University of Oxford researchers have developed a protocol for facilitating secure peer-to-peer and person-to-person payments using mobile phones. Oxford professor Bill Roscoe says that payment can be enabled through electronic cash or credit stored in a mobile phone, via credit card authorization by the mobile user, or by instructing the customer's bank to pay a merchant or other party a certain amount of money from the customer's account.
The technology uses strong cryptographic keys and produces random codes on the phone that would have to match that of the payer and the recipient. "The first thing we try to do is authorize the merchant who you'll be paying the money to . . . and the person paying," Roscoe says.
Roscoe says the technology differs from public key infrastructure in that it can be "bootstrapped" onto links between two parties. "The crucial thing is we make sure both parties are committed to the information they want [in the transaction] and are authenticated before anyone knows what the hash function is supposed to be," he says. The technology also can detect man-in-the-middle attacks.
From Dark Reading
View Full Article
Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA
No entries found