Abstract: Aimed at the problems that the authentication subprotocol of mobile payment protocol does not authenticate the merchant’s identity, which is vulnerable to anonymous attacks by malicious merchants, and the protocol does not consider the time limit so that it can’t ensure the correctness of the transaction, a new mobile payment protocol is proposed. The new protocol realized the two-way certification of users and merchants and the accountability of time limit by authenticating the merchant’s identity and introducing the timestamp server T. The new mobile payment protocol was formally analyzed through SVO logic and time limit logic. The new mobile payment protocol meets the two-way certification and limit accountability.