Is Bitcoin going to be the future technology of online payments? And maybe not just online? Bitcoin hit a high of $1,073 on Tokyo- based exchange Mt. Gox, the best-known operator of a bitcoin digital marketplace, compared with just below $900 the previous day. Bitcoin is not backed by physical assets and is not run by any person or group. Its value depends on people's confidence in the currency. It has been gaining acceptance by the general public and investment community but has yet to become an accepted form of payment on the websites of major retailers such as Amazon.com. According to a a patent application filed by Apple, the entire display can be used to read your fingerprints. I can imagine a lot of use cases, including payments security, beyond just the iPhone screen. For example, super strong 3-factor authentication when processing payment transaction: 1. card ("something you have") 2. PIN ("something you know") 2. Fingerprints while entering PIN ("something you are"). Or another case - PIN-less payment transaction that keeps security level (2-factor authentication) of PIN transaction: card or phone (the 1st factor - "something you have") plus pressing the "Pay" or "OK" button on payment terminal or mobile phone with simultaneous fingerprint scanning (2nd factor - "something you are"). Google introduces a debit card linked to Google Wallet which along with the PayPal business debit card creates a dangerous trend: Instead of bringing new secure technologies into the brick-and-mortar merchants' world, online payment providers go back to old good insecure plastics. The idea of Coin is simple but elegant: replacing several payment cards with single card-like sophisticated device. The technology behind Coin is pretty impressive, but there is security concern. Normally, when carders want to use the stolen card data in order to make a purchase in brick-and-mortar store, they need to produce the fake plastic card, which looks like a real credit card, and encode it with the stolen magnetic tracks. However, technological revolution comes to the carders world. With Coin, there is no need to produce a good looking physical plastic anymore. The stolen data can be encoded directly into the Coin device. There is one obstacle that must be overcome - taking the picture of the real card when entering the new card information into Coin through the iPhone or Android app. But I think that generating a realistic image of the credit card (so it could be photographed instead of the real card) is cheaper than creating a physical counterfeited card which requires special equipment such as PVC-printer, embosser, tipper, etc. (more details about this process can be found in my new book - Hacking Point of Sale - which is being published by Wiley). Interesting data about mobile checkout apps: The cost of merchant's mobile app: $7,000 on average, with more comprehensive applications costing $150,000 and more. By 2017, retailers believe that over 50% of sales transactions will come from a mobile device self-checkout. Cartes (Exhibition & Conference) in Paris, France next week... Well, maybe Cartes America in Las Vegas next year... |
Books
Recent Posts
Categories
All
Archives
October 2024
|