文摘
A protocol for NFC mobile authentication and transaction is proposed by W. Chen et al. This protocol is used for micropayments, where the Mobile Network Operator pays for its customers. The main advantage of this protocol is its compatibility with the existing GSM network. This paper analyses this protocol from security point of view; as this protocol is used for monetary transactions, it should be as secure as possible. This paper highlights a few security related issues in this protocol. The most serious of all is the authentication of a false Point of Sale terminal by simply replaying the old message. The user interaction with the system also needs improvement. At the end of this paper, we have addressed all the vulnerabilities and proposed an improved version of the existing protocol that caters for such weaknesses. We also added an additional layer of security by ‘PIN’ authentication in Chen’s Protocol.