Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Securing Transactions

1,086 views

Published on

A presentation on the issues encountered implementing secure mobile transactions - from user acceptance to security.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Securing Transactions

  1. 1. Tom Godber - CTO Masabi - Co-Founder MoMo Estonia
  2. 2. ESTONIAN NOT ESTONIAN
  3. 3.  The mobile experience is about PAIN  Texting on a Moto…  Nokia moves the S60 icons in every new handset  User experience is becoming important  Ex-RAZR users often don‟t Moto again  But nothing is perfect, even Steve
  4. 4.  Good ideas are common  Good ideas which actually work aren‟t  Given handset constraints  Given real world conditions  Compared to off-mobile alternatives
  5. 5.  A successful service must offer a significant advantage to the user  An mPayment must be easier than cash and cards  Just because a user can do something, doesn‟t mean they will  Offer net pain relief
  6. 6.  User probably moving  Must be simple  Must be resilient  Has user got alternatives?  Cash  Debit/credit cards  PC
  7. 7.  Lots of hype  (Almost) no handset support  NFC already embedded on cards  Habit: you pay with a card, why use phone?  BUT: NFC on SIM may be interesting  Launched last week in Thailand  For markets without much card use…?
  8. 8.  SIM Toolkit  SMS  Basic browser  AJAX browser  Installed application
  9. 9.  Runs on every handset  Simple UIs  Very big eg. in African banking  The operator is your customer  No potential to run “off-deck”  Only operator lets you on the SIM
  10. 10.  Good for simple transactions  Easy to set up, works on everything  High cost  30-60% operator cut  Best for low-value high-margin items  Insecure  Can be read on stolen phones  Can be read on the network
  11. 11.  Wap1 was insecure with “Wap Gap”  Plain text through gateway  Very low encryption strengths  Wap2 is better  Dumb client  Data mis-entry is painful  Repeat page loads slow and expensive  Hard to store tickets etc  SMS Picture Message – little data  MMS – can be mangled
  12. 12.  Offers great advantages to developer  No upgrade concerns, etc  Great on your desktop PC  Fast, free, always-on data connections  Plenty of speed, memory and electricity  Overhead of XML + scripts + repeat HTTP doesn‟t matter  Users all using mouse and big screen  Does that remind you of mobile?
  13. 13.  You don‟t have to be the „best‟  Sometimes being the only option is good enough  NOT suitable for everything  Remember, pick your services  Good for:  Recurring purchases  Flaky connections ▪ Retries, SMS fallback, fat intelligent client
  14. 14.  Ticket purchase in UK  Aimed at repeat users  Intelligent client  Helps user with data entry => minimises resends  Submits credit card purchase with one encrypted SMS  Good when signal strength low  2D barcode display for ticket  Optimised for on-screen scanning
  15. 15.  There is no single „best platform‟  Most topics expanded on the Masabists blog http://blog.masabi.com/

×