1

HC VIN CNG NGH BU CHNH VIN THNG

---------------------------------------




Nguyn Quang Minh



NGHIN CU, XY DNG
H THNG MOBILE PAYMENT TRN 3G



Chuyn ngnh: Truyn d liu v Mng my tnh
M s: 60.48.15


TM TT LUN VN THC S K THUT



NGI HNG DN KHOA HC: TS. V VN THO






H NI 2012

2


M U
Nhu cu thanh ton ca khch hng trong khi di chuyn l c thc, Cc nh cung cp dch v di
ng ti Vit Nam cung cp dch v di ng trn 3G, vng ph sng rng, s lng ngi s
dng in thoi i ng cao. Cc yu cu v k thut cng ngh, c bit l vn bo mt trn
mng 3G c m bo v an ton hn. Nhiu gii php, thit b, h tng cho lnh vc thanh
ton da trn Mobile Payment c pht trin v gii thiu, nhiu m hnh kinh doanh Mobile
Payment c a ra, to ra s a dng trong vic cung cp dch v. Phng thc thanh ton khng
dng tin mt c pht trin rt mnh ti nhiu nc, c cc chnh ph khuyn khch s
dng v c rt nhiu t chc p dng, do vic thanh ton da trn in thoi di ng s l mt
knh thanh ton khng dng tin mt c nhiu tim nng pht trin, c th l xu hng trong
thi gian ti. Vit Nam c th coi l th trng c tim nng rt ln khai thc cc dch v thanh
ton di ng. Vic cung cp cc gii php thanh ton trn in thoi di ng cho khch hng l ht
sc cn thit.
V mt php l, Chnh ph ban hnh Lut thanh ton in t v c nhng ngh nh v vn
bn khung hng dn thc hin dch v thanh ton.
T nhng phn tch trn, tc gi thy rng dch v thanh ton di ng ni chung v dch v
thanh ton di ng trn 3G ni ring c rt nhiu tim nng v iu kin thun li pht trin, c
th ni l rt kh thi ti Vit Nam trong thi im hin ti v cn c nghin cu chuyn su hn
c th ng dng rng ri trong i sng. Tuy nhin, vn cn nhng vn an ninh, bo
mt, cn c nghin cu chuyn su v gii quyt trit l cho cho h thng thanh ton di
ng an ton hn, thng minh hn, hiu qu hn v c th thay th cc loi thanh ton khc. Tc
gi thy rng vic chn ti Nghin cu, xy dng h thng Mobile Payment trn 3G
nghin cu trong lun vn thc s k thut ca mnh s l hng i ng n v thit thc, c tnh
kh thi cao, c ngha v mt l thuyt v ng dng thc t.
Trong khun kh v gii hn ca lun vn, tc gi s tp trung tm hiu nhng vn bo mt
h thng thanh ton di ng, c bit i su vo phn tch nhng vn v gii php lin quan n
bo mt mng 3G v bo mt cho H thng thanh ton di ng trn 3G. V phng php nghin
cu s tp trung tm hiu mt s gii php cng ngh v bo mt mng 3G v bo mt h thng
Mobile Payment trn 3G tm ra c nhng im mnh, im yu v hn ch bo mt ca mi
gii php, t xut v la chn gii php bo mt ph hp nht, c tnh kh thi cao nht i
vi h thng Mobile Payment trn 3G.
V mt b cc, Lun vn c trnh by gm cc ni dung chnh sau:
M u
Chng 1: Tng quan v Mobile Payment
3

Chng 2: Mt s vn v bo mt cho h thng Mobile Payment trn 3G
Chng 3: xut xy dng h thng Mobile Payment trn 3G.
Kt lun
CHNG 1: TNG QUAN V MOBILE PAYMENT
1.1. Gii thiu v h thng Mobile Payment
1.1.1. Khi nim Mobile Payment
Cc h thng thanh ton m bo cho ngi th hng nhn c ng s tin m ngi tr
tin chi tr. Thanh ton di ng (MP-Mobile Payment) c hiu l thanh ton hay tr tin di
ng. Trong thi gian gn y, nhu cu thc hin giao dch thanh ton di ng ca khch hng
xut hin. S pht trin ca cng ngh truyn thng khng dy cung cp kh nng truy cp mng
v thc hin cc giao dch thanh ton bng cch s dng cc thit b di ng nh nh in thoi di
ng, my tnh xch tay, hoc cc thit b k thut s khc. Vic thc hin mt giao dch thanh ton
trong c t nht mt bn lin quan l mt ngi s dng thit b di ng c gi l thanh ton
di ng. Thanh ton di ng c trng bi vic s dng cc thuc tnh bao gm:
Mi trng giao dch: c th t xa, ni mng, hoc trong mi trng ring;
Khi lng giao dch: i din cho s tin chuyn trn mng in thoi di ng t ngi tr
tin/np tin cho ngi th hng.
Thi gian khi thanh ton giao dch c thc hin.
1.1.2. Kin trc ca h thng Mobile Payment
Hnh 1.1 m t kin trc h thng thanh ton di ng.

Hnh 1.1: Kin trc h thng Mobile Payment
4

Ngi s dng thit b di ng c th yu cu cc sn phm v dch v t mt hoc nhiu nh
cung cp dch v, sau s lin h vi bn th ba ng tin cy, nh cung cp dch v khng dy,
hoc t chc ti chnh xc minh thng tin lin quan n khch hng v s tin mua hng. Chc
nng cc thnh phn chnh c tm tt nh sau: Nh cung cp dch v ti chnh (Financial service
provider FSP); Nh cung cp dch v di ng/khng dy (Mobile/wireless service provider -
MSP); Cc nh cung cp dch v thanh ton (Payment service providers - PSP);
1.1.3. Cc m hnh trin khai Mobile Payment
Hin nay, trn th gii c 3 m hnh trin khai Mobile Payment chnh
M hnh Ngn hng lm ch o: Cc ngn hng xy dng nhng ng dng kt hp vi
cc chnh sch v phng php bo mt cho php khch hng s dng in thoi di ng thc
hin cc giao dch v thanh ton trn ti khon khch hng ca mnh.Tt c giao dch thanh ton
u da trn ti khon ti ngn hng nn m hnh ny c tnh an ton cao. Nhc im ca m hnh
ny l khch hng bt buc phi c ti khon m ti ngn hng trc khi s dng dch v, v dch
v vin thng di ng phi c cung cp. M hnh ny kh trin khai trn din rng ti nhng
nc ang pht trin c t l dn c s dng dch v ngn hng thp.
M hnh Cng ty di ng lm ch o: Trong m hnh ny, cc nh cung cp dch v vin
thng di ng ch ng ng ra cung cp dch v thanh ton cho thu bao s dng dch v ca
mnh. s dng dch v, khch hng ch cn l thu bao ca nh mng, khng nht thit phi c
ti khon ti ngn hng. u im ca m hnh ny nm tnh n gin, tin dng (khch hng
khng cn m ti khon ngn hng), giao dch nhanh chng (thi gian giao dch tnh bng thi gian
gi SMS) v chi ph r (theo cc SMS ca nh mng).
M hnh hp tc Ngn hng - Vin thng: Ngn hng, Vin thng v cc nh cung cp
gii php cng hp tc a ra sn phm thanh ton m bo s tin li v xm nhp rng khp
vo khi khch hng thu bao di ng, ng thi vn duy tr c s qun l cht ch v ti chnh
ca ngnh ngn hng. Ngn hng s ng vai tr qun l ngun tin v x l cc nghip v thanh
quyt ton, qun l ri ro trong khi cc cng ty di ng ph trch vic kinh doanh, giao dch trc
tip vi khch hng, cc im bn l v dch v khch hng.
1.2. Cc yu cu k thut i vi h thng Mobile Payment
1.2.1. Yu cu chung
- n gin v d s dng: Cc ng dng thanh ton di ng phi thn thin vi ngi dng hoc
khng qu kh nm bt i vi khch hng.
- Ph qut: Dch v thanh ton di ng phi cung cp cc giao dch gia khch hng gia nhiu
i tng vi nhau.
- Kh nng tng tc: Pht trin ng dng thanh ton di ng da trn cc tiu chun v cng
ngh m cho php tng tc vi cc h thng khc.
5

- An ninh, bo mt v tin cy: Khch hng phi tin tng nh cung cp dch v thanh ton di
ng v thng tin khng c s dng sai mc ch. Thanh ton di ng phi c v danh nh
giao dch tin mt. H thng phi ht sc r rng, c kh nng chng li cc tn cng t tin tc v
khng b. C th s dng c s h tng kha cng khai, sinh trc hc v mt khu trong gii php
thanh ton di ng,
- Chi ph: Thanh ton di ng khng nn tn km hn so vi cc c ch thanh ton hin ti. Gii
php thanh ton di ng phi cnh tranh vi cc phng thc thanh ton khc v chi ph v tnh
thun tin.
- Tc : Tc thc hin giao dch thanh ton di ng phi c th chp nhn c khch hng
v t chc kinh doanh.
- Bin gii thanh ton: c chp nhn rng ri ng dng thanh ton di ng phi sn sng
trn ton cu.
1.2.2. Yu cu v chc nng nghip v thanh ton
Tu thu thuc vo mi trng thanh ton v cng ngh s dng, yu cu v chc nng nghip
v ca cc h thng s thay i cho ph hp. Mi thnh phn c s tng tc v mi quan h khc
nhau c th thy trong h thng thanh ton. Cc giao dch c th c thc hin gia cc thnh
phn thc hin cc chc nng ny bao gm: i tng np tin/tr tin (Payer); Ngi th
hng;T chc pht hnh; T chc kinh doanh; Ngn hng; Nh cung cp dch v;
1.2.3. Yu cu an ton bo mt
Bo mt v ring t l hai vn c quan tm nhiu nht trong thanh ton in t. Cc yu
cu v bo mt lin quan n cc i tng c m t nh sau lin quan n cc i tng: Yu
cu ca ngi tr tin; Yu cu ca ngi th hng; Yu cu ca t chc pht hnh; Yu cu
qun l thng tin; Yu cu lin kt cc giao dch thanh ton; Yu cu gim st cc thnh phn giao
dch thanh ton;.
1.2.4. Tnh ring t v n danh trong h thng thanh ton
Khi khch hng thc hin giao dch thanh ton, mt s thng tin ring t hoc nhy cm ca
khch hng c th c lu tr trong c s d liu. Tnh ring t v n danh l hai vn phi
c gii quyt cung cp cc gii php chng li cc cuc tn cng.
Khi nim tnh ring t v n danh
Tnh ring t lin quan n thng tin c nhn ca mi ngi nh s nh danh, thi quen, hnh
vi, ... S ring t ca d liu c nhn lin quan n quyn ca mi c nhn hn ch c nhn, t
chc khc truy cp d liu c nhn ca mnh. Mi c nhn t nht phi c kh nng kim sot hon
ton d liu ca mnh, cng nh gim st v s dng. i vi tnh n danh, n c trng cho trng
thi khng th nhn dng trong mt tp hp cc thc th, cc c nhn, hoc cc i tng. n danh
c th c nhn nhn nh l mt phng php bo v s ring t. cung cp tnh n danh, ngi
ta s dng mt bt danh thay v nh danh thc s.
6

C ch ring t v n danh v iu kin
Tin mt vt l l cch n danh truyn thng. Trong cc h thanh ton da vo tin mt, tin
mt s tng ng vi tin mt vt l c da trn khi nim ch k m, cho php ngi dng
nhn c thng ip c ch k ca ngi k, trong ngi k khng bit ni dung ca thng
ip.
iu kin n danh trong cc h thng thanh ton
Cc c ch in hnh (khng gii hn) nh sau: C ch truy xut ngun gc; Gii hn s tin
thanh ton; Giao dch chi tiu trng lp/vt qu s tin cho php;C ch chuyn nhng.
1.3. Mt s gii php cng ngh Mobile Payment
1.3.1. Gii php thanh ton da trn Proxy
Gii php thanh ton di ng da trn proxy cho php khch hng thc hin giao dch thanh
ton bng cch s dng quy trnh thanh ton trn mng c nh hin ti thng qua hot ng ca
my ch proxy thay mt cho khch hng tham gia giao dch v kt ni mng c nh. My ch
proxy s hot ng nh mt phng tin trung gian gia cc thit b di ng v c s h tng thanh
ton.
Gii php thanh ton ba bn da trn SET
Gii php ny s dng giao thc thanh ton SET. Ngi tr tin khng cn thit phi lu tr bt
c iu g trn thit b di ng ca mnh; Mt vi tin nhn c truyn qua lin kt mng khng
dy kt ni ngi tr tin; Hn ch vic tnh ton c thc hin bi ngi tr tin; Ngi tr tin
phi c s tin tng hon ton vo hnh ng ca cng ty pht hnh thay mt cho mnh;
Gii php Dai & Zhang

Hnh 1.3: H thng thanh ton da trn WAP
Gii php ny thc hin da trn s dng giao thc WAP cho php ngi np tin di ng thc
hin giao dch thanh ton bng cch s dng in thoi di ng. Hnh 1.3 m t cc bc thanh ton
da trn WAP. Phng php Dai & Zhang m bo xc thc ngi th hng c thc hin bi
cc cng WAP bng cch s dng ch k s ca mnh. N cng cho php bo mt ca ngi tr
tin da trn s an ton v s tin cy ca cc cng WAP, khi gateway c th b mo danh ngi
tr tin bi v n c kha ring ca ngi tr tin.
7

1.3.2. Gii php thanh ton da trn Agent
Gii php thanh ton di ng da trn Agent s dng cng ngh Agent di ng cho php ngi
dng di ng thc hin cc giao dch thanh ton trn mt h thng thanh ton hin c trin khai trn
h tng mng c nh. tng chnh ca phng php da trn agent cho php ngi dng di ng
gi agent (mt m s vn chuyn) cha thng tin thanh ton v hnh ng thay mt ngi np tin
thc hin giao dch trong mi trng c nh ca ngi th hng. C hai li ch ln khi s dng
phng php ny l: gim chi ph kt ni do ngi tr tin yu cu duy tr kt ni cn thit trong
chu k rt ngn, v gim ti tnh ton trn thit b di ng ca ngi tr tin do cc agent c to
v gi bi ngi tr tin c thc hin t ngi th hng.

Hnh 1.4: H thng thanh ton da trn SET/A
1.3.3. Gii php thanh ton khng s dng Proxy
H thng thanh ton di ng khng s dng Proxy khng cn my ch Proxy. Thay vo , n
tch hp mt k thut m ha n gim lm vic gim tnh ton v ti thng tin trao i ca h
thng in thoi di ng ca khch hng. N cng cung cp vn an ninh tt hn. Nhiu gii php
c xut m bo an ton cho h thng thanh ton di ng khng s dng proxy, chng
ta s xem xt 2 gii php: Playbox v tin in t ca Kim.
Gii php Playbox
y l mt cch kh d pht trin h thng thanh ton da trn h thng mng in thoi di
ng, ngi tr tin v ngi th hng c yu cu s dng cc thit b u cui di ng c kh
nng nhn din ng s in thoi. Gii php Playbox yu cu mt thc th th ba, l my ch
Playbox. thc hin mt giao dch thanh ton, ngi tr tin v ngi th hng cn phi c ti
khon ngn hng. Rt d thy s an ton ca Playbox ph thuc rt nhiu vo cc tnh nng bo mt
c cung cp bi mng vin thng thng lin quan trong khi thc hin giao dch. Tuy nhin, khi
s dng xc thc ngi tr tin bng cch chp nhn s dng s PIN trong Playbox, k tn cng c
th sao chp v s dng n vo cuc tn cng khc trong tng lai.
Gii php tin in t ca Kim
Gii php ny lm gim ti tnh ton trn thit b di ng ca khch hng bng cch trin khai
cc tnh ton da trn hm bm v ch k s. Ba thc th tham gia vo qu trnh thc hin giao
dch thanh ton gm: ngi tr tin, ngi th hng, v ngn hng, cng phi hp thc hin. Gii
8

php ny khng t vn kh nng tnh ton cao trn cc thit b di ng. Gii php ny c mt s
hn ch: mt khu c cung cp dng khng c m ho; m th thanh ton cung cp cho cc
ngn hng khng lin quan n ngi th hng;
1.3.4. Phn tch mt s gii php thanh ton di ng
Cc h thng thanh ton di ng hin c th c phn tch v so snh da trn mt s tiu ch
gm: Mi quan h tin cy; Rng buc ca cc lin kt khng dy; Bo v chng li cc cuc tn
cng; Bn cht cc th c s dng; v Cc hot ng mt m.
Phn tch cc tham s
Cc tham s cn phn tch bao gm: Mi quan h tin cy; Hn ch ca kt ni v tuyn;Bo v
chng li cc cuc tn cng; Kho b mt t nhin.
Kho st h thng thanh ton da trn GSM
Kin trc h thng: Giao thc thanh ton cho php khch hng khi to giao dch thanh ton
qua GSM v nhn c bin lai thanh ton. Thc hin hot ng thanh ton thng qua 5 bc chnh
sau khi hon tt yu cu mua, xc nhn vic mua, v xc minh n hng. Cc hnh ng thanh ton
gm: Xc minh i tng np; Cc hnh ng ghi n; Hnh ng bn trong GSM; Xc minh ca t
chc kinh doanh; Chp nhn thanh ton;
Vn bo mt ng dng: Cc c im bo mt c cung cp bi SSL v GSM c cng c
s i vi bo mt ca h thng di ng ni trn. Nu khng c nghi ng, i tng np c th bt
u giao dch thanh ton an ton qua SSL. Ngi np tin nhn c thng bo xc nhn thng qua
SSL v tin nhn SMS.
Cc H thng GSM cung cp mt mc bo mt thp. Hn na, cc tin nhn SMS c gi
thng qua cc trung tm tin nhn SMS, cc trung tm c xc thc ngun gc ca thng ip da
trn GSM xc thc. Nu iu ny khng c thc hin, cc tin nhn SMS c th c gi i vi
mt ngun gi mo. Hn na, tin nhn SMS chuyn tip n a ch ca trung tm tin nhn SMS c
th khng c kim tra xc thc ngun gc.

CHNG 2: MT S VN V BO MT CHO H THNG
MOBILE PAYMENT TRN 3G
2.1. Tng quan v bo mt 3G
2.1.1. Gii thiu h thng 3G
9


Hnh 2.1: Kin trc mng di ng 3G
Kin trc c bn ca mng UMTS c chia thnh ba phn (Hnh 2.1): My di ng (MS),
mng truy nhp v mng li (CN). Mng truy nhp iu khin tt c cc chc nng lin quan n
cc ti nguyn v tuyn v qun l giao din khng gian, trong khi mng li thc hin cc chc
nng chuyn mch v giao din vi cc mng bn ngoi.
My di ng (MS)
MS c nh ngha l mt thit b cho php ngi s dng truy nhp ti cc dch v ca mng
v truy nhp ti module c t thu bao ton cu (USIM). MS lin quan n bt k th tc UMTS
no, qun l v thit lp cuc gi, cc th tc chuyn giao, v qun l di ng. USIM bao gm cc
chc nng v d liu cn thit m t v nhn thc ngi s dng, bn sao h s dch v ca
ngi s dng, cc phn t bo mt cn thit i vi cc dch v b mt v ton vn. My di ng
3G c th hot ng s dng mt trong ba ch sau y: Ch chuyn mch knh (CS); Ch
chuyn mch gi (PS);Ch kt hp chuyn mch knh v chuyn mch gi (CS/PS
Mng truy nhp (UTRAN)
UTRAN qun l tt c cc chc nng lin quan n cc ngun ti nguyn v tuyn v qun l
giao din khng gian. UTRAN gm hai kiu phn t l cc Node B v cc b iu khin mng v
tuyn (RNC), gi vai tr tng ng vi cc trm thu pht gc (BTS) v b iu khin trm gc
(BSC) mng GSM. Lin quan n UTRAN l cc thnh phn Node B, B iu khin mng v
tuyn (RNC)
Mng li (CN)
Mng li m bo vic truyn ti d liu ca ngi s dng n ch. CN bao gm vic s dng
mt s cc thc th chuyn mch v cc gateway (nh MSC, Gateway MSC, SGSN v GGSN) ti
cc mng bn ngoi (nh mng Internet). CN cng duy tr thng tin lin quan n cc c quyn
truy nhp ca ngi s dng (gm AuC v EIR). Do , CN cng gm cc c s d liu lu gi
10

cc h s ngi s dng, v thng tin qun l di ng (v d HLR v VLR). Lin quan n mng
li l cc thnh phn: Trung tm chuyn mch di ng (MSC); B ghi nh v thng tr (HLR); B
ghi nh v tm tr (VLR); Trung tm nhn thc (AuC).
2.1.2. Bo mt trong mng 3G
H thng mt m ho
Mt m hc l khoa hc v bo mt v m bo tnh ring t ca thng tin. Cc k thut ton
hc c kim tra v c pht trin cung cp tnh nhn thc, tnh b mt, tnh ton vn v cc
dch v bo mt khc cho thng tin c truyn thng, c lu gi hoc c x l trong cc h
thng thng tin.
C hai cch tip cn bo v thng tin bng mt m l: Bo v thng tin theo ng truyn:
Thng tin c m ho bo v trn ng truyn gia 2 nt khng cn quan tm n ngun v
ch ca thng tin. Bo v thng tin t mt n mt: Thng tin c bo v trn ton b ng i t
ngun ti ch. Thng tin c m ho ngay khi mi c to ra v ch c gii m khi n ch.
Cc vn bo mt trong mng 3G
Cc hn ch ca h thng thng tin di ng gm: Mi trng truy nhp v tuyn m; Bng
thng hn ch; phc tp h thng; Cng sut pin b hn ch; Cng sut x l b hn ch; Kt
ni mng tng i khng tin cy;
Cc dng tn cng in hnh trong mng di ng 3G: Cc dng tn cng in hnh trong
mng di ng 3G bao gm: S dng sai lch cc dch v ca mng; Nghe trm s truyn dn thng
tin; Cc tn cng chng li cc bn tin; Cc tn cng gia; Truy nhp bt hp php n cc dch
v ca mng
Cc mc tiu ch yu ca bo mt trong mng di ng 3G
m bo rng thng tin c to ra hoc lin quan n mt ngi s dng c bo v ph hp
chng li s s dng sai lch hoc khng ph hp v gim thiu kh nng ca cc tn cng bng
cch hn ch truy nhp n cc dch v d b tn cng; m bo rng cc ngun ti nguyn v cc
dch v c cung cp bi cc mng phc v v mng li c bo v ph hp chng li s s
dng sai lch hoc khng ph hp; m bo rng cc thuc tnh bo mt c tiu chun ho
tng thch vi s kh dng rng ln (c t nht mt thut ton c s dng rng ri); m bo
rng mc bo mt p ng cho ngi s dng v cc nh cung cp dch v tt hn mc bo
mt c cung cp trong cc mng c nh v di ng hin nay (mng GSM); m bo rng s
thc hin cc thuc tnh v cc c ch bo mt 3G c th c m rng v pht trin (do cc nguy
c bo mt v cc dch v mi); Thc hin nhn thc ngi s dng di ng da trn c t ngi
s dng duy nht, nh s ngi s dng duy nht, v c t thit b duy nht; Thc hin nhn thc
thch thc v p ng da trn kho b mt i xng c chia s gia SIM card v trung tm nhn
thc; m bo ngi s dng di ng chng li s s dng sai lch v k nh cp my di ng
bng cch duy tr mt danh sch cc my di ng b nh cp v gim st lu lng m chng
11

s dng; H tr cc dch v khn cp bng cch cung cp thng tin hu ch cho cc cuc gi khn
cp. Cc thng tin ny gm: c t ngi s dng, thng tin v tr, v thng tin khc bt k cn thit
cho ngi c thm quyn.
ng quan im ca ngi s dng dch v di ng, cc yu cu bo mt c bn l:
Khng c thc th no, ngoi tr trung tm c c quyn, c th thc hin tnh cc cc cuc
gi ca ngi s dng v c php truy nhp n thng tin c nhn ca ngi s dng; My di
ng b nh cp khng th thc hin cuc gi; Mng khng c lu gi cc cuc gi gi hoc
nhn. Mng ch c lu gi cc bn ghi cn thit cho vic tnh cc chnh xc. Ngi s dng
c th truy nhp y n thng tin c lu gi; Khng c bn ghi no v vic s dng cc
dch v thng tin s c thc hin; Khng c ghi li mt bn sao cuc gi thoi hoc mt phin
d liu; Khng th pht hin ra v tr ca ngi s dng di ng, nhng ngi s dng c th gii
phng v tr ca mnh nh mong mun; Khng th m t ngi s dng kt cui hoc thit b kt
cui, tr khi ngi s dng hoc thit b chp nhn iu ; Thng tin v tr khng th c bit bi
cc thc th khng c c quyn. Mng bit v tr ca mt my di ng ang pht thng tin mt
thi im c bit. Ngi s dng c th la chn gii phng d liu v tr ca mnh ti cc nh
cung cp ng dng. Thng tin ny c th t ng c gii phng, i vi mt cuc gi xc nh,
ti cc dch v khn cp.
ng quan im ca nh cung cp dch v di ng, cc yu cu v bo mt l:
Vic cung cp cc dch v truyn thng phi c thanh ton cc mt cch chnh xc; Cc o
lng ph hp phi c la chn v c thc hin chng li tt c cc kiu gian ln. Cc th tc
cp nht cc php o phi c cung cp; Cc c ch t tn v nh a ch chnh xc cc thit
b kt cui phi c thc hin chnh xc. Vic bo mt cc chc nng nh tuyn phi c cung
cp trong h tng c trin khai; Nh cung cp c th thc hin cc chc nng b sung nh mail
thoi v chuyn tip cuc gi trong khi cung cp cc thuc tnh bo mt adhoc cho cc chc nng
ny.
p ng cc yu cu v bo mt trn, cc m hnh bo mt ca 3GPP v 3GPP2 c xy
dng v pht trin vi cc mc tiu sau y:
- Ci tin kin trc bo mt 2G: Ci tin cc vn v nhn thc thu bao, tnh b mt c t thu
bao, mt m ho giao din v tuyn, s dng cc module c t thu bao, v to ra bo mt lp ng
dng gia my di ng v mng thng tr ca my di ng;
- Bo m mc bo v ph hp c cung cp: Mt mc bo v ph hp c cung cp
cho cc thu bao di ng, ti tt c thng tin c to ra v c gi bi ngi s dng qua mng,
v ti tt c cc ngun ti nguyn v cc dch v c cung cp bi cc mng phc v;
- Thc hin cc thuc tnh bo mt c th: Cc thuc tnh bo mt c th phi kh dng trn
mng di ng 3G, gm t nht mt s thut ton mt m ho c th c s dng rng ri, mt tiu
12

chun cc tnh cht bo mt c chp nhn, v kh nng m rng cc c ch bo mt bng cch b
sung mt s thuc tnh vo c ch bo mt.
Cc nguyn l bo mt mng di ng 3G: Ba nguyn l ch yu ca bo mt mng di ng 3G
l:
- Bo mt mng 3G s c xy dng trn c s bo mt cc h thng thng tin di ng th h
hai. Cc phn t bo mt bn trong mng GSM v cc h thng 2G khc chng t l cn thit v bo
mt tt s c la chn cho bo mt 3G;
- Bo mt mng 3G s ci tin bo mt ca cc h thng thng tin di ng th h hai (bo mt 3G
s ci tin cc im yu bo mt cc h thng 2G);
- Bo mt 3G s cung cp cc thuc tnh mi v bo mt cc dch v mi c cung cp bi
mng 3G.
Cc phn t bo mt mng 2G c duy tr: Bo mt mng di ng 3G duy tr v pht trin
cc phn t bo mt sau y ca mng 2G: Nhn thc thu bao i vi truy nhp dch v; Mt m
ho giao din v tuyn; Tnh b mt c t thu bao trn giao din v tuyn; SIM;
Cc im yu ca bo mt mng 2G: Bo mt mng 3G s ci tin cc im yu sau y ca
bo mt mng GSM: Cc tn cng ch ng s dng BTS sai l c th; Cc kho mt m ho v
d liu nhn thc c pht trong sut gia v bn trong cc mng (IMSI, RAND, SRES, Kc);
Phm vi mt m ho b gii hn; Bo v ton vn d liu khng c cung cp; Nhn thc n
hng; Cc thut ton mt m ho yu; Thit b u cui khng c bo mt; S ngn chn hp
php v s gian ln khng c xem xt trong pha thit k bo mt 2G m c gii quyt trong
cng vic thit k sau ny; Thiu tnh hin hu (visibility); Thiu tnh linh hot;
Cc thuc tnh bo mt c b sung trong mng 3G: Bo mt mng 3G b sung cc thuc
tnh mi sau y so vi bo mt mng 2G: Nhn thc mng; Bo v ton vn d liu; Bo mt min
mng; Bo mt da trn chuyn mch; Bo v ton vn IMEI; Bo mt cc dch v; Bo mt cc
ng dng; Pht hin s gian ln; Tnh linh hot; Tnh hin hu v tnh cu hnh; Tnh tng thch;
Ngn chn hp php.
Kin trc bo mt mng 3G
Hnh 2.3 m t kin trc bo mt ca mng di ng 3G.
13


Hnh 2.3: Kin trc bo mt mng 3G
T kin trc bo mt mng 3G, chng ta thy rng cc chc nng bo mt c t chc thnh 5
lp bo mt. Mi lp chng li mt nguy c bo mt c th v t c cc mc tiu bo mt c
th bao gm: Bo mt truy nhp mng (Lp I); Bo mt min mng (Lp II); Bo mt min ngi
s dng (Lp III); Bo mt min ng dng (Lp IV); Tnh hin hu v tnh cu hnh bo mt (Lp
V).
Bo mt min ngi s dng: Bo mt min ngi s dng m bo s truy nhp bo mt n
my di ng MS. C ch ny da trn mt thit b vt l c gi l Card mch tch hp UMTS
(UICC), UICC c th d dng c chn vo hoc di chuyn khi thit b u cui, gm cc ng
dng bo mt nh USIM. USIM chu trch nhim thc hin nhn thc thu bao v nhn thc mng,
tho thun kho khi cc dch v 3G c truy nhp. USIM cng bao gm mt bn sao profile ca
ngi s dng.
Bo mt min ng dng: Bo mt min ng dng bo m bo mt cc bn tin gia my di
ng MS v mng phc v (SN) hoc nh cung cp dch v (SP) vi mc bo mt c chn
bi nh khai thc hoc nh cung cp ng dng.
Tnh hin hu v tnh cu hnh bo mt: Tnh hin hu cc hot ng bo mt v cc thuc
tnh bo mt nn c cung cp ti ngi s dng: Ch th mt m ho mng truy nhp; Ch th mt
m ho mng rng ln; Ch th mc bo mt, c bit khi ngi s dng di chuyn t mng 3G
ti mng 2G. Tnh cu hnh cho php ngi s dng di ng v HE cu hnh xem vic cung cp
dch v c ph thuc vo s kch hot cc thuc tnh bo mt no hay khng. Mt dch v ch c
th c s dng khi tt c cc thuc tnh bo mt ph hp c kch hot.
2.2. Yu cu an ton v bo mt h thng MP trn 3G
2.2.1. Kin trc h thng MP trn 3G
Hnh 2.4 di y m t m hnh kin trc mt h thng Mobile Payment trn 3G.
14


Hnh 2.4: Kin trc h thng MP trn 3G
M t hot ng thanh ton: thng bao gm hu ht hoc tt c cc qu trnh sau y:
b1. ng k dch v; b2.Yu cu thanh ton; b3. Cp php thanh ton; b4.Xc nhn thanh ton;
b5.Bo co thanh ton.

Hnh 2.5: Cc qu trnh thc hin thanh ton
M t hot ng ca h thng MP: bao gm cc bc sau: b1. Khch hng ng k dch v
thanh ton di ng vi mt ngn hng thng qua mt hnh thc vt l; b2. Khch hng quyt nh
s dng in thoi di ng thc hin vic thanh ton; b3. Yu cu thanh ton c thc hin
thng in thoi di ng ca khch hng, c ch nh; b4. Xc nhn kt qu thanh ton, thnh
cng hoc khng thnh cng - trn in thoi di ng ca khch hng; b5. Kim tra thng tin thanh
ton, nh lch s giao dch trn in thoi di ng.
2.2.2. Yu cu an ton v bo mt ca h thng
Yu cu bo mt t u cui ti u cui: Cung cp thanh ton di ng mt cch an ton t u
cui ti u cui phi gii quyt mi quan tm trong sut qu trnh thanh ton v cng ngh thc
hin bao gm: Xc thc ngi dng, ngn hng v thit b di ng; Bo mt truyn ti, lin quan
n tt c cc thnh phn tham gia h thng thanh ton di ng; Bo v h thng khi cc cuc tn
cng an ninh in hnh; Quy nh v tun th m bo tt c cc bn tham gia trong giao dch
thanh ton di ng p ng tiu chun v php lut thanh ton cng nh cc ngha v v tun th.
Yu cu cng c qun l ri ro: Cng ging nh cc knh thanh ton khc, cc nh cung cp
dch v phi kt hp cc cng c qun l ri ro vo cc gii php thanh ton di ng: Kim ton t
u cui n u cui v ghi li log tt c cc hnh vi ca khch hng v ngi lao ng
Yu cu ca khch hng s dng dch v: Khc phc cc yu t mt an ton lin quan n thanh
ton di ng
15

- Tng cng an ninh bo mt cho h thng. Cung cp cc cng ngh, cng c thc hnh bo mt
thanh ton tt nht.
- Phi c c ch thng bo, cung cp thng tin qua in thoi di ng
Cc h thng thanh ton di ng cn c m bo an ton, an ninh vi mc cao, bao gm:
- Phng, chng mi hnh thc thm nhp tri php h thng. Cc cng ngh an ninh, an ton h
thng cn c ng dng ti tt c cc mc c th.
- Chng li vic hy hoi hay s dng tri php d liu.
- m bo ton vn d liu.
- C kh nng pht hin v x l gian ln. D liu cn c lu vt tra cu
- Cc cng ngh s dng trin khai h thng cn m bo l cc cng ngh c kim
chng, m bo tin cy.
- Cc d liu bo mt cn m ha hoc ng gi theo cc nh dng chun.
- Cung cp c ch bo mt hon thin t im n im (point-to-point) gia thit b cm tay, v
nh cung cp dch v thanh ton.
- Thng ip c ng gi v m ha trn ng truyn theo cc tiu chun bo mt cao.
- Cc c ch ton vn thng tin phi m bo tnh chnh xc ca thng tin. S dng cc
checksum, cc ch k s,
Ty thuc vo bn cht ca dch v, mt danh sch khng y m t cc yu cu chnh
khc phc cc l hng khng dy v cung cp mt mc an ton chp nhn c trong cc h
thng thanh ton l: Yu cu v v tr v thi gian thc nhn thanh ton; Xc minh yu cu thanh
ton; Yu cu v ch k khch hng;Yu cu thanh ton linh hot; Yu cu tin tng ngi dng;
Yu cu xc nh ngi th hng;
2.3. Nghin cu mt s gii php bo mt h thng MP trn 3G
Do s dng h tng ca mng di ng 3G lm phng tin truyn dn, trong khi cc mng 3G
c bo mt rt tt nn phn ny khng trnh by cc vn bo mt lin quan n h tng
truyn dn mng 3G, m tp trung vo kho st mt s gii php bo mt pha khch hng v bo
mt pha nh cung cp dch v thanh ton.
2.3.1. Bo mt giao dch thanh ton di ng s dng OTP
Khi nim OTP
nh ngha: OTP l mt khu ch c gi tr s dng mt ln trong mt phin ng nhp lm
vic. OPT thng c s dng xc thc ngi dng hoc cho ngi dng xc thc giao dch
thanh ton. OTP thng c s dng trong cc giao dch thanh ton in t, thanh ton di ng
hoc cc h thng cn xc thc cht ch.
Nhng c trng ca OTP
Cung cp cho cc h thng thng tin thm mt cp bo mt xc thc ngi dng, gip
cho ngi dng yn tm hn khi truy nhp vo ti khon ca mnh thc hin cc giao dch thanh
16

ton thng qua h thng mng cng cng. Trong khi cc gii php xc thc bng sinh trc hc
(nhn dng vn tay, ging ni, ) rt tn km v phc tp, mi ch c p dng trong quy m
nh, th gii php Mt khu s dng mt ln c s dng rng ri v rt ph hp vi cc h
thng thanh ton, ngn hng, chng khon. Bo mt cao, chi ph thp, d dng tch hp vo h
thng hin c. H thng s dng OTP khng yu cu c quan chng thc, khi lng tnh ton
thp. Thut ton l yu t quan trng nht sinh m OTP, do thut ton sinh m OTP phi m
bo ngi dng bt hp php khng c kh nng on bit c m tip theo trong chui. M OTP
khng th on trc v khng th o ngc.
C hai cch to token OTP l da trn thit b phn cng v da trn phn mm. Token da trn
phn cng l mt thit b to mt khu chuyn dng vi mt mn hnh LCD hin th s ngu nhin
bao gm 6 (hoc nhiu hn) k t. Tnh ton tin cy chnh l nn ca token da trn phn cng.
Token da trn phn mm l cc hm to OTP c lu trong mt thit b nh my tnh bn,
My tnh xch tay, PDA hoc in thoi di ng. Thng thng token da trn phn cng c
bo mt cao hn cc token da trn phn mm v bn cht khng n nh ca phn mm so vi
phn cng. Tuy nhin nhng im bt li ca token da trn phn cng chnh l kh nng s dng
ca n. l s gia tng s lng token da trn phn cng ca mt ngi s dng cn dng
xc thc vi nhng nh cung cp dch v khc nhau v cng bt tin khi phi qun l nhiu token.
K t khi token da trn phn mm c ci t trong cc thit b xc thc cn thit loi b vic
phi mang theo nhiu token cho tng server xc thc khc nhau. iu ny c th lm cho token da
trn phn mm c th c s dng rng ri hn token da trn phn cng.
Cc m hnh sinh OTP
C hai m hnh sinh m OTP thng c s dng l sinh OTP theo thi gian v sinh m OTP
theo s kin. M hnh sinh m OTP theo thi gian, M hnh sinh m OTP theo s kin
M hnh trin khai OTP trn mi trng di ng
H thng xc thc phi kt ni: m OTP c to ra m khng cn kt ni in di ng ca
khch hng vi h thng cung cp dch v. in thoi di ng ng vai tr nh mt token v s
dng yu t duy nht nh s IMEI, IMSI to m OTP. Khch hng phi ng k cc thng tin
ny trn h thng cung cp dch v thanh ton kim tra v i snh.
H thng xc thc da trn tin nhn: Khch hng c th yu cu cung cp m OTP bng cch
gi tin nhn theo cu trc nh sn, gm cc thng tin xc nh danh tnh duy nht ca ngi s
dng. H thng s kim tra tin nhn, nu hp l s tr v m OTP c to ngu nhin. Ngi s
dng s c mt thi gian nht nh s dng m OTP trc khi ht hn.
ng dng OTP xc thc ti khon trong thanh ton di ng
H thng bao gm: Khch hng; H thng cung cp dch v thanh ton di ng; thit b di ng
ca khch hng c dng to m OTP.
17

thc hin xc thc, khch hng phi ng k s ti khon hoc s in thoi di ng vi nh
cung cp dch v thanh ton, chnh nhng thng tin ny c dng xc thc khch hng trn h
thng, chng li vic mo danh. Ngi s dng khi cn xc thc giao dch s chy chng trnh
ng dng trn in thoi di ng hoc trn cc thit b di ng khc v nhp cc thng tin theo yu
cu ly m OTP hoc n gin ch gi SMS yu cu cp m OTP n h thng cung cp dch v
thanh ton. Trong mi trng hp khch hng phi ng k s dng dch v vi nh cung dch v.
Sau khi nhn c m OTP khch hng c th s dng thc hin giao dch thanh ton ngay
lp tc. My ch dch v thanh ton sau khi nhn c thng tin xc thc ca khch hng s kim
tra s hp l ca thng tin v tr li kt qu xc thc cho khch hng.
2.3.2. Bo mt giao dch thanh ton di ng s dng ch k in t
Khi nim ch k in t
Ch k in t: Ch k in t l thng tin i km theo d liu nhm mc ch xc nh ngi
ch ca d liu .
Ch k s: Ch k s l mt dng ch k in t c to ra bng s bin i mt thng ip
d liu s dng h thng mt m khng i xng theo ngi c c thng ip d liu ban u
v kho cng khai ca ngi k c th xc nh c chnh xc: (i) Vic bin i nu trn c to
ra bng ng kho b mt tng ng vi kho cng khai trong cng mt cp kha; (ii) S ton vn
ni dung ca thng ip d liu k t khi thc hin vic bin i nu trn.
M hnh s dng ch k in t: Hu ht cc h thng h tng kha cng khai quy m doanh
nghip u da trn cc chui chng thc xc thc cc thc th. Chng thc ca ngi dng s
c mt nh cung cp chng thc s cp, n lt nh cung cp ny li c chng thc c mt
nh cung cp khc cp cao hn to ra. H thng s bao gm nhiu my tnh thuc nhiu t chc
khc nhau vi cc gi phn mm tng thch t nhiu ngun khc nhau. Cc h thng h tng kha
cng khai doanh nghip thng c t chc theo m hnh danh b trong kha cng khai ca
mi ngi dng c lu tr (bn trong cc chng thc s) km vi cc thng tin c nhn (s in
thoi, email, a ch, ni lm vic).
Ch k in t hot ng bng cch s dng mt h thng mt m khng i xng n gin,
c to thnh t cc bc sau: Mt kho cng khai c cp cho mi ngi s dng; Mi ngi
s dng c mt kho ring, v mi trng hp s c kho khc nhau; C ch dn cho nhng kho
cng khai c gi tr ph bin; Ngi gi gi thng tin m ho bng kho cng khai ti ngi
nhn, vit li n bng mt m ring ca h. Ngi nhn ch c th m thng tin bng mt m
chung kt hp vi mt m ring ca h; H thng ny c ngi s dng chp nhn mt cch
rng ri, v thc t rng n m bo y s an ton v b mt thng tin c gi.
Quy trnh to ch k in t: Ch k in t yu cu phi s dng mt m ho kho cng
khai (public key). Nu mun to ra ch k in t th cn phi c thm c m ha kha c nhn
(private key). Bn dng kha c nhn k, ch l mt dng m, sau ch cung cp kha cng
18

cng cho ngi cn xc nhn ch k . Kha c nhn v cng khai c quan h tng ng vi
nhau, nhng ch trn phng din ton hc, v th m kha cng khai c th xc nhn c ch k
m khng cn phi bit kha c nhn. Trn thc t, khng th da vo kha cng khai m on
ra kha c nhn.
Li ch khi s dng ch k in t: Ch k in t l thnh phn ti quan trng trong giao
dch thanh ton nhm m bo an ton thng tin trao i qua li, ng thi khng nh tnh rng
buc v mt php l ca cc thng tin c trao i. Nh vy, Ch k in t chnh l s xc thc
cn thit ca mi ch th trong giao dch thanh ton, n gip y nhanh cc giao dch qua mng
trong khi vn m bo an ton v bo mt thng tin. Vic s dng ch k in t s mang li
nhng li ch sau: m bo tnh b mt; m bo tnh ton vn; m bo tnh chng chi b;
m bo tnh xc thc; m bo tnh an ton;
Nhng hn ch ca ch k in t: H thng ch k in t c th t hng, iu ny c ngha
l n rt cn s dng mt h thng thch hp phn loi cc mt m ring. H thng phn loi cn
c bo v mt cch hp l v qun l bi mt c nhn hay tp th c y quyn tuyt i
lm vic . Giy php s dng ch in t b hn ch v mt thi gian do phi gia hn khi ht
hn.
2.3.3. Bo mt giao dch thanh ton di ng s dng SSL
Khi nim SSL
SSL l giao thc bo mt thuc lp vn chuyn (Layer Transport) c tm quan trng cao nht
i vi s bo mt ca cc trnh ng dng. SSL c th s dng h tr cc giao dch an ton cho
rt nhiu ng dng khc nhau trn cc h thng mng. SSL khng phi l mt giao thc n l, m
l mt tp cc th tc c chun ho thc hin cc nhim v bo mt sau: Xc thc server;
Xc thc Client; M ho kt ni; Tnh ton vn;
c im ca giao thc SSL
im c bn ca SSL c thit k c lp vi tng ng dng m bo tnh b mt, an ton
v chng gi mo lung thng tin qua trao i gia hai ng dng bt k, do c s dng rng
ri trong nhiu ng dng khc nhau trn mi trng mng. Ton b c ch hot ng v h thng
thut ton m ho s dng trong SSL c ph bin cng khai, tr kho chia s tm thi (session
key) c sinh ra ti thi im trao i gia hai ng dng l to ngu nhin v b mt i vi ngi
quan st trn mng. Ngoi ra, giao thc SSL cn i hi ng dng ch phi c chng thc bi
mt i tng lp th ba (CA) ng tin cy thng qua giy chng thc in t (digital certificate)
da trn mt m cng khai. Chng thc in t thng c xc nhn rng ri bi mt c quan
trung gian (CA -Certificate Authority) nh RSA Data Sercurity hay VeriSign Inc., mt dng t
chc c lp, trung lp v c uy tn. Cc t chc ny cung cp dch v xc nhn s nhn dng ca
mt cng ty v pht hnh chng ch duy nht cho cng ty nh l bng chng nhn dng
(identity) cho cc giao dch trn mng.
19

Thit lp knh thanh ton s dng giao thc SSL
Giao thc bt tay chu trch nhim khi to v ng b ho cc knh m ho gia hai bn tham
gia trao i thng tin hp php. Giao thc record cung cp tnh nng bo mt v chng thc qu
trnh thanh ton v cc thng tin lin quan cng nh bo v chng li cc cuc tn cng replay.
thit lp mt knh, SSL thc hin 5 bc nh sau:
(i) Khch hng gi mt thng ip ClientHello n my ch ca nh cung cp dch v. ClientHello
bao gm thng tin nh: Phin bn SSL; Phng php nn d liu; ID phin; v mt s ngu
nhin c s dng xc nh ng knh c bt u;
(ii) My ch ca nh cung cp dch v tr li bng thng ip ServerHello. Sau , s gi mt
thng ip ServerKeyExchange cha kha cng khai ca my ch. Cui cng, gi mt thng
ip ServerHelloDone ch ra rng hon tt qu trnh thng lng thit lp knh.
(iii) Khch hng gi giy chng nhn, nu c yu cu bi my ch cung cp dch v, cng vi
mt thng ip ClientKeyExchange c cha thng tin kho s c s dng to ra mt kha
b mt chung v kho s c s dng sau m ha thng tin lin quan n giao dch thanh
ton. Khch hng s gi thng ip CertificateVerify chng minh rng mnh c kha ring
tng ng vi kho xut hin trong chng ch.
(iv) Khch hng gi thng ip ChangeCipherSpec ch ra im khi u ca knh c bo v.
Sau , gi mt thng ip ClientFinish cha thng tin bm trao i khi khi bt tay. Thng
ip c m ha v chng thc.
(v) Cc my ch ca nh cung cp dch v gi li thng ip ChangeCipherSpec khi sinh cc kho
tng t. Sau gi thng ip ServerFinish kt thc vic thit lp cc tnh nng bo mt.
Li ch v hn ch khi s dng SSL
- SSL bo v b mt ca cc giao dch thanh ton bng cch s dng m ho i xng. N cng
m bo tnh bo mt d liu truyn chng li cc cuc tn cng nh chn v m bo ton vn
cho d liu c truyn.
- SSL c th chng thc ca khch hng nu khch hng c kho cng cng ng k bng
cch s dng mt giy chng nhn do mt CA ng tin cy cp. SSL cung cp c ch bo v chng
li cc cuc tn cng replay bng cch s dng mt s ngu nhin trong sut qu trnh bt tay.
- SSL cung cp dch v chng chi b i vi c khch hng v bn kinh doanh xuyn sut hnh
ng xy ra.
2.3.4. Gii php bo mt s dng th thng minh
Th thng minh (smart cart) c kch c nh th tn dng c trang b mt vi mch dng
cha b nh v mt mch x l vi h iu hnh kim sot b nh. N c th lu tr d liu v
thng tin c nhn, tin hoc mt s thng tin khc m s thay i ca chng cn c kim sot
cht ch. Ngoi ra, n c th lu tr cc kha m ha ngi dng c th nhn dng qua mng,
ch k in t. c bit, hin nay th thng minh c h tr chng nhn s. Cho php m ha d
20

liu v kim tra tnh hp l ca cc giao dch qua mng. y l mt gii php rt hiu qu v linh
ng cho cc vn v xc thc ngi dng.
u im: Nh vo kin trc vt l v logic ca th m gim c rt nhiu cc nguy c gy
mt an ton thng tin. Mi hot ng ca th u c kim sot bi h iu hnh nn cc thng tin
cn gi b mt s khng th ly ra c t th. Cc thng tin bn trong th khng th b k xu ly
cp nh cc thng tin c lu tr trong cc phn mm h qun tr c s d liu thng thng. Cc
kha b mt dng cho ch k in t v nhn dng u c lu tr bn trong th. Nh sn xut th
cng nh ngi s hu th u khng th bit c cc kha ny. V vy, chng khng th b ly
cp hay b sao chp.
Mi chic th u c s nhn dng PIN trnh vic nh cp v b k xu s dng. Trc khi
s dng th, ngi dng phi nhp vo s PIN ca th. C ch qun l s PIN ca th cng rt an
ton bi v s PIN gn nh khng th on ra c. Trong trng hp th b mt cp, k ly cp
cng khng th s dng c th v khng c s PIN.
Nhc im: Tuy gii php ny hn ch c s mt cp th bng cch kt hp th vi mt
s PIN nhng vn c th b nh cp c th v c s PIN. p dng gii php ny, cc c quan
phi trang b thm cc thit b nh thit b c th, thit b ghi, cc phn mm h tr. S lng v
gi thnh ca cc thit b ny khng phi l nh, do kh l tn km. Cc dch v h tr ph bin
cho vic xc thc bng th l cha y . Cc dch v th in t, cc dch v thng mi, cn
n xc thc trn Internet u cha h tr xc thc bng th. Hin nay, hu nh cc nh cung cp
gii php xc thc bng th u pht trin cc dch v theo m hnh ring ca mnh, s dng cc
thit b ring cha thng nht, do kh nng lin h gia cc h thng hu nh khng c.
ng dng: y c coi l gii php tng i hon chnh v c nhn nh l c tim nng
ln. Hin nay, trn th gii c rt nhiu cng ty ln ang pht trin nhng gii php xc thc hon
thin hn v c mc an ton v kh nng linh ng trong vic s dng th. C rt nhiu quc gia
s dng cng ngh ny lm chng minh th, th rt tin ngn hng, Gii php ngy cng
c s dng nhiu hn do s pht trin v khoa hc cng ngh, gi thnh ca th cng nh ca
cc thit b c lin quan gim i rt nhiu trong thi gian va qua.
2.3.5. Bo mt giao dch thanh ton trong my ch khng tin cy
bo v h thng thanh ton da trn agent, cc gii php trnh vic gi agent ti cc my
ch c hi l rt kh trin khai nu nh khng bit chnh xc v tr ca my ch c hi v iu
ny rt kh t c trong cc mi trng m. gim thiu ri ro ca giao dch thanh ton mo
danh, mt gii php c th trnh cc my ch c hi s dng khi nim agent ch/nhiu agent t.
Agent ch c th l c nh v agent t c th di ng nhng c kh nng thc hin giao dch thanh
ton. Agent t ch c php di chuyn ti cc my ch (c th l c hi) v tho thun iu
khon c cam kt bi my ch v tr li v cho agent ch. Agent ch sau c trch nhim nh
gi cc tho thun v chuyn kt qu cho ngi np tin. Trong khi gii php ny c th gim thiu
21

cc agent t gi mo th n cng khng th bo v chng hon ton khi vn cn cc l hng bo
mt cc my ch c hi cung cp thng tin sai.
CHNG 3: XUT XY DNG H THNG MOBILE PAYMENT TRN 3G
3.1. t bi ton
3.1.1. Gii thiu chung v Cng ty Dch v Tit kim Bu in
Cng ty Dch v Tit kim Bu in c thnh lp vo ngy 24 thng 05 nm 1999 theo quyt
nh ca Th tng chnh ph, hch ton ph thuc Tng cng ty Bu chnh Vin thng Vit Nam
(VNPT), hot ng kinh doanh trn lnh vc kinh doanh tin t, c nhim v huy ng cc khon
tin nhn ri trong cc tng lp dn c (t cc khch hng c nhn) sau chuyn giao cho chnh
ph u t vo cc d n trng im quc gia.
Nm 2004, Cng ty trin khai thnh cng dch v thanh ton qua in thoi cho php khch
thc hin cc vn tin v chuyn khon v mt s tnh nng khc thng qua vic x l tn hiu thoi
v cung cp s liu t cc phm bm trn in thoi. Hn na, trc khi xy dng h thng thanh
ton qua in thoi, vo cui nm 2003, Cng ty dch v phi hp vi trung tm cng ngh
thng tin (CDIT) trc thuc Hc vin Cng ngh Bu chnh Vin thng trin khai thnh cng phn
mm vn tin s d ti khon bng SMS qua cng thng tin 1570.
3.1.2. H tng cng ngh thng tin Cng ty dch v Tit kim Bu in
Hnh 3.1 m t h tng cng ngh thng tin hin ti Cng ty dch v Tit kim Bu in.

Hnh 3.1: S h thng mng hin ti ca Tit kim Bu in
- Vn bo mt: H thng PhonePayment ca Tit kim Bu in ang s dng cc c ch
bo mt sau:
Chng thc khch hng bng cp s ti khon v mt khu (PIN): Mi khch hng m ti
khon ti Tit kim Bu in s c mt mt khu b mt. Mt khu ny do khch hng t chn v
bo v, gm su k t dng s. Khch hng mun s dng dch v thanh ton qua in thoi th phi
22

ng k s dng dch v, khch hng c cp mt mt khu b mt gm 6 k t s. Vi nhng
giao dch truy vn thng tin chung (v d li sut) khch hng khng phi nhp mt khu. Khi s
dng dch v chuyn tin, vn tin t khon th khch hng phi cung cp chnh xc cp s ti khon
v mt khu b mt. H thng ch cho php chuyn tin gia cc ti khon khch hng ng k.
M ha: H thng PhonePayment do cng ty t thit k xy dng, s dng phng thc trao
i thng qua Message Queue, thng tin trao i c m ho, giao tip vi khch hng ch trn tn
hiu thoi.
Chng thc khch hng s dng c ch bt s in thoi gi n (CallerID): Cp s ti khon
v mt khu c th b l, do h thng PhonePayment ca TKB cn s dng c ch bt s in
thoi gi n ca khch hng. s dng c chc nng ny th thit b phn cng n cuc gi
phi bt c CallerID. S in thoi s c ghi li trong nht k giao dch.
- Kin trc thanh ton: Hnh 3.2 m t kin trc h thng PhonePayment hin ti ca Tit kim
Bu in

Hnh 3.2: Kin trc h thng PhonePayment hin ti ca Tit kim Bu in
H thng h tr nhiu khch hng quay s v thc hin giao dch ng thi. Dch v c thc
hin t ng khng cn nhn vin thao tc. Ton b giao dch c thc hin thng qua cc phm
bm trn in thoi. H thng hot ng 24/7. Cc dch v thanh ton qua in thoi h thng ang
cung cp: Vn tin s d ti khon; Vn tin giao dch cui; Vn tin li sut; Chuyn khon.
H thng PhonePayment hin ti ca cng ty mi ch dng li mc cung cp dch v thng
qua x l tn hiu thoi, h thng rt an ton nhng rt kh m rng v pht trin. Cng ty cng rt
quan tm n cc knh thanh ton khc nh knh thanh ton thc hin trn cc thit b khng dy,
cc h thng xc thc bng th, c bit quan tm n h thng thanh ton di ng trn mi trng
mng 3G. Trn c s nhng kt qu thu c t nhng tm hiu, nghin cu, kho st, nh gi
trong Chng 1 v Chng 2, cng vi kinh nghim xy dng v trin khai thc t nhiu d n
cng ngh thng tin ti cng ty, tc gi nhn thy Cng ty dch v Tit kim Bu in hon ton c
kh nng v iu kin trin khai thnh cng dch v thanh ton di ng trn 3G. Phn sau y s
trnh by m hnh thanh ton di ng trn 3G tc gi xut cho Tit kim Bu in.
3.2. xut m hnh Mobile Payment trn 3G cho Tit kim Bu in
23

3.2.1. Yu cu i vi h thng
Yu cu chung ca h thng: C kh nng x l ng thi 100 giao dch/giy v c kh nng
nng cp ln cao hn. Thi gian x l giao dch (trong h thng) khng qu 3 giy. H thng phi
m bo chy n nh 24 gi/ngy, 7 ngy/tun (24x7). Trong trng hp nng cp hoc chuyn
i h thng thi gian dng h thng khng qu 01 gi. Kt ni gia cc thit b phn cng phi c
tc cao, n nh, cht lng truyn dn tt. S dng cc thit b phn cng c lp, c kh nng
tnh ton cao.
Yu cu v tnh chnh xc: H thng cn p dng nhiu bin php kim tra m bo chc
chn tnh chnh xc ca h thng v d liu thanh ton, d liu ti chnh. Cc x l giao dch phi
lun kt thc ngay c trong trng hp giao dch khng thnh cng. Cc thng tin thng bo tnh
trng giao dch phi lun gi v cho ngi dng.
Tnh sn sng: H thng c xy dng nhm m bo mc sn sng p ng cho cc dch
v mc 24gi/ngy, 7 ngy/tun (24x7). H thng phi c thit k c th hn ch c cc
hng hc v phn cng, phn mm, d liu trong thi gian ngn nht.
Yu cu v cng ngh: Cc cng ngh tin tin cng nh cc kinh nghim trin khai ti Vit
nam v quc t cn c lu v p dng. H thng cn c kh nng h tr nhiu giao thc ti tt
c cc lp ca h thng, h tr a dng kh nng kt ni trong h thng cng nh kt ni vi cc h
thng khc; c kh nng vn hnh vi nhiu cng ngh nn tng (phn cng v phn mm h
thng) khc nhau. H thng c xy dng vi c ch a giao din kt ni, c tnh linh hot, kh
nng m rng cao. S dng cc thit b phn cng tin tin, c kh nng chu li cao, hot ng n
nh hoc phi c cu hnh c th d phng cho nhau. S dng cng c lp trnh tin tin
pht trin ng dng. S dng cc cng ngh mi nht v thanh ton di ng.
Tnh linh hot: H thng cn c pht trin trn nn tng ph bin, tin cy, m bo c th
m rng, b sung ti nguyn ca h thng ti lp h tng khi c nhu cu tng hiu nng ca h
thng m khng lm gin on, nh hng ti cc dch v ca h thng.
An ton bo mt: H thng cn c m bo an ton, an ninh vi mc cao, bao gm:
Phng, chng mi hnh thc thm nhp tri php h thng; Cc cng ngh an ninh, an ton h thng
cn c ng dng ti tt c cc mc c th; Chng li vic hy hoi hay s dng tri php d liu;
m bo ton vn d liu. C kh nng pht hin v x l gian ln; D liu cn c lu vt; Cc
cng ngh s dng trin khai h thng cn m bo l cc cng ngh c kim chng, m
bo tin cy; Cc d liu bo mt cn m ha hoc ng gi theo cc nh dng chun.
Yu cu giao din ngi dng: Thn thin vi ngi dng, d s dng. Cc chc nng phi
c th hin thng qua cc menu, vi cc thng tin din gii d hiu cho ngi dng.
Yu cu bo mt: Cung cp c ch bo mt hon thin t im n im (point-to-point) gia
thit b di ng ca khch hng vi h thng cung cp dch v thanh ton di ng.
24

Yu cu v kh nng tng thch: H thng phn mm phi tng thch vi nhiu loi thit b
di ng. Cc ng dng cn xy dng h tr cc c th ring ca thit b di ng trong vic
download, ci t, s dng ng dng,.. cho nhiu thit b u cui khc nhau.
Yu cu khc: H thng phi m bo tnh m c th pht trin thm cc knh khc mt
cch thun li nht trong cc phase tip theo. H tr cc c ch logs v kim sot cc giao dch. H
tr cc c ch xc thc v bo m t d liu bng phn cng v phn mm.
Yu cu cung cp dch v: H thng c kh nng cung cp cc dch v sau thng qua knh
giao dch khc: Dch v truy vn thng tin bao gm vn tin, Dch v thanh ton, Cc dch v khc.
3.2.2. Kin trc h thng
Kin trc thanh ton:

Hnh 3.3: Kin trc h thng MP xut cho Tit kim Bu in
Phng thc bo mt: S dng h tng bo mt sn c ca h thng, b sung thm thnh phn
qun l v cp mt khu s dng mt ln (OTP Server), S dng mt s phng thc m ha d
liu.
S h thng cung cp dch v:
25


Hnh 3.4: S h thng MP trn 3G xut cho Tit kim Bu in
3.2.3. M t mt s qu trnh thc hin thanh ton trong m hnh xut
ng k s dng dch v thanh ton di ng
Yu cu cp m OTP: c cp m OTP khch hng ch cn gi SMS theo nh dng quy
nh, c y cc thng tin gi n OTP Server qua h thng tng i nhn tin yu cu cp m
OTP. OTP Server s xc thc thng tin khch hng cung cp sinh m OTP v tr v cho khch
hng.
M t qu trnh thc hin giao dch thanh ton
1. Mi khi s dng dch v thanh ton di ng, khch hng u phi gi SMS yu cu cp m
OTP n OTP Server c cp m xc thc.
2. Khch hng s dng ng dng thanh ton di ng trn in thoi di ng, cung cp cc thng
tin cn thit thc hin giao thanh ton v gi n my ch cung dch v thanh ton x l.
3. My ch cung cp dch v thanh ton x l yu cu thanh ton ca khch hng v tr v kt qu
v cho khch hng. Trong mi trng hp h thng u phi tr kt qu v cho khch hng d
giao dch thc hin c thnh cng hay khng.
4. Xc nhn kt qu thanh ton, kt qu tr v c th hin th trn giao din ng dng hoc gi
thng qua SMS.
3.2.4. M phng h thng Mobile Payment thng qua giao dch in thoi
M phng giao dch: H thng thanh ton qua in thoi x l qua tn hiu m thanh nn
khng c giao din trc quan, cc thao tc cung cp s liu x l c nhp t bn phm ca
in thoi: M phng giao dch vn tin ti khon 1060004421050; M phng giao dch chuyn
tin t ti khon 23 sang ti khon 1060004421050
KT LUN
Cc kt qu t c ca lun vn
26

Vi ti Nghin cu, xy dng h thng Mobile Payment trn 3G lun vn t c mt
s kt qu sau y:
Nghin cu tng quan v Mobile Payment bao gm cc ni dung: khi nim, kin trc ca
h thng v cc m hnh trin khai Mobile Payment. Trong chng 1 ca lun vn kho st cc
yu cu k thut i vi h thng Mobile Payment gm cc yu cu v chc nng nghip v thanh
ton, cc yu cu v bo mt i vi ngi tr tin, i vi ngi th hng v i vi t chc pht
hnh. ng thi h thng cng cn m bo tnh ring t v n danh trong qu trnh thanh ton.
Trong lun vn a ra mt s gii php cng ngh Mobile Payment.
Nghin cu mt s vn v bo mt cho h thng Mobile payment trn 3G t h thng
my ch dch v, h tng mng truyn dn cho n thit b u cui ca khch hng. Trong lun
vn kho st tng i hon chnh cc vn v bo mt h thng 3G. Do , khi s dng 3G
lm h tng truyn dn cho dch v Mobile Payment s m bo an ton v bo mt thng tin cho
khch hng v nh cung cp dch v. Trn c s xy dng m hnh kin trc cho h thng Mobile
Payment, lun vn a ra ni dung cc yu cu bo mt cho ton b h thng. Lun vn cng
nghin cu mt s gii php bo mt cho h thng Mobile Payment nh bo mt giao dch thanh
ton s dng OTP, ch k in t, SSL, th thng minh v bo mt trong trng hp my ch
khng tin cy.
Trn c s cc ni dung nghin cu ca chng 1 v chng 2, trong chng 3 ca lun
vn xut xy dng h thng Mobile Payment trn 3G ph hp cho Cng ty Tit kim bu
in.
Tuy nhin, do h thng Mobile Payment l mt dch v phc tp, nhiu ni dung nghin cu ca
lun vn cn cha c cp mt cch su sc v ton din.
Hng pht trin tip theo
Trong thi gian ti, cn tip tc nghin cu lm r hn cc gii php bo m an ton v
bo mt cho h thng Mobile Payment. Trn c s pht trin cc h thng thc t.
Ngoi ra, cn tip tc pht trin cc h thng phn mm, cc dch v c th m bo tng
bc trin khai h thng Mobile Payment trn 3G xut cho Cng ty Dch v Tit kim bu
in vo thc t.