A wallet is a way of organising things. My Apple Wallet, just like my real wallet, doesn’t have any cash in it. It has credit cards, debit cards, loyalty cards, vaccination records, boarding passes, train tickets and driving licences (Apple have just gone live with their driving licence and state in Arizona). These things are all held independently in the wallet: they don’t talk to each other and they don’t share data with each other. They are also, as you will have noticed, mostly about identity, not money.
Apple Finally Enables Payment Card Acceptance on iPhone
Contactless Card Acceptance
Solutions to enable Android phones to be used to accept EMV contactless card payments without requiring additional hardware have been around for a while. We’ve been advising and helping our clients architect, secure, build and certify SoftPOS solutions for the last 5 years. However, this has not been possible on iOS devices, until now. Speculation that Apple was looking to add contactless payment card acceptance support to iPhone grew when they bought Mobeewave for $100MM in 2020. Based on the technology acquired in this purchase, Apple has recently added contactless card acceptance capability by implementing their Proximity Reader framework to iOS 15.4, for what Apple calls Tap to Pay.
Brazilians wow the world of Open Banking
At last week’s FDX Virtual Spring Global Summit, I received a glimpse into the huge strides being made by the Financial Data Exchange in the adoption of their data sharing API for the US market. In the context of minimal centralised regulation in the US, progress is driven by industry. This marks a substantial move away from screen scraping, which has historically been prominent in the US market. While the API approach provides value in terms of security and standardisation, many organisations still depend on screen scraping to support their business model.
Biometrics on Cards
Improving Cardholder Authentication
On-card fingerprint readers have been in development for a few years now, with a number of products now in market from vendors such as Fingerprint Cards, Zwipe, Idemia and G+D.
Arm’s CHERI-Based Morello Prototype Adopts New Approach to Security
Developing secure software and systems is hard. Even if the most experienced engineers use the best tools and follow best practices, bugs and vulnerabilities can slip through. Add to that the amount of legacy or 3rd-party code in use today, developer turnover and the use of outsourcing, and we can see that it is very difficult to eliminate all vulnerabilities from within a solution. This is why security by design and defence in depth are important principles. By designing-in security right from the start, and having multiple independent and overlapping methods of protection, the impacts of vulnerabilities can be reduced.
PIN: we need to talk about our relationship
16 years on from PIN day (Valentines Day 2006) how is our relationship with PIN holding up?
Last year Dave Birch postulated that PIN was in decline and indeed no longer necessary as our mobile phones make use of various biometrics to authenticate us and our transactions, but as we often remind ourselves in Chyp, we’re not normal. UK Finance statistics tells us that whilst the use of Apple Pay & Google Pay at the Point of Sale is on the rise, the humble plastic card is still the preferred way to pay.
New Features Greet Riders As They Return to Transit
Everyone seems to think that MaaS (Mobility-as-a-Service) is a brand-new business model, when in fact, Transit Agencies have been providing mobility as a service for years, just without the hyphens. When I ride transit I just pay for the service when I need it or purchase a monthly pass if I expect to use it regularly. This is similar to the “as-a-Service” model that has been popularized by software companies who moved away from the license model where users pay a one-time fee to purchase the software. They now offer a subscription model where users pay a recurring fee to use the software. I’ve ridden transit for many years and have never had to buy a bus or train. Sounds like Mobility-as-a-Service to me.
Safer Internet Day 2022 – It’s all about you!
For Safer Internet Day, I thought I’d bring a Mediterranean theme. As a classicist, I frequently switch between ancient and modern, applying time-tested principles to emerging technologies. Plato had it right on data protection: the price of not participating in public life is to be ruled by less able men.
Can Current Technology Deliver Secure Mobile Voting Solutions?
Insecure technology is regularly cited as barrier to the use of online voting systems, in particular when casting your vote through your mobile phone, rather than putting your cross on a piece of paper and putting in a box at the polling station or mail box. At the same time those detractors trust the same mobile technology to place stock trades, initiate high value payments and more recently accessing their health records.
Will 2022 start to drive the future of Interoperability and Inclusion?
Our overriding theme of this year’s Live5 is interoperability which will lead to inclusion. Whether this is in payments or transit, identity or as a generalised trend what we’re seeing is a collapsing of the barriers between silos. In some areas this is happening more quickly than in others.