Online Based Authentication and Secure Payment Methods for M-Commerce Applications

Abstract: The widespread use of the Internet has contributed enormously towards the growth of e-commerce. Technological advances in mobile phones (e.g. Smartphones) have also made it possible to carry out e-commerce via mobile phones (m-commerce). M-commerce involves the use of mobile devices such as mobile phones and PDA’s in carrying out electronic transactions. Applications in this domain range from normal information consumption to high security financial electronic transactions. Just like e-commerce, the security of m-commerce applications is critical, especially when it involves applications that deal with user sensitive data such as credit cards details, medical details etc. This thesis introduces a platform (e.g. Symbian, iPhone OS and Android OS) inde-pendent way of carrying out secure authentication from a mobile device. This was done by designing, prototyping and evaluating a platform-independent authentication method called OSP. An investigation and prototype implementation of how m-commerce applications can include secure payment capabilities was also presented. Questions that were answered in this study include; how do we verify that a user is who he claims to be and how do we carry out financial transactions in a secure way.