NP Content
NP Content
The use of smart phones has changed the lifestyle of the society. Almost all kind of useful
tools you can find on your smart phone. People used to buy goods every day. And for the
purchase of goods they must pay. Security is very important while payment is concern. In
this thesis we have designed and demonstrated a mobile phone application that can be used
for a small shop or a big market. For any kind of commerce application, three different kind
of entities are mostly involved: the customer, the sales person, and the management of the
shop. Our designed mobile application has three different interfaces for three different kind of
users: Manager Interface, Employee Interface, and Customer Interface. An interface for the
system administrator is also designed, which should be used as an desktop application on the
point of sale server. This application is flexible with capabilities of different payment options.
Our proposed design can be implemented in any smart phone environment for example
Android, iOS or Windows phone. This design provides availability, confidentiality, and
integrity of payment data.
vi | P a g e
Abbreviations and Acronyms
viii | P a g
e
Table of Contents
Acknowledgements ................................................................................................................................. iv
Abstract ................................................................................................................................................... vi
Abbreviations and Acronyms ................................................................................................................ viii
List of Figures ....................................................................................................................................... xiii
Chapter 1: Introduction and Scope .......................................................................................................... 1
1.1 Overview ....................................................................................................................................... 1
1.2 Problem Statement......................................................................................................................... 2
1.3 Scope ............................................................................................................................................. 2
1.4 Goals and Purpose ......................................................................................................................... 2
1.5 Research Methodology .................................................................................................................. 2
1.6 Limitations..................................................................................................................................... 3
1.7 Audience ........................................................................................................................................ 3
1.8 Thesis Organization ....................................................................................................................... 3
Chapter 2: M-Commerce Systems and Related Standards ...................................................................... 4
2.1 M-Commerce Systems .................................................................................................................. 4
2.1.1 M-Payments............................................................................................................................ 4
2.2 Security Issues ............................................................................................................................... 4
2.2.1 Communication Security ........................................................................................................ 4
2.3 Related Standards .......................................................................................................................... 5
2.3.1 Public Key Cryptography ....................................................................................................... 5
2.3.2 CA Server ............................................................................................................................... 5
2.3.3 FIPS 196 ................................................................................................................................. 5
2.3.4 NFC Technology .................................................................................................................... 6
2.3.5 SAFE (Secure Application for Financial Environments) ....................................................... 6
2.4 Analysis of the Existing Applications ........................................................................................... 7
Chapter 3: System Design and Architecture............................................................................................ 8
3.1 Roles .............................................................................................................................................. 8
3.2 POS System Component ............................................................................................................... 8
3.2.1 Manager Service Package....................................................................................................... 8
3.2.2 Employee Service Package..................................................................................................... 9
3.2.3 Customer Service Package ..................................................................................................... 9
3.2.4 Main Server Management Package ...................................................................................... 10
xi | P a g e
Figure 4.14 Paid Single Order Details ................................................................................................... 31
xiii | P a g e
Secure Mobile POS System
This is an introductory chapter of this thesis. This chapter starts with the overviews of this
research, where the area of research and its scope has been introduced. Then it describes the
problem statement of this research, the goals and purpose, and the research methodology of
this research. This chapter ends with limitations of the research, the audience of the
research, and the organization of this thesis.
1.1 Overview
There are several proposed mobile point of sale architectures and designs. But, none of them
has provided complete solution for all the roles (customers, sales person and managers)
involved in any business organization where sales is the main concern. Also, the proposed
solutions are not scalable with multiple types of payment capabilities. Therefore, the objective
of this research is to design, implement and test a secure mobile point of sale application that
provides interface for all the involved entities.
1.3 Scope
This thesis report describes a generic solution for any kind of business organization interested
to enhance their business experience by using mobile technology. We have designed our
application to provide support for different types of financial transaction capabilities. The
scope of this thesis is to demonstrate a B2C (business to customer) mobile transactions using
a mobile POS system.
The goals of this research are to find out the critical issues for mobile financial transactions
and to design a complete mobile point of sales application that can be used within any kind of
business environment, where financial transactions are involved. As we mentioned above,
mobile financial environment and its related fields are problematic. Our intention is to design
an architecture that should be secure and also generic for any business environment and any
kind of mobile platform.
The research has been performed by following the Hypothetical-deductive module[5] and also
the qualitative case study research methodology [6]. Design of the new architecture based on
hypothesis and this hypothesis has been created after the case study of different existing
secure financial transaction applications. After analyzing the existing problem situation and
existing solutions, we have designed a new architecture that have been partly implemented
and tested.
This research project has been organized in several steps, which are as follows:
First, study the existing problem area and the existing solutions within the area.
Secondly, analysis of those solutions in respect to problem area.
2|Page
Chapter 1 Secure Mobile POS System
Thirdly, design a new architecture that can improve the discussed problem area.
Fourthly, implement a new secure application based on the proposed new
architecture.
Finally, analyze the proposed solution with respect to security vulnerabilities.
1.6 Limitations
Due to time limitations all the designed modules of the mobile application are not
implemented.
1.7 Audience
Target audience of this thesis report includes small and large business organizations, those
who are interested to improve their sales experience with the new mobile point of sale
technology. Also financial organizations which want to enhance their banking facilities with
the business organizations using mobile transactions. This thesis will also be helpful for future
research within the field of secure mobile financial transactions and secure mobile point of
sale systems.
In Chapter 1 we have described the current situation of Point of Sale (POS) systems and
mobile financial transactions. We have mentioned the problem area within the mobile
transactions. Also the goals and purpose, the research methodology, the limitations have been
discussed. At the end, we have mentioned target audience and the structure of this thesis.
In Chapter 2 we describe the area of research in detail. We have also mentioned the related
standards for this research.
In Chapter 3 we give the detail design and system architecture of the Secure POS System. We
have also analyzed the security features of the proposed system.
In Chapter 4 we describe current implementation and demonstration of the secure mobile POS
system.
In Chapter 5 we present conclusions and future work within the research area.
3|Page
Secure Mobile POS System
In this chapter the m-commerce systems has been described. Also the related standards that
have been directly and indirectly used in this research are described.
B2B (business to business): A B2B transaction is performed when two different business
organizations make transaction between them. For example, a B2B transaction could be
between restaurant and a grocery shop. A restaurant can make order and pay bills to a grocery
from whom they buy fresh goods to make the food.
2.1.1 M-Payments
m-payment is the payment system that uses mobile environment to make any kind of payment
[10]. It could be an electricity bills or a restaurant bills that a customer can pay using his
mobile device.
Security is a very crucial issue while payment data need to be transferred between different
entities of the payment system.
In this application users and server communication will be established via communication
link through Internet. But, Internet channel is not a secure network. We can use HTTPS
(Hypertext Terminal Protocol Secure) for getting a trustful and secure network. HTTPS
provides encrypted communication in a insecure channel. It is a combination of HTTP with
4|Page
Chapter 2 Secure Mobile POS System
the SSL/TLS protocol [13]. HTTPS uses a certificate which is a public key certificate and
contains public key. And the certificate is signed by the trusted Certificate Authority (CA). A
secure tunnel is established between user and a communication server. HTTPS ensures
protection from eavesdropping and man-in-the-middle (MITM) attack.
In this section we have described the related standards that are used for design and
implementation of a secure mobile POS system.
There are two main types of cryptography mechanisms, such as symmetric key cryptography
and asymmetric or public key cryptography. For message encryption and description, both
sender and receiver use the same secret key in symmetric key cryptography mechanism. Key
management is a big problem of symmetric key cryptography when it communicates in an
insecure channel. But, public key cryptography has solved key management problem. In
public key cryptography, sender and receiver use different keys for message encryption and
description process: private key and public key are used in this mechanism. Private key is
used to keep privacy of the owner. The reason for this is that only private key owner knows
the key. Public key cryptography is used in key management process and also in signature of
application [13].
2.3.2 CA Server
CA (Certificate Authority) has an authority that issues digital certificates to web clients and
servers. Many public key infrastructure (PKI) use CA. The provider information of the digital
certificate requester is verified by the CA in a PKI [14].
5|Page
Chapter 2 Secure Mobile POS System
SAFE is a secure, reliable and convenient application that provides mobile financial
transactions. SAFE performs various type of financial transactions like m-Banking, m-
Commerce, m-Ticketing, m-Parking, m-Loans etc by using mobile phone or other hand-held
devices. It performs transaction between multiple banks, person to person, client to merchant
payments, and also non-banking mobile applications. SAFE system also supports to use
mobile prepaid accounts. It is one of the main feature of SAFE system [2] [3].
Different types of participant provide different type of services in SAFE system. Banks
provide registration, certification and financial services, security services providers provide
security services and clients initiate or receive financial transactions. All participants need to
be registered with the SAFE system. All participants’ registration data is stored in IDMS
6|P age
Chapter 2 Secure Mobile POS System
Our application is a continuation of the SAFE application so here we will follow the Generic,
Secure, and Modular methodology for the development of secure mobile application.
Several research projects have been done on mobile payment systems. But, not that many
researches are focused on a generic model for the POS system.
Allan P. et al. [11] has done their research on ‘Designing a Secure Point to Sale System’. In
their research they have designed point of sale system based of common criteria. This is
mostly a theoretical research. The good thing of the POS system model with input and output
data flow. In input data flow, POS application has bar code scanner, keyboard and payment
terminal and for output data flow it has printers and display. But it is based on implementation
and evaluation of design system. Also, the designed POS system is not for mobile
environment.
Another research by Carl and David [7] described ‘A Secure Wireless Point of Sale System'
where researchers have described mobile POS system using the Infra-red. They have
described wireless POS system, but they use a stationary device in POS of this research.
All other articles that we have studied are only about secure mobile financial payments. None
of those researches was done for designing a new flexible, user friendly and mobile POS
application.
7|Page
Secure Mobile POS System
In this chapter we describe the proposed system architecture. The details of this architecture
have also been described here. At the end of the chapter, the proposed solution has been
analyzed in respect to security.
3.1 Roles
A POS System includes different entities. The possible roles working in a POS environment
are as follows [11]:
Customer: Customers are the buyer of goods. Customers make orders for goods and pay for
goods.
Sales Person: Sales persons use POS device to select goods and to make bills for the
customer. Sales person also requests payment to the customers.
Manager: Managers are authorized persons who check the inventory, add/modify items in the
inventory, and check financial transactions.
Administrator: Administrators are used to install, maintain and configure POS system. In
some cases administrators also add users to the systems. An administrator needs to be a
trusted person.
Depending on the roles stated above, we have considered the following components in our
designed POS system. In this section we describe different component of the secure mobile
POS system with their functionalities.
Manager service package performs operations that could be done by the managers. Manager
service package consists of the following functionalities:
• Login/Logout
Employee service package includes the operations that could be done by the employee of any
business organization. The functionalities for an employee package are as follows:
• Login/Logout
• Login/Logout
9|Page
Chapter 3 Secure Mobile POS System
The main server management package handles communication and security issues of the
system. Several communication and transactions are performed by this package.
3.2.5 Inventory/Database
Inventory/database holds the information about the items that are sold in that business. It also
keeps record of transactions. Transaction information are saved in transactions database. The
information about the users are kept in the IDMS database.
We have designed and developed three different mobile applications for three different kinds
of users. Customers, employees and managers have their own applications to access the POS
server.
For admin user we have developed a Windows based application. Admin users use that
application to add or modify user information to the Local IDMS Server.
System architecture of our designed POS system is given in Figure 3.1. In our design the
admin user uses stationary computer to enter user data to the local database. Managers use
their smart phone or tablet devices to login to the POS system. Employees also use mobile
devices. In some cases employees may have extra POS device for handling the payment by
the customer. Employee's mobile device should have NFC (near field communication)
capabilities to handle mobile payment from the customer with NFC enables mobile devices.
CA server provides certificates to the entities. Our designed system is connected to the SAFE
system. If a user has a SAFE account, then he/she can pay their bills using their SAFE
account. The designed system is also connected to the bank IT server to handle payment of
the customer.
10 | P a g e
Chapter 3 Secure Mobile POS System
Bank SAFE
Accounts Accounts
DB DB
BANK IT SAFE
Server Payment Server
Internet
Network POS Server
Employee
Manager
Events
DB
POS Transaction
PoS Device
Inventory Server
Receipt DB
Wi-Fi
CA IDMS
Server Server
The internal architecture of our designed POS server is given in Figure 3.2. POS server
includes the following components.
-Inventory
-IDMS database
-Security Manager
-Transaction manager
-Communication Manager
11 | P a g e
Chapter 3 Secure Mobile POS System
The three mobile client applications (Manager application, employee application and
customer application) connect to the system through their respective APIs.
POS Server
Security Transaction
Manager manager
Communication IDMS DB
Manager
Message transaction cycle is shown in Figure 3.3. We have considered a situation where a
customer pays his/her bills using SAFE account. Generalized common message flow between
the customer, our designed POS server, and the SAFE server is the following:
2. Registered/authenticated
4. Service response
6. Payment confirmation
12 | P a g e
Chapter 3 Secure Mobile POS System
Customers use mobile devices to see the goods at a store. Message flow is shown in Figure
3.4. Common messages for the customer's mobile application are:
13 | P a g e
Chapter 3 Secure Mobile POS System
Customer
CA
2 Server
1
POS Communication POS Transaction
Server Server Events
Database VPN
POS
DB
Database
POS IDMS
IDMS Database Server
Server
Messages:
1 Customer searches for goods
The message flow for employee’s mobile application is shown in Figure 3.5. Common
messages for the employee's mobile application are:
14 | P a g e
Chapter 3 Secure Mobile POS System
Bank Accounts
SAFE Accounts
DB
DB
BANK IT SAFE
Server Server
1
7 7 CA
Receipt 3 5 Server
PoS Device
2 Events VPN
NFC POS Communication POS Transaction Database
Server Server
4 IDMS
POS Server
DB Database
Customer
Local IDMS
Server
Messages:
2 Employees order for goods 6 Employee send the payment receipt to the
customers mobile
3 Employees send bills to customer
7 Employees add/modify member list
4 Customer use their NFC mobile for
payment
15 | P a g e
Chapter 3 Secure Mobile POS System
Message flows for manager's mobile application is shown in Figures 3.6. Common messages
for manager's mobile application are: .
3. List transactions
Managers can ask the server for a list of transactions. The manager's mobile server sends a
request to POS server for the list of transactions and server sends the transaction list to the
manager's mobile device.
CA
Server
VPN
IDMS
Server
2 1
Transaction Messages:
3 DB
Manager POS Communication POS Transaction
Server Server
1 Add items to the inventory
16 | P a g e
Chapter 3 Secure Mobile POS System
Figure 3.7 shows message flow for the admin user application. Common messages for the
administrator's application are:
Bank Accounts
DB SAFE Accounts
BANK IT SAFE DB
Server Server
CA
Server
Transaction
POS POS Admin DB VPN
POS Communication 1 POS Transaction
Admin Station Server Server
Messages: Events IDMS
Server
DB
DB 2
1 Add/modify manager’s
information IDMS
Server
2 Add/modify employee’s
information
17 | P a g e
Chapter 3 Secure Mobile POS System
Login/ Logout
18 | P a g e
Chapter 3 Secure Mobile POS System
Mobile Client Application, POS Server, and SAFE Server has their own security manager.
Those security managers are responsible for authentication, key management and certificate
management.
Mobile client has user interface manager object, which handles all factors related to user
interface of the application. Communication manager object in mobile client and connection
manager object in POS server are responsible to handle the communication between these two
modules. The concurrency manager in POS server handles concurrent access to inventory by
different users of the mobile application.
Log manager in SAFE server keeps log of transactions. Trusted Certificate Authority issues
certificate to users. Customer's bank and restaurant's bank are also connected to the POS
server and SAFE system for financial transactions in between them.
In case of transaction through SAFE server, mobile POS server communicate with the SAFE server
for payment process. In other case, when a payment is not done using customer's SAFE account, POS
server directly communicate with bank's IT server. Request manger object in POS server checks the
request type and decide the process of communication to other organizations (SAFE server, bank's IT
server etc).
19 | P a g e
Chapter 3 Secure Mobile POS System
Security Manager
Security Manager
Key Certificates
Authentication Management Management
Concurrency Manager
Service Database
Manager Manager
Trusted
Certificate
Security Manager Authority
Authentication Key Certificates
Manager Management Management CA
Server
20 | P a g e
Chapter 3 Secure Mobile POS System
In this section we have provided the security analysis of the designed POS system.
3.8.1 Authentication
We have used mutual authentication between mobile client and the payment server of the
bank or the SAFE server. Because mutual authentication is a strong authentication that
prevents different attacks, like masquerade, password compromise, replay attacks etc. The CA
server issues certificates. Customers use their certificates and digital signatures to confirm
payments.
3.8.2 Confidentiality
Communication between mobile client and payment server is performed by the SSL/TSL
protocol through a secure channel. Also, we have used access control mechanism to ensure
the confidentiality of the data.
3.8.3 Integrity
Customers generate their digital signatures by using their private keys. Messages are signed
by the sender's private key. And only the respective receiver knows the senders public key
which have been shared before transaction data are transferred. The attacker doesn't know the
private key of the customer. If the attacker can eavesdrop the data on its way and modify it
and sign it and send it to the receiver, that will not work. Because the receiver will verify
digital signature of the sender and digital signatures will not be the same, which confirms the
integrity of the payment information.
3.8.4 Non-repudiation
The payment information is transferred in between the customer and the payment server by
using PKI. Private key of the customer and the payment server only the respective entities
which insure the non repudiation of the system.
3.8.5 Authorization
In our designed mobile POS system, different kind of users has different roles. It is very
important to have proper authorization of the users depending on their roles. We have used
role based access control method for the authorization of the users to their respective access
area.
21 | P a g e
Secure Mobile POS System
In this chapter the development environment of the implemented application based on the
proposed architecture has been described. We have also included screenshots of the
implemented application with description of them.
In this section we have described different development tools and environments, which have
been used for the implementation of the secure mobile point of sale application.
We have used Java technology to develop the admin application for the Windows
environment. Security features are also developed using Java cryptographic extensions [4].
In this demo application we have used MySQL as our database server. The reasons for
choosing MySQL server is because it is open source and also light-weight [16].
4.1.4 PHP
We have used PHP for the communication between MySQL database and mobile client
application to save and retrieve data from MySQL database server. We have used PHP,
because it is one of the best choices to communicate with MySQL database server [17].
22 | P a g e
Chapter 4 Secure Mobile POS System
We have used NetBeans IDE to develop graphical user interface (GUI) for Windows based
admin application. It is very easy to develop GUI with the help of NetBeans IDE [19].
4.2 Demonstration
In this section we have provided screenshots of the developed prototype for mobile POS
system. We have demonstrated three different mobile applications used by different entities
using the POS System. We have also provided screenshots of the Windows application used
by POS Admin.
We have considered a restaurant to demonstrate our designed POS system. Mobile POS
Applications are the following:
The screenshots for the customer application is provided here. In this demo we have
considered that a customer could be a registered member of a restaurant or he/she may not be
a member. The customers can search foods in the restaurant’s POS database, select items,
make order, and pay bills.
23 | P a g e
Chapter 4 Secure Mobile POS System
24 | P a g e
Chapter 4 Secure Mobile POS System
25 | P a g e
Chapter 4 Secure Mobile POS System
26 | P a g e
Chapter 4 Secure Mobile POS System
modify or delete item from the list. The customer can also add more items using the Add
More Items button.
27 | P a g e
Chapter 4 Secure Mobile POS System
28 | P a g e
Chapter 4 Secure Mobile POS System
29 | P a g e
Chapter 4 Secure Mobile POS System
30 | P a g e
Chapter 4 Secure Mobile POS System
Figure 4.13 Paid Order List Figure 4.14 Paid Single Order Details
Figure 4.15 Unpaid Order List Figure 4.16 Select Single Order for Payment
31 | P a g e
Chapter 4 Secure Mobile POS System
POS application for employees enables business organization to handle sales through the sales
persons. Here the employees login to the POS server to have access to the item list. The
details of the employee application with the screenshots are given bellow.
32 | P a g e
Chapter 4 Secure Mobile POS System
POS Settings screen is shown in Figure 4.19. In the POS settings option the employees enter
their device id and the version of their client software.
Figure 4.18 Main Screen for Employees Figure 4.19 POS Settings Screen
33 | P a g e
Chapter 4 Secure Mobile POS System
main screen for managers, which is shown in figure 4.23. Managers can view or modify the
inventory by selecting 'Inventory' option at the main screen. They can also check sales reports
by choosing 'List Transactions' option. The "POS System" is the option for the configuration
of the POS system.
Figure 4.22 Manager's Login Screen Figure 4.23 Main Screen for Managers
34 | P a g e
Chapter 4 Secure Mobile POS System
Manager registration screen is shown in Figure 4.25. Admin users play a vital role for the
business organization. The admin person needs to be a trusted person.
35 | P a g e
Chapter 4 Secure Mobile POS System
The employee registration screen is shown in Figure 4.26. The admin users enter all these data
to POS system. In some cases the data about the employees can be inserted by managers.
36 | P a g e
Secure Mobile POS System
In this chapter, our research has been concluded. Also future scopes of research within the
area have been discussed.
5.1 Conclusions
After analyzing the problem area, we have designed and implemented our secure mobile POS
application. Designed application will increase mobility for users of the POS application. In
our example, as we have described a restaurant mobile POS application, we can consider the
flexibilities of it. A manger can access the inventory as well as the sales report of the
restaurant, while he is not at the office. Employees can use mobile device while they are
standing besides customer add getting order from them. Customers can use their mobile
application to make the order to a restaurant for home delivery of their food. In a residential
hotel the customer can also make order using their mobile phone to the restaurant of the same
hotel to get their food delivered to their room. The designed application is secure enough,
because we have fulfilled all the security features that need to be considered, while
developing secure mobile application.
In this thesis we have mentioned several payment methods within our design, but not
implemented. Future research and development work can be done with different payment
methods introduced in the design section of this thesis. Also, we have tested the application
within the SecLab environment. The same application can be tested within the real m-
commerce environment, what also opens a new research scope.
37 | P a g e
Secure Mobile POS System
References
1. Mavridis, Ioannis; Pangalos, G.; Koukouvinos, T.; Muftic, S., "A secure payment system for
electronic commerce," Database and Expert Systems Applications, 1999. Proceedings. Tenth
International Workshop on , pp.832,836, 1999
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=795290&isnumber=17217 [Online]
[Cited: 3rd, April 2013]
2. Feng Zhang; Muftic, S.; Schmöelzer, G., "Secure service-oriented architecture for mobile
transactions," Internet Security (WorldCIS), 2011 World Congress on , pp.133,138, 21-23 Feb. 2011
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5749898&isnumber=5749844
[Online] [Cited: 3rd, April 2013]
3. F. Zhang, ‘Security Application for Financial Environment (SAFE) system’, Royal Institute of
Technology (KTH), Stockholm, Sweden
4. Abbasi, A.G.; Muftic, S.; Schmölzer, G., "A model and design of a security provider for Java
applications," Internet Technology and Secured Transactions, 2009. ICITST 2009. International
Conference for , pp.1,7, 9-12 Nov. 2009
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5402592&isnumber=5402499
[Online] [Cited: 3rd, April 2013]
5. Scientific method, http://philosophy.hku.hk/think/sci/hd.php [Online] [Cited: 24th, March 2013]
6. Qualitative Case Study Methodology: Study Design and Implementation for Novice Researchers,
The Qualitative Report, Volume 13, Number, 4 December 2008 544-559
URL: http://www.nova.edu/ssss/QR/QR13-4/baxter.pdf [Online] [Cited: 24th, March 2013]
7. Debono, C.J.; Busuttil, D., "A secure wireless point of sale system," EUROCON - International
Conference on Computer as a Tool (EUROCON), 2011 IEEE , pp.1,4, 27-29 April 2011
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5929195&isnumber=5929030
[Online] [Cited: 4th, April 2013]
8. Nguyen, T. N T; Shum, P.; Chua, E. H., "Secure end-to-end mobile payment system," Mobile
Technology, Applications and Systems, 2005 2nd International Conference on , pp.4, 15-17 Nov. 2005
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1656771&isnumber=34698 [Online]
[Cited: 4th, April 2013]
9. Manvi, S. S.; Bhajantri, L.B.; Vijayakumar, M.A., "Secure Mobile Payment System in Wireless
Environment," Future Computer and Communication, 2009. ICFCC 2009. International Conference
on , pp.31,35, 3-5 April 2009
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5189737&isnumber=5189730
[Online] [Cited: 5th, April 2013]
xv | P a g e
References Secure Mobile POS System
10. Antovski, L.; Gusev, M., "M-payments," Information Technology Interfaces, 2003. ITI 2003.
Proceedings of the 25th International Conference on , pp.95,100, 16-19 June 2003
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1225328&isnumber=27508 [Online]
[Cited: 4th, April 2013]
11. Pedersen, A.; Partner, N.; Hedegaard, A.; Sharp, R., "Designing a secure point-of-sale system,"
Information Assurance, 2006. IWIA 2006. Fourth IEEE International Workshop on , pp.15 pp.,65, 13-
14 April 2006
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1609999&isnumber=33798 [Online]
[Cited: 5th, April 2013]
12. S. Britto R. Kumar, S. Albert Rabara, and J. Ronal Martin. 2009. MPCS: a Secure Mobile Payment
Consortia System for higher educational institutions. In Proceedings of the 2nd International
Conference on Interaction Sciences: Information Technology, Culture and Human (ICIS '09). ACM,
New York, NY, USA, pp. 571-579. URL:http://doi.acm.org/10.1145/1655925.1656029
13. Vesna Hassler. Security Fundamentals for E-Commerce. Computer Security Series. Artech House,
second edition, 2000.
14. W. Stallings, Network Security Essentials, Low price edition, Pearson Educations, 2000
15. Ali, T.; Awal, M.A., "Secure mobile communication in m-payment system using NFC
technology," Informatics, Electronics & Vision (ICIEV), 2012 International Conference on ,
pp.133,136, 18-19 May 2012
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6317453&isnumber=6317321
[Online] [Cited: 15th, April 2013]
16. Why MySQL, https://www.mysql.com/why-mysql/ [Online] [Cited: 15th, April 2013]
17. What is PHP, http://www.php.net/manual/en/intro-whatis.php [Online] [Cited: 16th, April 2013]
18. Why use Eclipse?, http://www.eclipsezone.com/eclipse/forums/t100199.html [Online] [Cited:
18th, April 2013]
19. NetBeans IDE, https://netbeans.org/features/index.html [Online] [Cited: 20th, April 2013]
20. Android, the world's most popular mobile platform, http://developer.android.com/about/index.html
[Online] [Cited: 20th, April 2013]
xvi | P a g e
TRITA-ICT-EX-2013:77
www.kth.se