This paper we propose a security and efficient authentication technology that is suitable for Radio Frequency Identification (RFID) application environment. This technology is proper when the passive tag has weak computing ability, memory limitation and no on-board battery. Based on Hash function and exclusive-or operation, this technology not only offers data protection and mutual authentication, but also can protect the tag from analysis, tracing, or cloning. In the application to RFID mobile payment, this technology can prevent masquerade, double spending and tracing, ensuring the security during the transaction process.