identity security and privacy mobile web payments
play

Identity, Security and Privacy: Mobile Web Payments Giri Mandyam - PowerPoint PPT Presentation

Aug 18, 2023 •143 likes •218 views

Open Source Open Possibilities Identity, Security and Privacy: Mobile Web Payments Giri Mandyam March 25, 2014 W3C Web Payments Workshop Open Source Open Possibilities PAGE 1 Mobile Web Payments - Legacy Premium SMS still popular

  1. Open Source Open Possibilities Identity, Security and Privacy: Mobile Web Payments Giri Mandyam March 25, 2014 W3C Web Payments Workshop Open Source Open Possibilities PAGE 1

  2. Mobile Web Payments - Legacy � Premium SMS still popular � Based on operator-assigned short code � Customer sends text message to short code � Can be followed by pin exchange to verify origin of SMS � Customer is billed through operator – Identity through cellphone credentials � PSMS market still quite strong worldwide � US operators have shut it down � Acc. to Transparency Research International (2013) – 236.9 billion in 2012 and further expected to reach to 1,134.2 billion in 2017 – CAGR of 36.8% from 2012 to 2017 � Mobile browsers have supported PSMS from the WAP days � Any new web payments mechanism would have to bear this in mind – And all the accompanying issues, including » Operator rev share, » Bad debt Open Source Open Possibilities PAGE 2

  3. Mobile Web Payments – Legacy (cont.) � HTTP Header Enrichment � Long used for mobile content management systems (CMS’s) � Operator adds header with unique mobile subscriber ID (e.g. MSISDN) � Service provider works with operator to bill customer directly � Advantages � Seamless billing from an end user perspective � No changes necessary to existing browsers � Disadvantages � Not secure if path from operator network to server is not secure – Middleboxes can spoof headers � Traversing NAT’s is an issue – Not expected to work on WiFi � Similar transactional issues as PSMS – Bad debt, operator rev share Open Source Open Possibilities PAGE 3

  4. Mobile Web Payments – Going Forward � Multifactor authentication leveraging contextual data � Location, biometrics, etc. � Retail example: � In-store shoppers who use bar code scanning on mobile device to scan in items as placing them into cart � At checkout, device produces a final bar code to be scanned is displayed on mobile device and read – Customer automatically billed � Can in-store location of shopper be leveraged instead? Open Source Open Possibilities PAGE 4

  5. Mobile Web Payments – Going Forward Open Source Open Possibilities PAGE 5

  6. Mobile Web Payments – Going Forward � HTML5 has introduced features such as Geolocation, NFC that take leverage device API’s in mobile devices and provide contextual information � Use of contextual information has a place in multifactor authentication – Previous in-store shopping example � Such data must be provided by a verifiable source – Information could be sensitive (e.g. biometric data) – Data sent directly by web apps using standard methods such as XHR or WebSockets may be vulnerable to attacks (even over TLS) � Any W3C Web Payments enabler should consider whether deeper integration into HW for multifactor auth using device API’s is needed Open Source Open Possibilities PAGE 6

  7. Open Source Open Possibilities Thank You PAGE 7

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Admin Today: finish web privacy, start mobile security Friday: Lab #2 due (8pm)

Admin Today: finish web privacy, start mobile security Friday: Lab #2 due (8pm)

CSE 484 / CSE M 584: Computer Security and Privacy Web Privacy [finish] Mobile Platform Security [start] Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner,

535 views • 29 slides
Mobile Device Security and Privacy Information Security and Privacy Office January 2012 Agenda

Mobile Device Security and Privacy Information Security and Privacy Office January 2012 Agenda

Mobile Device Security and Privacy Information Security and Privacy Office January 2012 Agenda Protecting mobile devices and your privacy Protecting Mobile Devices and Your Privacy Before We Start The City of Phoenix does not

971 views • 52 slides
CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International Data Tracking 2 http://privacyinternational.org/feature/2433/i-asked-online-tracking-company-all-my-data-and-heres-what-i-found Two Main Attack

986 views • 63 slides
Mobile Payments Certificate 2 Mobile Payments Certificate Investment Case While the mobile

Mobile Payments Certificate 2 Mobile Payments Certificate Investment Case While the mobile

Mobile Payments Certificate 2 Mobile Payments Certificate Investment Case While the mobile payment infrastructure is now in place (NFC-enabled phones and POS terminals, various platforms such as Apple Pay), we are about to enter the second

467 views • 20 slides
MOBILE PAYMENTS Provider of electronic payments www.pay365.ru +7 (495) 644-53-38 2 ABOUT THE

MOBILE PAYMENTS Provider of electronic payments www.pay365.ru +7 (495) 644-53-38 2 ABOUT THE

MOBILE PAYMENTS Provider of electronic payments www.pay365.ru +7 (495) 644-53-38 2 ABOUT THE COMPANY PAY365 - one of the leaders of mobile payments at the Russian market. For many years we have been successfully working with all mobile

682 views • 16 slides
AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and

AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and

AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and Security, JKU Linz IKT Sicherheitskonferenz 2017 26. September 2017, Villach Digital Identity: State of the Art OpenID: some (large) providers,

1.17k views • 18 slides
More than payments ePassi Payments ePassi mobile payments ePassi Fringe Benefits Sport

More than payments ePassi Payments ePassi mobile payments ePassi Fringe Benefits Sport

More than payments ePassi Payments ePassi mobile payments ePassi Fringe Benefits Sport & Culture 2008 Commuting 2013 Lunch 2014 Wellbeing 2015 General payments Alipay 2016 Siirto 2018

321 views • 17 slides
Contextual Factors in Mobile Security and Privacy Policy Enforcement Mobile Services and Edge

Contextual Factors in Mobile Security and Privacy Policy Enforcement Mobile Services and Edge

Contextual Factors in Mobile Security and Privacy Policy Enforcement Mobile Services and Edge Computing Workshop, Helsinki, 28.7.2016 Markus Miettinen Technische Universitt Darmstadt 28.07.2016 | Fachbereich Informatik | Lehrstuhl

542 views • 30 slides
Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction Statistics of Mobile Usage Current State of Mobile Security Recent Attacks Various Mobile Threats Security & Privacy

1.03k views • 57 slides
Mobile Communications Mobile Communications Confidentiality Security No access to information

Mobile Communications Mobile Communications Confidentiality Security No access to information

Security Requirements Authorization Which objects are accessible by whom? Authentication Reliable identification of users identity . Mobile Communications Mobile Communications Confidentiality Security No access to information for

577 views • 11 slides
Mobile Payments How your checkout and payment methods can improve mobile conversion

Mobile Payments How your checkout and payment methods can improve mobile conversion

Mobile Payments How your checkout and payment methods can improve mobile conversion Matthew Scott | Klarna Hello Boost business and think mobile first Lets talk about.. Mobile Consumers & Common issues & Top Tips Q&A

293 views • 18 slides
Are Mobile Payments Safe? Talk About Payments Webinar October 5, 2017 Dave Lott Payments Risk

Are Mobile Payments Safe? Talk About Payments Webinar October 5, 2017 Dave Lott Payments Risk

Are Mobile Payments Safe? Talk About Payments Webinar October 5, 2017 Dave Lott Payments Risk Expert Federal Reserve Bank of Atlanta The views expressed in this presentation are those of the presenters and do not necessarily reflect the views

508 views • 37 slides
REGULATORY FRAMEWORK FOR MOBILE PAYMENTS SERVICES IN NIGERIA By EMMANUEL C. OBAIGBONA DEPUTY

REGULATORY FRAMEWORK FOR MOBILE PAYMENTS SERVICES IN NIGERIA By EMMANUEL C. OBAIGBONA DEPUTY

REGULATORY FRAMEWORK FOR MOBILE PAYMENTS SERVICES IN NIGERIA By EMMANUEL C. OBAIGBONA DEPUTY DIRECTOR/ HEAD, PAYMENTS SYSTEM BANKING OPERATIONS DEPARTMENT CENTRAL BANK OF NIGERIA, ABUJA. PAPER DELIVERED AT THE EFInA MOBILE PAYMENTS SERVICES

475 views • 19 slides
Information Security and Privacy Board Background and current status Use of Hashing Algorithms

Information Security and Privacy Board Background and current status Use of Hashing Algorithms

Information Security and Privacy Board Background and current status Use of Hashing Algorithms in the U.S. Federal Personal Identity Verification Program Biometrics Storage Format Selection for the U.S. Federal Personal Identity

258 views • 14 slides
Privacy and Identity Paradoxes and Opportunities Professor Richard Harper University of Surrey

Privacy and Identity Paradoxes and Opportunities Professor Richard Harper University of Surrey

Privacy and Identity Paradoxes and Opportunities Professor Richard Harper University of Surrey and Social Shaping Research Ltd I TU: Korea March 04 Todays agenda Slide 2 ! Something on current research on the Mobile Age ! It is

411 views • 13 slides
Protection & Security Threat is potential security violation Attack is attempt to

Protection & Security Threat is potential security violation Attack is attempt to

CSE 421/521 - Operating Systems The Security Problem Fall 2011 Protecting your system resources, your files, identity, confidentiality, or privacy Lecture - XXVI Intruders (crackers) attempt to breach security Protection &

437 views • 5 slides
IP Spoofer Project Observations on four-years of data Rob Beverly, Arthur Berger, Young Hyun

IP Spoofer Project Observations on four-years of data Rob Beverly, Arthur Berger, Young Hyun

IP Spoofer Project Observations on four-years of data Rob Beverly, Arthur Berger, Young Hyun {rbeverly,awberger}@csail.mit, youngh@caida ISMA AIMS 2009 February 12, 2009 Spoofer Project Background Recent Relevance Project

692 views • 58 slides
Ambiguity Interactive Activation and Competition model (McClelland & Rumelhart, 1981) 1 / 1 3

Ambiguity Interactive Activation and Competition model (McClelland & Rumelhart, 1981) 1 / 1 3

Ambiguity Interactive Activation and Competition model (McClelland & Rumelhart, 1981) 1 / 1 3 / 1 Letter font 2 / 1 4 / 1 Occluded letter features: W O R [R/K] Pseudoword superiority effect 5 / 1 7 / 1 Word superiority effect TRACE

306 views • 4 slides
Be#er IETF Presenta/ons 0 Goals Advice for people

Be#er IETF Presenta/ons 0 Goals Advice for people

Be#er IETF Presenta/ons 0 Goals Advice for people presen/ng internet-dra=s at an IETF mee/ng Improve the discussion to end up with be#er

401 views • 13 slides
Styles and Themes By T oma Vajngerl @CollaboraOffjce www.CollaboraOffjce.com Styles Styles

Styles and Themes By T oma Vajngerl @CollaboraOffjce www.CollaboraOffjce.com Styles Styles

Styles and Themes By T oma Vajngerl @CollaboraOffjce www.CollaboraOffjce.com Styles Styles Preview Added style manager for creating style previews Currently only for Character and Paragraph styles Used it in Styles &

411 views • 18 slides
Searches for new physics with unconventional signatures at ATLAS and CMS Kevin Pedro (FNAL) on

Searches for new physics with unconventional signatures at ATLAS and CMS Kevin Pedro (FNAL) on

FERMILAB-SLIDES-19-013-PPD Searches for new physics with unconventional signatures at ATLAS and CMS Kevin Pedro (FNAL) on behalf of the ATLAS and CMS Collaborations March 26, 2019 This document was prepared by [ATLAS AND CMS Collabrations]

448 views • 34 slides
Information Security Identification and authentication Advanced User Authentication III

Information Security Identification and authentication Advanced User Authentication III

Information Security Identification and authentication Advanced User Authentication III 2016-02-02 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for lecture II within this part of the course Background Statistics Statistics in user

1.49k views • 70 slides
Protecting Wi-Fi Beacons from Outsider Forgeries Mathy Vanhoef, Prasant Adhikari, and Christina

Protecting Wi-Fi Beacons from Outsider Forgeries Mathy Vanhoef, Prasant Adhikari, and Christina

Protecting Wi-Fi Beacons from Outsider Forgeries Mathy Vanhoef, Prasant Adhikari, and Christina Ppper WiSec, 9 July 2020. Background: beacons Wi-Fi networks use beacons to announce their presence They are sent every ~100 ms by an

713 views • 32 slides
CSE 154 LECTURE 3: MORE CSS Cascading Style Sheets (CSS): <link> <head> ...

CSE 154 LECTURE 3: MORE CSS Cascading Style Sheets (CSS): <link> <head> ...

CSE 154 LECTURE 3: MORE CSS Cascading Style Sheets (CSS): <link> <head> ... <link href="filename" type="text/css" rel="stylesheet" /> ... </head> HTML CSS describes the appearance and

769 views • 25 slides

More recommend