Mobile phone micropayment protocol based on QR code

Abstract

The convergence of online and mobile technology continues to drive the evolution of the payments industry and change the way consumers the world over make purchases. Among payment methods, an electronic payment plays a crucial role. It also commonly known as usage of mobile wallet which also has the monetary value as the money we use day to day. The implementation of such secure products and services will be a challenging task in future due to various security threats. With the increase of usage in mobile commerce it is necessary to support secure payments methods. Even the few existing electronic payment systems are expensive due to technological and implementation cost or the cost of doing transactions. Development of a protocol with the intention to solve these problems is proposed in this thesis. The objective of the project is to come up with a payment protocol that cost efficiency and higher protection together with the security. The symmetric key encryption is used for secure the intermediate communications along with Hashing. For this, a proposed approach is available in the document under Methodology and Design. It describes the entire flow of the payment protocol with the above concepts in line. The thesis covers design and implementation of an electronic payment protocol called Quick Response Code Payment System Protocol (QRCPSP). The QRCPSP addresses the general online payment scenario where client and merchant used financial institution as their intermediates third party. QRCPSP is a request-response based protocol. QRCPSP needs a message transfer protocol which supports request-response model. Hypertext Transfer Protocol (HTTP) / Hypertext Transfer Protocol Secure (HTTPS) would be a good candidate for the transfer protocol. Client and Merchant exchange several request-response messages with same centric server. High security, interoperable with other e-commerce solutions, being economical, being regulatory compliant are some of the primary goals identified to be achieved Implementation of the proof-of-concept for the designed protocol and production implementation plan realize the primary objectives. The scope of this project is limited to implement this protocol only for point of sale purchases. This can be further customized/ extended for other scenarios (such as online purchases) as well and that will be kept as future work. IV Acknowledgement