Mobile payment has some unique advantages over more traditional payment methods in, for example, TV shopping and mobile multimedia services. Unfortunately, most existing mobile payment solutions rely heavily on underlying communication infrastructures, which are platform-dependent and have no unified implementation criteria. This limitation is reducing, however, through the rapid spread of the Voice over IP (VoIP) telephony service and its integration with mobile phones. The Session Initiation Protocol (SIP) is currently the standard signalling protocol of VoIP. Mobile payment is expected to be implemented and deployed in an SIP environment in order to keep pace with the evolution of the mobile phone network. The goal of this paper is firstly to propose a new mobile payment scheme based on SIP. The protocol of the proposed framework is thoroughly analysed. Secondly, we evaluate security issues and propose enhanced solutions to make this new framework applicable in practise.