{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,26]],"date-time":"2025-10-26T14:55:38Z","timestamp":1761490538083,"version":"build-2065373602"},"reference-count":40,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2018,3,25]],"date-time":"2018-03-25T00:00:00Z","timestamp":1521936000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Science and Technology Taiwan","award":["105-2221-E-011-080-MY3","106-3114-E-011-003","106-2218-E-011-003"],"award-info":[{"award-number":["105-2221-E-011-080-MY3","106-3114-E-011-003","106-2218-E-011-003"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The development of information technology has paved the way for faster and more convenient payment process flows and new methodology for the design and implementation of next generation payment systems. The growth of smartphone usage nowadays has fostered a new and popular mobile payment environment. Most of the current generation smartphones support Bluetooth Low Energy (BLE) technology to communicate with nearby BLE-enabled devices. It is plausible to construct an Over-the-Air BLE-based mobile payment system as one of the payment methods for people living in modern societies. In this paper, a secure indoor positioning-based mobile payment authentication protocol with BLE technology and the corresponding mobile payment system design are proposed. The proposed protocol consists of three phases: initialization phase, session key construction phase, and authentication phase. When a customer moves toward the POS counter area, the proposed mobile payment system will automatically detect the position of the customer to confirm whether the customer is ready for the checkout process. Once the system has identified the customer is standing within the payment-enabled area, the payment system will invoke authentication process between POS and the customer\u2019s smartphone through BLE communication channel to generate a secure session key and establish an authenticated communication session to perform the payment transaction accordingly. A prototype is implemented to assess the performance of the proposed design for mobile payment system. In addition, security analysis is conducted to evaluate the security strength of the proposed protocol.<\/jats:p>","DOI":"10.3390\/s18040974","type":"journal-article","created":{"date-parts":[[2018,3,26]],"date-time":"2018-03-26T03:43:29Z","timestamp":1522035809000},"page":"974","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["An Indoor Positioning-Based Mobile Payment System Using Bluetooth Low Energy Technology"],"prefix":"10.3390","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3816-1577","authenticated-orcid":false,"given":"Alexander","family":"Yohan","sequence":"first","affiliation":[{"name":"Department of Information Management, National Taiwan University of Science and Technology, Taipei 10607, Taiwan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4622-4977","authenticated-orcid":false,"given":"Nai-Wei","family":"Lo","sequence":"additional","affiliation":[{"name":"Department of Information Management, National Taiwan University of Science and Technology, Taipei 10607, Taiwan"}]},{"given":"Doni","family":"Winata","sequence":"additional","affiliation":[{"name":"Department of Information Management, National Taiwan University of Science and Technology, Taipei 10607, Taiwan"}]}],"member":"1968","published-online":{"date-parts":[[2018,3,25]]},"reference":[{"key":"ref_1","unstructured":"European Central Bank (2016). Payments Statistics for 2015, European Central Bank."},{"key":"ref_2","unstructured":"Apple Inc. (2017, October 21). Apple Pay\u2014Apple. Available online: https:\/\/www.apple.com\/apple-pay\/."},{"key":"ref_3","unstructured":"Google Inc. (2017, October 21). Android\u2014Android Pay. Available online: https:\/\/www.android.com\/pay\/."},{"key":"ref_4","unstructured":"Samsung Electronics Co. Ltd. (2017, October 21). Samsung Pay: Mobile Wallet Payment App on Your Phone | Samsung US. Available online: https:\/\/www.samsung.com\/us\/samsung-pay\/."},{"key":"ref_5","unstructured":"Apple Inc. (2017). iOS Security iOS 10, Apple Inc."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1016\/j.eswa.2016.04.015","article-title":"Mobile technology acceptance model: An investigation using mobile users to explore smartphone credit card","volume":"59","author":"Ooi","year":"2016","journal-title":"Expert Syst. Appl."},{"key":"ref_7","unstructured":"Bluetooth SIG (2014). Specification of the Bluetooth System: Core Package Version 4.2, Bluetooth SIG."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Yohan, A., Lo, N., Randy, V., Chen, S., and Hsu, M. (2016, January 4\u20136). A Novel Authentication Protocol for Micropayment with Wearable Devices. Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, DaNang, Vietnam.","DOI":"10.1145\/2857546.2857565"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Smowton, C., Lorch, J.R., Molnar, D., Saroiu, S., and Wolman, A. (2014, January 13\u201317). Zero-Effort Payments. Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing\u2014UbiComp\u201914 Adjunct, Seattle, WA, USA.","DOI":"10.1145\/2632048.2632067"},{"key":"ref_10","unstructured":"Apple Inc. (2017, October 26). iBeacon\u2014Apple Developer. Available online: https:\/\/developer.apple.com\/ibeacon\/."},{"key":"ref_11","unstructured":"Estimote Inc. (2017, October 26). Estimote, Inc.\u2014Indoor Location with Bluetooth Beacons and Mesh. Available online: https:\/\/estimote.com\/."},{"key":"ref_12","first-page":"192","article-title":"J-PAKE: Authenticated Key Exchange without PKI","volume":"Volume 6480","author":"Hao","year":"2010","journal-title":"Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Abdalla, M., Benhamouda, F., and MacKenzie, P. (2015, January 17\u201321). Security of the J-PAKE Password-Authenticated Key Exchange Protocol. Proceedings of the 2015 IEEE Symposium on Security and Privacy, San Jose, CA, USA.","DOI":"10.1109\/SP.2015.41"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Zhuang, Y., Yang, J., Li, Y., Qi, L., and El-Sheimy, N. (2016). Smartphone-based indoor localization with bluetooth low energy beacons. Sensors, 16.","DOI":"10.3390\/s16050596"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1109\/MWC.2014.7000963","article-title":"Bluetooth: A viable solution for IoT? [Industry Perspectives]","volume":"21","author":"Chang","year":"2014","journal-title":"IEEE Wirel. Commun."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1492","DOI":"10.4236\/cs.2016.78131","article-title":"Direction Detecting System of Indoor Smartphone Users Using BLE in IoT","volume":"7","author":"Kothandaraman","year":"2016","journal-title":"Circuits Syst."},{"key":"ref_17","first-page":"2362","article-title":"Feasibility and efficacy of BLE Beacon IoT devices in inventory management at the shop floor","volume":"6","author":"Ramakrishnan","year":"2016","journal-title":"Int. J. Electr. Comput. Eng."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Zhu, J., Zeng, K., Kim, K.H., and Mohapatra, P. (2012, January 18\u201321). Improving Crowd-Sourced Wi-Fi Localization Systems Using Bluetooth Beacons. Proceedings of the Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, Seoul, South Korea.","DOI":"10.1109\/SECON.2012.6275790"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1016\/j.eswa.2017.01.052","article-title":"A novel Bluetooth low energy based system for spatial exploration in smart cities","volume":"77","author":"Boukhechba","year":"2017","journal-title":"Expert Syst. Appl."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Kanaris, L., Kokkinis, A., Liotta, A., and Stavrou, S. (2017). Fusing bluetooth beacon data with Wi-Fi radiomaps for improved indoor localization. Sensors, 17.","DOI":"10.3390\/s17040812"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Lodeiro-Santiago, M., Caballero-Gil, P., Caballero-Gil, C., and Priano, F.H. (2017, January 7\u201310). Improving Tourist Experience Through an IoT Application Based on FatBeacons. Proceedings of the International Conference on Ubiquitous Computing and Ambient Intelligence, Philadelphia, PA, USA.","DOI":"10.1007\/978-3-319-67585-5_16"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Werner, M. (2014). Indoor Location-Based Services, Springer International Publishing.","DOI":"10.1007\/978-3-319-10699-1"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"18","DOI":"10.3846\/1392-1541.2009.35.18-22","article-title":"Overview of current indoor positioning systems","volume":"35","author":"Mautz","year":"2009","journal-title":"Geod. Cartogr."},{"key":"ref_24","unstructured":"Cook, B., Buckberry, G., Scowcroft, I., Mitchell, J., and Allen, T. (2005). Indoor Location Using Trilateration Characteristics. Proceedings London Communications Symposium, Communications Engineering Doctorate Centre."},{"key":"ref_25","unstructured":"Dahlgren, E., and Mahmood, H. (2014). Evaluation of Indoor Positioning Based on Bluetooth Smart Technology. [Master\u2019s Thesis, Chalmers University of Technology]."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"248","DOI":"10.1007\/978-3-642-21975-7_22","article-title":"A New Three Object Triangulation Algorithm Based on the Power Center of Three Circles","volume":"Volume 161","author":"Pierlot","year":"2011","journal-title":"Communications in Computer and Information Science"},{"key":"ref_27","unstructured":"Kleinberg, J., Slivkins, A., and Wexler, T. (2004, January 17\u201319). Triangulation and Embedding Using Small Sets of Beacons. Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science, Rome, Italy."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"2418","DOI":"10.1109\/JSAC.2015.2430281","article-title":"Location Fingerprinting With Bluetooth Low Energy Beacons","volume":"33","author":"Faragher","year":"2015","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1016\/j.comnet.2016.02.011","article-title":"Taking advantage of jamming in wireless networks: A survey","volume":"99","year":"2016","journal-title":"Comput. Netw."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Berger, D.S., Gringoli, F., Facchi, N., Martinovic, I., and Schmitt, J. (2014, January 23\u201325). Gaining Insight on Friendly Jamming in a Real-World IEEE 802.11 Network. Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless & Mobile Networks\u2014WiSec\u201914, Oxford, UK.","DOI":"10.1145\/2627393.2627403"},{"key":"ref_31","unstructured":"Federal Communications Commission USA GPS, Wi-Fi, and Cell Phone Jammers Frequently Asked Questions (FAQs). Available online: https:\/\/transition.fcc.gov\/eb\/jammerenforcement\/jamfaq.pdf."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Zolfaghar, K., and Mohammadi, S. (2009, January 15\u201317). Securing Bluetooth-Based Payment System Using Honeypot. Proceedings of the 2009 International Conference on Innovations in Information Technology (IIT), Al Ain, United Arab Emirates.","DOI":"10.1109\/IIT.2009.5413764"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"1519","DOI":"10.1007\/s11277-013-1596-8","article-title":"An Empirical Examination of Initial Trust in Mobile Payment","volume":"77","author":"Zhou","year":"2014","journal-title":"Wirel. Pers. Commun."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1007\/s11277-015-2738-y","article-title":"P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date","volume":"85","author":"Ruiz","year":"2015","journal-title":"Wirel. Pers. Commun."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"705","DOI":"10.1016\/j.procs.2016.04.156","article-title":"A Lightweight Security Protocol for NFC-based Mobile Payments","volume":"83","author":"Badra","year":"2016","journal-title":"Procedia Comput. Sci."},{"key":"ref_36","unstructured":"Apple Inc. (2015). Getting Started with Apple Pay, Apple Inc."},{"key":"ref_37","unstructured":"EMVCo LLC (2014). EMV \u00ae* Payment Tokenisation Specification Technical Framework, EMVCo."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"612","DOI":"10.1145\/359168.359176","article-title":"How to Share a Secret","volume":"22","author":"Shamir","year":"1979","journal-title":"Commun. ACM"},{"key":"ref_39","unstructured":"(2018, March 13). Texas Instruments BLE Sniffer Guide\u2014Texas Instruments Wiki. Available online: http:\/\/processors.wiki.ti.com\/index.php\/BLE_sniffer_guide."},{"key":"ref_40","unstructured":"Bluetooth SIG (2016). Bluetooth Core Specification v5.0, Bluetooth SIG."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/4\/974\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T14:58:27Z","timestamp":1760194707000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/4\/974"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,25]]},"references-count":40,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2018,4]]}},"alternative-id":["s18040974"],"URL":"https:\/\/doi.org\/10.3390\/s18040974","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2018,3,25]]}}}