CHAPTER 1
THE PROBLEM AND ITS BACKGROUND
A. Introduction
There are many alternative ways in paying for goods and/or services, and one of them is the mobile payment. In replacement to the payment associated with cash, cheque or credit cards, it could be better if one can instead use even a low-end mobile phone to pay for a wide range of services or goods. With this kind of payment, an individual can avail goods and services without the hassle of going from one place to another or finding an ATM machine. This kind of payment system gives an individual the advantage of acquiring goods and services anytime and/or anywhere.
Radio-frequency identification (RFID) is the use of a wireless non-contact system that uses radio-frequency electromagnetic fields to transfer data from a tag attached to an object, for the purposes of automatic identification and tracking. RFID can be used as an alternative to the existing magnetic stripe used by credit and debit card companies today. Fingerprint authentication can also be used as an alternative to the existing PIN-based security system of the magnetic stripe keycards.
Mobile payment system has the ability to move banking and financial system to any kind of cellphones, from low-end to high end. The RFID associated with the mobile payment system can give more security, with the fingerprint authentication before any transaction could be processed.
B. Objectives of the Study
General:
The main purpose of the study is to develop a low-cost prototype of a payment system with the use of mobile phones and RFID, and fingerprint scanner for further authentication, for an easier and more secured banking system and facility to any kind of cellular phones.
Specific:
Magnetic stripe keycards have been first introduced in the year 1960, and had been used to many applications. Until now, they are still used by many companies, mainly credit and debit car d companies. Although they are still used, there are now better technologies than them. One problem of the magnetic stripe is that they can be easily destroyed, so it requires maintenance. They tend to scratch easily and can have its magnetic encoding damaged by proximity magnets such as magnetic clasps on wallets. Also, they don’t offer the same level of security compared to other cards. It also requires close contact operation which can be a disadvantage to some people.
As of today, RFID is now being developed and is being used widely for many applications. RFID, or Radio Frequency Identification, is a technology that uses radio frequencies for the purpose of identification and tracking of assets, animals and traffic. It uses a wireless non-contact system that uses radio-frequency electromagnetic fields to transfer data. RFID tags are now being used by industries. The reading of this does not require direct contact and optical sight unlike in magnetic stripe keycards. Also, the tags do not require much maintenance compared to magnetic stripe because they can work in dirty and contaminated areas. They can resist to environmental difficulties such as thermal, chemical and mechanical surroundings; therefore they are more durable. Some companies had already replaced magnetic stripe keycards by RFID.
As of today, almost all of the people in the world have mobile phones, from low-end to high-end. Since internet and ATM’s are not always available, this can be a great reason to have a mobile banking system that can give even low-end phones access. It is also more convenient for busy and budget-conscious people to acquire goods and services without the hassle of going from one place to another.
Biometrics identifications such as a fingerprint of an individual are a better access to identification than security pins installed in ATM’s and other applications. Some passwords are easily predictable and can be easily broken. It can be also stolen while it is being punched in a system.
D. Statement of the Problem
The main problem of this study is to determine the performance of mobile-payment system using RFID and GSM network. The study specifically answered the following questions:
This study is deemed significant because it would provide a low-cost prototype of a mobile and RFID based payment system with fingerprint authentication, which can give a person even with a low-end mobile phone to have access to financial services anywhere. It can also give a person an easier, hassle free, mode of paying majorly in shopping malls. This can also give people a more secured and convenient way of payment system. It can also give users protection against unauthorized access with the fingerprint authentication associated with this project. It can also provide a security system that will prevent problems in faking identity cards, guessing of passwords by unauthorized people, misplacing access cards, and forgetting passwords. People who own cellphones and the RFID can easily have access with this payment system. It is also significant as it is studied to be able to provide an economical, cheaper circuit and devices for the mobile-payment system.
Thus, this study provides the basis for a modern way of payment system that gives an easier and more secured access.
F. Scope and Delimitations
The scopes of this project are:
CHAPTER II
PROJECT CONCEPT
In 2009, Elvira Swanson, a spokesperson for Visa, and Randy Vanderhoof, the executive director of the Smart Card Alliance, both stated categorically that RFID-enabled credit cards are more secure than cards with data stored on magnetic stripes. One reason is that during the transaction, the card never leaves a consumer's hand. In many cases, you have to hand over a magnetic stripe card to a waiter or gas station attendant to swipe, thereby providing an opportunity for that individual to swipe the card through a device that can capture all of the card's information, and potentially photocopy the back so that the signature can be forged.
According to Elvira Swanson in September 15, 2009, a magnetic stripe card contains the card holder's name, a 16-digit credit card number, an expiration date and a credit verification value (CVV)—a three- or four-digit number used in transactions in which the card is not present and the signature cannot be verified (mainly, online purchases). With this information, the card can then be cloned and the new card would be indistinguishable from the original. A criminal could also conduct transactions online without a problem. RFID-enabled cards retain their magnetic stripe, so they can be used with existing point-of-sale terminals. Therefore, the information is still vulnerable. But the chip in the RFID transponder has additional security features that credit-card companies say make it more secure. Each time the card is used for a legitimate transaction, the chip generates a new CVV—which is different from the one printed on the card—and communicates that CVV to the network, which uses it to validate the next transaction. If someone were to skim information off the card, that person could not clone the card since the CVV is only good for a single transaction.
The electronic CVV is invalid for online transactions. So if a criminal skimmed a credit card and obtained the electronic CVV, and then tried to use it to buy something at a Web site that conducted a CVV check, the transaction would be rejected. The only way a skimmed card could be used online would be to purchase something at a site that doesn't check either the cardholder's name or the printed CVV. One benefit of RFID-enabled cards is that you are not handing over your card to a waiter or gas station attendant, who can then write down you credit-card number and the printed CVV, and use the card for online purchases.
In addition, Vanderhoof in September 2010 says, newer contactless cards host a key that creates a dynamic cryptogram—usually a three-digit security code—that is sent to the back-end system to uniquely identify each contactless transaction. The key used to create the cryptogram from the credit-card number, expiration date and so forth is never broadcast, so it cannot be skimmed using an RFID reader. Thus, there is no way to utilize a cloned card to execute a transaction at a store that accepts contactless payments. RFID-enabled cards retain their magnetic stripe, so they can be used with existing point-of-sale terminals. Therefore, the information is still vulnerable. But the chip in the RFID transponder has additional security features that credit-card companies say make it more secure. Each time the card is used for a legitimate transaction, the chip generates a new CVV—which is different from the one printed on the card—and communicates that CVV to the network, which uses it to validate the next transaction. If someone were to skim information off the card, that person could not clone the card since the CVV is only good for a single transaction. The electronic CVV is invalid for online transactions. So if a criminal skimmed a credit card and obtained the electronic CVV, and then tried to use it to buy something at a Web site that conducted a CVV check, the transaction would be rejected. The only way a skimmed card could be used online would be to purchase something at a site that doesn't check either the cardholder's name or the printed CVV. One benefit of RFID-enabled cards is that you are not handing over your card to a waiter or gas station attendant, who can then write down you credit-card number and the printed CVV, and use the card for online purchases.
In addition, Vanderhoof in September 2010 says, newer contactless cards host a key that creates a dynamic cryptogram—usually a three-digit security code—that is sent to the back-end system to uniquely identify each contactless transaction. The key used to create the cyrptogram from the credit-card number, expiration date and so forth is never broadcast, so it can not be skimmed using an RFID reader. Thus, there is no way to utilize a cloned card to execute a transaction at a store that accepts contactless payments. The key can't be skimmed since it isn't broadcast, so it's impossible to skim the key and clone the tag. Moreover, a new CVV is generated dynamically and sent to the back-end system for verification of the next transaction. This makes it very difficult to spoof the system and run a fraudulent transaction at a retailer that accepts contactless cards. And since the CVV dynamically generated by the RFID-enabled card differs from the one printed on the card, a skimmed CVV can't be used for an online transaction at any site that performs a printed CVV check.
According to Seattle Organic SEO in March 22, 2012, with mobile payments, you don’t have to risk your inputting your credit card information over and over again. They will just require you to sign up once and provide your credit card information. After that, you only have to log in to your preferred mobile payment account, and your purchases will be immediately credited. Sellers also benefit from increased security. With so many mobile payment systems to choose from, sellers can ensure that the system they do equip their website with is the type that can prevent hackers and unscrupulous individuals from availing of virtual purchases without making any actual payment. Mobile payments also allow people to simply log-in to their accounts in order to complete their purchases. Other times, they only have to submit their mobile phone for scanning and the amount of their purchases will be credited immediately to the user’s card.The same goes for sellers. They no longer have to undergo a tediously long process just to verify a buyer’s identity and preferred method for payment.
In 2012, Matt Koble says that biometric fingerprint scanners introduce an entirely new level of security to whatever the scanner is used for. Passwords can be cracked and locks can be picked, but it's a lot more difficult to fake a fingerprint. Granted, thieves are resourceful and will probably figure out ways to bypass this method, too, but they won't be as simple as sticking a file into a lock or figuring out somebody's password. Biometric technology comes in many different forms, from facial and eye scanners to voice recognition systems, but none have proven as accurate as fingerprint biometrics, which is why it has become the most widely used biometric security measure. In the off chance that something goes wrong and the reader won't accept your fingerprint, there is usually a backup method of access such as a password or key. With biometric finger scanning, you don't have to worry about misplacing your key or not remembering a password. Since the technology uses your fingerprint to either allow or deny access, the only way to lose your key would be to lose your finger, which likely won't happen. Despite what you may think, biometric fingerprint scanning is actually quite affordable. If you want a personal scanner for your computer you can easily find one for under $100 as of early 2010. With this kind of affordability, there's no reason not to get one if you've got stuff that needs to stay secure. If you choose a good model from a reputable vendor of biometric equipment, you will have a secure lock for as long as you need one. Your fingerprints will change very little, if at all, during your entire lifetime, and most of that change only happens to the elderly. This means that unless you are present and putting your finger to the reader that lock will not open, giving you a reliable and mode of security that you can put your faith in.
A new study from Juniper Research last July 5, 2012, has determined that the total value of mobile payments for digital and physical goods, money transfers and NFC (Near Field Communications) transactions will reach $670bn by 2015, up from $240bn this year. These forecasts represent the gross merchandise value of all purchases or the value of money being transferred. The new Mobile Payment Strategies report revealed that all segments will exhibit 2x to 3x growth over the next five years. This growth will be driven by the rapid adoption of mobile ticketing, NFC contactless payments, physical goods purchases and money transfers as people in both developed and developing countries use their devices for everyday transactions. Some 20 countries are expected to launch NFC services in the next 18 months, resulting in transactions approaching $50 billion worldwide by 2014. Meanwhile the need for financial access in developing countries is such that active mobile money users will double by 2013 and drive transaction values accordingly. Senior analyst David Snow explained: “Our analysis shows that emerging segments such as physical goods payments, NFC and money transfers will fuel market growth by a factor of 2.7 times by 2015. Digital goods is the largest segment and, although forecast to more than double, it is not growing as quickly as some of the newer segments.”
A.2 Related Studies
In 2009, Engr.Dhanalakshmi M and Engr.Uppala Mamatha made a project named RFID Based Library Management System. The RFID based LMS facilitates the fast issuing, reissuing and returning of books with the help of RFID enabled modules. It directly provides the book information and library member information to the library management system and does not need the manual typing. It also provides monitoring and searching system. The monitoring module will continuously monitor the movement of books across the gates, so that the books taken out without prior issuing will be traced out easily and will alarm the librarians. The searching module provides the fast searching of books using RFID handheld reader. The physical location of the books can be easily located using this module. The project uses Workabout Pro UHF RFID handheld reader manufactured by Psion Teklogix, operating at 869.5 MHz. It has Windows Embedded CE 5.0 and full VGA, daylight readable touch screen display and well laid out backlit keyboard. This device is used for searching Module. The project also uses the Mercury4 RFID reader manufactured by ThingMagic supporting four antennas, operating at UHF ranges of 865-870MHz, 902-928MHz and 950-956MHz. The reader supports the transfer of data to a remote computer over a network connection. The reader do support tag protocols of EPC Class 0, EPC Class 1, ISO 18000-6B, EPC Gen2. The antennas manufactured by Tyco electronics are used in this project. RFID Tags used in the project are EPCglobal Generation2 (Gen2) UHF passive tags which have the 96 bits memory for hexadecimal data storage. It operates at Ultra High Frequency (850 MHz to 950 MHz) range. UHF technology was chosen for library application due to its long read range, speed of frequency and low cost. The read range of mercury 4 reader is up to 2 meters, which is sufficient to monitor the movement of books across the gates. The read range of psionteklogix handheld reader is up to 30 cms which will be useful for locating a particular book in a rack. With the new EPC Global Gen 2 standard, over 1000 tags can be read per second in applications where they are insulated from RF noise. UHF also has the option to slow down the read process to 100 tags per second with high reliability in RF noisy applications. All of these benefits make the UHF technology the ideal choice for Library applications. RFID in the library speeds up book borrowing, monitoring, books searching processes and thus frees staff to do more user-service tasks. But the performance varies with respect to the vendors of RFID readers and tags. The efficient utilization of the technology also depends upon the information to be written in tag. Experimental results with respect to effectiveness of RFID reader position, tag position are presented in the paper. The work is in progress to setup the same in CDAC library. Developments in RFID technology continue to yield larger memory capacities, wider reading ranges, and faster processing.
On 2011, Ankit Anil Agarwal designed a project with the title “RFID Based Automatic Shopping Cart”. According to the author, large grocery stores are nowadays used by millions of people for the acquisition of an enlarging number of products. Product acquisition represents a complex process that comprises time spent in corridors, product location and checkout queues. On the other hand, it is becoming increasingly difficult for retailers to keep their clients loyal and to predict their needs due to the influence of competition and the lack of tools that discriminate consumption patterns. The architectural implementation of the system and the main end to this system is to allow the consumer a new way of shopping. When arriving at the supermarket, the consumer heads towards a shopping cart that has a technological system on its handle-bar which consists in a touch-screen monitor a client card automatic reader, a positioning transmitter and a product reader. Nevertheless, all these technologies become transparent to the consumer because only monitor interaction will occur. Through the client card, the consumer logs in to the system; the system then welcomes the consumer and displays the shopping list. With the help of the shopping cart’s navigation system, the client is directed to the locations where the products in the shopping list can be found. The client places the products in the shopping cart the usual way and begins to receive multiple information: the products found inside the cart; the ones missing; total paying amount; total promotion savings; product details; amongst others. If the client needs 200g of sliced cheese from the cheese-dairy section, it can be ordered through the system. By passing the wine aisle, a message appears referring to an interesting promotion on the client’s favourite red wine. The client places two bottles in the shopping cart because one of them is free. Meanwhile, a message adverts that the sliced cheese order is available near the cheese-dairy section. The client passes through and places it on the cart. Suddenly, it comes to her/his mind she/he has not thought of the dinner yet and checks the recipes that the system has to offer. By choosing a recipe, the client orders the system to add to the shopping list the needed products and sends the recipe to the client’s e-mail box. After the remaining products are found in the shopping cart, the client heads towards the exit where it is not necessary waiting to pay. At the exit, the client sees on a screen the list of products in the cart, the total paying amount and the total promotional savings and offerings. The client confirms the payment through the client-card and leaves the previous scenario completely revolutionizes the present way of shopping. There is a much bigger integration and interaction between consumer, retailer and advertisers. This new system acts as an intermediate for the different intervening agents allowing several not yet possible functionalities. The consumer’s “intelligent” shopping cart automatically identifies the cart’s contents due to the integrated product reader. The sent and received information passes through the wireless IEEE 802.11b access points that are spread all over the supermarket and communicate with the application server where all the information regarding the system’s business logic can be found. This server also enables communication with the retailer’s back-end system. The shopping cart positioning transmitter sends its location to the diverse receptors connected to a protected server that gathers information about routes and current cart location sending it to the applicational server for processing. Client’s shopping lists will be made through the access to their internet accounts connected to the entire system. Advertisers and suppliers also communicate through the internet with the applicational server so they can collect data to analyse promotion efficiency and to offer clients real-time personalised promotions and offers. This way, added value services are created for all the involved agents, allowing them to benefit from several advantages which will be numbered next in the business model. The main technological objective for our presented solution is the usage of RFID technology for the automatic product identification inside the shopping cart thus eliminating consumer intervention in the process of product reading for payment. Nowadays, the usage of barcode for product identification presents several limitations: only the product’s class is identified; information is static; allows one single reading at a time; requires line-of sight; has low range and security. RFID technology is more resistant, safer, identifies products in a unique way, can provide other types of information, can make several simultaneous readings, doesn’t need line-of-sight and
it has a high range. So that automatic product identification is possible all existing products inside the supermarket need to be identified with RFID tags and each shopping cart must have an RFID reader. The range of the RIFD reader must not extend beyond the horizontal shopping cart limits so that reading products inside other shopping carts or on shelves does not happen. Nevertheless, range cannot be less than the cart’s limits with consequence of not identifying products that are inside the shopping cart but out of the reader’s range. Vertically, the reader should be able to identify products down to the floor, since there are shopping carts where you can place products from 20 cm above the ground and to about 1,5 m higher than the handle bar since there are both tall products and excessively filled carts. The RFID reader should be able to read all the tags no matter the material (paper, plastic, metal, etc) they are inserted into. By suggesting a single RFID reader per cart, we are thinking not only in terms of costs, battery duration and data quantity but also in preventing colliding readings in cases when more than one reader is used, something which increases the complexity level. The usage of RFIDs in this solution comprehend benefits such as increasing safety and the consequent reduction in product loss, reduced human intervention and error, increased speed in involved processes, unique identification of products with additional information and availability of realtime information, amongst others. Besides the advantage of accessing real-time information about the diverse products inside the shopping cart, the client can also be helped by the navigation system, meaning that they can be guided through the supermarket avoiding time losses that occur when searching for products in unknown locations. Through the interactive map that shows product location and the shopping cart’s current position, it is then possible to follow the route indicated by the map to reach the desired product. There will be immediate updates of the cart’s position any time it is moved by the consumer. To make this possible, a shopping cart positioning technology is required in several supermarket locations so that the permanent monitoring enables real-time cart position updates. The choice of a positioning technology to our solution is particularly difficult because of the diverse characteristics each technology presents. Aspects such as range, energy consumption, safety, precision, amongst others, are important for our solution. Yet, the optimal characteristics are not gathered in one single technology.
I.Research Hypothesis
RFID
RFID (radio frequency identification) is a technology that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency (RF) portion of the electromagnetic spectrum to uniquely identify an object, animal, or person. RFID is coming into increasing use in industry as an alternative to the bar code. The advantage of RFID is that it does not require direct contact or line-of-sight scanning. An RFID system consists of three components: an antenna and transceiver (often combined into one reader) and atransponder (the tag). The antenna uses radio frequency waves to transmit a signal that activates the transponder. When activated, the tag transmits data back to the antenna. The data is used to notify a programmable logic controller that an action should occur. The action could be as simple as raising an access gate or as complicated as interfacing with a database to carry out a monetary transaction. Low-frequency RFID systems (30 KHz to 500 KHz) have short transmission ranges (generally less than six feet). High-frequency RFID systems (850 MHz to 950 MHz and 2.4 GHz to 2.5 GHz) offer longer transmission ranges (more than 90 feet). In general, the higher the frequency, the more expensive the system. RFID is sometimes called dedicated short range communication (DSRC).
Fingerprint Identification
It is an image left on a smooth surface by the pattern of the pad of a distal phalanx. The distinctive pattern of loops and whorls represents the fine ridges marking the skin. Because each individual's fingerprints are unique, a classification system of the patterns is useful in identifying individuals
GSM
GSM (Global System for Mobile communication) is a digital mobile telephony system that is widely used in Europe and other parts of the world. GSM uses a variation of time division multiple access (TDMA) and is the most widely used of the three digital wireless telephony technologies (TDMA, GSM, and CDMA). GSM digitizes and compresses data, then sends it down a channel with two other streams of user data, each in its own time slot. It operates at either the 900 MHz or 1800 MHz frequency band.
CVV
The card security code (CSC), sometimes called card verification data (CVD), card verification value (CVV or CVV2), card verification value code (CVVC), card verification code (CVC or CVC2), verification code (V-code or V code), card code verification (CCV), or signature panel code (SPC) are different terms for security features for credit or debit cardtransactions, providing increased protection for the merchants against credit card fraud.
MICROCONTROLLER
A microcontroller (sometimes abbreviated µC, uC or MCU) is a small computer on a single integrated circuit containing a processor core, memory, and programmable input/output peripherals. Program memory in the form of NOR flash or OTP ROM is also often included on chip, as well as a typically small amount of RAM. Microcontrollers are designed for embedded applications, in contrast to the microprocessors used in personal computers or other general purpose applications.
BIOMETRICS
Biometrics (or biometric authentication) refers to the identification of humans by their characteristics or traits. Biometrics is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.
ATM
An automated teller machine or automatic teller machine (ATM) (American, Australianand Indian English), also known as an automated banking machine (ABM) in Canadian English, and a Cashpoint , cash machine or sometimes a hole in the wall in British English, is a computerized telecommunications device that provides the clients of a financial institution with access to financial transactions in a public space without the need for a cashier, human clerk or bank teller. ATMs are known by various other names including ATM machine, automated banking machine, and various regional variants derived from trademarkson ATM systems held by particular banks.
SMS
Short Message Service (SMS) is a text messaging service component of phone, web, or mobile communication systems, using standardized communications protocols that allow the exchange of short text messages between fixed line or mobile phone devices.
CHAPTER 3
METHODOLOGY
3.1 Problem Definition
As of today wherein the world is having more advanced technology as time goes by, more people desires to have more things to be made easier and more convenient for them. Some of the main concerns of individuals are bills payment, consuming some products, and consuming some services. As of today, there are now existing systems for faster payments of different products, anytime, anywhere, since some people do not have enough time in going from one place to another to settle payments and the like. But most of these payments system requires much money, and some system lacks other features for an easier system of payment.
For the solution of this, the author developed a device with the purpose of giving an easier mode of mobile payment to anyone, even the ones with the low-end cellphones. This device can also be used in many applications like cashless transactions in shopping malls, transactions anytime, anywhere, and the like.
3.2 Research Method
3.2.1 Data Gathering and Survey
On August 28, 2012, Dave Goldberg, had a survey focused on mobile payment systems, addressing their rise in popularity, concerns the public has about security, and comparing convenience to their credit card counterparts. He and his group surveyed over 600 mobile phone users to get their opinions on the matter.
In association with these, the author conducted a survey to learn about the people’s view about the proposed project. The result became the basis to pursue the study. (The results are in Chapter 4).
The author consulted some engineering experts about the components to be used and the system design.
3.3 Project Conceptualization and Design
During the development of this low cost mobile payment system, the principle and operation of the parts used for the project were linked together. Below is the block diagram of the prototype:
Block diagram of the prototype.
First there will be a GSM connected to the MCU. The purpose of the GSM is to digitize and compress data received from the mobile phone and then send it to the MCU. The MCU then process the data and send it to the computer. The computer will then process the data, and send back the processed data to the MCU, and the MCU will send back data to the GSM, then the GSM will send the said data to the mobile phone. But the computer will only process the data if the code sent from the cellphone is correct, otherwise it will send a message to the phone saying what needs to be corrected on the format of the SMS the user sent. There will be certain transactions that will not need an SMS from the mobile phone, but will instead need the identification and authentication of the user. One example is when a cashier sends data to the computer and changes a part of the to-be-paid bills of the user. The RFID and fingerprint scanner will be then used for the said transactions. The computer will not process the data unless the RFID and the fingerprint scanner matched the details of the registered mobile number in their system.
3.4 Project Actualization
The autuhor first conceptualized the functionality of the project and proposed the title afterwards. Then, the author consulted some experts' feedbacks and also gathered information from them about the proposed title. After obtaining all the necessary informations, chapters 1, 2 and 3 were made and prepared for the defense. Revisions were also made as advised.
As part of the gathering of necessary information, the author tested the functionality of all the parts that should be used. The author experimented circuits to be able to come up with the final circuit design. Revisions on the circuit design were also made from the consults of some experts and the results of the experimentation. After this, the author transferred the components into a printed circuit board (PCB). The circuit was again tested for its reliability and functionality.
The prototype provided a passive RFID reader and a fingerprint scanner for the purpose of identification and authentication. The passive RFID reader can read tags up to a meter away. This is associated with a passive RFID tag.When radio waves from the reader are encountered by a passive RFID tag, the coiled antenna within the tag forms a magnetic field. The tag draws power from it, energizing the circuits in the tag. The tag then sends the information encoded in the tag's memory. The computer will not fully process the information sent until the individual uses the fingerprint scanner associated with the prototype. If the fingerprint scanner matches the biometric of the registered mobile number in the computer that will be the time the computer will process all the needed data.
The prototype has the capacity to send feedbacks to registered mobile numbers in the system. Connected to the computer of the prototype is the microcontroller unit. The microcontroller unit has the ability to transfer data to the GSM module. After the data is processed by the computer, the MCU sends this to the GSM, and the GSM sends this to the mobile number registered in the system. Thus, the cellphone of the user is updated with every transaction made with his or her account in the computer. The cellphone also has the ability to send data to the GSM, and the GSM will transfer the received data to the MCU. The MCU will then transfer this to the computer and process the data. The computer might sometimes need the identification and authentication of the fingerprint and RFID tag of the user to fully process the data.
The prototype also has the capacity to transact with the computer using the user’s own mobile phones with the mobile number registered. This is made possible with the GSM module connected to the MCU and the MCU connected to the computer. This kind of transaction (mobile-based only transaction) will not require the RFID tag and the fingerprint to be scanned, but instead require a code from the SMS sent, to be able to fully process data by the computer.
3.5 Project Testing
Below is the list of the conditions that were followed in testing the whole project:
1. The mobile number and the password code, the RFID and the fingerprint of the user must be first registered to the computer before the start of any transaction with the prototype.
2. The first transaction with the prototype must give SMS feedback. The prototype must always send SMS feedback via the GSM module to the registered mobile number to the computer for every transaction made.
3. The computer with the help of the MCU and the GSM must only process the data when both the RFID and the fingerprint of the user match the registered mobile number in the computer.
4. The computer with the help of the MCU and GSM must only process data send over SMS if the password code contained in the SMS matches the registered mobile number. This is applicable to transactions that do not need the appearance of the RFID and the fingerprint of the user.
5. At the end of every transaction, the prototype (the computer with the help of the MCU and GSM) must give updates to the user via SMS. The prototype must as well send errors in every transaction that will fail.
3.6 Project Evaluation
The prototype was evaluated in terms of its functionality, ease of operation, safety and workability.
1. FUNCTIONALITY
The device should be used properly. All the capabilities of the device must be performed accordingly. Its capabilities must be only for the convenience and benefit of the consumers.
2. EASE OF OPERATION
The operation of the prototype must be easily understood by consumers with just a very basic knowledge about fingerprint scanner, RFID and SMS. Displays must be easily understood and identified by the user.
3. SAFETY
The user must be aware of how their privacy about their passwords and other forms of identification like the RFID can become a threat. The user must always take care of these.
4. WORKABILITY
In case of technical problems (repair, installation, replacement) with the device, technical support must be available in the market.
BIBLIOGRAPHY:
Websites:
http://electronics.howstuffworks.com/question537.htm
http://www.technovelgy.com/ct/technology-article.asp?artnum=47
http://www.tentacletech.com/RFID.asp
http://www.infordata.pro/support/index/detail/id/55
http://www.wikipedia.com
http://my.safaribooksonline.com/book
Journals:
Mary Catherine O'Connor (7 January 2008). "RFID Is Key to Car Clubs' Success". RFID Journal.
Books:
Daniel M. Dobkin, The RF in RFID: Passive UHF RFID In Practice, Newnes 2008
Robert Edwards (1987). "Optimizing the Zilog Z8 Forth Microcontroller for Rapid Prototyping"
THE PROBLEM AND ITS BACKGROUND
A. Introduction
There are many alternative ways in paying for goods and/or services, and one of them is the mobile payment. In replacement to the payment associated with cash, cheque or credit cards, it could be better if one can instead use even a low-end mobile phone to pay for a wide range of services or goods. With this kind of payment, an individual can avail goods and services without the hassle of going from one place to another or finding an ATM machine. This kind of payment system gives an individual the advantage of acquiring goods and services anytime and/or anywhere.
Radio-frequency identification (RFID) is the use of a wireless non-contact system that uses radio-frequency electromagnetic fields to transfer data from a tag attached to an object, for the purposes of automatic identification and tracking. RFID can be used as an alternative to the existing magnetic stripe used by credit and debit card companies today. Fingerprint authentication can also be used as an alternative to the existing PIN-based security system of the magnetic stripe keycards.
Mobile payment system has the ability to move banking and financial system to any kind of cellphones, from low-end to high end. The RFID associated with the mobile payment system can give more security, with the fingerprint authentication before any transaction could be processed.
B. Objectives of the Study
General:
The main purpose of the study is to develop a low-cost prototype of a payment system with the use of mobile phones and RFID, and fingerprint scanner for further authentication, for an easier and more secured banking system and facility to any kind of cellular phones.
Specific:
- To be able to construct a complete system of mobile-payment with the use of RFID, fingerprint authentication, mobile cellphones and GSM network for SMS
Magnetic stripe keycards have been first introduced in the year 1960, and had been used to many applications. Until now, they are still used by many companies, mainly credit and debit car d companies. Although they are still used, there are now better technologies than them. One problem of the magnetic stripe is that they can be easily destroyed, so it requires maintenance. They tend to scratch easily and can have its magnetic encoding damaged by proximity magnets such as magnetic clasps on wallets. Also, they don’t offer the same level of security compared to other cards. It also requires close contact operation which can be a disadvantage to some people.
As of today, RFID is now being developed and is being used widely for many applications. RFID, or Radio Frequency Identification, is a technology that uses radio frequencies for the purpose of identification and tracking of assets, animals and traffic. It uses a wireless non-contact system that uses radio-frequency electromagnetic fields to transfer data. RFID tags are now being used by industries. The reading of this does not require direct contact and optical sight unlike in magnetic stripe keycards. Also, the tags do not require much maintenance compared to magnetic stripe because they can work in dirty and contaminated areas. They can resist to environmental difficulties such as thermal, chemical and mechanical surroundings; therefore they are more durable. Some companies had already replaced magnetic stripe keycards by RFID.
As of today, almost all of the people in the world have mobile phones, from low-end to high-end. Since internet and ATM’s are not always available, this can be a great reason to have a mobile banking system that can give even low-end phones access. It is also more convenient for busy and budget-conscious people to acquire goods and services without the hassle of going from one place to another.
Biometrics identifications such as a fingerprint of an individual are a better access to identification than security pins installed in ATM’s and other applications. Some passwords are easily predictable and can be easily broken. It can be also stolen while it is being punched in a system.
D. Statement of the Problem
The main problem of this study is to determine the performance of mobile-payment system using RFID and GSM network. The study specifically answered the following questions:
- Is there a significant need for a payment system designed for any kind of mobile phone?
- Who are the main target users that will greatly benefit from this payment system?
- What differences can be noticed from the current way of payment system?
- What will be the effect of this modification to the market?
- How much would it affect the hardware’s cost in the market today?
- Can this modification create impact in the industry?
This study is deemed significant because it would provide a low-cost prototype of a mobile and RFID based payment system with fingerprint authentication, which can give a person even with a low-end mobile phone to have access to financial services anywhere. It can also give a person an easier, hassle free, mode of paying majorly in shopping malls. This can also give people a more secured and convenient way of payment system. It can also give users protection against unauthorized access with the fingerprint authentication associated with this project. It can also provide a security system that will prevent problems in faking identity cards, guessing of passwords by unauthorized people, misplacing access cards, and forgetting passwords. People who own cellphones and the RFID can easily have access with this payment system. It is also significant as it is studied to be able to provide an economical, cheaper circuit and devices for the mobile-payment system.
Thus, this study provides the basis for a modern way of payment system that gives an easier and more secured access.
F. Scope and Delimitations
The scopes of this project are:
- This project can be used by any mobile phone, from low-end to high-end, anywhere and anytime.
- It is composed of an RFID as its device for identification, a mobile phone that send SMS to access accounts, an computer to store data, a GSM to transfer data, an MCU; and give SMS feedbacks, and a fingerprint reader for a more secured authentication.
- The project is a user-friendly device. A user must simply know how to use the SMS and the basics of RFID and fingerprints.
CHAPTER II
PROJECT CONCEPT
- Review of Related Literature and Studies
In 2009, Elvira Swanson, a spokesperson for Visa, and Randy Vanderhoof, the executive director of the Smart Card Alliance, both stated categorically that RFID-enabled credit cards are more secure than cards with data stored on magnetic stripes. One reason is that during the transaction, the card never leaves a consumer's hand. In many cases, you have to hand over a magnetic stripe card to a waiter or gas station attendant to swipe, thereby providing an opportunity for that individual to swipe the card through a device that can capture all of the card's information, and potentially photocopy the back so that the signature can be forged.
According to Elvira Swanson in September 15, 2009, a magnetic stripe card contains the card holder's name, a 16-digit credit card number, an expiration date and a credit verification value (CVV)—a three- or four-digit number used in transactions in which the card is not present and the signature cannot be verified (mainly, online purchases). With this information, the card can then be cloned and the new card would be indistinguishable from the original. A criminal could also conduct transactions online without a problem. RFID-enabled cards retain their magnetic stripe, so they can be used with existing point-of-sale terminals. Therefore, the information is still vulnerable. But the chip in the RFID transponder has additional security features that credit-card companies say make it more secure. Each time the card is used for a legitimate transaction, the chip generates a new CVV—which is different from the one printed on the card—and communicates that CVV to the network, which uses it to validate the next transaction. If someone were to skim information off the card, that person could not clone the card since the CVV is only good for a single transaction.
The electronic CVV is invalid for online transactions. So if a criminal skimmed a credit card and obtained the electronic CVV, and then tried to use it to buy something at a Web site that conducted a CVV check, the transaction would be rejected. The only way a skimmed card could be used online would be to purchase something at a site that doesn't check either the cardholder's name or the printed CVV. One benefit of RFID-enabled cards is that you are not handing over your card to a waiter or gas station attendant, who can then write down you credit-card number and the printed CVV, and use the card for online purchases.
In addition, Vanderhoof in September 2010 says, newer contactless cards host a key that creates a dynamic cryptogram—usually a three-digit security code—that is sent to the back-end system to uniquely identify each contactless transaction. The key used to create the cryptogram from the credit-card number, expiration date and so forth is never broadcast, so it cannot be skimmed using an RFID reader. Thus, there is no way to utilize a cloned card to execute a transaction at a store that accepts contactless payments. RFID-enabled cards retain their magnetic stripe, so they can be used with existing point-of-sale terminals. Therefore, the information is still vulnerable. But the chip in the RFID transponder has additional security features that credit-card companies say make it more secure. Each time the card is used for a legitimate transaction, the chip generates a new CVV—which is different from the one printed on the card—and communicates that CVV to the network, which uses it to validate the next transaction. If someone were to skim information off the card, that person could not clone the card since the CVV is only good for a single transaction. The electronic CVV is invalid for online transactions. So if a criminal skimmed a credit card and obtained the electronic CVV, and then tried to use it to buy something at a Web site that conducted a CVV check, the transaction would be rejected. The only way a skimmed card could be used online would be to purchase something at a site that doesn't check either the cardholder's name or the printed CVV. One benefit of RFID-enabled cards is that you are not handing over your card to a waiter or gas station attendant, who can then write down you credit-card number and the printed CVV, and use the card for online purchases.
In addition, Vanderhoof in September 2010 says, newer contactless cards host a key that creates a dynamic cryptogram—usually a three-digit security code—that is sent to the back-end system to uniquely identify each contactless transaction. The key used to create the cyrptogram from the credit-card number, expiration date and so forth is never broadcast, so it can not be skimmed using an RFID reader. Thus, there is no way to utilize a cloned card to execute a transaction at a store that accepts contactless payments. The key can't be skimmed since it isn't broadcast, so it's impossible to skim the key and clone the tag. Moreover, a new CVV is generated dynamically and sent to the back-end system for verification of the next transaction. This makes it very difficult to spoof the system and run a fraudulent transaction at a retailer that accepts contactless cards. And since the CVV dynamically generated by the RFID-enabled card differs from the one printed on the card, a skimmed CVV can't be used for an online transaction at any site that performs a printed CVV check.
According to Seattle Organic SEO in March 22, 2012, with mobile payments, you don’t have to risk your inputting your credit card information over and over again. They will just require you to sign up once and provide your credit card information. After that, you only have to log in to your preferred mobile payment account, and your purchases will be immediately credited. Sellers also benefit from increased security. With so many mobile payment systems to choose from, sellers can ensure that the system they do equip their website with is the type that can prevent hackers and unscrupulous individuals from availing of virtual purchases without making any actual payment. Mobile payments also allow people to simply log-in to their accounts in order to complete their purchases. Other times, they only have to submit their mobile phone for scanning and the amount of their purchases will be credited immediately to the user’s card.The same goes for sellers. They no longer have to undergo a tediously long process just to verify a buyer’s identity and preferred method for payment.
In 2012, Matt Koble says that biometric fingerprint scanners introduce an entirely new level of security to whatever the scanner is used for. Passwords can be cracked and locks can be picked, but it's a lot more difficult to fake a fingerprint. Granted, thieves are resourceful and will probably figure out ways to bypass this method, too, but they won't be as simple as sticking a file into a lock or figuring out somebody's password. Biometric technology comes in many different forms, from facial and eye scanners to voice recognition systems, but none have proven as accurate as fingerprint biometrics, which is why it has become the most widely used biometric security measure. In the off chance that something goes wrong and the reader won't accept your fingerprint, there is usually a backup method of access such as a password or key. With biometric finger scanning, you don't have to worry about misplacing your key or not remembering a password. Since the technology uses your fingerprint to either allow or deny access, the only way to lose your key would be to lose your finger, which likely won't happen. Despite what you may think, biometric fingerprint scanning is actually quite affordable. If you want a personal scanner for your computer you can easily find one for under $100 as of early 2010. With this kind of affordability, there's no reason not to get one if you've got stuff that needs to stay secure. If you choose a good model from a reputable vendor of biometric equipment, you will have a secure lock for as long as you need one. Your fingerprints will change very little, if at all, during your entire lifetime, and most of that change only happens to the elderly. This means that unless you are present and putting your finger to the reader that lock will not open, giving you a reliable and mode of security that you can put your faith in.
A new study from Juniper Research last July 5, 2012, has determined that the total value of mobile payments for digital and physical goods, money transfers and NFC (Near Field Communications) transactions will reach $670bn by 2015, up from $240bn this year. These forecasts represent the gross merchandise value of all purchases or the value of money being transferred. The new Mobile Payment Strategies report revealed that all segments will exhibit 2x to 3x growth over the next five years. This growth will be driven by the rapid adoption of mobile ticketing, NFC contactless payments, physical goods purchases and money transfers as people in both developed and developing countries use their devices for everyday transactions. Some 20 countries are expected to launch NFC services in the next 18 months, resulting in transactions approaching $50 billion worldwide by 2014. Meanwhile the need for financial access in developing countries is such that active mobile money users will double by 2013 and drive transaction values accordingly. Senior analyst David Snow explained: “Our analysis shows that emerging segments such as physical goods payments, NFC and money transfers will fuel market growth by a factor of 2.7 times by 2015. Digital goods is the largest segment and, although forecast to more than double, it is not growing as quickly as some of the newer segments.”
A.2 Related Studies
In 2009, Engr.Dhanalakshmi M and Engr.Uppala Mamatha made a project named RFID Based Library Management System. The RFID based LMS facilitates the fast issuing, reissuing and returning of books with the help of RFID enabled modules. It directly provides the book information and library member information to the library management system and does not need the manual typing. It also provides monitoring and searching system. The monitoring module will continuously monitor the movement of books across the gates, so that the books taken out without prior issuing will be traced out easily and will alarm the librarians. The searching module provides the fast searching of books using RFID handheld reader. The physical location of the books can be easily located using this module. The project uses Workabout Pro UHF RFID handheld reader manufactured by Psion Teklogix, operating at 869.5 MHz. It has Windows Embedded CE 5.0 and full VGA, daylight readable touch screen display and well laid out backlit keyboard. This device is used for searching Module. The project also uses the Mercury4 RFID reader manufactured by ThingMagic supporting four antennas, operating at UHF ranges of 865-870MHz, 902-928MHz and 950-956MHz. The reader supports the transfer of data to a remote computer over a network connection. The reader do support tag protocols of EPC Class 0, EPC Class 1, ISO 18000-6B, EPC Gen2. The antennas manufactured by Tyco electronics are used in this project. RFID Tags used in the project are EPCglobal Generation2 (Gen2) UHF passive tags which have the 96 bits memory for hexadecimal data storage. It operates at Ultra High Frequency (850 MHz to 950 MHz) range. UHF technology was chosen for library application due to its long read range, speed of frequency and low cost. The read range of mercury 4 reader is up to 2 meters, which is sufficient to monitor the movement of books across the gates. The read range of psionteklogix handheld reader is up to 30 cms which will be useful for locating a particular book in a rack. With the new EPC Global Gen 2 standard, over 1000 tags can be read per second in applications where they are insulated from RF noise. UHF also has the option to slow down the read process to 100 tags per second with high reliability in RF noisy applications. All of these benefits make the UHF technology the ideal choice for Library applications. RFID in the library speeds up book borrowing, monitoring, books searching processes and thus frees staff to do more user-service tasks. But the performance varies with respect to the vendors of RFID readers and tags. The efficient utilization of the technology also depends upon the information to be written in tag. Experimental results with respect to effectiveness of RFID reader position, tag position are presented in the paper. The work is in progress to setup the same in CDAC library. Developments in RFID technology continue to yield larger memory capacities, wider reading ranges, and faster processing.
On 2011, Ankit Anil Agarwal designed a project with the title “RFID Based Automatic Shopping Cart”. According to the author, large grocery stores are nowadays used by millions of people for the acquisition of an enlarging number of products. Product acquisition represents a complex process that comprises time spent in corridors, product location and checkout queues. On the other hand, it is becoming increasingly difficult for retailers to keep their clients loyal and to predict their needs due to the influence of competition and the lack of tools that discriminate consumption patterns. The architectural implementation of the system and the main end to this system is to allow the consumer a new way of shopping. When arriving at the supermarket, the consumer heads towards a shopping cart that has a technological system on its handle-bar which consists in a touch-screen monitor a client card automatic reader, a positioning transmitter and a product reader. Nevertheless, all these technologies become transparent to the consumer because only monitor interaction will occur. Through the client card, the consumer logs in to the system; the system then welcomes the consumer and displays the shopping list. With the help of the shopping cart’s navigation system, the client is directed to the locations where the products in the shopping list can be found. The client places the products in the shopping cart the usual way and begins to receive multiple information: the products found inside the cart; the ones missing; total paying amount; total promotion savings; product details; amongst others. If the client needs 200g of sliced cheese from the cheese-dairy section, it can be ordered through the system. By passing the wine aisle, a message appears referring to an interesting promotion on the client’s favourite red wine. The client places two bottles in the shopping cart because one of them is free. Meanwhile, a message adverts that the sliced cheese order is available near the cheese-dairy section. The client passes through and places it on the cart. Suddenly, it comes to her/his mind she/he has not thought of the dinner yet and checks the recipes that the system has to offer. By choosing a recipe, the client orders the system to add to the shopping list the needed products and sends the recipe to the client’s e-mail box. After the remaining products are found in the shopping cart, the client heads towards the exit where it is not necessary waiting to pay. At the exit, the client sees on a screen the list of products in the cart, the total paying amount and the total promotional savings and offerings. The client confirms the payment through the client-card and leaves the previous scenario completely revolutionizes the present way of shopping. There is a much bigger integration and interaction between consumer, retailer and advertisers. This new system acts as an intermediate for the different intervening agents allowing several not yet possible functionalities. The consumer’s “intelligent” shopping cart automatically identifies the cart’s contents due to the integrated product reader. The sent and received information passes through the wireless IEEE 802.11b access points that are spread all over the supermarket and communicate with the application server where all the information regarding the system’s business logic can be found. This server also enables communication with the retailer’s back-end system. The shopping cart positioning transmitter sends its location to the diverse receptors connected to a protected server that gathers information about routes and current cart location sending it to the applicational server for processing. Client’s shopping lists will be made through the access to their internet accounts connected to the entire system. Advertisers and suppliers also communicate through the internet with the applicational server so they can collect data to analyse promotion efficiency and to offer clients real-time personalised promotions and offers. This way, added value services are created for all the involved agents, allowing them to benefit from several advantages which will be numbered next in the business model. The main technological objective for our presented solution is the usage of RFID technology for the automatic product identification inside the shopping cart thus eliminating consumer intervention in the process of product reading for payment. Nowadays, the usage of barcode for product identification presents several limitations: only the product’s class is identified; information is static; allows one single reading at a time; requires line-of sight; has low range and security. RFID technology is more resistant, safer, identifies products in a unique way, can provide other types of information, can make several simultaneous readings, doesn’t need line-of-sight and
it has a high range. So that automatic product identification is possible all existing products inside the supermarket need to be identified with RFID tags and each shopping cart must have an RFID reader. The range of the RIFD reader must not extend beyond the horizontal shopping cart limits so that reading products inside other shopping carts or on shelves does not happen. Nevertheless, range cannot be less than the cart’s limits with consequence of not identifying products that are inside the shopping cart but out of the reader’s range. Vertically, the reader should be able to identify products down to the floor, since there are shopping carts where you can place products from 20 cm above the ground and to about 1,5 m higher than the handle bar since there are both tall products and excessively filled carts. The RFID reader should be able to read all the tags no matter the material (paper, plastic, metal, etc) they are inserted into. By suggesting a single RFID reader per cart, we are thinking not only in terms of costs, battery duration and data quantity but also in preventing colliding readings in cases when more than one reader is used, something which increases the complexity level. The usage of RFIDs in this solution comprehend benefits such as increasing safety and the consequent reduction in product loss, reduced human intervention and error, increased speed in involved processes, unique identification of products with additional information and availability of realtime information, amongst others. Besides the advantage of accessing real-time information about the diverse products inside the shopping cart, the client can also be helped by the navigation system, meaning that they can be guided through the supermarket avoiding time losses that occur when searching for products in unknown locations. Through the interactive map that shows product location and the shopping cart’s current position, it is then possible to follow the route indicated by the map to reach the desired product. There will be immediate updates of the cart’s position any time it is moved by the consumer. To make this possible, a shopping cart positioning technology is required in several supermarket locations so that the permanent monitoring enables real-time cart position updates. The choice of a positioning technology to our solution is particularly difficult because of the diverse characteristics each technology presents. Aspects such as range, energy consumption, safety, precision, amongst others, are important for our solution. Yet, the optimal characteristics are not gathered in one single technology.
I.Research Hypothesis
- RFID-based ATM is more secured than an ATM that has magnetic strips
- RFID-based ATM is more secured and less vulnerable to fraudulent uses than an ATM with magnetic strips
- Mobile payment is more convenient especially to busy and budget-conscious people, and to people who are far from payment transactions that requires your physical appearance
RFID
RFID (radio frequency identification) is a technology that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency (RF) portion of the electromagnetic spectrum to uniquely identify an object, animal, or person. RFID is coming into increasing use in industry as an alternative to the bar code. The advantage of RFID is that it does not require direct contact or line-of-sight scanning. An RFID system consists of three components: an antenna and transceiver (often combined into one reader) and atransponder (the tag). The antenna uses radio frequency waves to transmit a signal that activates the transponder. When activated, the tag transmits data back to the antenna. The data is used to notify a programmable logic controller that an action should occur. The action could be as simple as raising an access gate or as complicated as interfacing with a database to carry out a monetary transaction. Low-frequency RFID systems (30 KHz to 500 KHz) have short transmission ranges (generally less than six feet). High-frequency RFID systems (850 MHz to 950 MHz and 2.4 GHz to 2.5 GHz) offer longer transmission ranges (more than 90 feet). In general, the higher the frequency, the more expensive the system. RFID is sometimes called dedicated short range communication (DSRC).
Fingerprint Identification
It is an image left on a smooth surface by the pattern of the pad of a distal phalanx. The distinctive pattern of loops and whorls represents the fine ridges marking the skin. Because each individual's fingerprints are unique, a classification system of the patterns is useful in identifying individuals
GSM
GSM (Global System for Mobile communication) is a digital mobile telephony system that is widely used in Europe and other parts of the world. GSM uses a variation of time division multiple access (TDMA) and is the most widely used of the three digital wireless telephony technologies (TDMA, GSM, and CDMA). GSM digitizes and compresses data, then sends it down a channel with two other streams of user data, each in its own time slot. It operates at either the 900 MHz or 1800 MHz frequency band.
CVV
The card security code (CSC), sometimes called card verification data (CVD), card verification value (CVV or CVV2), card verification value code (CVVC), card verification code (CVC or CVC2), verification code (V-code or V code), card code verification (CCV), or signature panel code (SPC) are different terms for security features for credit or debit cardtransactions, providing increased protection for the merchants against credit card fraud.
MICROCONTROLLER
A microcontroller (sometimes abbreviated µC, uC or MCU) is a small computer on a single integrated circuit containing a processor core, memory, and programmable input/output peripherals. Program memory in the form of NOR flash or OTP ROM is also often included on chip, as well as a typically small amount of RAM. Microcontrollers are designed for embedded applications, in contrast to the microprocessors used in personal computers or other general purpose applications.
BIOMETRICS
Biometrics (or biometric authentication) refers to the identification of humans by their characteristics or traits. Biometrics is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.
ATM
An automated teller machine or automatic teller machine (ATM) (American, Australianand Indian English), also known as an automated banking machine (ABM) in Canadian English, and a Cashpoint , cash machine or sometimes a hole in the wall in British English, is a computerized telecommunications device that provides the clients of a financial institution with access to financial transactions in a public space without the need for a cashier, human clerk or bank teller. ATMs are known by various other names including ATM machine, automated banking machine, and various regional variants derived from trademarkson ATM systems held by particular banks.
SMS
Short Message Service (SMS) is a text messaging service component of phone, web, or mobile communication systems, using standardized communications protocols that allow the exchange of short text messages between fixed line or mobile phone devices.
CHAPTER 3
METHODOLOGY
3.1 Problem Definition
As of today wherein the world is having more advanced technology as time goes by, more people desires to have more things to be made easier and more convenient for them. Some of the main concerns of individuals are bills payment, consuming some products, and consuming some services. As of today, there are now existing systems for faster payments of different products, anytime, anywhere, since some people do not have enough time in going from one place to another to settle payments and the like. But most of these payments system requires much money, and some system lacks other features for an easier system of payment.
For the solution of this, the author developed a device with the purpose of giving an easier mode of mobile payment to anyone, even the ones with the low-end cellphones. This device can also be used in many applications like cashless transactions in shopping malls, transactions anytime, anywhere, and the like.
3.2 Research Method
3.2.1 Data Gathering and Survey
On August 28, 2012, Dave Goldberg, had a survey focused on mobile payment systems, addressing their rise in popularity, concerns the public has about security, and comparing convenience to their credit card counterparts. He and his group surveyed over 600 mobile phone users to get their opinions on the matter.
- · 54% of all respondents have used some form of payment service on their mobile phone
- ·
- · 57% still think credit cards are more convenient than mobile payment systems
- ·
In association with these, the author conducted a survey to learn about the people’s view about the proposed project. The result became the basis to pursue the study. (The results are in Chapter 4).
The author consulted some engineering experts about the components to be used and the system design.
3.3 Project Conceptualization and Design
During the development of this low cost mobile payment system, the principle and operation of the parts used for the project were linked together. Below is the block diagram of the prototype:
Block diagram of the prototype.
First there will be a GSM connected to the MCU. The purpose of the GSM is to digitize and compress data received from the mobile phone and then send it to the MCU. The MCU then process the data and send it to the computer. The computer will then process the data, and send back the processed data to the MCU, and the MCU will send back data to the GSM, then the GSM will send the said data to the mobile phone. But the computer will only process the data if the code sent from the cellphone is correct, otherwise it will send a message to the phone saying what needs to be corrected on the format of the SMS the user sent. There will be certain transactions that will not need an SMS from the mobile phone, but will instead need the identification and authentication of the user. One example is when a cashier sends data to the computer and changes a part of the to-be-paid bills of the user. The RFID and fingerprint scanner will be then used for the said transactions. The computer will not process the data unless the RFID and the fingerprint scanner matched the details of the registered mobile number in their system.
3.4 Project Actualization
The autuhor first conceptualized the functionality of the project and proposed the title afterwards. Then, the author consulted some experts' feedbacks and also gathered information from them about the proposed title. After obtaining all the necessary informations, chapters 1, 2 and 3 were made and prepared for the defense. Revisions were also made as advised.
As part of the gathering of necessary information, the author tested the functionality of all the parts that should be used. The author experimented circuits to be able to come up with the final circuit design. Revisions on the circuit design were also made from the consults of some experts and the results of the experimentation. After this, the author transferred the components into a printed circuit board (PCB). The circuit was again tested for its reliability and functionality.
The prototype provided a passive RFID reader and a fingerprint scanner for the purpose of identification and authentication. The passive RFID reader can read tags up to a meter away. This is associated with a passive RFID tag.When radio waves from the reader are encountered by a passive RFID tag, the coiled antenna within the tag forms a magnetic field. The tag draws power from it, energizing the circuits in the tag. The tag then sends the information encoded in the tag's memory. The computer will not fully process the information sent until the individual uses the fingerprint scanner associated with the prototype. If the fingerprint scanner matches the biometric of the registered mobile number in the computer that will be the time the computer will process all the needed data.
The prototype has the capacity to send feedbacks to registered mobile numbers in the system. Connected to the computer of the prototype is the microcontroller unit. The microcontroller unit has the ability to transfer data to the GSM module. After the data is processed by the computer, the MCU sends this to the GSM, and the GSM sends this to the mobile number registered in the system. Thus, the cellphone of the user is updated with every transaction made with his or her account in the computer. The cellphone also has the ability to send data to the GSM, and the GSM will transfer the received data to the MCU. The MCU will then transfer this to the computer and process the data. The computer might sometimes need the identification and authentication of the fingerprint and RFID tag of the user to fully process the data.
The prototype also has the capacity to transact with the computer using the user’s own mobile phones with the mobile number registered. This is made possible with the GSM module connected to the MCU and the MCU connected to the computer. This kind of transaction (mobile-based only transaction) will not require the RFID tag and the fingerprint to be scanned, but instead require a code from the SMS sent, to be able to fully process data by the computer.
3.5 Project Testing
Below is the list of the conditions that were followed in testing the whole project:
1. The mobile number and the password code, the RFID and the fingerprint of the user must be first registered to the computer before the start of any transaction with the prototype.
2. The first transaction with the prototype must give SMS feedback. The prototype must always send SMS feedback via the GSM module to the registered mobile number to the computer for every transaction made.
3. The computer with the help of the MCU and the GSM must only process the data when both the RFID and the fingerprint of the user match the registered mobile number in the computer.
4. The computer with the help of the MCU and GSM must only process data send over SMS if the password code contained in the SMS matches the registered mobile number. This is applicable to transactions that do not need the appearance of the RFID and the fingerprint of the user.
5. At the end of every transaction, the prototype (the computer with the help of the MCU and GSM) must give updates to the user via SMS. The prototype must as well send errors in every transaction that will fail.
3.6 Project Evaluation
The prototype was evaluated in terms of its functionality, ease of operation, safety and workability.
1. FUNCTIONALITY
The device should be used properly. All the capabilities of the device must be performed accordingly. Its capabilities must be only for the convenience and benefit of the consumers.
2. EASE OF OPERATION
The operation of the prototype must be easily understood by consumers with just a very basic knowledge about fingerprint scanner, RFID and SMS. Displays must be easily understood and identified by the user.
3. SAFETY
The user must be aware of how their privacy about their passwords and other forms of identification like the RFID can become a threat. The user must always take care of these.
4. WORKABILITY
In case of technical problems (repair, installation, replacement) with the device, technical support must be available in the market.
BIBLIOGRAPHY:
Websites:
http://electronics.howstuffworks.com/question537.htm
http://www.technovelgy.com/ct/technology-article.asp?artnum=47
http://www.tentacletech.com/RFID.asp
http://www.infordata.pro/support/index/detail/id/55
http://www.wikipedia.com
http://my.safaribooksonline.com/book
Journals:
Mary Catherine O'Connor (7 January 2008). "RFID Is Key to Car Clubs' Success". RFID Journal.
Books:
Daniel M. Dobkin, The RF in RFID: Passive UHF RFID In Practice, Newnes 2008
Robert Edwards (1987). "Optimizing the Zilog Z8 Forth Microcontroller for Rapid Prototyping"