1. Introduction
Mobile commerce is concerned with conducting business transactions and providing services on portable, wireless devices over the Internet [
1]. Due to the exponential growth of the number of the Internet users and the maturation of wireless communication technologies, mobile commerce has rapidly attained the interest of the business vanguard [
2].
M-commerce benefits not only consumers, but also business. It is convenient for consumers to purchase goods and services by using their mobiles. M-commerce enables transactions to be conducted in a high-volume, low-cost per-item way. It is obvious that m-commerce has enormous potentials. However, the current micro-payment systems for m-commerce have the following three main problems.
A desirable protocol of micro-payment should support high-volume, low-cost per-item transactions from vendors [
3,
4,
5,
6,
7,
8,
9,
10]. Several micro-payment protocols have been proposed for electronic payment in m-commerce recently. The examples of such protocols include MPS (multiparty payment scheme) [
11], CMP (chaotic micro-payment protocol) [
12], NetPay [
13] and the recent ones for wearable devices and clouds [
14,
15,
16]. Many of the proposed protocols, however, suffer the problems of the dependence on online brokers and a lack of scalability and coin transferability. The interaction between a client and a server in a CORBA-based NetPay system, for example, is mediated by object request brokers (ORBs) on both sides. A problem of this technique is that each node of CORBA has to run ORBs from the same product. In reality, it is difficult for ORBs provided by different vendors to interoperate. In addition, the interoperability does not extend into higher-level services, such as security and transaction management. Furthermore, specific advantages of particular vendors would be lost in this situation. Because this protocol depends on a closely-administered environment, it is unlikely that two random computers can successfully make Distributed Component Object Model (DCOM) or Internet Inter-ORB Protocol (IIOP) calls [
17]. As a reasonable protocol for server-to-server communications, CORBA, however, has severe weaknesses in client-to-server communications, especially when client machines are scattered across the Internet.
Middleware interfaces: The recently-developed NetPay makes use of an off-line micro-payment model with a CORBA interface as a middleware that interconnects broker and vendor sites [
18]. This prototype is suitable for ecommerce applications. In mobile environments where clients (and possibly servers) keep moving, this requires, however, dealing with the changing network addresses and unreliable connections. As a result, this mobility requirement adds additional constraints to the system. Due to its tight coupling between clients and servers, it is obvious that CORBA is not well suited for this environment. In order to overcome this barrier, in this paper, we present an off-line micropayment model that uses web services rather than CORBA as the middleware. By using the Simple Object Access Protocol (SOAP Web service protocol), the mobility requirement is dealt with by proxies that route messages accordingly. Moreover, the sender of a message and the final recipient do not have to be aware of the proxies. Web services offer greater advantages over CORBA, particularly for developing mobile applications. They cater to a large number of users who use either browsers or mobile devices. Web services add in a new functionality of interoperability, which is independent of the development platforms and programming languages used. In particular, Web Services on the .NET framework are widely available in object-oriented and distributed systems. As such, small and enterprise applications enable connecting to each other over the Internet.
Evaluations: Rowley [
19] and Sumak et al. [
20] present comprehensive reviews on e-service evaluation frameworks. The evaluations on specific and particular types of e-services, e-shops and e-business include Barnes and Vidgen [
21], Behkamal et al. [
22], Parasuraman et al. [
23], Schubert et al. [
24], and Janda et al. [
25], In this work, we evaluate our system by using three types of evaluations, which include not only user perceptions, but also system performance.
One of the big challenges for micro-payment systems is that e-coins should be allowed to be spent at a wide range of vendors. Micro-payment systems should enable mobile users to leverage buy-once-spend (almost)-anywhere behaviour. In this work, we extend NetPay into M&E-NetPay. M&E-NetPay uses Web Service interfaces as a middleware for interconnecting the sites of brokers and vendors. Web Service interfaces make it simple to transfer e-coins among vendors. E-coins in M&E-NetPay are easily transferred between multiple vendors, so that M&E users can make multiple purchases. Another challenge in the design of micro-payment systems is the minimization of overheads on the servers of the sites of brokers and vendors. As a fully-distributed multi-tier system deployed over several servers, M&E-NetPay is able to achieve the minimal downtime and maximal competence. As reported in performance evaluations, the .NET framework architecture 4.0 [
26] with Web Services in M&E-NetPay improves client-to-server communications. This leads to greatly improving system performance. The architecture with Web Services provides fast, secure and inexpensive communications amongst mobile users and vendor systems. In addition, the M&E-NetPay architecture also supports servers running on different platforms and vendor applications developed by using different programming languages. This allows an M&E-NetPay-enabled vendor to act as a purchasing portal for existing non-M&E-NetPay supporting vendors. In particular, an M&E-NetPay-enabled vendor redirects page accesses to these vendors and manages the debit of user e-coins. As such, existing vendors are encouraged to temporally use M&E-NetPay micropayment services for dynamic registration.
In summary, we design and develop M&E-NetPay in a way that attempts to address the three above-mentioned problems.
The major contributions of this paper are as follows:
We present a novel micro-payment model of M&E-NetPay and its architecture.
A new way for the deployment model with a thin-client architecture and Web service interfaces is proposed, i.e., HTML and Wireless Markup Language (WML)-based interfaces for customers.
We have implemented the prototype of M&E NetPay including one broker and two vendor sites, which are based on the .NET framework using C# and Active Server Pages (ASP.NET). In particular, two vendor sites of ringtones and wallpaper are implemented.
The three types of evaluations have been performed on the M&E-NetPay prototype. We compare micro-payment with non-micro-payment in terms of usability, performance and heuristic assessment.
The rest of this paper is organized as follows.
Section 2 describes the architecture of M&E-NetPay. The protocol and interactions of M&E-NetPay are given in
Section 3.
Section 4 presents the implementation of the M&E-NetPay prototype.
Section 5 reports the evaluations on the system, followed by related work and comparisons in
Section 6. We conclude this paper in
Section 7.
2. M&E-NetPay Architecture
In this section, we outline the architecture of M&E-NetPay, including the hardware and software architectures.
2.1. M&E-NetPay Software Deployment Architecture
Taking into account the general requirements on performance, security, availability and serviceability, we designed the deployment architecture of M&E-NetPay as shown in
Figure 1.
As a thin client n-tier application, M&E-NetPay is deployed over three servers: web servers, application servers and database servers. Web servers deploy broker and vendor web/mobile applications. Application servers publish Web services of the broker and vendor. Database servers store required information.
M&E-NetPay is maintainable and serviceable in that any changes result in re-configuring of only part of the application. If the ringtone vendor wants to update its site, for example, then only the web/mobile application on its Web server is re-configured.
2.2. M&E-NetPay Software Architecture
The software architecture of the M&E NetPay micro-payment system is shown in
Figure 2. The architecture is designed for Microsoft.NET applications. It consists of the following components.
Browser: two types of users can access a broker site using their mobile phones or PCs with Internet access. By using a Wireless Markup Language (WML)-based Web browser in their mobile phones, mobile users run the Broker Mobile application with its interface for the small screen of a mobile phone. Internet users can access the Broker Web application through a popular web browser.
Web services: These host the presentation layer. It is much easier to connect remote sites by using web services.
The web service is only available to vendors for accessing certain information from the broker’s database. User queries are issued to broker data entities from the client end, and the results are retrieved by data layers. Mobile and Web applications invoke the same Web services hosted on the broker’s application server. The broker Web services pass information in an XML-based message to the business logic layer. In our applications, this means that data are retrieved from a database into an entity or entity collection and then updated data are written from an entity back to the database.
Application servers: These mainly accommodate Web services, the business logic layer and the data adapter layer. The business logic layer implements all business rules for the application. The business logic layer passes information to the data adapter layer, the broker database, and executes necessary queries. The data adapters exchange data between a data source and a dataset.
Database servers: These host relational databases, including the ringtone database, the broker database and the wallpaper database. The database in the broker server records account information and transaction histories of all registered users.
The e-wallet of a user resides on the broker’s database until she or he logs on to a vendor site using a given e-coin id [
18]. Upon login, her or his e-wallet is transferred to the visiting vendor. The broker helps the vendor to verify e-coins, when she or he purchases items from its site. The broker also allows the vendor to redeem e-coins spent on its site and to request touchstones. These functionalities are provided by the “BrokerVendor” Web service of the broker, as shown in
Figure 2.
Similarly, vendor sites also provide their interfaces to both mobile and Internet users. The vendor sites allow users to browse their websites and purchase items. When a user logs in to the ringtone site in our system, the ringtone vendor requests her or his e-wallet from the broker. This function is provided by the Web service of “BrokerVendor” of the broker. If the ringtone vendor finds that the e-wallet of this particular user resides on another vendor site, it then requests her or his e-wallet from the vendor that contains e-coin indexes and touchstones. Each vendor has a Web service called “OutsideVendor”, which allows other vendors to retrieve e-wallets of their own users. The e-wallet is then stored on the current vendor’s site. Once the user purchases an item, her or his e-wallet is debited.
4. Implementation of M&E-NetPay Prototype
In this section, we present the implementation of the M&E-NetPay prototype.
Our system has implemented one broker and two vendor sites. All applications are developed on the Microsoft.NET platform framework 4.0 [
26]. We choose Microsoft Visual Studio 2010 ASP.NET and the C# programming language for frontend implementations and Microsoft SQL Server 2005 for database storage. We use HTML with ASP controls for Web pages and the C# programming language for the back end of the application. The broker and vendors provide access to both mobile and Internet users published on the web servers’ IIS. Web service interfaces are implemented on the application servers’ IIS, which provides access to the Internet, as well as to remote sites. Vendors and the broker can choose programming languages and operating systems for implementing their systems. A vendor application implemented by the C# programming language on the Windows operating system, for example, can easily communicate with another implemented by the C++ programming language on the UNIX operating system.
To make it more effective and efficient, M&E-NetPay consists of three components: the presentation logic, which presents information to the M&E users; business components, which controls the relationship between inputs and determines business rules; and the data adapter layer, which connects to the database, executes relevant queries and returns the results back to the upper layers. The presentation and business components are communicated only via Web Services, no matter whether they are within a system or between the systems.
Web Services are used as the middleware for M&E-NetPay.
Figure 5 shows Web service references on the broker site referenced from the broker Web Service.
4.1. Broker
A broker manages customer and vendor accounts, e-coin creation, e-coin redemption, touchstone supply for e-coin verification and macro-payment handling for e-coin purchase and payment to vendors for spent e-coins [
13]. The broker database holds user and vendor information. The application server provides business functions. Web service interfaces are for application servers of the broker and vendor. WML interfaces, implemented by using Active Server Pages (ASP.NET) with the ASPX extension, are for mobile users, while HTML interfaces are for Internet users. The Web service interface allows vendors to request e-coin touchstone information, verify e-coins and redeem spent e-coins by other vendors.
Figure 6 shows the screenshots of a customer purchasing e-coins from a broker: (1) registering with the broker to create her or his account; (2) logging in by using the provided customer id and password; (3) authorizing macro-payment by the broker in order to buy e-coins; and (4) debiting the M&E user account for paying e-coins by the bank.
4.2. Customer
The WML/HTML interfaces of our system are provided for both mobile and Internet users, so that a wide range of customers is allowed to access broker and vendor sites by using a standard Web browser. The use of the thin client technology omits the need to install separate browser software on the client site. The customers use WML/HTML-based ASP.NET pages to browse broker and vendor sites. Being hosted on the server side, the e-wallet of a customer can be transferred from one vendor to another, as the customer makes purchases from those vendors. The e-wallet is held on the vendor server from which the customer is currently buying items.
4.3. Vendor
The site of a vendor displays ASP.NET pages for M&E users to browse. Search functions in sites of the ringtone and wallpaper are provided for users to search for ringtones or wallpapers. The search results are listed as a brief summary of the ringtone or wallpaper with its download cost, as shown in
Figure 7a. After downloading an item, the refreshed ASP.NET pages indicate that the amount of e-coins is left with the current vendor in the e-wallet of the user, as shown in
Figure 7b.
5. Evaluation
In this section, we compare M&E-NetPay to non-micro-payment systems. From different perspectives of end users, we evaluate the M&E-NetPay based micro-payment system by collecting and analysing customer views.
5.1. Experimental Design
Three types of evaluations on the M&E-NetPay micro-payment are carried out:
Performance evaluation [
30], which compares the performance of the M&E-NetPay prototype with that of the CORBA-based NetPay system in terms of response time. This evaluation aims to assess the potential scalability of the system under heavy loading conditions.
Usability evaluation, which assesses whether M&E-NetPay is useful as far as end users are concerned. Their opinions about our prototype are surveyed, after potential end users purchase items by using the micro-payment, M&E-NetPay and the alternative CORBA-based NetPay system, respectively.
Heuristic evaluation, which assesses the overall quality of the user interface. Potential design problems of the user interface of the M&E-NetPay prototype are identified by using a range of common HCI design heuristics.
Experiment prototypes and materials: The evaluations are conducted on two prototypes of M&E-NetPay and CORBA-based NetPay. M&E-NetPay is deployed over three servers:
Web server, which hosts the presentation layer
Application server, which hosts Web Services, business logic components and data adapter layer
Database server, which hosts the relational database
The CORBA-based NetPay system is deployed over three servers:
Web server, which hosts JSP pages as the presentation layer
CORBA application server, which hosts business logic components
Database server, which hosts the relational database
A number of PCs connected to the network is used by the participants. Both prototypes are deployed over multiple machines connected via a high speed LAN.
5.2. Performance Evaluation
We carry out experiments on measuring client response time with ten tests. This evaluation aims to compare how long it takes to download wallpapers in the two different payment systems.
Subject: Ten users are a mixture of non-IT specialists, graduate students and college students who volunteer to conduct the evaluation.
Experimental tasks: The users are required to download the same file from both M&E-NetPay and CORBA-based NetPay systems.
The response times of searching for wallpapers, buying e-coins and redeeming e-coins are recorded. They give an indication of the likely scalability of the prototype systems under heavy loading conditions.
Results: As reported in
Table 1 and illustrated in
Figure 8, we compare M&E-NetPay to CORBA-based NetPay against the response time of downloading wallpapers. The response time delay is the time for downloading a wallpaper. All ten users download the same wallpaper with the size of 38.4 KB.
The result of the
t-test on the data in the two columns of
Table 1 rejects the null hypothesis at the default 5% significance level. That is, the two response delay times of downloading the wallpaper from the two systems have a statistically-significant difference. The test parameters are given below: the
p-value: 0.0033; confidence interval for the difference in population means of the response time in M&E-NetPay and CORBA-based NetPay: −502.5709 and −117.8291; the test statistic: −3.3878; degrees of freedom (df): 18; and the estimate of the population standard deviation: 204.7455.
It is obvious that the above statistical test result is limited by the size of sample tests. Despite this, the average response delay time for downloading a wallpaper from CORBA-based NetPay is slightly higher than that from M&E-NetPay. On average, the clients take 1976 milliseconds from M&E-NetPay and 2286 milliseconds from CORBA-based NetPay to download the same wallpaper. The time difference is 310 milliseconds. Except for downloading time, we also compare the two systems against the response times of the respective operations of searching for wallpapers, buying and redeeming e-coins in
Table 2.
As listed in
Table 2, the searching for wallpapers in M&E-NetPay is 202 milliseconds faster than that in CORBA-based NetPay. Buying and redeeming e-coins also take less time in M&E-NetPay.
There may be other factors that affect the response time of the systems. However, the experiment results still indicate that M&E-NetPay may respond to user interactions faster than NetPay. This observation results from CORBA’s limitation in client-to-server communications. In contrast, .NET framework architecture 4.0 with Web Services in M&E-NetPay improves client-to-server communications. It provides relatively fast communications amongst the vendor and broker. In addition, M&E-NetPay, built on a stable, secure and simple architecture, is deployed over multiple servers to share the workload among them.
5.3. Usability Evaluation
We survey the satisfaction levels of the participant users, after they download and purchase items. Furthermore, we ask their preferences for the two systems in general: a CORBA-based NetPay system or M&E-NetPay. As we know, usability evaluation involves testing of the usability of an interface by having a group of individuals performing tasks specific to a system, under the general guidance from a facilitator. It is important to realize that it has multiple components with five attributes associated with an interface [
29,
31,
32]. Specifically, efficiency in our evaluation is measured in terms of how easily one can buy items and the speed of downloading them. Errors are regarded as any actions that prevent the successful occurrence of the expected results. Since some errors escalate the users’ transaction time, their effect is measured by the efficiency of use. Learnability and satisfaction are a subjective measure provided by each participant in the experiment. Interface memorability is rarely tested as thoroughly as other attributes. However, it is feasible, to some extent, to conduct comparisons and post-test questionnaires of both systems.
The experiments use pre-test and post-test questionaries. The questions of the pre-test questionnaire are about participants’ experience in using mobiles or PCs to download files from the Internet. The post-test questionnaire has the number of questions with scale ratings ranging from one to five, where one is “least favourable” and five “most favourable”. The post-test questionnaire also contains open questions for collecting user comments.
Subjects: Fourteen participants are randomly selected with a mixture of non-IT specialists, graduate students and college students. The participants are four non-IT adults, five non-IT graduate students, and the rest are college students. It should be noted that although it is tempting to recruit more participants, it is the general practice to have around 15 participants for usability testing [
32].
Experimental tasks: Participants are required to complete the following tasks on M&E-NetPay and CORBA-based NetPay systems, respectively:
Create an account with the broker;
Search for a wallpaper on the wallpaper vendor site;
Download the wallpaper from the wallpaper vendor site;
Download a ringtone from the ringtone vendor;
Buy e-coins from the broker; and
Redeem e-coins with the broker.
Procedure: Before starting the test, participants need to fill out a pre-test questionnaire. Participants are required to carry out all of the tasks listed in a given sheet for the two systems. After finishing the tasks, they then fill out the post-test questionnaire to answer the questions by ticking one level of the rating. One of the questions asks the participants to rank the overall performance of the systems in order of their preference.
Results: From the answers to pre-test questions, we know that all of that participants have used mobiles or PCs to download files from the web weekly or monthly for free. Only two of them use the online credit-card payment systems to purchase goods online. Fortunately, all participants have had such experiences before. This implies that participants’ prior knowledge has the least effect on the experiment results.
We survey the participants’ satisfaction with buying e-coins, downloading wallpapers and their preference for the two systems. We analyse the post-test questionnaire outcomes and plot the results in
Figure 9.
Figure 9 shows that the participants significantly favour all of the usability features of M&E-NetPay. With the user friendly interface, M&E-Pay is easy to learn, providing clear instructions on how to accomplish tasks. M&E-NetPay also receives high ratings on its efficiency. The participants comment that the speeds of downloading files (i.e., wallpaper and ringtone) are quite fast with M&E-NetPay in that with a few clicks, they are able to download the file. They also comment that appropriate pop-up error messages prevent them from going off of the right track. The overall average ratings of M&E-NetPay and CORBA-based NetPay are 4.5 and 3.8, respectively. They indicate that the participants prefer M&E-NetPay to CORBA-based NetPay. This fact results from employing new and emerging distributed middleware technique (i.e., Web Services) in M&E-NetPay.
For the open question, some participants write that since M&E-NetPay is available via both mobiles and the web, they will be able to access the system from anywhere at any time with barely any downtime. Twelve participants favour M&E-NetPay.
5.4. Heuristic Evaluation
As the most widely-used inspection method, the heuristic evaluation technique is about identifying usability issues in a user interface by a small number of evaluators (usually one to five) who examine the interface and judge its compliance with usability principles (heuristics) [
33,
34,
35]. While heuristic reviews are inexpensive and less time consuming, good ideas for improving a user interface may be produced.
Subjects: The evaluators include two IT specialists, one accountant and two graduates. They are experts in either software engineering or applied software fields.
Experimental tasks and procedure: the evaluators are requested to judge the compliance of the M&E-NetPay interface with usability principles (“the heuristic”). Each individual evaluator examines the interface independently. To aid the evaluators in discovering usability problems, a list of heuristics, as shown in
Table 3 [
35], is provided, which could facilitate the generation of ideas on how to improve the system.
With a system checklist provided as a guide, the evaluators are required to first identify the heuristic problems of the interface and then to determine the levels of their seriousness by using the severity ratings as defined in
Table 4 [
35,
36]. The evaluators are also requested to provide recommendations based on their assigned severity ratings.
Results: The five evaluators evaluate M&E-NetPay by relying on the ten heuristics. The results of the heuristic evaluation are given in
Table 5.
A rating has four levels of severity. The levels of one and two are regarded as minor, which is easily fixed. The levels of three and four should be given high priorities, which have to be fixed. After the evaluation, three major problems have been identified, with each having a severity rating of three. The identified problems, together with their fixing recommendations, are listed in
Table 6. We have implemented all recommendations listed in the table.
We have described three kinds of evaluations on the M&E-NetPay prototype to assess performance impact, usability and heuristic evaluations. Usability and performance evaluation have been done on two prototypes of CORBA-based NetPay and M&E-NetPay. Even though heuristic evaluation identifies a few errors, M&E-NetPay is successfully implemented in general. The overall result of the evaluations demonstrates that most participants prefer M&E-NetPay. Participants and evaluators are satisfied very much with M&E-NetPay, recommending the system for wide use.
6. Related Work and Comparisons
In this section, we review related work and compare relevant systems to our system.
As a micro-payment for an ad hoc network, MPS [
11] enables a node to join an existing ad hoc network and allows it to pay each node that relays packets on its behalf in real time. Being a lightweight payment scheme based on hash chains, MPS is flexible in route changes without involving a third party (a bank or a broker), in order to pay the nodes in a new path. MPS supports multiple brokers. Off-line verification makes the protocol more efficient and scalable.
Using a micro-payment protocol, CMP [
12] is built on symmetry encryption techniques and chaotic double hash chains. The protocol constructs two PayWord chains: one for the merchant and another for users by using the iteration process of the Henon-like chaotic system. The chaotic hash function generates a payment chain. The use of the symmetric algorithm that encrypts transaction information improves the security and efficiency of CMP. CMP is an off-line system with three stakeholders, users, vendors and a broker.
As an off-line micro-payment system, NetPay [
13] is a new micro-payment model in e-commerce. It uses CORBA interfaces to support communication between broker and vendor applications. NetPay improves its performance and security by using fast hashing functions. This prototype is quite suitable for e-commerce applications. In a mobile environment where a client (and possibly the server) keeps moving, which results in changing network addresses and unreliable connections, CORBA, however, is not well suited for this scenario. This is because of CORBA’s tight coupling between clients and servers.
We compare our M&E-NetPay protocol to other micro-payment protocols. We have analysed the results from the three types of evaluations of M&E-NetPay prototypes to demonstrate their usability, performance and overall satisfaction of the requirements.
It is generally agreed that the key requirements for a mobile micro-payment system are as follows [
3,
8,
11,
12,
13,
29,
30,
37,
38,
39]:
Security: The e-coins must be well encrypted to prevent peers from double spending and fraud.
Anonymity: Peer users and peer vendors should not reveal their identities to each other or to any other third party.
Ease of use: This is the ability of M&E users who are able to use the system easily without familiarizing themselves with the M&E user interfaces or being involved in any type of authentication at all times.
Scalability: The load of communication and transaction of any entity must not grow to an unmanageable size. The load should be distributed among the vendors rather than the broker. Payment systems should be able to cater to the rapidly growing number of users without showing a negative impact on the performance.
Transferability: The e-coins used for payments should be transferable between multiple vendors. This allows the users to use the same e-coins to make payments across multiple vendors.
Interoperability: This is the ability of a system that operates in conjunction with other supporting protocols, hardware, software, applications and data layers. Interoperability minimizes the complexity of software development by reusing components and performing inter-component communication. Interoperable systems are language and platform independent.
In the following, we compare M&E-NetPay to several well-known micro-payment systems and also to some more recent micro-payment systems in M&E networks. The comparison criteria are the set of the key requirements: the need for an easy-to-use micro-payment system; the need for secure electronic coins and no double spending; ensuring anonymity for customers; supporting transferable e-coins between vendors; a robust, low performance impact, off-line micro-payment-supported, scalable architecture for a very large number of end users; and the ability of the system to be language and platform independent.
Table 7 summarises the comparisons of the M&E-NetPay protocol with other systems.
The above comparisons show that the M&E-NetPay system has advantages over other micro-payment systems.
The security of M&E-NetPay is achieved by using existing security technologies. First, it uses a thin client n-tier architecture. With this deployment architecture, users logging on broker or vendor systems can access only Web servers. From there, transaction information is transferred through a secure channel in an XML message, which cannot be intercepted by a third party. Moreover, Web services on application servers are only available upon the request of mobile/web applications on Web servers. The vendors and broker in M&E-NetPay rely on Web service interfaces of the other party to exchange M&E user information. It is impossible for third parties to log directly or indirectly on to application servers. In addition, application servers are inaccessible from outside the network.
Second, M&E-NetPay relies on the security of Web services. As we know, Web services’ security includes three aspects: authentication, which verifies that M&E users and vendors are who they claim to be; confidentiality and privacy, which keep information secret by encrypting the content of a message and obfuscating the sending and receiving parties’ identities; and integrity and non-repudiation, which make sure that a message remains unaltered during transit by having the sender digitally sign the message. A digital signature is used to validate the signature and provides non-repudiation.
Finally, M&E-NetPay uses one-way hash functions to generate paywords and prevents M&E users and vendors from over spending and forging paywords from a payword chain. It employs 128-bit encryption of the messages. Since only the broker knows the mapping between the pseudonyms (IDc) and the true identity of an M&E user, M&E user privacy is protected.
In a word, M&E-NetPay has high security features. As an off-line fully-distributed system, the M&E-NetPay is mostly suitable for micro-payments over the WWW. In terms of transferability, e-coins are able to be transferred freely between vendors for multiple purchases. CMP is primarily designed for low value mobile commerce items. The protocol has greater security and faster operation efficiency, but CMP does not support multiple platforms and languages. MPS’s design supports multiple brokers. Off-line verification has made the protocol more efficient and scalable. The system, however, still cannot avoid a limited amount of fraud. There may be a wastage of the broker endorsement, which is distributed to the previous path, if the topology of the ad hoc network changes.
M&E-NetPay has greater scalability and performance features, as it supports the rapidly growing number of M&E users. NetPay uses CORBA middleware interfaces to support several programming languages (e.g., Java® and C++®) and platforms (e.g., Windows®, Linux®). Vendor systems have to be “hard-coded” with CORBA by communicating with the NetPay broker to exchange messages. In comparison with M&E-NetPay, NetPay has a lesser ability due to the tight coupling between clients and servers as a result of its use of CORBA. M&E-NetPay is the solution to the above problem, as it can support any languages and platforms. Hence, it has a very high rating of interoperability.