M-Identity and Its Authentication Protocol for Secure Mobile Commerce Applications

Mobile commerce (m-commerce) delivers value-added services to existing customers and creates new market opportunities. However, establishing a secure m-commerce platform that offers high level of service can be challenging. This paper proposes a biometric-based digital identity authentication (BDIA) protocol targeted at m-commerce applications. In the BDIA protocol, m-identity includes both user and his/her mobile device. M-identity is defined as a user’s biometric feature(s) taken by his/her bound mobile camera. And a watermark is embedded in the captured biometric images. The embedding key of the watermark is generated from mobile device parameters and is shared with the central server. M-identity combines the identity of mobile device into the biometrics images. Only the genuine owner whose biometric information captured by his/her registered mobile device can pass m-identity authentication. Fingerprint biometrics is taken as an example, to show how BDIA works.