Presentation given at the World Computer Congress 2010 in Brisbane on Bond Wireless' SMS Authentication and Verification Technology (Pat.) Applications.
MobiWeb - OTP SMS Two Factor AuthenticationMobiWeb
SMS is a technology that has many applications. Today huge numbers of products and services use SMS in a variety of ways. It can be used for additional security in service access and mobile identity verification. Since most of the world population have mobile phones (smartphones or feature phones), businesses can turn subscribers’ mobile phones to tools of additional security.
This guide describes Two-factor Authentication through OTP (One-time PIN) delivered by SMS.
Since its establishment in 1999, MobiWeb is providing global SMS Messaging for B2B, B2C and C2C mobile interaction.
Visit us at www.solutions4mobiles.com
Alepo 5 Emerging Innovations Carrier-WiFiPeerasak C.
5 emerging innovations in carrier Wi-Fi
Alepo | July 03, 2012
With mobile data usage on the upswing, wireless carriers are looking to Wi-Fi hotspots as a viable way to deliver high speed data on mobile devices. With Wi-Fi hotspots as part of an overall mobile data strategy, carriers can unlock new revenue channels, drive up business value, and optimize network resources and efficiencies.
This Alepo whitepaper reveals five emerging innovations in Carrier Wi-Fi offload, network discovery, and monetization, that are advancing opportunities for wireless carriers in making Wi-Fi hotspots a fundamental part of their mobile data strategy.
Download Alepo’s "5 Emerging Innovations in Carrier Wi-Fi" to learn how advancements in Wi-Fi can:
Make Wi-Fi offload secure and automatic
Make carrier services available on Wi-Fi
Enhance network discovery and selection
Unlock new Wi-Fi hotspot business models
Foster partnerships across the Wi-Fi ecosystem
Mobile Connect, an initiative by GSMA, has the potential to change online authentication and how we consume online services, on a global basis. This presentation will explain what Mobile Connect is, how it can benefit your organisation and the end users.
Beacons leverage a common wireless standard that can be detected by nearly every modern smartphone. Because of this wide and wireless coverage, concerns have been raised on the security of beacons.
By default, Beacons are open and static. For example, Apple’s iBeacons constantly broadcast a single repeating payload: UUID, Major ID and Minor ID. Once deployed, anyone can detect these Beacon IDs. This gives rise to two specific risks: Beacon Spoofing & Piggybacking.
This doc is a summary of the risks and general controls available to mitigate attacks.
What is the GSMA OneAPI Gateway?
A platform allowing application developers to access the SMS, Location and Billing APIs.
- Connects the 3 major Canadian carriers (Rogers, Bell, TELUS) with OneAPI and access to 93% of Canadian mobile subscribers.
- A single implementation of your app works across all carriers - better services for less work
Biometric Identification Evolves to Provide Unprecedented Security & ReliabilitySamsung SDS America
Since it was first introduced in 1858, biometric technology has come a long way. Today, highly advanced, highly accurate biometric technologies can authenticate identity using a person’s fingerprint, iris/eye, facial features, and voice, to name a few. With the rise in identity and data theft, the global financial services industry is ramping up its use of biometrics to provide convenient, reliable, and highly secure protection.
MobiWeb - OTP SMS Two Factor AuthenticationMobiWeb
SMS is a technology that has many applications. Today huge numbers of products and services use SMS in a variety of ways. It can be used for additional security in service access and mobile identity verification. Since most of the world population have mobile phones (smartphones or feature phones), businesses can turn subscribers’ mobile phones to tools of additional security.
This guide describes Two-factor Authentication through OTP (One-time PIN) delivered by SMS.
Since its establishment in 1999, MobiWeb is providing global SMS Messaging for B2B, B2C and C2C mobile interaction.
Visit us at www.solutions4mobiles.com
Alepo 5 Emerging Innovations Carrier-WiFiPeerasak C.
5 emerging innovations in carrier Wi-Fi
Alepo | July 03, 2012
With mobile data usage on the upswing, wireless carriers are looking to Wi-Fi hotspots as a viable way to deliver high speed data on mobile devices. With Wi-Fi hotspots as part of an overall mobile data strategy, carriers can unlock new revenue channels, drive up business value, and optimize network resources and efficiencies.
This Alepo whitepaper reveals five emerging innovations in Carrier Wi-Fi offload, network discovery, and monetization, that are advancing opportunities for wireless carriers in making Wi-Fi hotspots a fundamental part of their mobile data strategy.
Download Alepo’s "5 Emerging Innovations in Carrier Wi-Fi" to learn how advancements in Wi-Fi can:
Make Wi-Fi offload secure and automatic
Make carrier services available on Wi-Fi
Enhance network discovery and selection
Unlock new Wi-Fi hotspot business models
Foster partnerships across the Wi-Fi ecosystem
Mobile Connect, an initiative by GSMA, has the potential to change online authentication and how we consume online services, on a global basis. This presentation will explain what Mobile Connect is, how it can benefit your organisation and the end users.
Beacons leverage a common wireless standard that can be detected by nearly every modern smartphone. Because of this wide and wireless coverage, concerns have been raised on the security of beacons.
By default, Beacons are open and static. For example, Apple’s iBeacons constantly broadcast a single repeating payload: UUID, Major ID and Minor ID. Once deployed, anyone can detect these Beacon IDs. This gives rise to two specific risks: Beacon Spoofing & Piggybacking.
This doc is a summary of the risks and general controls available to mitigate attacks.
What is the GSMA OneAPI Gateway?
A platform allowing application developers to access the SMS, Location and Billing APIs.
- Connects the 3 major Canadian carriers (Rogers, Bell, TELUS) with OneAPI and access to 93% of Canadian mobile subscribers.
- A single implementation of your app works across all carriers - better services for less work
Biometric Identification Evolves to Provide Unprecedented Security & ReliabilitySamsung SDS America
Since it was first introduced in 1858, biometric technology has come a long way. Today, highly advanced, highly accurate biometric technologies can authenticate identity using a person’s fingerprint, iris/eye, facial features, and voice, to name a few. With the rise in identity and data theft, the global financial services industry is ramping up its use of biometrics to provide convenient, reliable, and highly secure protection.
Introduction of E-Wallets, its types, Advantages,Disadvantages, Examples of E-Wallet,Needs of E-Wallet, Top E-Wallets in World and in India, Description of Mobikwik, its Steps, Architecture of transfer between two wallets, About Paytm, How does Paytm Earn, Recharge on PayTm, Steps to use Paytm, Web Technologies of Paytm, Good at Paytm and Bad at it, Our own proposed system to overcome the disadvantage of existing system
[WSO2Con EU 2017] Keynote: Mobile Identity in the Digital EconomyWSO2
In this slide deck, Marie Austenaa, the vice president and head of personal data and mobile identity at GSMA, will explore mobile identity in the digital economy.
An introduction to IBM MessagSight, IBM's gateway to the Internet of Things and Mobile Messaging. As the Internet of Things and M2M become more pervasive are you ready to engage and get the benefits? Do you want to get the benefits of rapid, reliable messaging in the mobile world? This session will cover an introduction to MessageSight, latest updates and an introduction to MQTT.
GSMA - How To Combine Cross-border eID Recognition With Convenience For Users...Ubisecure
eIDAS - Mobile Connect Pilot: How To Combine Cross-border eID Recognition With Convenience For Users And Online Services. GSMA presentation slides from Ubisecure's IAMwithUBI Nordic IAM event May 2018
Presentation from Apigee's Open Banking & PSD2 Summit in London on 19th May 2016.
This presentation covers how digital identity is becoming progressively important to governments and regulators. It uncovers banking and mobile identity and how to improve fraud detection and multi-factor authentication.
Learn how IBM is using new technologies, applications and mobile devices to enable a smarter, more productive workforce. This short presentation shares IBM's journey enabling a flexible, mobile enterprise.
MobiWeb - SMS for Courier & Postal ServicesMobiWeb
Today’s life is mobile. Literally, people spend a considerable amount of their daytime on the way and use their mobile phones more than ever.
In 2014 there were more than 6 billion subscriptions. By early 2015, there will be more mobile phone subscribers than the world's population. With increasing penetration of mobile phones to the most rural areas, mobile networks cover more than 90% of the world’s population. Consumers are always on the move and expect to use services and products on the go. This combined with the fact that mobile phone is the most personal digital device there is, make mobile a great B2C communication channel.
With the internet and mobile revolution, expectations are shifting towards the mobile phone. Many globally established businesses now choose SMS as an important channel when planning their mobile strategy. The mobile phone has become the new “must have” for any serious “innovative” service.
Some of the key business performance factors for the Courier & Postal Services industry is customer service and customer experience. Over the years technological innovations have helped Courier & Postal Services to reduce costs, deliver new services and enhance customer experiences.
As the mobile revolution continues to evolve, mobile technologies are available for the Courier & Postal Services to adopt and deploy. The Short Message Service (SMS) is a well-established, mature technology that Courier & Postal industry can benefit greatly from. SMS can be deployed in a huge variety of tailored use cases. It is available on all mobile phones across all technologies, including GSM, CDMA and 3G.
This guide describes SMS services and the mobile channel for Couriers and Postal Services.
Since its establishment in 1999, MobiWeb is providing global SMS Messaging for B2B, B2C and C2C mobile interaction.
Visit us at www.solutions4mobiles.com
Samsung SDS Mobile Voice Recording is a specifically designed recording solution completely compatible with MiFID II. Inducing maximum transparency, control and accountability, it smoothes your day to day operations giving you more time to take control of other day to day tasks. Take a look at our Samsung SDS Mobile Voice Recording Solution Fact Sheet to find out more.
Financial institutions constantly face new competitive challenges to improve margins or to reduce costs. Over the years technological innovations have helped banking corporations to reduce costs, deliver new services and enhance banking customer experiences. As the mobile revolution continues to evolve, mobile technologies are available for the banking industries to adopt and deploy. The Short Message Service (SMS) is a well-established, mature technology that banking institutions can benefit greatly from. It is available on all mobile phones across all technologies, including GSM, CDMA and 3G.
SMS banking is a type of mobile banking, a technology-enabled service offering from banks to its customers, permitting them to operate selected transactional banking services over their mobile phones using SMS messaging.
This guide describes SMS banking and the mobile channel for banking services.
Since its establishment in 1999, MobiWeb is providing global SMS Messaging for B2B, B2C and C2C mobile interaction.
Visit us at www.solutions4mobiles.com
Presentation from IBM InterConnect 2015:
Mobile devices are increasingly ubiquitous and are the preferred, or in some cases the only, way we wish to interact as a consumer or employee. We now live in a world where we are often connected to the Internet in an "always-on" culture where receiving information or events is both valuable and acceptable. IBM MessageSight helps connect mobile platforms and devices to existing systems of record to enhance the way we involve our customers for improved experience and hence better outcomes. In this session, we explore how to use MessageSight to integrate with systems of record exposed using both IBM Integration Bus and WebSphere Application Server to allow bi-directional, event-driven communication to the mobile application.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
From E-Transactions to M-Transactions: Enabling mobile transactions with information assurance
1. Return to Message Application Products
1Copyright Bond Wireless 2010
From E-Transactions to M-Transactions:
Enabling mobile transactions with information
assurance
Clarence N W Tan, PhD, FACS, F Fin
Founder and CEO
Bond Wireless
Entrepreneur in Residence Fellow,
Bond University/Gold Coast Innovation Centre
Adjunct Professor,
Bond University/Griffith University
2. Return to Message Application Products
2Copyright Bond Wireless 2010
About Bond Wireless
• Founded in 2002 with a business presence in Australia, Singapore,
Malaysia, Thailand, Kenya, UAE and USA.
• Developer of Patented IP and award winning innovative SMS
application solutions
• Winner of the Asia Pacific ICT Awards 2002 in Best
Communication Applications Award.
• Listed in Top 30 ICT companies in Australia 2003/2004 and in the
Q400 2005, 2007, 2008 and 2009 – Top 400 Companies in
Queensland
• Finalist in AIIA 2006 Communications Applications Award
• Winner Gold Coast Business Excellence Award 2006 in IT.
3. Return to Message Application Products
3Copyright Bond Wireless 2010
Our Business
• Enable enterprises of all sizes to communicate via SMS and
VoIP easily, instantly, cost-effectively and confidently with
authentication and verification.
• Provide innovative software solutions.
• Operate our own global text messaging infrastructure and
wholesale international connectivity and access to major
VoIP network.
• Provide messaging and VoIP gateways for system
integrators, application developers, and multinationals.
4. Return to Message Application Products
4Copyright Bond Wireless 2010
Application Specific SMS Products
• Marketing
– SMS Auction, Trivia & Competition
– VoIP and SMS Loyalty Portal
– Campaign Messenger Professional with VOIP
– Greetings2fone
• Messaging
– Campaign Messenger - demo
– Web Messenger
– SMS Print (pat. pend.) - demo
– SMS to Web
• Email Integration - demo
–SMS to Email
–Email to SMS
–SMS to SMS
• SMS Information Messenger
• SMS Callback for VoIP
• Text to Speech VoIP
• Authorization - demo
– SMS AV (pat. pend.)
• Transaction/Payment systems
• SMS Banking/Ticketing
• M-Prescription
• Verification/Authentication
• SMS Workforce
– SMS Job Dispatch
– SMS Appointment Book
– SMS Alerts
• Profile Matching
• Remote monitoring of web sites/servers
• SMS Stock Alerts
• SMS Transit
– Trans-Messenger
• Developer‟s SDK
• Case Studies
5. Return to Message Application Products
M-Transactions
• Mobile applications on handsets utilizing internet
connection
– Java Apps, iPhone Apps, Android Apps
– SimTool Kit
– WAP Apps
• Problem:
– not ubiquitous
– require internet connection, minimum of GPRS, WiFi
– security issue when accessing via public WiFi networks
– requires Smartphones
5Copyright Bond Wireless 2010
6. Return to Message Application Products
M-Transactions Market
• The value of digital and physical goods that people buy with
their mobiles will reach $200 billion globally by 2012,
compared to just less than $100 billion this year.
(Juniper Research 2010)
• Majority of mobile handsets sold globally are sub-$50
phones that only carry voice and SMS e.g. China has over
850 million mobile subscribers but is projected to have only
7%-10% 3G subscribers at the end of 2012. (Source:
Ministry of Industry and Information Technology, the
operators‟ website)
• Many global digital brands have tried and failed in China, e
– Facebook: <5% share, blocked in 2009, no access in China
– Yahoo: entered 1999, site 3721 acquired in 2003 (40%
market share), now 0.5% share
6Copyright Bond Wireless 2010
7. Return to Message Application Products
7Copyright Bond Wireless 2010
Why SMS?
• SMS is a stable platform has been around for over 17 years
• Extending the capabilities of mobile messaging to the
enterprise market by overcoming the limitations of
traditional SMS.
– Input
– No end-user proof of receipt or information assurance to
support high value applications
• Global SMS Market Trend
– Peer-Peer to Business-Peer
– US Telcos opening up to SMS
– SMS is the most cost effective method to reach large numbers
of customers in most markets
– Bridging the Digital Divide e.g. in Asia, where SMS is much
more accessible than the email
8. Return to Message Application Products
Bond Wireless solves non-repudiation of
mobile consumers
Bond Wireless has developed a patent for verifying and
authenticating consumers using SMS and its associated
technologies text2speech.
Problems solved:
1. Has the correct person received the information?
2. Has the correct person read the information?
Successfully being deployed by mobile operators and
application developers across the Asia-Pacific region.
Copyright Bond Wireless 2010
9. Return to Message Application Products
SMS Authenticate & Verify (SAV)
• Authenticated and Verifiable SMS Messages
• Server-based patented technology that permits
certified SMS transmission that is encrypted
• SIM card independent solution
• Ensures only intended recipients can read
message
• Solves non-repudiation problem by confirming
recipient has successfully retrieved message
Copyright Bond Wireless 2010
10. Return to Message Application Products
Benefits of the Bond Wireless approach to non-
repudiation and verification of message reception
• The *patented SMS Authenticate and Verify (SAV)
technology used in our SecureTransTM product is designed
for enterprise applications providing additional business
process security with SMS messages, without expensive
modifications to SIM cards, customized phones, or phone-
based applications.
• The SecureTransTM process ensures the identity of the
message recipient before any sensitive data is delivered.
In addition to ensuring only the intended recipient reads
the message, the sender is also given proof that the
recipient received the message.
* SMS AV (SMS Authenticate and Verify) has been granted a patent in the following territories:
China - ZL 03810299.4, Hong Kong - HK1078708, USA - US 2006/0098678 A1, Australia -
2003225327 and Europe - 03720017.7
Copyright Bond Wireless 2010
11. Return to Message Application Products
The SecureTransTM Platform
• No need for SIM Toolkit development and the issuing of
application specific toolkits.
• Will work across multiple Mobile technology platforms
(GSM, CDMA, and 3G)
• Operates with MMS as well as SMS
• Guarantees that the correct recipient is receiving the
information being broadcast
• Value added mobile service
• Privacy/Duty of care/Security
• Enables operators to establish a cost effective user
validation process
• Customers are able to self-activate and auto activate users
Copyright Bond Wireless 2010
12. Return to Message Application Products
SMS SecureTransTM Information flows
Copyright Bond Wireless 2010
13. Return to Message Application Products
How it works
Verification Module
• Enables senders of SMS to verify the correct user is in control of
the receiving device.
• The verification module uses the CLI and a shared password as
the validation criteria.
• The application enables a sender to manage the length of the
maximum response time.
• The verification process can be used to commence or complete a
transaction, and can be initiated from the network or the mobile
device.
Copyright Bond Wireless 2010
14. Return to Message Application Products
Securing the handshake
Authentication Module
• Using 128 bit encryption, sensitive data is sent encrypted with the
request for verification.
• The message is only decrypted upon receipt of correct password/
verification keys.
• When in use, no content of the outgoing SMS message is stored
on the encryption server, the whole message is sent with the
request for validation.
• Allows future migration of a Java-based mobile application or SIM
Toolkit solution to provide seamless encryption/decryption at the
phone.
Copyright Bond Wireless 2010
15. Return to Message Application Products
The SMS SecureTrans
TM
Benefit for Security
Enables organisations with confidential or sensitive
information to use the distribution capabilities and coverage
of SMS.
Ensures only the intended recipient can read message
Permit sensitive information to be sent via SMS
Enable mobile/e-commerce in a secure fashion
Solve problems of non-repudiation
Copyright Bond Wireless 2010
16. Return to Message Application Products
Applications of SMS AV in Security and
Government
• Ubiquitous private communication via SMS from
mobile to mobile or PC to mobile with
authentication and verification of sender and
recipient globally.
– Government or security personnel can utilize any
existing mobile handsets with the service as long as
they have registered their existing mobile numbers and
pass-code with the system.
• Verification of permission or order via SMS with
an audit trail and proof of receipt that recipient
has retrieved the message.
• As a digital signature to verify recipient has
approved an order or a transaction.
Copyright Bond Wireless 2010
17. Return to Message Application Products
Example of SMS AV usage
• Permits sensitive information to be sent to recipient with
confirmation of information being sent to recipient thus
providing an audit trail.
• Enables transactions to be conducted using a mobile phone
without modification of SIM cards.
• No sensitive information that is encrypted is stored on
third-party servers.
• Ensures only intended recipient can read message
• Applications include SMS Banking, SMS Transact, SMS
Billing, SMS Payments/Ticketing
Copyright Bond Wireless 2010
19. Return to Message Application Products
SMS mobile banking business model
Revenue models
Reduce cost of servicing customers
Increase revenue stream with SMS Banking
as a value-add service to customers
Create a mobile commerce platform
Independence from carriers and networks
Potential mobile payment solution with global
footprint
Copyright Bond Wireless 2010
20. Return to Message Application Products
Current Implementations
Implemented with a Telco in SE Asia who are using it
in the consumer market
Implemented in the Health Industry providing test
results to patients, see interview with Queensland
Health Director of Sexual Health Clinic:
http://www.youtube.com/watch?v=P8uOLkJFjlc
Implemented in the Education Industry providing
government exam results to students
Copyright Bond Wireless 2010
21. Return to Message Application Products
SecureTrans Application delivered for a Telco
Copyright Bond Wireless 2010
22. Return to Message Application Products
Case Study: Sexual Health Clinic
• Doctors have to show duty of care in contacting
patients with communicable diseases.
• 90% of medical test results are negative.
• Currently using certified/registered mail as proof of
duty of care. Cost is about US$2 per patient, with
ineffective results due to the mobility of patients.
• Trialing SMS AV to have non-repudiated proof of
patient‟s receiving their results via SMS.
• Faster response time, reduces cost of delivery, more
effective results in managing patients.
Copyright Bond Wireless 2010
23. Return to Message Application Products
State Health Example
• Reminder sent to patient encrypted.
• Patient enters agreed Passcode.
• Result sent back to patients mobile phone
decrypted and able to be read.
• Notification sent and to doctor/sender that
message has been decrypted successfully.
• Log made of outcome for later audit.
Copyright Bond Wireless 2010
24. Return to Message Application Products
24Copyright Bond Wireless 2010
CaraData working with Bond Wireless
CaraData introducing SHIP 7 the Sexual Health Information
Program developed in Australia with the help of professionals
working with HIV and STDs.
CaraData has been working with Bond Wireless to provide
secure SMS text messaging to patients
The solution checks patient records and automatically sends
secure SMS text messages directly to mobile phones
regarding
– test results
– appointment times
– reminders to take medication
25. Return to Message Application Products
25Copyright Bond Wireless 2010
Case Study:
Using Bond Wireless SMS SecureTrans to notify
patients of medical results in a Sexual Health Clinic
Doctors have to show duty of care in contacting
patients with communicable diseases in Australia.
90% of medical test results are negative.
Currently using certified/registered mail as proof of
duty of care. Cost is about US$2 per patient, with
ineffective results due to the mobility of patients.
Australian hospital currently using Bond Wireless
SMS SecureTrans to obtain non-repudiated proof
of patients‟ receiving their results via SMS and
ensuring confidentiality of results.
End result for Hospital: Faster response time,
reduced cost of delivery, more effective results in
managing patients with less patients phoning in to
inquire about their medical results.
26. Return to Message Application Products
26Copyright Bond Wireless 2010
Send Message
Message stored on
Clinic Server
encryption an option
Message sent to Bond Wireless
Message passed to Client
Receive
message
Client sends PIN to
Bond Wireless Server
Encrypted message
unencrypted
Message sent to ClientMessage status sent to
Clinic Server
Notify
Staff No message kept on
Bond Wireless Server
SMS
message
Secure
SMS
message
Fig. 1 Schematic SMS Pathways
27. Return to Message Application Products
27Copyright Bond Wireless 2010
Consent to SMS by age and sex
28. Return to Message Application Products
28Copyright Bond Wireless 2010
Conclusion: Advantages of SMS for GCSHC
• Software compatible with and can be delivered through SHIP
• 90% of the negative results resolved via SMS
• Phone traffic for result giving has been significantly reduced
• Staff time & effort targeted more cost–effectively on +ve results
• Appointment waiting time are reduced, meeting public health needs
• Secure SAVSMS provides non-repudiated proof of duty of care
• Cost saving on postage
• Future clinical applications through SMS:
– Drug trials reminders audit process
– Reminders for medication and appointments
– VoIP/SMS marketing for disease awareness programs targeting ethnic and
younger demographic population.
30. Return to Message Application Products
Existing Problems in M-Commerce
• Require SIM Tool Kit (STK) Solution or Smartphones to run
applications for mobile commerce thus limiting number of
users for m-commerce services.
• Inability to distinguish if the Caller ID of the sender of a
text message has been spoofed.
• No proof of receipt or acknowledgment of wilful attempt to
retrieve a message by the recipient for a sender to have
confidence that a message sent has indeed been retrieved
by the correct recipient.
• Issues of prepaid mobile subscribers not registered or not
having to go through a stringent identity check makes
conducting m-transactions difficult.
30Copyright Bond Wireless 2010
31. Return to Message Application Products
Proposal of a „Verisign Mobile‟ Model
• A „trusted‟ entity uses Bond Wireless SAV methodology in
sending and receiving of all SMS (text messages) as an
intermediary.
• The entity is responsible for registering and checking that
all users of the SAV are properly identified.
• Any messages sent from the entity unique reply number
can be trusted by the user. There is little risk of Caller ID
spoofing of the entity as the entity will always only send an
encrypted message that requires a passcode to be sent
back with the message to the entity from the user‟s phone.
• The entity will be used to send messages for m-
transactions, medical results, exam results, any critical
information that requires proof of receipt e.g. approvals,
notarization, etc.
31Copyright Bond Wireless 2010
32. Return to Message Application Products
Benefits of the „Verisign Mobile‟ Model
• Enables information assurance for mobile subscribers to
conduct mobile transactions.
• Entity is able to monitor and see all transactions going
through the system.
• Entity can provide this service globally as long as
international mobile subscribers can reply to the unique
entity‟s mobile number.
32Copyright Bond Wireless 2010
34. Return to Message Application Products
34Copyright Bond Wireless 2010
1. User sends an SMS shortcut to initiate
transactions with username (optional).
Example: LI CUST1.
The SMS is sent to a dedicated Mobile
Number.
2. Server verifies user using
CLI and username. A menu is
sent back to User via
SMS.Example:
1. BI - Balance
2. FT - Fund Transfer
1
2
3. User chooses transaction and sends the
appropriate shortcut. EXAMPLE: BI
4. Server verifies user using CLI and sends the
response to the shortcut. Example: Balance
Inquiry for which Account:
1. Savings Account No 888
2. Checking Account No. 999
4
5. User chooses response for transaction.
Example: 1
Balance Inquiry
6. Server verifies user using CLI.
An automated call is generated to the user,
announcing the transaction initiated and
requesting user to enter his/her her Mobile PIN
in order to retrieve a dynamic Approval
Password..
3
5
6 & 7
7. User receives an automated telephone
call from the bank requesting user to key
in his/her password. User enters his/her
Mobile PIN, listens for the Approval
Password, and hangs up.
8 9. Server verifies user using CLI, decrypts the
message using the Password. Once verified, the
requested transaction is sent via SMS. Example:
You have <Balance Amount> in <Account No.>9 SMS
SMS
SMS
SMS
SMS
SMS
Voice/IVR
IVR8. User receives an encrypted
message requesting the Approval
Password. User sends Approval
Password. Example: <Approval
Password.>
35. Return to Message Application Products
35Copyright Bond Wireless 2010
1. User sends an SMS shortcut to initiate
transactions with username (optional).
Example:LI. The SMS is sent to a
dedicated SIM.
2. Server verifies user using
CLI and username. A menu
is sent back to User via
SMS.Example:
1. BI - Balance
2. FT - Fund Transfer
1
2
3. User chooses transaction and sends the
appropriate shortcut. EXAMPLE: FT 4. Server verifies user using CLI and sends the
response to the shortcut. Example: Fund
Transfer to be done on on which Accounts:
1. Savings Account
2. Checking Account No. 999
45. User chooses response for transaction
by choosing the accounts to transfer from
and account to transfer to with the word
‘to’ as a separator .
Example: 1 to 2 <Amount>
Fund Transfer
6. Server verifies user using CLI.
An automated call is generated to the user
announcing the transaction initiated if
transaction request is confirmed, requesting user
to enter his/her Mobile PIN in order to retrieve a
dynamic Approval Password.
3
5
6 & 77. User receives an automated telephone
call from the bank requesting user to key
in his/her password. User enters Mobile
PIN, listens for the Approval Password,
and hangs up.
8 9. Server verifies user using CLI, and Password.
Once verified, confirmation of the requested
transaction is sent. Example: You have
transferred <Amount> from <Account No 1> to
<Account No. 2>
9
SMS
SMS
SMS
SMS
SMS
SMS
Voice/IVR
SMS
8. User receives an encrypted
message requesting the Approval
Password. User sends Approval
Password. Example: <Approval
Password.>
36. Return to Message Application Products
36Copyright Bond Wireless 2010
Notes on SMS Banking with IVR Verification
• Once a request for transaction request is initiated, as security measure, there
will be an automatic timed logout if user does not respond within a set time.
• The entire process can be shortened by the user by using the appropriate
shortcuts and correct fields without the server prompting after Log in. For
example:
BI 1 <Password>
FT <A/C to txf from> to <A/C to txf to> <Password>
• Steps 6, 7 and 8 can be reduced to just IVR verification. However, the security
and audit trail requirements may require the additional steps as voice calls can
be forwarded without knowledge of the caller while SMS can never be forwarded
with original sender‟s CLI from a handset.
• In addition, the encrypted SMS sent back to the bank provides the customer
with a „copy‟ of the transaction done, thus providing an audit trail or receipt of
the transaction while IVR alone will not provide a journal of the transaction from
the customer‟s perspective.
37. Return to Message Application Products
37Copyright Bond Wireless 2010
Why Bond Wireless
SMS Banking Solution?
• Patented proprietary technology
• Secure (possible for bank to self-host security server)
• Scalable (RDBMS, encryption engines, etc.)
• Extensible (e.g., add IVR, text-to-speech capabilities, etc.)
• Telco/handset independence
• Cost effective (hard-/software platform agnostic, integrates to
legacy systems readily)
• Cost effective administration (low admin overhead & end user
support cost)
• Possible deployment as micro-transactions platform
• Excellent solution for micro-financing environment
38. Return to Message Application Products
38Copyright Bond Wireless 2010
Stockbrokerage example:
a. Client instructs stockbroker over phone call
to “Sell X lots of Y”.
b. Stockbroker (Content Server) desires formal
order verification & authentication of client
(Receiver) before taking action.
c. Stockbroker sends client encrypted SMS
“Confirm sell X lots of Y” using software
package running on a PC (Security Server).
d. SMS arrives at client‟s phone with PIN
prompt.
SMS applications - Stockbroking
39. Return to Message Application Products
39Copyright Bond Wireless 2010
Stockbrokerage example (cont‟d):
e. Client replies also using SMS & enters
PIN.
f. Software on PC receives reply &
authenticates client using CLI & PIN.
g. On success, software sends client
decrypted SMS “Confirm sell X lots of
Y”.
h. Client can follow up if this instruction
is in error.
i. Stockbroker executes order if client
has been properly authenticated.
SMS applications
40. Return to Message Application Products
40Copyright Bond Wireless 2010
Other Business Process Applications
Sign-off of company purchase orders by remote or
mobile staff
Sign-off of letter or advertising copy by remote or
mobile staff
Alerting senior managers of organisations of KPI metrics
Enabling organisations with remote workforces to
dispatch, track and record appointment details
Interacting with Customers and Suppliers to confirm
receipt, shipment and status of orders
Simple reporting tool for remote staff who may not have
ready access to an internet connection
41. Return to Message Application Products
41Copyright Bond Wireless 2010
Selected References
1. Tan, C, Teo, T. W., and Goldschmied, J., “An Authenticated SMS (Short Message
Service) System for M-Commerce Transactions: Practical Issues and Legal
Perspectives”, Hong Kong Mobility Roundtable Conference 2005, Hong Kong, June1-
3 2005.
2. Clarence N.W. Tan, Bond University, Australia; Tiok-Woo Teo, Bond University,
Australia, “Mobile Telecommunications and M-Commerce Applications”, Encyclopedia
of Information Science and Technology I-V (Mobile Technologies), January 2005,
Idea Group Inc., USA, ISBN 1-59140-553-X.
3. C. N. W. Tan and T. W. Teo, “An Authenticated Short Message Service (SMS)-Based
Transactions System Without SIM Modification”, Proceeding of the 2003 International
Conference on Wireless Networks, 23–26 June, 2003, Las Vegas, Nevada, USA.
4. C. N. W. Tan and T. W. Teo, “A Short Message Service (SMS) Enabled Job Dispatch
System”, Proceeding of the 2002 International Conference on Wireless Networks,
24–27 June, 2002, Las Vegas, Nevada, USA, ISBN 1-892512-30-0.
5. Tan C & Teo T-W, From e-commerce to m-commerce: The Power of the Mobile
Internet”, chapter in Internet Management Issues: A Global Perspective by J Haynes
(Editor), Idea Group Publishing, Chapter 2 pp. 27-53, ISBN: 1930708211, USA,
2002.
42. Return to Message Application Products
42Copyright Bond Wireless 2010
Questions?
Contact details:
clarence@bondwireless.com