International Association
for Cryptologic Research

We propose a public-key authentication and encryption application that secures the messages between Tap-Card-Pay application, Tap-Card-Pay Systems Corporation, customers, and merchants allowing the customer to complete transactions without requiring the customer to input sensitive information. With authentication and encryption, the application transfers the credit card information from the smartphone\'s near field communication device onto the merchant webpage. Security weaknesses are also presented to show how to attack this design.