一种终端认证简化的在线移动支付模式与协议

信息安全技术在移动互联网中最重要的应用是移动支付，移动终端认证又是移动支付首先要解决的问题.移动支付的特殊性要求移动终端的认证要尽可能简单并对设备的依赖性最小，为此提出终端认证简化的移动支付模式.该模式建立在基于“预信任”的分层认证模型与公共服务域为特征的支付系统架构上.通过建立商户为起点的信任传递链以及公共服务域中的帐户寻址与管理机制来实现系统安全可控及终端认证简化的目标.给出了相关研究综述、模式的系统架构、认证模式以及相应的支付协议，并对协议的安全性进行了分析.

An Online Mobile Payment Model with Simplified Terminal Authentication

Mobile payment is an important and core application of information safety technology in mobile Internet，and the mobile terminal authentication is the important issue needing to be solved first in mobile payment. In order to meet the special requirement of mobile payment, such as mobile terminal resource constraints from portable needs and mobile terminal update acceleration from more and more rich personalized needs, the steps of terminal authentication need to be as simple as possible, the dependence on equipment needs to be as little as possible, and the customer’s operation experience also need the authentication to be as simple as possible. So there should be a simplified and independent of equipment’s terminal authentication. Therefore, a mobile payment model with simplified terminal authentication is introduced. The model is designed based on the “pre-trust” hierarchical certification model and the payment system framework with a character of “public-service-domain”. To achieve the purpose of controlled system safety and simplified terminal authentication, a credit transfer chain starting from merchants is built, as well as an account addressing and management mechanism are designed. Meanwhile, related research review, system framework, authentication model and corresponding payment protocol are given. Furthermore, the security of the protocol is analyzed.