Please use this identifier to cite or link to this item:
Title: NFC Based Secure Transaction Handling System
Authors: Amarasekera, K.A.
Issue Date: 30-Jun-2015
Abstract: NFC smart cards have been there for a while now. Introduced in 2003, after over ten years NFC smart cards are not gaining much popularity compared to other technologies that emerged in the same timeframes such as Bluetooth. NFC smart cards are capable of storing data securely in it and are designed to perform offline transactions without any requirement to contact a backend server. However many research papers were found where the security layer of NFC card were questioned and in some cases compromised in lab conditions. No matter how strong the key is, if it is known, the whole system becomes defenceless. Aim of this research work is to enhance the security layer of NFC cards by introducing an algorithm to dynamically generate card access keys unique to each card, per transaction basis to read, write and modify the card content, making key theft worthless. Key regeneration was strengthened with SHA-1 hashing. Encrypting the required parameter with AES keys and the capability of changing them remotely from application side, makes the algorithm strong. In order to demonstrate the functionality of the algorithm, a prototype model was implemented for Sri Lanka Tourism. The prototype addresses the travel problem faced by tourists, found in the literature review. The prototype consists a server application, providing required services for clients and controlling access keys, client windows applications supporting offline mode to mimic multi app support in one card. A mobile application was also implemented to demonstrate the portability and adaptability of the proposed algorithm. For the prototype MIFARE classic 1K card was used and reformatted from transport configuration as required by the algorithm. The card contains a travel account that can be top up with eCash in concept and buy travel tickets on southern express highway. The other app implemented is an e-ticket booking system for tourist attractions in the country. Evaluation was done with foreign students of language centre of the University of Kelaniya and positive feedback was received. The framework implemented was also evaluated with domain experts for its dynamic key generation algorithm. Overall the project has achieved most of its target scope.
Appears in Collections:Master of Computer Science - 2015

Files in This Item:
File Description SizeFormat 
NFC Based Secure Transaction Handling system (PDF).pdf
  Restricted Access
4.74 MBAdobe PDFView/Open Request a copy

Items in UCSC Digital Library are protected by copyright, with all rights reserved, unless otherwise indicated.