FYI: The Challenge of Turning Phones into Credit Cards - The Challenge of Security & Why the UK is Key.
Peter Fairbrother
zenadsl6186 at zen.co.uk
Fri Feb 25 14:26:08 GMT 2011
Chris Salter wrote:
> Hello UKCrypto,
>
> "The Challenge of Turning Phones into Credit Cards - The Challenge of
> Security & Why the UK is Key".
>
> http://www.trustedreviews.com/mobile-phones/review/2011/02/24/The-Challenge-of-Turning-Phones-into-Credit-Cards/p1?utm_source=newsletter&utm_campaign=clicks&utm_medium=daily_20110225_1277
> or
> http://preview.tinyurl.com/4w4wz46
It seems to be a very stupid implementation, and quite possibly a stupid
idea as well - no-one seems to have worked out the security model so
far, or even have worked out any working security model.
That should have been done *first*.
Is this micropayments, or major purchases? Is a PIN entered on the
'phone? Does the issuer put a tamperproof chip in the 'phone?
I'm not surprised that the Kaspersky guy is keen, more business for him
- but is he going to take responsibility. and more important accept
liability, when things go wrong? As K. take zero liability for the
effectiveness of their software at present, I kinda doubt it.
However if Visa want to implement it, and take the risk, fine by me - as
long as I don't have to bail them out (again), and as long as paying by
card remains an option. This should be a legal requirement, like chip
and signature cards vs chip and PIN cards.
Come to think of it, it may be a legal requirement already, depending on
the way the present law is interpreted - but that's not an area of law
I'm familiar with.
BTW I don't have a mobile 'phone, and I don't want one.
-- Peter Fairbrother
More information about the ukcrypto
mailing list