitives for IoT-based mobile payments. IEEE Systems Journal, 99, 1–12.

    Google Scholar 

  16. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Crypto (vol. 84, pp. 47–53).

  17. Zhang, F., Safavi-Naini, R., & Susilo, W. (2003). Efficient verifiably encrypted signature and partially blind signature from bilinear pairings. In Indocrypt (vol. 2904, pp. 191–204).

  18. Chow, S., Hui, L., Yiu, S., & Chow, K. (2005). Two improved partially blind signature schemes from bilinear pairings. Information security and privacy (pp. 355–411). Berlin: Springer.

    Google Scholar 

  19. Li, F., Zhang, M., & Takagi, T. (2013). Identity-based partially blind signature in the standard model for electronic cash. Mathematical and Computer Modelling, 58(1), 196–203.

    Article  Google Scholar 

  20. Boneh, D., & Franklin, M. (2001). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213–229). Berlin: Springer.

  21. Pointcheval, D., & Stern, J. (1996). Security proofs for signature schemes. In Eurocrypt (vol. 96, pp. 387–398).

  22. Wang, N. W., Huang, Y. M., & Chen, W. M. (2008). A novel secure communication scheme in vehicular ad hoc networks. Computer Communications, 31(12), 2827–2837.

    Article  Google Scholar 

  23. Chen, L., Ng, S. L., & Wang, G. (2011). Threshold anonymous announcement in VANETs. Selected Areas in Communications, 29(3), 605–615.

    Article  Google Scholar 

  24. Calandriello, G., Papadimitratos, P., Hubaux, J. P., & Lioy, A. (2007). Efficient and robust pseudonymous authentication in VANET. In International workshop on vehicular ad hoc networks, Vanet 2007, Montréal, Québec, Canada (pp. 19–28). OAI.

Download references

Acknowledgements

This work was supported by the Major Research Project for Social Science Innovation and Development of Anhui Province (Grant No. 2017ZD005), the Visiting Scholar Projects of Anhui Province for Excellent Young and Middle-aged Backbone Talents (Grant No. gxfxZD2016305), and the Natural Science Foundation of Anhui Province (Grant No. 1608085MF141). We would like to thank the anonymous referees and Editors for their valuable comments and suggestions.

Author information

Authors and Affiliations

  1. Anhui Finance and Trade Vocational College, Hefei, 230601, China

    Chenglong Cao

  2. School of Computer and Information, Hefei University of Technology, Hefei, 230009, China

    Xiaoling Zhu

Authors
  1. Chenglong Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoling Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chenglong Cao.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cao, C., Zhu, X. Strong anonymous mobile payment against curious third-party provider. Electron Commer Res 19, 501–520 (2019). https://doi.org/10.1007/s10660-018-9302-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-018-9302-2

Keywords

Search

Navigation