Abstract
With near field communication (NFC), smart card applications, including mobile payments and ID-based applications, can be integrated and deployed to smartphones. However, some of the physical anti-counterfeiting mechanisms are unavailable when the attributes of physical cards are digitalized. For example, photos and signatures can be used to verify personal identity when carrying out credit card payments or using ID-based applications, but the digital images shown by smartphones are easy to attack and forge. Such risks mean that mobile payments are often limited to relatively small transactions. Personal identification thus plays an important role in such smartphone applications, particularly when several smart cards are integrated into the devices. In this paper, an NFC anti-counterfeiting framework with a two-layered digital image protection mechanism is proposed; in this system, an application certificate signed by the service provider and image metadata are hidden in the personal digital image using digital watermarking, and the image metadata is protected by the secure element in the NFC device. Several procedures are designed to ensure the originality of the photo and signature images, so that the process of digital image authentication is as secure and practical as using printed images on a plastic card. Personal authentication and transactions can then be performed securely with the personal authentication applet (PAA) in an offline authentication process, which is fast and convenient compared to online authentication processes. Using the proposed NFC anti-counterfeiting framework, the authentication process in mobile payments will be more secure and thus can be applied with high value transactions.
Similar content being viewed by others
References
Want R (2011) Near field communication. IEEE Pervasive Comput 10(3):4–7
Clark S (2014) Two in three phones to come with NFC in 2018. NFC World. http://www.nfcworld.com/2014/02/12/327790/twothree-phones-come-nfc-2018/. Accessed 13 Jan 2015
Peachey K (2015) Cashless payments overtake the use of notes and coins. BBC. http://www.bbc.com/news/business-32778196. Accessed 28 May 2015
(2012) Visa easy payment service merchant best practices. VISA. http://usa.visa.com/download/merchants/veps-merchant-best-practices.pdf. Accessed 10 Jul 2015
Sony Felica. Sony. http://www.sony.net/Products/felica/. Accessed 10 Jul 2015
EasyCard. EasyCard Corporation. http://www.easycard.com.tw/english/index.asp. Accessed 10 Jul 2015
Wolfgang R, Wolfgang E (2010) Smart card handbook. Wiley
Akram R, Markantonakis K, Mayes K (2009) Application management framework in user centric smart card ownership model. In: Proc. of 10th international workshop on information security applications, Springer Berlin Heidelberg, Busan, Korea, pp 20–35
Ortiz-Yepes DA (2008) Enhancing authentication in eBanking with NFC enabled smartphones. Eindhoven University of Technology, Department of Mathematics and Computer Science. http://ercim-news.ercim.eu/en76/rd/enhancing-authentication-in-ebanking-with-nfc-enabled-mobile-phones. Accessed 10 Jul 2015
Lemonnier V, Corda A, Azoulai J (2011) Method for installing and managing NFC applications with pictures. U.S. Patent 20110072425
(2008) ETSI TS 102 613: smart cards; UICC - contactless front-end (CLF) interface; part 1: Physical and data link layer characteristics. ETSI. http://www.etsi.org/deliver/etsi_TS/102600_102699/102613/07.03.00_60/ts_102613v070300p.pdf. Accessed 30 Jul 2015
Shelfer M, Procaccino J (2002) Smart card evolution. Commun ACM 45(7):83–88
Creating a mobile payment ecosystem. Gemalto. http://www.gemalto.com/techno/inspired/nfc/mobile-payment-ecosystem. Accessed 14 Jul 2015
(2006) GlobalPlatform card specification v2.2. GlobalPlatform. https://www.globalplatform.org/specificationscard.asp. Accessed 14 Jul 2015
Ahmed N, Natarajan T, Rao KR (1974) Discrete cosine transform. IEEE Trans Comput C-23:90–93
Coskun V, Ok K, Ozdenizci B (2012) Near field communication (NFC): from theory to practice. Wiley
Otway D, Rees O (1987) Efficient and timely mutual authentication. Oper Syst Rev 21(1):8–10
Manuel S (2011) Classification and generation of disturbance vectors for collision attacks against SHA-1. Des Codes Crypt 59:247–263
(2008) EMV integrated circuit card specifications for payment systems, EMV 4.2. EMVco. https://www.emvco.com/specifications.aspx?id=155. Accessed 21 Jul 2015
Zdziarski J (2012) Hacking and securing IOS applications: stealing data, hijacking software, and how to prevent it. O’Reilly Media. pp 252–253
Mayes K, Markantonakis K (2008) Smart cards, tokens, security and applications. Springer
Haselsteiner E, Breitfuß K (2006) Security in near field communication (NFC). Strengths and weaknesses. In Proc. of workshop on RFID Security
Acknowledgments
This work was partially supported by the Ministry of Science and Technology of the Republic of China, Taiwan, under Grant MOST 103-3011-P-006-002-.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lee, W.H., Chou, C.M. & Wang, S.W. An NFC Anti-Counterfeiting Framework for ID Verification and Image Protection. Mobile Netw Appl 21, 646–655 (2016). https://doi.org/10.1007/s11036-016-0721-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-016-0721-9