Objective: In the modern era, smart phones and iPhones are the most dominating gadgets among human beings. The tremendous number of mobile users along with the omnipresent nature of mobile devices has created an immense market for mobile commerce. But, for that m-commerce to be recognized to 100%, users have to belief the security measures of m-commerce generally and m-payment especially. In other words, the growth of wireless networks and massive usage of mobile devices have increased the concerns about performance and security of mobile payment systems. The two critical and challenging features of any payment protocol are security and privacy. Method: This paper proposes a novel secured authentication protocol for mobile banking which would overcome the two critical features of any mobile payment transactions. This proposed protocol combines both asymmetric and symmetric key cryptographic techniques. Findings: Compared to few existing authentication protocols based on either ECC or RSA, the proposed authentication protocol over resource-constrained mobile devices serves better in terms of privacy, security and computation. Novelty: This paper proposes a novel secured authentication protocol which combines both asymmetric and symmetric key cryptographic techniques (HECC and AES).

Keywords