SecureSMSPay: Secure SMS Mobile Payment model

In this paper, we introduce a secure mobile payment model suitable for macro transactions that compromise cost, simplicity, security, and performance of transaction, with minimum number of cryptography key usages, and less encryption/decryption operations compared to other models. This model can use symmetric and asymmetric cryptography without the need of trusted 3rd parties or even PKI complexity. It is based on SMS as a transport channel which provides the capability to send transactions to payer not to payee; as usually done in most current payment transaction models. The payer receives a secured SMS message (invoice) waiting his/her confirmation (yes/no). Each entity in the payment system payer/payee trusts only his/her bank respectively, so the transaction will always go through trusted nodes. The payer/payee can also use any bank payment instrument (credit card, debit card, or even current account) without revealing confidential data during the payment. This model can be applied on any payment application e.g. e-check, money transfer, e-commerce, and even normal EFTPOS transactions with leverage infrastructure supporting the above mentioned payment applications.