A SIM-based electronic transaction authentication system

This paper presents a SIM-based tool for user authentication in various service areas such as financial transactions in e-commerce. Other remote services can use SIM as an authentication tool over existing GSM technology through GPRS, which is an additional packet data feature for the GSM network. GPRS enables packet-switched traffic to exist in predominantly circuit-switched GSM infrastructure. As GPRS is designed to support packet based protocols, such as the Internet Protocol (IP) based burst and uneven traffic flow, it enables new services such as reasonably fast access to the Internet, electronic mail and other data oriented services. These services have been too inefficient in traditional circuit-switched digital mobile networks. Using GPRS features the e-commerce applications can use SIM for user authentication in transactions. SIM can also be a tool for user identity and authentication around the corporate intranets. This can reduce security infrastructure setup and investment overhead for the security concerned organizations. This paper presents an electronic payment protocol that uses SIM based authentication along with illustration of its formal modelling and verification results. The proposed authentication system offers more robust security features than other electronic transaction systems proposed to date.