A Conceptual Framework for a SIM-based Electronic Transaction Authentication System

Abstract

This paper presents a SIM-based tool for user authentication in various service areas such as financial transactions in e-commerce. Other remote services can use SIM as an authentication tool over existing GSM technology through GPRS, which is an additional packet data feature for the GSM network. It allows both packet-switched and circuit-switched traffic to exist in the GSM infrastructure. As GPRS is designed to support packet based protocols, such as the Internet Protocol (IP) based bursty and uneven traffic flow, it enables new services such as reasonably fast access to the Internet, electronic mail and other data oriented services, that have been too inefficient in traditional circuit-switched digital mobile networks. Using GPRS features, the e-commerce applications can use SIM as user authentication for transactions. SIM can also be a tool for user identity and authentication around the corporate intranets. This can reduce security infrastructure setup and investment overhead for the security concerned organizations. This paper depicts an electronic payment protocol by means of SIM based authentication with the illustrations of its formal modelling & verification results.