A Secure M-Commerce System based on credit card transaction

•The SMoSS does not require extra restrictions and resources on cash flow.•Credit card fraud can be effectively avoided.•Our analysis shows that the SMoSS is indeed a feasible mobile shopping system.•The SMoSS can still protect a mobile phone, even the mobile phone is lost.•The SMoSS can ensure the communication privacy, integrity, and non-repudiation.

Nowadays the demands for wireless Internet shopping are increasing. But credit card fraud has been serious, and SET and SSL have their own problems. To enhance the security of online shopping, in this paper, we propose a secure m-commerce scheme, called the Secure M-Commerce System (SMCS for short), with which users can create a safe credit-card transaction for Internet shopping. Basically, the SMCS coordinates the cash flow of a trading system and its credit card entities to effectively protect the issued transactions against different attacks and avoid information leakage. The proposed system also employs a Data Connection Core (DCC for short) to link the card-issuing bank and consumers before their wireless communication starts so as to significantly improve the security level of our m-commerce environment. Theoretical analysis shows that the SMCS is more secure than SET and SSL. The performance analysis indicates that the SMCS is indeed a feasible m-commerce system.