Muhammad Qasim Saeed

A Proposed NFC Payment Application

Near Field Communication (NFC) technology is based on a short range radio communication channel which enables users to exchange data between devices. With NFC technology, mobile services establish a contactless transaction system to make the payment methods easier for people. Although NFC mobile services have great potential for growth, they have raised several issues which have concerned the researches and prevented the adoption of this technology within societies. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. In this paper, we introduce a new NFC payment application, which is based on our previous “NFC Cloud Wallet” model [1] to demonstrate a reliable structure of NFC ecosystem. We also describe the step by step execution of the proposed protocol in order to carefully analyse the payment application and our main focus will be on the Mobile Network Operator (MNO) as the main player within the ecosystem.

An NFC based consumer-level counterfeit detection framework

Counterfeit products have been a major concern in global market. There are many procedures for preventing the counterfeiting of goods, such as holograms, tamper-resistant packaging etc. However, there is still a rising trend in counterfeit goods. With the emergence of RFID systems, supply chain management is able to detect counterfeit products relatively easily. Existing techniques generally involve a centralized database and can only be implemented in an online scenario. This deprives the individual customers of using any authentication mechanism while making purchases due to the infeasibility of accessing a central database. In this paper, we analyze a recently published semi-offline scheme proposed by Alex et al. We identify limitations and weaknesses in this scheme and suggest solutions. We modify the framework to remove the main weakness and extend it to the consumer level so that a consumer can determine the legitimacy of a product. This involves Near Field Communication technology (NFC) which is now widely available in cell phones - the consumers cell phone acts as an RFID reader and detects counterfeit products. Our solution is completely offline as it does not require a central database for product authentication. It is based on Public Key Cryptography (PKC) and a Public Key Infrastructure (PKI). It offers dual layer authentication mechanisms to customers, visual and cryptographic, without accessing the suppliers database. The main beneficiary of the proposed framework is the consumer who uses the Internet for online shopping and can authenticate a product reliably after delivery. Our scheme is stand-alone and does not require the transfer of any secret values from a centralized authority.

A Secure Cloud-Based NFC Mobile Payment Protocol

Near Field Communication (NFC) is one the most recent technologies in the area of application development and service delivery via mobile phone. NFC enables the mobile phone to act as identification and a credit card for customers. Dynamic relationships of NFC ecosystem players in an NFC transaction process make them partners in a way that sometimes they should share their access permissions on the applications that are running in the service environment. One of the technologies that can be used to ensure secure NFC transactions is cloud computing which offers wide range advantages compare to the use of a Secure Element (SE) as a single entity in an NFC enabled mobile phone. In this paper, we propose a protocol based on the concept of NFC mobile payments. Accordingly, we present an extended version of the NFC cloud Wallet model [14], in which, the Secure Element in the mobile device is used for customer authentication whereas the customers banking credentials are stored in a cloud under the control of the Mobile Network Operator (MNO). In this circumstance, Mobile Network Operator plays the role of network carrier which is responsible for controlling all the credentials transferred to the end user. The proposed protocol eliminates the requirement of a shared secret between the Point-of-Sale (POS) and the Mobile Network Operator before execution of the protocol, a mandatory requirement in the earlier version of this protocol [16]. This makes it more practicable and user friendly. At the end, we provide a detailed analysis of the protocol where we discuss multiple attack scenarios.

Trusted integration of cloud-based NFC transaction players

Near Field Communication (NFC) is a short range wireless technology that provides contactless transmission of data between devices. With an NFC enabled device, users can exchange information from one device to another, make payments and use their NFC enabled device as their identity. As the main payment ecosystem players such as service providers and secure element issuers have crucial roles in a multi-application mobile environment similar to NFC, managing such an environment has become very challenging. One of the technologies that can be used to ensure secure NFC transaction is cloud computing which offers wide range of advantages compare to the use of a Secure Element (SE) as a single entity in an NFC enabled phone. This approach provides a comprehensive leadership of the cloud provider towards managing and controlling customers information where it allows the SE which is stored within an NFC phone to deal with authentication mechanisms rather than storing and managing sensitive transaction information. This paper discusses the NFC cloud Wallet model which has been proposed by us previously [1] and introduces a different insight that defines a new integrated framework based on a trusted relationship between the vendor and the Mobile Network Operator (MNO). We then carry out an analysis of such a relationship to investigate different possibilities that arise from this approach.

Recognizing Human Actions by Local Space Time and LS-TSVM over CUDA

Local space-time features can be used to make the events adapted to the velocity of moving patterns, size of the object and the frequency in captured video. This paper purposed the new implementation approach of Human Action Reorganization (HAR) using Compute Unified Device Architecture (CUDA). Initially, local space-time features extracted from the customized dataset of videos. The video features are extracted by utilizing the Histogram of Optical Flow (HOF) and Harris detector algorithm descriptor. A new extended version of SVM classifier which is four time faster and has better precision than classical SVM known as the Least Square Twin SVM (LS-TSVM); a binary classifier which use two non-parallel hyperplanes, is applied on extracted video features. Paper evaluates the LS-TSVM performance on the customized data and experimental result showed the significant improvements.

Secure Transaction Authentication Protocol

A protocol for NFC mobile authentication and transaction is proposed by W. Chen et al. This protocol is used for micropayments, where the Mobile Network Operator pays for its customers. The main advantage of this protocol is its compatibility with the existing GSM network. This paper analyses this protocol from security point of view; as this protocol is used for monetary transactions, it should be as secure as possible. This paper highlights a few security related issues in this protocol. The most serious of all is the authentication of a false Point of Sale terminal by simply replaying the old message. The user interaction with the system also needs improvement. At the end of this paper, we have addressed all the vulnerabilities and proposed an improved version of the existing protocol that caters for such weaknesses. We also added an additional layer of security by ‘PIN’ authentication in Chen’s Protocol.