In several mobile communication standards, such as GSM and UMTS, every mobile communication terminal is in contact with a smart card, such as a subscriber identity module (SIM) card or a universal integrated circuit cards (UICC). The smart cards provide an execution environment which is more secure than the general execution environment of the mobile communication terminal itself. In fact, equivalent structures have now been developed to allow secure execution environments in memory cards inserted in a mobile communication terminal or even in embedded memory in the mobile communication terminal. Such environments can thus function as secure elements.
GlobalPlatform, see http://www.globalplatform.org at the time of filing of this patent application, provides standards and structures for secure elements and applications on the secure elements. Secure elements allow for one or more applications to be installed, such as applications for payment. For example, a person can have a VISA debit card application and a MasterCard credit card application installed at the same time. The user can then effect payment e.g. using a protocol called Europay-Mastercard-Visa (EMV) protocol, using near field communication (NFC) with a reader and optionally using the user interface of the mobile communication terminal. The use of Near-Field Communications (NFC) capable mobile phones enables contactless payments at a Point-of-Sale (PoS) device e.g. using the EMV protocol between the card application in the secure element and the point-of-sale terminal.
However, there is no structure in the prior art allowing the user to verify the authority of the merchant with which the transaction is occurring. Consequently, it is possible that a fraudulent merchant could get hold of information on the secure elements or even perform fraudulent transactions.