Bansilal Ramnath Charitable Trust’s

VISHWAKARMA INSTITUTE OF INFORMATION

TECHNOLOGY

A Mini Project Report

On

“Sim Based Payment Authentication”

In Subject: IPR

By

Jiya R. Bagwan (22320002)

Tushar Kompa (22320072)
Diya Jain (22320113)
Ajay Ingle (22320127)

Department of Artificial Intelligence and Data Science VIIT

2024-2025

1
 Contents
Sr. No. Topic Page No.

Chapter-1 Introduction
1.1 Introduction 3
1.2 Requirements 3
1.3 Purpose and Objectives 4
1.4 System Architecture 4
1.5 Flowchart 5
1.6 Feature Extraction 6
1.7 System Implementation 6
1.8 Code 7
1.8.1 Instructions for Deployment 11
1.9 Output 12
Chapter-2

2.1 Conclusion 15

2.2 References 15

2
 ABSTRACT

Mobile payment systems have become an integral part of the global economy, but their rapid adoption has
exposed significant security vulnerabilities, such as phishing, SIM swap fraud, and unauthorized access.
To address these challenges, this research proposes a robust SIM-based authentication framework
enhanced by blockchain integration. The core problem is the lack of a unified, tamper-resistant
mechanism to authenticate users and verify transactions securely.

Our solution leverages the inherent security features of SIM cards, coupled with blockchain's
decentralized and immutable ledger, to provide a two-layered authentication system. The methodology
involves using the SIM card as a secure hardware module to generate unique cryptographic signatures for
each transaction. These signatures are then verified and recorded on a private blockchain, ensuring
transparency, non-repudiation, and real-time fraud detection.

The expected outcomes include a significant reduction in unauthorized transactions, enhanced trust in
mobile payment platforms, and compliance with stringent regulatory requirements. By eliminating central
points of failure, our approach mitigates the risks of traditional authentication systems and introduces a
scalable model for secure electronic payments.

This research underscores the importance of combining advanced cryptographic techniques with
decentralized systems to redefine security standards in mobile payment ecosystems, paving the way for
safer, more reliable digital transactions.

3
 INTRODUCTION
The rapid evolution of mobile payment systems has transformed the way consumers and businesses
conduct transactions. Offering convenience and speed, these systems have become indispensable in the
modern economy. However, this widespread adoption has also introduced a growing array of security
challenges, including unauthorized access, SIM swap fraud, phishing attacks, and data breaches. These
threats not only undermine user confidence but also pose significant financial and reputational risks to
service providers.

Traditional authentication mechanisms, such as passwords, PINs, and one-time passwords (OTPs), are
increasingly proving inadequate in addressing these vulnerabilities. The reliance on centralized systems
creates single points of failure, leaving mobile payment platforms susceptible to sophisticated
cyberattacks. To enhance security and foster trust in mobile payments, a novel, decentralized approach is
essential.

This research introduces a SIM-based authentication framework integrated with blockchain technology as
a solution to these challenges. By leveraging the secure environment of SIM cards for cryptographic
operations and the immutability of blockchain for transaction verification, the proposed system ensures
robust, tamper-proof authentication. The integration of these technologies not only mitigates the risk of
unauthorized transactions but also enables real-time fraud detection and prevention.

This paper aims to explore the feasibility and effectiveness of the proposed approach in securing mobile
payments, highlighting its potential to address existing limitations and establish a new standard for trust
and security in digital transactions.

The proliferation of mobile payment systems has revolutionized financial transactions, offering
unparalleled convenience and efficiency for consumers and businesses alike. With a simple tap or swipe,
users can complete transactions instantly, reducing dependency on cash and physical cards. However, this
rapid adoption comes with significant security challenges. Traditional authentication methods, such as
PINs, passwords, and one-time passwords (OTPs), are increasingly vulnerable to sophisticated
cyberattacks. Phishing, brute force attacks, and credential theft are common issues, exposing users and
service providers to financial and reputational risks. As the volume and complexity of mobile payments
grow, the need for more secure and innovative authentication mechanisms becomes paramount.

Problem Statement
Mobile payment systems face critical security threats, including unauthorized access, impersonation, and
SIM swap fraud. SIM swap attacks, in particular, exploit vulnerabilities in mobile carrier systems,
allowing attackers to gain control of users’ mobile numbers and bypass traditional authentication
measures. Furthermore, the reliance on centralized authentication systems introduces single points of
failure, making them attractive targets for cybercriminals. These limitations necessitate a robust, scalable,
and tamper-resistant solution to ensure the integrity of mobile payment systems.

Proposed Solution
This research proposes a SIM-based payment authentication framework that leverages the unique
International Mobile Subscriber Identity (IMSI) of SIM cards, integrated with blockchain technology. By
4
combining the secure hardware of SIM cards with the decentralized and immutable nature of blockchain,
the proposed system ensures strong, tamper-proof authentication. Blockchain integration eliminates single
points of failure and enables transparent and auditable transaction verification, enhancing user trust and
security.

Scope and Objectives

This study aims to:

1. Evaluate the vulnerabilities of current mobile payment authentication methods.

2. Design and implement a SIM-based authentication framework integrated with blockchain
technology.
3. Assess the proposed system’s effectiveness in mitigating security threats such as SIM swap attacks
and unauthorized transactions.
4. Explore the scalability and usability of the framework in real-world mobile payment scenarios.

Through this research, we hypothesize that the integration of SIM-based authentication and blockchain
technology can significantly enhance the security and reliability of mobile payment systems while
addressing the limitations of existing methods.

Proposed Methodology

System Architecture
The proposed SIM-based authentication system is designed as a decentralized and tamper-resistant
framework. Its architecture includes the following key components:

1. SIM Card: The secure hardware module containing a unique International Mobile Subscriber
Identity (IMSI) and cryptographic capabilities to generate transaction-specific signatures.
2. Mobile Device: Acts as the interface for users to initiate transactions. It communicates with the
SIM card and blockchain network to perform authentication.
3. Blockchain Nodes: A distributed network of nodes that maintain a tamper-proof ledger of
transactions. These nodes verify transaction signatures and store immutable records.
4. Verification Server: An intermediary server that interfaces with the blockchain and user’s mobile
device to facilitate real-time authentication.
5. User Interface: The application or platform where users initiate payments and receive
authentication feedback.

SIM-Based Authentication Process

The authentication process is designed to ensure security and transparency:

1. Transaction Initiation: The user initiates a payment request through a mobile application.
2. IMSI Retrieval: The SIM card generates a cryptographic signature using its unique IMSI and
transaction details, such as the amount and recipient.
3. Signature Transmission: The signed transaction data is sent to the blockchain nodes for
verification.

5
 4. Verification: The blockchain nodes verify the authenticity of the signature using public-key
cryptography.
5. Approval/Denial: Based on verification, the transaction is either approved and recorded in the
blockchain ledger or rejected if discrepancies are detected.

Integration with Blockchain

Blockchain enhances the SIM-based authentication process by providing:

1. Immutability: All transaction details and verification results are stored in an immutable ledger,
preventing tampering or fraudulent modifications.
2. Decentralization: The absence of a central authority eliminates single points of failure, reducing
vulnerability to cyberattacks.
3. Transparency: The blockchain ledger ensures all stakeholders can audit and verify transactions
without compromising user privacy.

Security Mechanisms
To address common attacks, the system incorporates additional layers of security:

1. Multi-Factor Authentication (MFA): Combines SIM-based verification with user authentication

methods such as biometric scans or OTPs for enhanced security.
2. Encryption Techniques: End-to-end encryption is used to protect data transmission between the
mobile device, verification server, and blockchain nodes.
3. Anomaly Detection: Machine learning models identify suspicious activities, such as unusual
transaction patterns, in real time.
4. Anti-SIM Swap Measures: Regular synchronization with mobile carriers ensures any changes to
SIM ownership trigger reauthentication steps, preventing unauthorized access.

By combining these methodologies, the proposed system ensures robust, scalable, and user-friendly
authentication for secure mobile payments.

6
 Literature survey
1. Paper Name: A Proposed Anti-Fraud Authentication Approach for Mobile Banking Apps

 Authors: Omar Hussein

 Conference & Year: 4th Novel Intelligent and Leading Emerging Sciences Conference (NILES),
2022
 Gap Analysis: The approach focuses on mobile device fingerprinting for authentication, which
enhances security by verifying the unique 256-bit hash of the user's device. However, the system
lacks real-time push notifications for user transaction verification, leaving it vulnerable to physical
access or spoofing attacks. It does not incorporate PKI-based encryption or a fallback mechanism
like OTP for failed authentications.
 Key Points:
o Utilizes device fingerprinting to enhance mobile banking security.
o Relies on SHA-256 hashing for unique device identification.
o Transparent but does not address real-time user interaction during transactions.

2. Paper Name: A Secure Multi-Factor User Authentication Framework for Electronic Payment
System

 Authors: Md Arif Hassan, Zarina Shukur

 Conference & Year: 3rd International Cyber Resilience Conference (CRC), 2021
 Gap Analysis: The framework emphasizes multi-factor authentication using passwords,
biometrics, and OTP but lacks device-specific identifiers like IMSI/IMEI. The reliance on static
biometrics may expose it to spoofing attacks, and the absence of dynamic measures (e.g., real-time
push notifications) reduces adaptability.
 Key Points:
o Employs three-factor authentication for secure payments.
o Does not address device-specific security, leaving room for SIM swapping or device
cloning.

7
3. Paper Name: A Three Layer Authentication Using FEO

 Authors: Bhagyashri R. Hanji et al.

 Conference & Year: 4th IEEE International Conference on Data Engineering and
Communication Systems (ICDECS), 2024
 Gap Analysis: The FEO system incorporates facial recognition, eye blink passwords, and OTP
but lacks integration with PKI and device-specific checks (IMSI/IMEI). It is effective for physical
device security but does not address remote mobile payment environments.
 Key Points:
o Combines facial recognition, biometric gestures, and OTP.
o Vulnerable to spoofing without device-specific layers.

4. Paper Name: AI-Driven Fraud Detection in Financial Transactions with Graph Neural
Networks and Anomaly Detection

 Authors: M. Thilagavathi et al.

 Conference & Year: International Conference on Science Technology Engineering and
Management (ICSTEM), 2024
 Gap Analysis: The approach is powerful in detecting fraud patterns using GNNs but lacks
integration of user-centric authentication like SIM-based or PKI-based mechanisms. The focus is
on anomaly detection rather than preventing fraud at the point of authentication.
 Key Points:
o Uses GNNs for fraud detection with anomaly-based techniques.
o Effective in pattern analysis but not in user-specific transaction verification.

5. Paper Name: Credit Card Fraud Detection Based on Deep Neural Network Approach

 Authors: Khalid I. Alkhatib et al.

 Conference & Year: 12th International Conference on Information and Communication Systems
(ICICS), 2021
 Gap Analysis: The DNN-based detection model focuses on transactional anomaly identification
but lacks an integrated authentication framework. It assumes fraud detection post-transaction
rather than prevention during the transaction process.
 Key Points:
o Leverages DNNs for fraud detection with high accuracy.
8
 o Does not address authentication mechanisms like PKI or push notifications.
6. Paper Name: Enhancing Financial Fraud Detection in Bitcoin Networks Using Ensemble Deep
Learning

 Authors: Chayan Ghosh, Nabanita Das, Avigyan Chowdhury, Bikash Sadhukhan

 Conference & Year: IEEE International Conference on Blockchain and Distributed Systems
Security (ICBDS), 2023
 Gap Analysis: The study focuses on anomaly detection within Bitcoin networks using ensemble
deep learning. While effective in blockchain contexts, it does not address mobile payment fraud or
integrate device-specific authentication methods like IMSI/IMEI checks.
 Key Points:
o Ensemble model combines MLP, FNN, and Attention LSTM for anomaly detection.
o High accuracy (99.62%) but lacks applicability to real-time mobile payment security.

7. Paper Name: Enhancing Security of Mobile Payment Applications Using Blockchain

 Authors: Lipsa Das, Chamandeep Kaur, Ayasha Siddiqua, Durdana Taranum, Ganesh Vasudeo
Manerkar, Ajay Rana
 Conference & Year: IEEE Uttar Pradesh Section International Conference on Electrical,
Electronics and Computer Engineering (UPCON), 2023
 Gap Analysis: The proposed blockchain-based framework enhances data integrity and
authentication but does not employ multi-layered verification or fallback mechanisms like OTPs
in case of blockchain failures.
 Key Points:
o Focus on confidentiality, data integrity, and non-repudiation.
o Blockchain ensures tamper-proof transactions but lacks user-friendly, real-time
authentication.

8. Paper Name: Experimental Evaluation of Smart Credit Card Fraud Detection System Using
Intelligent Learning Scheme

 Authors: Anusha P, S. Bharath, N. Rajendran, S. Durga Devi, S. Saravanakumar

 Conference & Year: IEEE International Conference on Innovative Computing, Intelligent
Communication, and Smart Electrical Systems (ICSES), 2023

9
  Gap Analysis: While using deep learning with autoencoder networks improves fraud detection
accuracy, the paper does not integrate user-specific or device-specific verification mechanisms,
limiting its effectiveness in mobile payment scenarios.
 Key Points:
o Uses an autoencoder-based Intelligent Learning Scheme for fraud detection.
o Focused on e-commerce rather than mobile payment systems.
9. Paper Name: Financial Fraud Detection and Comparison Using Different Machine Learning
Techniques

 Authors: Pratishank Shukla, Mukul Aggarwal, Prakarsh Jain, Parijat Khanna, Madhur Kumar
Rana
 Conference & Year: IEEE International Conference on Technological Advancements in
Computational Sciences (ICTACS), 2023
 Gap Analysis: The comparison of machine learning models highlights Random Forest as a strong
performer but lacks exploration of real-time transaction monitoring or integration of public key
infrastructure for security.
 Key Points:
o Compares six ML techniques with Random Forest emerging as the best.
o Highlights the need for ensemble methods and real-time fraud detection mechanisms.

10. Paper Name: Fraud Detection in Financial Transactions Using Deep Learning Approach: A
Comparative Study

 Authors: Neha R Shanbhog, Komal Shashikumar Totad, Abhishek Rajkumar Hanchinal,

Anupama P Bidargaddi
 Conference & Year: IEEE 5th International Conference for Emerging Technology (INCET),
2024
 Gap Analysis: The study compares XGBoost, ANN, and R-GCN for fraud detection. It
demonstrates good performance but does not implement multi-layered authentication or fallback
mechanisms for failed verification attempts.
 Key Points:
o R-GCN achieves the highest accuracy (98.5%) among compared models.
o Limited focus on integrating user-centric security features for mobile payments.

10
11
 Chapter 2

2.1. Conclusion:

By utilizing SIM cards as secure hardware modules for cryptographic authentication and
blockchain’s decentralized, immutable ledger for transaction verification, the proposed system offers
a multi-layered approach to enhance mobile payment security. This combination ensures non-
repudiation, real-time fraud detection, and a significant reduction in the risk of unauthorized
transactions. The expected outcomes of this approach include increased user trust, compliance with
regulatory requirements, and a scalable solution for the mobile payment ecosystem. Additionally, the
decentralized nature of block chain eliminates single points of failure, enhancing the overall
resilience of the system against cyber attacks . In conclusion, this research demonstrates the potential
of integrating SIM-based authentication with block chain technology to establish a more secure,
reliable, and future-ready mobile payment infrastructure. As digital payments continue to grow,
adopting advanced, tamper-resistant solutions like the one proposed here will be crucial for
sustaining trust and fostering innovation in the financial technology sector.

2.2. References:

[1] B. R. Hanji, B. R. Hanji, B. V. Poojitha, A. H. R., and C. T. K., " A Three Layer Authentication Using
FEO," in *2024 4th International Conference on Data Engineering and Communication Systems
(ICDECS)*, 2024, pp. 1-5. DOI: 10.1109/ICDECS59733.2023.10502928.

[2] Omar Hussein.” A Proposed Anti-Fraud Authentication Approach for Mobile Banking Apps.” 2022
4th Novel Intelligent and Leading Emerging Sciences Conference (NILES) | 978-1-6654-5241-
0/22/$31.00 ©2022 IEEE | DOI: 10.1109/NILES56402.2022.9942402.

[3] Oguntimilehin A, Akukwe M.L., Olatunji K.A., Abiola O.B., Adeyemo O.A., Abiodun I.A.” Mobile
Banking Transaction Authentication using Deep Learning.” 2022 5th Information Technology for
Education and Development (ITED) | 978-1-6654-9370-3/22/$31.00 ©2022 IEEE | DOI:
10.1109/ITED56637.2022.10051553.
12
[4] Viswesh G, P Vinothiyalakshmi.” Secure Electronic Banking Transaction using Double Sanction
Security Algorithm in Cyber Security.” 2023 International Conference on Research Methodologies in
Knowledge Management, Artificial Intelligence and Telecommunication Engineering (RMKMATE) |
979-8-3503-0570-8/23/$31.00 ©2023 IEEE | DOI: 10.1109/RMKMATE59243.2023.10369665

[5] Lipsa Das, Chamandeep Kaur, Ayasha siddiqua, Durdana Taranum, Ganesh Vasudeo Manerkar, Ajay
Rana.” Enhancing Security Of Mobile Payment Applications Using Block Chain.” 023 10th IEEE Uttar
Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON)
| 979-8-3503-8247-1/23/$31.00 ©2023 IEEE | DOI: 10.1109/UPCON59197.2023.10434601

13