FYI: The Challenge of Turning Phones into Credit Cards - The Challenge of Security & Why the UK is Key.

Nicholas Bohm nbohm at
Fri Feb 25 17:04:57 GMT 2011

On 25/02/2011 16:39, Peter Tomlinson wrote:
> The transaction model described appears to be very similar to the
> contactless payment method using debit/credit cards that is being
> rolled out here now - and a dual PR push for contactless debit/credit
> for public transport in London, featuring Transport For London and a
> head Mastercard honcho, happened this week [1]. The extra gained by
> using the mobile phone is the bonus for the user: a receipt stored in
> the phone.
> There is indeed a great deal of work going into transaction security
> for this architecture, and of course there are several architectures
> available for the phone and Simcard and microSD card (maybe with
> Bluetooth as well). This one will run and run - and a number of
> security people are tearing their hair out as they try to work through
> the matrix of not just secure element architectures but also of the
> multiplicity of phone operating systems.
> Its a consumer product; money has to be made by transferring money and
> by executing the real transactions (buying things and services [2]);
> there will be some casualties, but a great number of people will like it.

No doubt; but some may like it less if the risk of fraud is left in
their laps, so the liability model will be of equal interest to the
security model.  As to the liability model, transparency will in due
course reign, since Ts&Cs will necessarily be public in order to have
effect.  As to the security model, who knows?

Contact and PGP key here <>

More information about the ukcrypto mailing list