PVC High Speed Door are designed for indoor use and ensure rapid handling operations between different areas that should remain separated. These safe and efficient industrial doors are made of a shaped steel frame and covered with PVC. These high speed doors are safe and efficient and consist of a shaped steel frame covered with PVC. Safety is ensured by their photocells and barriers.
High speed doors protect us from harm, save energy and help us to separate processes for optimal productivity. A high speed door's most important job is to simply open and close quickly and safely every time you need it.
The high speed pvc roll shutter door require high strains, caused by the high operating speed and the frequency of openings, have to be taken into account during construction. In the same way, basic conditions like size and installation location add up to considerable requirements regarding safety and control technique.
PVC High Speed Door,Large PVC High Speed Door,Transparent High Speed Door,Great Performance High Speed Door Shenzhen Hongfa Automatic Door Co., Ltd. , https://www.hfhighspeeddoor.com
With the widespread use of e-commerce in China, the payment methods used by people have long been not limited to cash, but have expanded to bank cards, online banking, and telephone banking. At present, with the widespread use of mobile phones in China, applications based on mobile terminals are becoming more widespread. As a result, mobile communication tools have emerged to produce more convenient mobile payment functions. People can use mobile phones to log in to the Internet for remote shopping and consumption. In the convenience store, shopping malls, supermarkets, etc. to conduct credit card spending [1-3]. However, as an emerging electronic payment method, mobile payment has advantages that cannot be matched by traditional payment methods, but its security has attracted more attention. Because the current mobile payment behavior is based on the bank card, credit card, and the business card binding on the mobile phone number, or based on the close proximity of the mobile phone SIM card and POS, it is similar to password cracking, information replication, virus infection, etc. All of them may cause major losses to mobile payments. Therefore, we need to analyze the security of mobile payment and solve it through technical means [3-5].
1 Mobile Payment Concepts and Classification 1.1 Conceptual Analysis
At present, around the mobile payment in daily life involves a large number of new payment terms, including mobile payment, mobile payment, mobile wallet, mobile wallet, mobile banking, mobile banking, etc. They are mutually related and different.
The so-called mobile payment is also called mobile payment, which is a service mode that allows a user to use his/her mobile terminal (usually a mobile phone) to make payment for goods or services consumed. Units or individuals can directly or indirectly send payment instructions to banking financial institutions through mobile devices, the Internet, or proximity sensors to generate currency payment and fund transfer activities, thereby realizing mobile payment functions. Mobile payment integrates terminal equipment, Internet, application providers, and financial institutions to provide users with financial services such as money payment and payment [6]. The so-called mobile wallet is also called mobile wallet. It refers to the small electronic wallet business developed by China Mobile based on Radio Frequency Identification Technology (RFID). After the user handles the business, he can use the mobile phone to conduct credit card spending at the merchants of China Mobile. The mobile wallet (mobile wallet) is an intermediate account for mobile e-commerce transaction payments of Chinese mobile users, which can better meet the needs of banks for small-sum mobile e-commerce settlement processing and meet the needs of merchants for small-sum commodity transaction management. Used by users. After the user opens the mobile wallet business, he can have a consumer account that is bound to the mobile phone number. The account is the mobile phone number directly. Recharging this account [7] is like building a banknote into the mobile phone. When the merchant consumes money, You can check out the phone by swiping your phone in front of a dedicated POS credit card machine, or you can go online or send a text message for remote shopping. In addition, this service can also be used for the company's access control system and internal corporate consumption, such as canteen dining, internal consumption and so on.
The so-called mobile banking, also called mobile banking, is an abbreviation for using mobile communication networks and terminals to handle related banking services. Mobile banking is composed of mobile phones, GSM short message centers and banking systems. During the operation of the mobile banking, after the user issues a command to the bank through the menu on the SIM card, the SIM card generates and encrypts the specified format according to the user's instruction, and then instructs the mobile phone to send a short message to the GSM network. After the GSM short message system receives the short message, According to the corresponding application or address, it is transmitted to the corresponding banking system. The bank preprocesses the short message and then converts the command into the host system format. The bank host processes the user's request and returns the result to the bank interface system. The interface system will process the message. The result is converted into a short message format, and the SMS center sends the message to the user.
By comparing the three concepts, we can find that mobile payment (mobile payment) is a holistic concept. Users handle mobile services through mobile devices, the Internet, or proximity sensors. The mobile wallet (mobile wallet) is more inclined to the small amount of electronic wallet business. Its main consumption method is to pay for the on-site payment by swiping the card in front of the POS credit card machine. Mobile banking (mobile banking) mainly handles related banking services. In other words, when a user uses a mobile phone to conduct banking operations, he or she actually conducts related business transactions with the bank, such as inquiring about bills, bank transfers, and so on.
1.2 way classification
According to the application of mobile payment in e-commerce, we believe that mobile payment can be divided into the following types according to business types:
1) SMS (Short Message Service, short message service). The terminal user requests the service content by sending a short message and deducts the fee from the user's credit. Usually, it is only suitable for small-sum payment, such as downloading ringtones using a short message payment service.
2) WAP (Wireless Application Protocol), the end-users access to the WAP site for simple financial services, users can use the mobile Internet for remote operation, such as: shopping on the Internet and pay telephone bills, water, electricity, gas Fees and so on.
3) USSD (Unstructured Supplementary ServiceData, unstructured supplementary data service) is a new interactive data service based on GSM network, such as securities trading, mobile banking, etc.
4) NFC (NearField Communication, short-distance communication) is a short-distance wireless connection technology. Users can use the “mobile wallet†to perform “machine†consumption on-site at a merchant POS, for example: in convenience stores, shopping malls, and supermarkets. Places such as the site for credit card spending.
2 Development status of mobile payment at home and abroad 2.1 Foreign development status
AT&T, T-mobile, and Verizon Wireless, the three largest mobile operators in the United States, established a joint venture mobile payment company, ISIS, in November 2010. The company plans to conduct pilots in Salt Lake City in 2012, using mobile payment capabilities to complete sales settlements for Salt Lake City retailers, and provide Utah Transportation Authority with a mobile ticket payment method. The company envisages transforming Salt Lake City and other cities into places where consumers do not need to carry their wallets and use mobile phones instead of cash and credit cards. A few days ago, Aite Group released the forecast data of US bill payment channels and methods from 2010 to 2013, showing that in the next three years, mobile payment will increase by 377 percent, becoming the fastest growing channel for Americans' daily bill payment, online payment and debit card. Payment and telephone payment will also increase by 18%, 4%, and 1%, respectively [8].
The European Union paid attention to the mobile payment function from the end of 2007. The UK's credit card issuers Barclaycard, Nokia and VisaEurope have jointly launched mobile wallet services, which are mainly used for small payments when using public transport and buying newspapers. As of March 2011, there were a total of 20 million mobile phone users in the five European countries (UK, France, Spain, Germany, and Italy), of which 8.5% of mobile phone users had mobile phone payment functions.
Japan's mobile wallet has expanded to large-scale payments, including even consumer credit and stock investment business. The top promoter of the mobile payment market in Japan is NTTDoCoMo. As early as 1999, NTT DoCoMo launched i-mode mobile Internet services and achieved great success. In order to develop its mobile credit card business, NTT DoCoMo entered into a strategic alliance with Sumitomo Mitsui Sumitomo and Sumitomo Mitsui Banking Corporation (SMFG) and Mitsui Sumitomo Bank Co., Ltd. in April 2005 and spent RMB 98 billion to develop mobile payment functions. ].
In Korea, currently 70% of electronic payments (ie, more than $1 billion in transaction volume) are completed by mobile payments. Through cooperation with operators, almost all Korean retail banks provide mobile banking services. Today, more than 300,000 people each month choose a slot with a special memory card when purchasing a new mobile phone to store banking transaction data and encrypt information during transactions.
2.2 Domestic Development Status
In China, the mobile payment industry is a new industry. By the end of 2010, China’s mobile phone subscribers reached 7.4 billion, and mobile phone users with a total of 192 million mobile payment functions were opened, achieving 26.285 million transactions and a total payment of 17.04 billion yuan. In addition, a number of SIMpass pilot application demonstration projects have been launched, including Hunan Mobile, Chongqing Mobile, Xiamen Mobile, Guangdong Mobile, and Nanjing Mobile. Among them, Hunan Mobile began the SIMpass pilot work in the second half of 2009. At present, the main applications include the access control of the Hunan Mobile Office Building, canteen dining, beauty salons and parking fees. Chongqing Mobile has built the nation’s most mature on-site mobile micro payment business environment in the field of micropayments. As of August 2009, the number of RFID on-site mobile payment users in Chongqing has reached 500,000, the number of merchants has reached 4,000, and more than 5,500 POS machines have been laid. The monthly consumption has exceeded 5 million yuan, and the amount of user recharge has exceeded 3 million yuan. Xiamen Mobile has already purchased 20,000 dual-interface SIM cards for the application of public transport cards. At present, 500 cards have been issued and the use effect is good. In addition, Xiamen Mobile and Xiamen eTong Card and China Construction Bank are negotiating the construction of a mobile payment platform. Guangdong Mobile has already established a mobile payment platform based on a dual-interface SIM card, which is mainly used in the subway project in Guangzhou. In addition, Guangdong Mobile has used SIMpass for building access control, canteen dining, etc., and employees have fully experienced the convenience brought by this technology. Nanjing Mobile's newly launched “Smart Mobile Mobile Card†service will benefit 7 million mobile subscribers in the city. Citizens can use mobile payment to complete bus, subway and taxi consumer transactions, and even go to supermarkets to refuel at gas stations. .
3 Security Issues in Mobile Payments 3.1 Status Quo of Security Issues in Mobile Payments
After analyzing the present status of the current use of mobile payments at home and abroad, we propose the following security issues that may be hidden in mobile payments:
1) Ordinary mobile phones usually do not have encryption technology, which often leads to information disclosure during the payment process. This has become a major challenge for mobile payment development. When the user uses the mobile phone for payment, no security measures such as encryption are provided, and the hackers can steal the user information through a phishing website or a Trojan horse program, and will be illegally copied by the mobile payment function, thereby causing the loss of the user.
2) To identify the parties involved in the transaction, one of the major issues to be solved in mobile payment is the confirmation of the legal status of the business and consumers. Since mobile payment connects banks and merchants closely and involves cash transfer transactions, how to solve legal identity authentication is particularly important.
3) The user credit system needs to be further developed and improved. Usually, some small-sum payment services can make payment transactions by deducting mobile phone bills, which may result in the phenomenon of phone calls overdrafts, malicious defaults, and so on. At the same time, because China's mobile phone number management is not perfect, many mobile phone numbers have not yet been taken under real name management at the time of purchase, which may cause malicious overdraft.
4) The loss of mobile phones will cause losses to mobile payment users. Due to the convenient portability of the mobile phone, the mobile phone may also be frequently lost in daily life, and mobile payment is usually associated with a mobile phone card and a bank card or credit card, which may cause the user to lose their own mobile payment account after losing the mobile phone. The risk of fraudulent use by others.
Figure 1 shows the system structure of mobile payment. Mobile payment is composed of banks, merchants, mobile payment service providers, certification centers, and users. The system also includes mobile network operators, mobile network content providers, and credit card services. Such as other organizations generating business transactions, such a large and complex mobile payment industry chain, its security issues not only involve its own technology security precautions, but also take into account the security of the transfer of information and other systems.
3.2 Mobile Payment Security Features
After considering the security issues facing mobile payment, we believe that the mobile payment system needs to have the following features:
1) Authentication of both parties to the transaction: The mobile payment function should be able to confirm the identity of the parties to the transaction.
2) Privacy of data information: transactions must maintain their inviolability. Information sent and received via the Internet should not be read, modified, or intercepted by any intruder. Before hacking into the computer system, it often uses network peeping and collects important information such as the account number, password and user name entered by the user when logging in to the system in advance, and then intrudes into the system by name.
3) Consistency and completeness of data information: Mobile payment transactions must ensure that transactions are not destroyed or interfered. The transfer process of electronic transaction content between the client and server needs to be confirmed that it has not been changed, that is, information is processed in the transaction process. Cannot be added, deleted or modified arbitrarily.
4) Non-repudiation: Mobile payments must be a security service that prevents the sender or receiver from repudiating the transmitted messages. That is, when the receiver receives a message, it can provide enough evidence to prove to the third party that the message is indeed from a sender, and the sender cannot be denied to send this message. Similarly, when sending a message, the sender also has enough evidence to prove that a certain recipient has indeed received this message.
4 Analysis of Mobile Payment Security Technology
Based on the analysis of mobile payment security issues, we believe that mobile payment security can be ensured through wireless public key infrastructure (WPKI), WAP security, and identity authentication.
4.1 Wireless Public Key Infrastructure (WPKI)
WPKI (WirelessPKI) is an extension of the wired PKI. It introduces the PKI security mechanism in Internet e-commerce into the mobile payment transaction process. WPKI effectively establishes a secure and effective wireless network communication environment by adopting public key infrastructure and certificate management policies. Based on WAP's security mechanism, WPKI enhances the security of mobile payments by managing relationships among entities, keys, and certificates. WPKI is a security infrastructure platform. All applications based on authentication need the support of WPKI technology. It can be combined with WTLS and TCP/IP to implement functions such as identity authentication and private key signature. The main components of WPKI include: end-user entity application (EE), PKI portal (PKI Portal), certification authority (CA), directory service (PKIDirectory), WAP gateway, and server. The basic working principle of WPKI is shown in Figure 2. :
The basic working principle of WPKI is [10]:
1) The user submits a certificate application to the RA;
2) The RA examines the user's application. After passing the review, the application is submitted to the CA; the CA generates a pair of keys and creates a certificate for the user, and passes the certificate to the RA;
3) CA publishes the certificate to the certificate directory at the same time for users of the cable network;
4) RA saves the user's certificate, generates a certificate URL for each certificate, and sends the URL to the mobile terminal user;
5) At the same time, the wired network server downloads the certificate list for backup;
6) The mobile terminal sends a document, signature, and certificate URL to the WAP gateway to establish a secure WTLS/TLS connection;
7) Establish a TLS/SSL connection between the WAP gateway and the wired network server;
8) The mobile terminal and the wired network server implement secure information transmission.
4.2WAP Protocol Security Mode
We can solve the security problem of mobile payment transaction protocol through WAP protocol. The security of WAP is mainly realized by WTLS/TLS and WMLScriptSignText.
1) WTLS/TLS. Wireless Transport Layer Security (WTLS) is a security protocol based on the industry standard TLS Protocol. It is a security layer designed to be used above the transport layer. The function of WTLS is similar to the SSL encrypted transmission technology used by the global information website to ensure that the data is encoded and encrypted during transmission, so as to prevent hackers from stealing confidential data during data transmission. WTLS is designed to provide privacy, data consistency, and authentication services between two communications applications. WTLS supports different levels of security. Each level involves different hand-shake requirements. A higher level of security may require more complex handshake procedures and larger bandwidth. WTLS supports different encryption mechanisms and divides different security levels according to the length of the key [11].
2) WMLScriptSignText. The user can accept or reject the application written by the developer by entering some text. The WAP browser provides a WMLScript function, Crypto.signText is used to require the user to enter some strings. When the SignText method is called, the string entered by the user is displayed and the user is requested to confirm it. For example, when the user accepts, it must enter the PIN code. After the data is signed, the signature and data are transmitted back to the server, and the server verifies the identity of the user after obtaining the digital signature.
4.3 Identity authentication
In the mobile payment, the most critical issue is the user's identity authentication. We propose the following five ways to provide different levels of authentication:
1) The mobile phone number is managed by real name system;
2) Mobile payment adds a fixed password;
3) Use a shared key during the mobile payment process and carry out symmetric encryption for data exchange;
4) The method of dynamic password management can be adopted in mobile payment, and passwords are managed uniquely;
5) Mobile PKI can be used for identity authentication, such as WIM.
In actual operation, different authentication methods will be determined according to different factors and security requirements. Small mobile payment authentication can use mobile phone number and fixed password authentication, and large mobile payment authentication can use fixed password and dynamic password to improve security. In addition, the mobile PKI authentication method based on WIM can meet the above two requirements at the same time, and can then complete more mobile payment functions [5].
5 Conclusion
With the widespread use of mobile phones, mobile payment is more popular for users through mobile phones. People can not only use mobile payments to shop on the Internet, handle daily consumption, and handle bank-related businesses. They can also use mobile wallets to make short-term credit card spending on POS machines, which greatly facilitates people's lives. However, the security of mobile payments cannot be ignored. In researching mobile payment security technology, China can adopt unified standards and specifications, improve key technologies such as transaction flow, encryption and electronic authentication, online payment, credit management, supply chain management, and system integration, and gradually formulate mobile e-commerce business and technical specifications. Accelerate the formulation and improvement of industry-related business norms and standards, and increase the research and development efforts of security chips, SIM cards, and smart card readers to jointly promote the industrialization of mobile payments [6]. (The First Institute of Wen/* Hao Wenjiang, Wu Jie)
About the Author:
Hao Wenjiang (1975-), male, Shandong, engineer, Ph.D., major research direction: information network security; Wu Jie (1984-), female, Shanxi, assistant engineer, undergraduate, major research direction: information network security.
Discussion on the Concept of Mobile Payment and Solution to Security Problems
introduction