Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Smartphone Security May Be A Crucial Flaw In M-Payments

Lieberman Software : 03 June, 2011  (Technical Article)
Lieberman Software comments on the surge in activity on enabling mobile phone payments being used with the help of NFC, stating that greater focus is required on the security of the device itself

The flurry of news surrounding mobile wallets and how NFC (near field communications) will soon allow us all to ditch our credit and debit cards in favour of a payment-enabled mobile phone ignores the security issue that is staring us in the face, says Phil Lieberman, the CEO of Lieberman Software.

With O2 announcing plans to launch an m-wallet offering in the second half of this year, Lieberman - whose company offers privileged identity management solutions - agrees with Computerworld's Ira Winkler that the m-wallet is a disaster waiting to happen.

"Ira's comments are bang on the money. Whilst it's great to hear that m-wallet solutions will be Visa PayWave or MasterCard PayPass-compatible - meaning that the wireless data transmissions are encrypted - the problem comes if the smartphone itself in less than secure," he said.

"And with Google having to once again withdraw several infected dozen apps from the Android Market - the second time this has happened this year - it's difficult to see how smartphones can ever be made as secure a desktop or laptop computer," he added.

Yes, the Lieberman Software CEO went on to say, Windows is not without its fair share of malware attacks, but the platform also has very large raft of security applications that dovetail neatly in with company IT security systems.

Smartphones, he explained, do not have access to this level of API-driven security and with large numbers of Apple iPhone users jailbreaking their handsets to escape network locks, it looks like that most flavours of smartphones will be susceptible to security faux pas for some time to come.

Some proponents of m-wallet technologies, he says, note that m-wallet transactions are limited to £15.00 and under, but if a smartphone is loaded with £100.00 worth of bank credit - or is linked to a user's bank account - there is then a risk that hackers can replicate the m-wallet credentials, and then make multiple small transactions using a cloned mobile wallet.

This is, he adds, financial death by a thousand cuts - and with large numbers of users of m-wallet technology expected to converge on London next year for the Olympics, the risk of a cybercriminal attack on this form of payment is significantly increased.

"With the first DroidDream Android infection reported to have hit as many as 200,000 smartphone users back in March, if an m-wallet security hack occurs - as Ira says in his blog - all you need is a malicious Angry Birds, and it will make the Heartland data breach seem like a footnote," he said.

"I have to agree with Ira. M-wallet technology is a potentially serious security risk just waiting to happen. Cybercriminals must be laughing their socks off at the prospect of having millions of insecure smartphone users with electronic wallets just waiting to be ripped off," he added.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo