An Endorsement Based Mobile Payment System for A Disaster Area

An Endorsement-Based Mobile Payment System for a

Disaster Area

Babatunde Ojetunde †1, Naoki Shibata †1, Juntao Gao †1, Minoru Ito †1

†1 Nara Institute of Science and Technology, Nara, Japan

2

An Endorsement-based Mobile Payment System for a Disaster Area

Overview

No Cash

A payment system in a disaster area is essential forpeople to buy necessities as

– Groceries, Medical supplies, Clothing

An infrastructureless payment system is required

– Mobile payment system based on MANETs

This is due to non-availability of network infrastructure

No Bank access

3


Payment System Challenges in MANETs

• Dynamic topology

• Disconnected network

• It takes two days to communicate with the bank

MANETs Issues

• Authentication issues

• Impersonation

• Double spending

• Resetting phone

Fraudulent Transactions

• Merchant needs to trust users

• No central authorityTrust Issues

4


Related Work

Many researches have been conducted on payment systems

Decentralized electronic cash with no central control [1]

Privacy of users [1]

Reducing computational overheads [2]

[1] S. Nakamoto, Bitcoin: A peer-to-peer electronic system, 2008.

[2] Z. Hu, and Y. Liu and X. Hu and J. Li: "Anonymous micropayments authentication (AMA) in mobile data

network", INFOCOM 2004.

Most of the existing payment systems require communication infrastructure

5


Online Payment System without Disaster

The merchant and the customer agree to start the transaction• Both of them register on provider platform

• A customer sends transaction order to the merchant

• The merchant forwards payment information to the bank

• The bank deducts the money from the customer’s account (or creditcard)

• The merchant supplies the item to the customer

Bank

Customer Merchant

We propose an infrasturctureless mobile payment system

6


Limitations of Existing Payment Systems in Disaster Areas

The bank will not have money to deduct from the customer

• The merchant will lose money

It takes at least two days for a message to get to the bank

No means of confirming customer’s account balance

• Network infrastructure is not available

• Customer collects his/her money before the bank deducts money for items purchase

Since there is no bank to guarantee transactions, we need a

MANETs based guarantee mechanism (Endorsement)

7


Outline

Overview Payment System Challenges in MANETs

Related Work

Online Payment System without Disaster

Limitations of Existing Payment Systems in Disaster Areas

Proposed Endorsement-based Mobile Payment System Main Contribution

Transaction using Endorsement-based Mechanism

Schemes to Prevent Attacks

Conclusion

8


Main Contributions

Mobile payment system for disaster areas

• Allow people in disaster areas to shop without cellular network

Endorsement-based mechanism to guarantee payment of transactions• Need no connection to the bank to work

Provide secure transaction

• Detecting double spending during the transaction

• Checking user’s account balance by surrounding nodes

• Detecting impersonation

Protecting privacy

• Using temporary identity

• Scrambling the temporary identity

9


Transaction using Endorsement-Based Mechanism 1/4

All users are required to register with a Bank inadvance

Registration process

The Bank issues digital certificates to all users atregistration• Merchant

• Endorser

• Bank

We assume that all users except the bank are in thedisaster area

The bank signs the user’s photo with its digitalsignature

• The digitally signed photo is used for authentication

10



MerchantCustomer A

1. Send transaction order “ I want to buy an apple

from you”

2. Verify the customer using pre-digitally signed picture

Endorsers

3. Create and forward Billing Form“Customer A wants to buy $2 apple. Do you guarantee the transaction?”

4. Authenticate the merchant and create an endorsement form

“I guaranteed customer A purchase of $2 apple”

The merchant and the customer physically meetand agrees to start a transaction before hand

We assume that the endorsers are close to thecustomer and the merchant

11



7. Send transaction confirmation to customer

and endorsers

Deliver items to customer

MerchantCustomer A

BankEndorsers

5. Forward the forms to the Bank

“Customer A bought an apple at

$2”

6. It takes two days to

communicate with the bank

12



MerchantCustomer A

BankEndorsers

8. Deduct responding money from the customer’s account“Deduct $2 from customer A’s

account”

9. Bank pays merchant

“Pay merchant $2”

10. Deduct money from endorsers

“Deduct $2 from endorsers”

Send acknowledgement to

Merchant, Customer and EndorserThe endorser may have no money or collude with a customer

• Mechanism to check endorser balance

13


Outline

Overview

Proposed Endorsement-based Mobile Payment System

Schemes to Prevent AttacksCollusion AttackDouble Spending/Reset and Recovery AttackNon-availability of EndorsersLocation Changing Attack

Conclusion

14


Problem 1 - Collusion Attack

There is no means of confirming endorsers account balance

The customer and the endorsers can collude to do fraud

• Customer A has no money

• Endorsers have no money

Endorsers will endorse many transactions without paying

15


Solution - Preventing Collusion

BankEndorsers

e-coin(eT1)

Endorser

ID

e-coin

Identifier &

Digital

Signature

Hello

Message

Interval

Predefine

Expiration

Date

e-coin

ValueBlank

To prevent collusion, we introduced e-coin to check endorser’s bank balance

• To buy an e-coin, an endorser deposits some money

The bank creates for an endorser unique e-coins

Endorser attaches e-coin to the endorsement message

– An endorsement without e-coin is rejected

16


Problem 2 - Double Spending/Reset and Recovery Attack

A dishonest endorser may decide to spend same e-coin twice for different transactions

To double spend an e-coin, a dishonest user can either:

• Duplicate the e-coin

• Forge the e-coin

A reset and recovery attack is when a user,• Back-ups all data• Resets phone to default state• Recovers all data already used• Reuses already endorsed transaction order or endorsement

message for new transaction

To prevent double spending a merchant needs to check the log of past transactions of the endorser

• However, it requires a lot of communication overhead

Merchant 1

Payment

Method

ID: eT3

Merchant 2

Endorse

r

17


Solution - Preventing Double Spending/Reset and Recovery Attack 1/3

An event chain is a successive application of a cryptographic hash function on a piece of an event log (called block)

Unlike Bitcoin block chain, the event chain does not require proof of work

An endorser calculates the hash value in the last block and sends to neighboring users

Previous block

(1)GPS

Timee-coin

New Event

Signature

Initial Block (0)

Hash

Block 0

Event Chain

Block 1 Current Block

GPS

Timee-coin

New Event

Signature

Previous Block (1)

Hash

Current Block

Current

Transaction Log

Hash

18



Previous block

(1)

Current

Transaction Log

Hash

User

UserUser

UserUser

Endorsemen

t Message

Event

chain

E-coin

Message

Endorsemen

t Message

Event

chain

E-coin

Message

GPS

Timee-coin

New Event

Signature

Initial Block (0)

Hash

GPS

Timee-coin

New Event

Signature

Previous Block (1)

Hash

Current Block

GPS

Timee-coin

New Event

Signature

Hash

Endorse

r

The past event of a customer can be verified by any monitoring user

The event chain is invalidated, if

a new event is not added within a

predetermined length of time

19



The merchant can also validate the event chain

• Check the signature of the monitoring user

• Check the entire event chain of all previous transaction order

• Check the e-coin expiration date

• Check the endorsement message location information (e.g. the timestamp and GPS)

20


Problem 3 – Non-availability of Endorsers

If endorsers are not available

• Frequent change in topology of networks

Endorsers

What

Happen?

This can lead to

• Transaction delay

• The merchant may reject the transaction order

21


Solution – Chains of Endorsers

A customer can have more than one endorser

If one endorser is not available another endorser can endorse the transaction

• The liability for the item is shared among endorsers

To motivate endorsers to participate

• Some part of the transaction amount awarded to endorsers (e.g. 3% of the transaction cost)

The bank creates an endorsement tree during registration• Each endorser ID is mapped to a

customer

• This could also prevent self-endorsement

22


Outline

Overview

Proposed Endorsement-based Mobile Payment System

Schemes to Prevent Attacks

Conclusion

23


Conclusion

We proposed a new mobile payment system whichadopts infrastructureless mobile ad-hoc networks(MANETs)

• To allow users to purchase necessities in a disaster area.

The proposed system provides solutions to securemobile payment transaction in a disaster area• By Preventing

Double spending

Fraud

Collusion

Reset and recovery attacks

Impersonation of users

24


Babatunde Ojetunde, Naoki Shibata, Juntao Gao, and Minoru

Ito : An Endorsement Based Mobile Payment System for A

Disaster Area, in Proc. of The 29th IEEE International

Conference on Advanced Information Networking and

Applications (AINA-2015) , pp.482-489, Mar. 2015.

DOI:10.1109/AINA.2015.225

[ PDF ]

http://dx.doi.org/10.1109/AINA.2015.225

http://ito-lab.naist.jp/mediawiki/images/0/0d/150326aina.pdf