Implementation of a secure USIM COS architecture for mobile payment applications

In this paper, a secure architecture for mobile payment applications is designed, which combines public service platform, Trusted Service Manager(TSM) and Security Element Financial Certification Security Domain(SE FCSD). The architecture interconnects various platforms, authenticates the identity of transaction parties and detects the legality of applications. In the architecture, a more reliable secure channel protocol SCP10 is used to secure the confidentiality and integrity of data. Using NFC Universal Subscriber Identifier Module Card (NFC USIM card) as the hardware platform, a security element supporting the architecture is implemented, and also a USIM Chip Operating System (USIM COS) supporting both financial certification security domain and SCP10 protocol is designed. In order to improve the efficiency of identity authentication of USIM card, a compact digital certification is adopted to improve verification speed and save storage space. The experiment results and security tests show that the USIM COS has advantages of security and reliability, and it has commercial value and has achieved effective mobile payments.