Teburin Abubuwan Ciki
1. Gabatarwa & Bayyani
Wannan takarda, "Shirin Aikace-aikacen Biyan Kuɗi na NFC," tana magance manyan cikas ga yaduwar fasahar Sadarwar Kusa da Filaye (NFC) don biyan kuɗi na wayar hannu. Duk da cewa NFC tana alkawarin ma'amaloli masu sauƙi ba tare da taɓawa ba, ci gabanta ya sami cikas saboda rikitattun halayen tsarin halittu, matsalolin tsaro game da Kayan Aiki mai Tsaro (SE), da kuma rigingimu kan mallaka da gudanarwa. Marubutan sun ba da shiri na sabon salo wanda ke canza tsarin: "Jakar Girgije na NFC." Wannan tsarin yana mai da hankali kan gudanar da aikace-aikacen biyan kuɗi a cikin yanayin girgije da Kamfanin Hanyar Sadarwar Wayar Hannu (MNO) ke sarrafa shi, kuma yana amfani da ingantaccen tsarin tsaro da ya riga ya wanzu na hanyoyin sadarwar GSM don tabbatarwa. Babban jigon shi ne cewa ta hanyar sauƙaƙa tsarin gine-ginen tsarin halittu da sake amfani da ingantaccen tsaron wayar tarho, biyan kuɗi na NFC zai iya zama mafi aminci, mai rahusa, kuma mafi sauƙin turawa.
2. Nazari na Cibiyar: Tsarin Matakai Hudu
2.1 Fahimtar Cibiya
Babban ci gaban takardar ba sabon algorithm na sirri ba ne, amma wani wayo na gine-gine. Ta gano daidai cewa tsayawar biyan kuɗi na NFC ba ta farko matsalar tsaro ta fasaha ba ce, amma matsalar mulkin tsarin halittu ce. Bankuna, MNOs, da masu kera na'urori sun kasance cikin "yaƙin sanyi na Kayan Aiki mai Tsaro," kowannensu yana neman iko. Pourghomi da sauransu sun yanke wannan ta hanyar ba da shawarar girgije da MNO ke sarrafa a matsayin cibiyar umarni mai tsaka-tsaki, kuma, da wayo, suna amfani da hanyar sadarwar GSM ba kawai a matsayin bututun bayanai ba, amma a matsayin tushen tabbatarwa na farko. Wannan yana mai da abin da MNO ke da alhakin sa (tsaron hanyar sadarwa) ya zama babban kadarsa ga sabon sabis.
2.2 Kwararar Hankali
Hankalin tsarin yana da da'ira mai kyau: 1) Matsala: Rarrabuwar gudanar da SE yana hana NFC. 2) Magani: Mai da hankali kan gudanarwa a cikin girgije na MNO. 3) Dalili: MNOs sun riga suna da ingantaccen tsarin (GSM Auth) da alaƙar abokan ciniki. 4) Hanyar Aiki: Yi amfani da katin SIM (UICC) a matsayin SE na gida, ana tabbatar da shi daga nesa ta hanyar ƙa'idodin GSM. 5) Sakamako: Kwararar ma'amala mai sauƙi, mai tsaro daga wayar zuwa POS zuwa girgije kuma a koma. Kwararar tana ba da fifiko ga sauƙin aiki kuma tana amfani da kuɗaɗen da aka kashe a cikin tsarin wayar tarho, wani wayo mai wayo don turawa cikin sauri.
2.3 Ƙarfafawa & Kurakurai
Ƙarfafawa:
- Gine-gine mai Aiki: Amfani da tabbatarwar GSM (algorithms A3/A8) wani babban nasara ne. Yana amfani da tsarin da aka gwada da yaƙi, wanda aka turawa a duniya, yana guje wa buƙatar sake ƙirƙira ƙafar don tabbatar da na'ura.
- Sauƙaƙe Tsarin Halittu:
- Ingantaccen Matsayin Tsaro: Matsar da ayyuka masu mahimmanci zuwa yanayin girgije mai tsaro na iya zama mafi ƙarfi fiye da dogaro kawai akan kayan aikin wayar, wanda ke da saukin kamuwa ta zahiri.
Kurakurai & Rashin Fahimta Mai Muhimmanci:
- Matsalar Guda Daya: Girgije mai mai da hankali kan MNO ya zama babbar hari. Wani katsalandan a nan bala'i ne, haɗarin da ba a ƙididdige shi gaba ɗaya ba akan tsarin rarrabawa.
- Tsarin Mulki & Cikas na Amincewa: Takardar ta yi watsi da ko masu amfani da masu kula da harkokin kuɗi za su amince da MNO da takaddun shaida na biyan kuɗi fiye da banki. Tasirin sirrin MNOs suna da cikakkiyar ganin ma'amala yana da zurfi.
- Tsaron GSM Yana Tsufa: Duk da cewa tabbatarwar GSM ta yaɗu, an san tana da raunuka (misali, rauni a cikin ciphers A5/1 & A5/2). Gina sabon tsarin biyan kuɗi akan tsaron 2G na gado yana jin kamar gina katafaren gini akan tsohon gindi. Ya kamata takardar ta magance hanyoyin ƙaura zuwa tabbatarwar 3G/4G/5G (AKA).
- Haɗarin Kulle Mai Sayarwa: Wannan tsarin zai iya ƙarfafa ikon MNO, wanda zai iya hana ƙirƙira kuma ya haifar da tsadar kuɗi ga sauran ƴan wasan tsarin halittu.
2.4 Hanyoyin Aiki masu Amfani
Ga masu ruwa da tsaki a masana'antu:
- Ga MNOs: Wannan shi ne littafin wasan ku. Ƙarfafa tsaron hanyar sadarwa (saka hannun jari a cikin shirye-shiryen sirrin bayan-quantum) kuma fara gina tsarin mulki da haɗin gwiwa yanzu. Sanya kanku a matsayin masu ba da dandamali masu tsaro, ba kawai masu mallakar bututu ba.
- Ga Bankuna & Cibiyoyin Kuɗi: Shiga ciki, kada ku ƙi. Yi shawarwari don tsarin sarrafawa na gauraye inda girgije ke sarrafa dabaru, amma maɓallan sirri ko amincewar ma'amala ya kasance ƙarƙashin ikon masu kula da harkokin kuɗi. Haɓaka takamaiman SLAs tare da MNOs.
- Ga Ƙungiyoyin Ma'auni (GSMA, NFC Forum): Yi amfani da wannan tsarin a matsayin mai haɓaka don ƙirƙira ƙa'idodi don gudanar da SE na tushen girgije da kuma ayyana ƙa'idodin tabbatarwa masu aiki tare waɗanda ke haɗa GSM da sabbin hanyoyin sadarwar wayar hannu.
- Ga Masu Binciken Tsaro: Fuskar harin ta canza. Mayar da hankalin bincike akan ƙididdigar amintattun ɓangarori da yawa don jakunkunan girgije da kuma samfuran barazana ga cibiyoyin bayanai na MNO waɗanda ke sarrafa bayanan kuɗi.
3. Zurfin Fasaha
3.1 Tsarin Halittu na NFC & Kayan Aiki mai Tsaro (SE)
Tsarin halittu na NFC gidan yanar gizo ne mai rikitarwa wanda ya haɗa da masu kera na'urori, MNOs, hanyoyin sadarwar biyan kuɗi, bankuna, da ƴan kasuwa. Kayan Aiki mai Tsaro—guntun ƙwayar da ba za a iya lalata shi ba—shine zuciyar tsaro, yana adana takaddun shaida da aiwatar da ma'amaloli. Takardar ta nuna rikici akan mallakarsa (na ciki, na tushen SIM, ko microSD). Tsarin da aka ba da shawara yana ba da shawarar SIM (UICC) a matsayin SE, ana sarrafa shi daga nesa ta hanyar girgije.
3.2 Tsarin Jakar Girgije na NFC
Wannan tsarin yana fitar da gudanarwa da adana aikace-aikacen biyan kuɗi daga SE na zahiri zuwa babban uwar garken girgije mai tsaro wanda MNO ke sarrafa. SE na wayar (SIM) yana aiki a matsayin hanyar haɗi mai tsaro da kuma ma'ajiyar gida. Wannan yana ba da damar samarwa daga nesa, sabuntawa, da share katunan biyan kuɗi ba tare da rikitattun ƙa'idodin sama da iska (OTA) kai tsaye zuwa SE ba.
3.3 Haɗakar Tabbatarwar GSM
Wannan shine ginshiƙin sirri. Tsarin yana sake amfani da ƙa'idar Tabbatarwa da Yarjejeniya Maɓalli ta GSM (AKA). Lokacin da aka fara ma'amala, girgije na MNO yana aiki kamar Rajistar Wuri na Gida (HLR). Yana haifar da ƙalubale RAND da amsa da ake tsammani (SRES) ta amfani da maɓalli na sirri da aka raba Ki da aka adana a cikin girgije da SIM.
Cikakkun Bayanai na Fasaha & Tsari:
Tabbatarwar GSM ta cibiya ta dogara ne akan algorithm A3 (don tabbatarwa) da algorithm A8 (don samar da maɓalli).
SRES = A3(Ki, RAND)
Kc = A8(Ki, RAND)
Inda:
- Ki shine maɓallin tabbatarwa na 128-bit na mai biyan kuɗi (sirrin raba).
- RAND lamba ce ta bazuwar 128-bit (ƙalubale).
- SRES shine Amsa mai Sa hannu na 32-bit.
- Kc shine maɓallin ɓoyayyen zaman 64-bit.
A cikin ƙa'idar da aka ba da shawara, tashar POS ko wayar tana aika RAND zuwa SIM, wanda ke ƙididdige SRES' kuma ya mayar da shi. Girgije yana tabbatar da ko SRES' ya dace da SRES da aka ƙididdige. Daidaitawa yana tabbatar da na'ura/SIM.
3.4 Shirin Yarjejeniyar Ma'amala
Takardar ta zayyana ƙa'idar matakai da yawa:
1. Fara: Abokin ciniki ya taɓa wayar akan tashar POS.
2. Buƙatar Tabbatarwa: POS tana aika buƙatar ma'amala zuwa Girgije na MNO.
3. Ƙalubalen GSM: Girgije yana haifar da RAND kuma yana aika shi zuwa wayar ta hanyar POS ko kai tsaye.
4. Ƙididdiga na Gida: SIM na wayar yana ƙididdige SRES' ta amfani da Kinsa.
5. Amsa & Tabbatarwa: Ana aika SRES' zuwa Girgije, wanda ke tabbatar da shi.
6. Izini na Ma'amala: Bayan tabbatarwa nasara, Girgije yana aiwatar da biyan kuɗi tare da banki/mai sarrafa.
7. Kammalawa: Ana aika sakamakon izini zuwa POS don kammala ma'amala.
4. Nazarin Tsaro & Sakamako
Takardar ta yi iƙirarin cewa tsarin yana ba da ingantaccen tsaro bisa ga:
- Tabbatarwa na Juna: SIM tana tabbatar da ainihin ta ga girgije, kuma a ɓoye, ƙalubalen girgije yana tabbatar da halaccinsa.
- Sirrin Bayanai: Maɓallin zaman da aka samo Kc zai iya amfani da shi don ɓoye bayanan ma'amala tsakanin wayar da girgije.
- Ingancin Bayanai: Tsaron GSM yana ba da hanyoyin rigakafin hare-haren maimaitawa (ta hanyar RAND).
Duk da haka, binciken na ka'ida ne. Ba a ba da sakamako na zahiri, simintin gwaji, ko bayanan gwajin shiga ba. Babu bayanin ma'auni na aiki (jinkirin da tabbatarwar girgije ya ƙara), gwaje-gwajen ƙarawa, ko nazarin kwatancen da wasu tsare-tsare (misali, HCE - Kwaikwayon Katin Mai Masaukin). Da'awar tsaro ta dogara gaba ɗaya akan ƙarfin sirrin GSM da aka ɗauka, wanda, kamar yadda aka lura, yana da sanannun raunuka a cikin aiwatar da shi.
5. Tsarin Nazari: Nazarin Lamari ba na Lamba ba
Yi la'akari da aikin gwaji don biyan kuɗin sufuri a cikin babban birni:
Yanayi: Hukumar Sufurin Birni ta yi haɗin gwiwa tare da babban MNO.
Aiwatar da Tsarin:
1. Masu tafiya tare da katin SIM na MNO za su iya saukar da aikace-aikacen "Jakar Girgije na Sufuri."
2] Aikace-aikacen yana haɗawa zuwa asusun su, wanda ake sarrafa shi a cikin girgije na MNO.
3. A ƙofar, taɓa wayar yana haifar da ƙa'idar tabbatarwar GSM tare da girgije.
4. Bayan nasara, girgije yana ba da izinin cire kuɗin tafiya kuma yana nuna alamar ƙofar don buɗewa.
Mahimman Batutuwan Kimantawa:
- Ma'aunin Nasarar: Lokacin ma'amala ƙasa da 500ms, yana dacewa da saurin katin mara taɓawa na yanzu.
- Ƙimar Haɗari: Ta yaya tsarin ke sarrafa faduwar hanyar sadarwa a ƙofar? (Komawa zuwa alamar tabbatarwa da aka adana a gida?).
- Ra'ayoyin Masu Ruwa da Tsaki: Yi binciken masu amfani akan tsaron da aka gane da sauƙi. Kula da ƙimar zamba idan aka kwatanta da tsarin katin da ke akwai.
Wannan nazarin lamarin yana ba da tsarin duniya na gaske don gwada ingancin tsarin a zahiri fiye da ƙirar ƙa'idar ka'ida.
6. Aikace-aikace na Gaba & Hanyoyi
Tsarin Jakar Girgije yana buɗe ƙofofi fiye da biyan kuɗin dillali:
1. Asalin Dijital & Samun dama: SIM da aka tabbatar zai iya zama maɓalli don samun dama ta zahiri (ƙofofin ofis) da na dijital (aikace-aikacen gwamnati), yana ƙirƙirar dandamali na asalin dijital ɗaya.
2. Ƙananan Biyan Kuɗi na IoT: Na'urori masu auna firikwensin da aka tabbatar ko motoci a cikin hanyar sadarwar IoT za su iya biyan kuɗin sabis (misali, kuɗin hanya, caji) ta atomatik ta amfani da SIMs da aka saka (eSIMs) waɗanda irin wannan dandamalin girgije ke sarrafa.
3. DeFi & Gadar Blockchain: Na'urar wayar hannu da aka tabbatar da tsaro za ta iya zama ɓangaren sa hannu na kayan aiki don ma'amalolin blockchain, yana kawo tsaro na matakin cibiyoyi ga jakunkunan kuɗi masu raba mulki.
4. Juyin Halitta zuwa Bayan-Quantum & 5G: Hanyar gaba dole ne ta haɗa da haɓaka cibiyar sirri. Tsarin gine-ginen girgije yana da kyau don fitar da matakai na algorithms na sirrin bayan-quantum da haɗawa da ingantaccen tabbatarwa na mai biyan kuɗi na 5G (5G-AKA), wanda ke ba da ingantaccen tsaro fiye da GSM.
5. Samfuran Girgije masu Rarrabawa: Don rage haɗarin matsala guda ɗaya, sauran juzu'i na iya bincika ƙungiyoyin tarayya ko na tushen blockchain na rarrabuwar girgije don gudanar da takaddun shaida, rarraba amincewa tsakanin ƙungiyar MNOs da ƙungiyoyin kuɗi.
7. Nassoshi
- Pourghomi, P., Saeed, M. Q., & Ghinea, G. (2013). A Proposed NFC Payment Application. International Journal of Advanced Computer Science and Applications, 4(8), 173-?.
- GSM Association. (2021). RSP Technical Specification. GSMA. [Hukuma ta Waje - Ƙungiyar Masana'antu]
- Barkan, E., Biham, E., & Keller, N. (2008). Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication. Journal of Cryptology, 21(3), 392-429. [Hukuma ta Waje - Binciken Ilimi Mai Nuna Kurakuran GSM]
- NFC Forum. (2022). NFC Technology: Making Convenient, Contactless Connectivity Possible. [Hukuma ta Waje - Ƙungiyar Ma'auni]
- Zhu, J., & Ma, J. (2004). A New Authentication Scheme with Anonymity for Wireless Environments. IEEE Transactions on Consumer Electronics, 50(1), 231-235. [Hukuma ta Waje - Binciken Tabbatarwa mai Dangantaka]
- National Institute of Standards and Technology (NIST). (2022). Post-Quantum Cryptography Standardization. [Hukuma ta Waje - Binciken Gwamnati akan Sirrin Gaba]