Affiliations: Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung, Taiwan, R.O.C. | Department of Graduate Institute of Informatics, Doctoral Program, Chaoyang University of Technology, Taichung, Taiwan, R.O.C. | Department of Information Management, Chaoyang University of Technology, Taichung, Taiwan, R.O.C.
Note: [] Corresponding author: Chin-Ling Chen, Associate Professor, Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung, Taiwan 41349, R.O.C. Tel.: +886 4 23323000/Ext.: 4761; Tel.: +886 919668805; Fax: +886 4 23742375; E-mails: clc@mail.cyut.edu.tw (C.-L. Chen); allen.nubi@gmail.com (Y.-Y. Deng); hwtseng@cyut.edu.tw (H.-W. Tseng).
Abstract: Technical innovation has made radio frequency identification (RFID) systems a part of the average person's daily life, providing many conveniences. As RFID systems use wireless transmission, user privacy may be compromised by malicious people intercepting the information contained in the RFID tags. In spite of RFID systems inheriting some defects from earlier forms of wireless transmission, they hold much promise for novel applications. In this paper, we propose a secure mobile commercial system based on the mobile RFID reader. Once users enroll in a membership-based store, they can query, purchase merchandise, accumulate coupons and redeem them for prizes, using a mobile RFID reader. The proposed scheme achieves essential security requirements, which prevent several kinds of attack between RFID tag and reader, also satisfy mutual authentication and conforming to EPC C1G2 standards. Our scheme also has acceptable time complexity, communication cost and data transmission time. The proposed scheme is practicable.
Keywords: RFID, mobile commerce, mobile trade, mutual authentication, EPC C1G2 standards