NFC (Near Field Communication)近場通訊技術日趨普遍,其快速配對以及僅提供近距離通訊 (20公分以內)的特性為傳統商家實體交易提供行動付款良好基礎;然而,在目前NFC安全標準中,金鑰協議部分所使用的消費者公鑰為固定值,據以應用在行動支付上恐有造成消費者隱私遭侵犯之疑慮。本論文提出一次性公鑰的概念,並據以提出以此概念與技術結合NFC通訊的付款模式,使整體NFC付費機制具有不可鏈結性、不可觀測性、不可否認性、雙向鑑別、資料私密性以及資料完整性等六項功能,確保消費者隱私的安全NFC電子行動付款機制,為數位網路化的社會提供安全且保護隱私的付款機能。 NFC (Near Field Communication), this short-range wireless communication technology has become increasingly common in recent years. Due to its rapid pairing and the only short-range communication (less than 20 cm), providing a good foundation for mobile payment in in-store transactions. However, user’s public key is a fixed value during the key agreement process in the NFC international standard. It is difficult to protect privacy in this case. This study proposes the concept of one-time public key and designs a NFC electronic mobile payment protocol not only provides unlinkability, unobservability, non-repudiation, mutual authentication, confidentiality and integrity but also ensures the protection of consumer’s privacy. The study provides a securing and privacy preserving payment procedure for the digitized and networked society.
