DOC

Analysis of Mobile Infrastructure for Secure Mobile Payments

By Tony Jones,2014-07-01 11:00
8 views 0
Analysis of Mobile Infrastructure for Secure Mobile Payments

     Mobile Payment Forum, India March 2008 Analysis of Mobile

    Infrastructure for Secure

    Mobile Payments

     This paper is intended to evaluate various networks and services being used to

    conduct secure mobile payments using mobile phones. Submitted by

    Prabu Raju atom tec hnologies limited Anil Gajwani Bharti Teleservices Limited Prof. T.A. Gonsalves IIT Madras

    Ch.Raja Srinivas Tata Tele Services Limited

Table of Contents

    Overview ................................................................................................................................................ 3 Short Message Service (SMS) .................................................................................................................. 4 Unstructured Supplementary Services Data (USSD) ............................................................................... 6 General Packet Radio Service (GPRS) ...................................................................................................... 8 Code Division Multiple Access (CDMA) ................................................................................................... 9 Appendix .............................................................................................................................................. 10 GSM Network .................................................................................................................................... 10 References ............................................................................................................................................ 13

Overview

    Mobile Payments is a new convenient scheme for customers to perform transactions, and is predicted

    to increase as the number of mobile phone users increases. The use of mobile devices, such as a cellular

    phones and PDAs, to make payments is increasingly common, particularly in Asia and Europe. Mobile

    payment can be defined as any payment transaction which involves a mobile device. There are wide

    ranges of options available to perform mobile payments due to the availability of network technologies.

Mobile network technologies have evolved from analog based systems to digital based systems and

    from circuit switching to packet switching technologies. This evolution can be described by different

    generations of mobile technologies, i.e. first-generation (1G), second-generation (2G), 2.5G and third-

    generation (3G) technologies. Only 1G is based on analog technology. Some of the main standards for

    each generation technology are:

    ? 1G: Advance Mobile Phone System (AMPS) in North America, Total Access Communication

    System (TACS) in UK, Nippon Telegraph & Telephone (NTT)in Japan, Code Division Multiple

    Access One (CDMAONE).

    ? 2G: Global System for Mobile Communication (GSM), Code Division Multiple Access 2000

    (CDMA2000), High Speed Circuit Switched Data Technology (HSCSD).

    ? 2.5G: General Packet Radio System (GPRS) & Enhanced Data Rate for GSM Evolution (EDGE).

    ? 3G: Universal Mobile Telephone Standard (UMTS).

Short Message Service (SMS)

    SMS provides a mechanism for transmitting short messages to and from wireless handset.

    Short Messaging Service was created as a part of the GSM Phase 1 standard to send and receive short text messages, of 70-160 alphanumeric characters in length, 8 bit Binary Message of 140 characters in length to and from mobile phones.

    SMS is a smart service, as it can store messages when to the target mobile device is switched off and forwards the messages when the unit is again in use. SMS applications are voicemail/fax notifications, delivery of replacement ring-tones, operator logos and group graphics, unified messaging, personal communication (text messaging), and information services. Basically, any information that fits into a short text message can be delivered by SMS.

Security

    The initial idea for SMS usage was intended for the subscribers to send non-sensitive messages across the open GSM network. Mutual authentication, text encryption, end-to-end security, non-repudiation were omitted during the design of GSM architecture.

    SMS Spoofing

    SMS spoofing is an attack that involves a third party sending out SMS messages that appear to be from a legit sender. It is possible to alter the originator s address field in the SMS header to another alpha-numerical string. It hides the original sender s address and the sender can send out hoax messages and performs masquerading attacks.

SMS Encryption

    The default data format for SMS messages is in plaintext. The only encryption involved during transmission is the encryption between the base transceiver station and the mobile station. End-to-end encryption is currently not available. The encryption algorithm used is A5 which is proven to be vulnerable. Therefore a more secure algorithm is needed. The SMS security mechanism relies on GSM/UMTS signaling plane security mechanism.

    SMS may be eavesdropped by the man-in-the-middle attack as no encryption is applied to SMS message transmission.

Conclusion

    SMS based mobile payment systems are already in use globally. There might be certain risks when using SMS in the payment transaction. The SMS can be used for mobile payments provided the customized

client built by SIM toolkit or Java application is used for the deployment of SMS transaction to provide

end-to-end encryption.

Unstructured Supplementary Services Data (USSD)

    USSD is a mechanism of transmitting information via a GSM Network. USSD offers a real-time connection during a session. Turnaround response times for interactive applications are shorter for USSD than SMS because of the session-based feature of USSD.

    A USSD message can be upto 182 alphanumeric characters in length. Unstructured Supplementary Service Data allows interactive services between a MS and applications hosted by the Mobile Operator. These messages are composed of digits and the #, * keys, and allow users to easily and quickly get information/access services from the Operator.

    The first USSD services were called "Phase 1", or "MAP 1" and were only able to pass information from the handset to the USSD application with a confirmation. There was therefore no session held between the handset and the application.

    "Phase 2" (or "MAP 2") USSD added the capability for establishing a session instead of a once-off transaction. This meant that the handset and the USSD application could now have the technical equivalent of a dialogue.

    GSM handsets supported USSD from the first days of GSM, so unlike SMS, every single GSM handset in the world supports USSD. Phase 2 has been supported for years and over 99% of handsets currently in use can use sessions on the USSD bearer.

    USSD is a session oriented service, and can support a sequence of exchange of information. Phase 2 USSD also allows messages to be pushed onto a MS. It is several times faster than MO SMS messages since there is no store and forward of messages. The USSD gateway supports an open HTTP interface.

Generally the USSD functionality is implemented in the following modes:

    ? Pull Mode, will handle Mobile Initiated USSD Requests.

    ? Push Mode will handle network Initiated USSD Requests. Most handsets also support NI USSD (network initiated USSD), also called "USSD Push". With NI USSD, the network can push information to the subscriber's handset.

    Another important fact about USSD, is that messages from handsets always route to the home network. This means that if you are roaming in another network, then dialing a USSD string on your phone will always route to the application on your home network. If you are used to accessing a particular service in your home network, then you will also be able to access it from another country. Conversely, roaming subscribers from other networks cannot access USSD services on a host network.

Security

USSD possesses no separate security properties; instead it relies on GSM/UMTS signaling plane security

    mechanism.

    Conclusion

    USSD solutions are already in use for mobile payments across the globe. Some measure of encryption or

    message integrity verification is required to provide a secure USSD based payment system. USSD cannot

    provide additional security on its own. Another application is used for the deployment of USSD

    transaction to provide end-to-end encryption

General Packet Radio Service (GPRS)

    GPRS is a high-speed packet data technology, being deployed in GSM networks worldwide. This will greatly enhance the services available to the end-user of mobile data computing. GPRS allows for the sending and receiving of data at much higher speed than available today. Data transmissions speeds go from 9.6 kbps to a theoretical maximum speed of up to 171.2 kbps are achievable with GPRS using all eight timeslots at the same time.

    GPRS only uses its radio resources when users are actually sending or receiving data, therefore the available radio resource can be concurrently shared between several mobile data users, rather than dedicating a radio channel to a single user for a fixed period of time. This efficient use of scarce radio resources means that large numbers of GPRS users can potentially share the same bandwidth and be served from a single cell.

Security

    The GPRS Core network is an integrated part of the GSM network; it is layered over the underlying GSM network, with added nodes to cater for packet switching. GPRS also uses some of the existing GSM network elements; some of these include existing Base Station Subsystems (BSS), Mobile Switching Centers (MSC), Authentication Centers (AUC), and Home Location Registers (HLR). Some of the added GPRS network elements to the existing GSM network include; GPRS Support Nodes (GSN), GPRS tunneling protocol (GTP), Access points, and the (Packet Data Protocol) PDP Context.

    GPRS security functionality is equivalent to the existing GSM security. From a security point of view the same advantages and short comings of GSM applies to GPRS service. At session initiation, a user is authenticated using secret information contained on a smart card called a Subscriber Identity Module (SIM). Authentication data is exchanged and validated with records stored in the HLR network node.

    The microwave links to the BSSs are extensively used when the operator opens its service. The voice and cipher keys Kc can be intercepted on these links. In order to avoid the attack, the operators should replace the weak A3/A8 algorithm with a strong one.

    Conclusion

    GPRS solutions are already in use for mobile payments across the globe. Application level security should be used to provide end to end transaction security. Even though most of the mobile phones support GPRS, not all the phone user activates the GPRS connection and in most of the countries GPRS is very expensive.

Code Division Multiple Access (CDMA)

    Code Division Multiple Access (CDMA) is a proprietary standard for mobile communication, where GSM is an open standard. CDMA was pioneered by Qualcomm and enhanced by Ericsson. Both standards are in competition for dominance in the cellular world. CDMA is a spread spectrum technology, which means that it spreads the information contained in a particular signal of interest over a much greater bandwidth than the original signal. A CDMA call starts with a standard rate of 9.6 kbps, which is then spread to a transmitted rate of about 1.23 Mbps.

Security

    By design, CDMA 2000 1xRTT technology makes eavesdropping very difficult, whether intentional or accidental. Unique to CDMA 2000 1xRTT systems, is the 42-bit PN (Pseudo-Random Noise) Sequence called “Long Code” to scramble voice and data. On the forward link (network to mobile), data is scrambled at a rate of 19.2 Kilo symbols per second (Ksps) and on the reverse link, data is scrambled at a rate of 1.2288 Mega chips per second (Mcps).

    CDMA 2000 1xRTT network security protocols rely on a 64-bit authentication key (A-Key) and the Electronic Serial Number (ESN) of the mobile. A random binary number called RANDSSD, which is generated in the HLR/AC, also plays a role in the authentication procedures. The A-Key is programmed into the mobile and is stored in the Authentication Center (AC) of the network. In addition to authentication, the A-Key is used to generate the sub-keys for voice privacy and message encryption.

    CDMA 2000 1xRTT uses the standardized CAVE (Cellular Authentication and Voice Encryption) algorithm to generate a 128-bit sub-key called the “Shared Secret Data” (SSD). The A-Key, the ESN and the

    network-supplied RANDSSD are the inputs to the CAVE that generates SSD. The SSD has two parts: SSD_A (64 bit), for creating authentication signatures and SSD_B (64 bit), for generating keys to scramble voice and encrypt signaling/data messages. The SSD can be shared with roaming service providers to allow local authentication. A fresh SSD can be generated when a mobile returns to the home network or roams to a different system.

     Third Generation technologies (3G) add more security protocols, including the use of 128-bit privacy and authentication keys. For CDMA2000 networks, new algorithms such as Secure Hashing Algorithm-1 (SHA-1) are being used for hashing and integrity, and the Advanced Encryption Standard, AES (Rijndael) algorithm for message encryption. The AKA (Authentication and Key Agreement) protocol will be used for all releases following CDMA2000 Release C. The AKA protocol will also be used in WCDMA-MAP networks, along with the Kasumi algorithm for encryption and message integrity.

Conclusion

    CDMA solutions are already in use for mobile payments. CDMA is superior to 2G technology to GSM. CDMA is not widely used compared to GSM globally.

Appendix

    GSM Network

    Global System for Mobile Communications (GSM) is the most popular standard for mobile phones in the world. Figure 1 shows the basic structure of the GSM architecture.

    Figure 1 Basic Structure of GSM Architecture

Security Mechanisms in GSM Network

    The GSM network has some security mechanism to prevent activities like Subscriber Interface Module (SIM) cloning, and stop illegally used handsets. GSM has methods to authenticate and encrypt data exchanged on the network.

Report this document

For any questions or suggestions please email
cust-service@docsford.com