Enable mobile payment to avoid skimming and man-in-the-middle attacks

Today again, first page news in Sweden is on how consumers accounts are emtied of money after putting their cards in machines. This time in a “skim equipped” card reader when refueling gas at an unmanned gas station. This a story that repeats again and again (especially at ATM machines).

How to solve/lower this problem? Enable a connected mobile payment service using a technology where the user are securly authenticated and no sensitive information like card/account number, CCV, etc. is transmitted during execution of the payment transaction. And where the transaction is signed in the mobile, “sign what you see”, before executed.

So if implemented, nothing to skim and if you want to do a man-in-the-middle, you have to wire-tap dual encrypted online connections, and in a short time frame, and if you succeed you get “bosh” information and for use no where..

This entry was posted in Mobile payment and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s