The increasing use of smartphones has driven to a global demand and offer of mobile applications, some are free and other are paying. For this last category, the only way to purchase is to use a credit card, which is not owned by everybody, especially young people, and therefore limits the number of customers. The idea of directly charging the phone bill appeared to offer a new solution of payment. The main issue to provide this service is to securely authenticate the phone number (actually the MSISDN) to charge. This is not such a problem on mobile networks, since this number is retrievable from them (its mandatory to be able to connect the mobile network), and the phone bill charging is already available on those networks. The challenge is to extend the solution to any Wi-Fi connection, as the phone number is not included, and so harder to securely authenticate. Reasons to use the Wi-Fi are variables: more customers, larger bandwith, lower costs, etc.. One of the solution to handle this was to use tokens and one-time passwords. We will study the benefits and disadvantages of this solution, by describing the mechanism which performs security but also the hacking tricks known nowadays which try to eavesdrop sensitive data, to steal money or goods.
|Date of Award||10 Sep 2012|
|Supervisor||Jean-Noel COLIN (Supervisor)|