Secure Mobile Payment Via Trusted Computing

Mobile payment (m-payment) received significant attention because it enables an easy payment mechanism and becomes an important complement to traditional payment means. However, m-payment over open devices and networks poses security challenges of a new dimension. Although many researchers address security issues in mpayment, there are still some security problems that are not well resolved, such as platform integrity and user privacy protection. In this paper, authors propose general payment architecture with Trusted Computing (TC) technologies to secure mobile payment. Using only a simple mobile payment infrastructure, a platform integrity protection solution is proposed to secure payment software downloading, application initialization, and secure payment transactions. Authors further propose two schemes to enhance the performance and flexibility of the solution.