Community

ERRATUM:

You can't just say "blockchain makes things better". You need to understand what blockchain does and what it is for.

For an article that set out to "uncheck unknowns" it depressingly leaves the major gap uncrossed: what precisely can a technology specially designed to work without trust and administration, do for mainstream business institutiions? Blockchain specifically stops Double Spend - that's all it does. It does not "synchronize" databases as some presume. It only resolves the order of entries made in one special purpose ledger by untrusted unregistered users. Healthcare to take one example is utterly unlike Bitcoin. Users are registered. Processes are trusted. Administration is everywher. Databases are diverse and very very complicated. You can just say "blockchain makes things better". You need to understand what blockchain does and what it is for.

What a lot of strident, almost religious nonsense. 

Mr Tripathi writes: "Effectively DI is useless until NON-REPUDIABLY mapped to physical identity recognised by the applicable legal framework. ... Non-repudiable means I can't go to a court of law and say... HEY IT WASN'T ME (or in the case of Michael Jackson... THE KID IS NOT MY SON!!!)". 

Technologists have to stop telling people what is useless about identity.  We do a pretty good job today identifying people online.  It's far from perfect and there is too much fraud, but clearly on averege we're all doing pretty well in the digital economy.  So why shout at us about the "essential" nature of a signature? 

"Non repudiation" was always a technologist's ill-informed fantasy about how courts work.  The idea of NR has been rejected over and overby actual lawyers through the first 10-15 years of PKI. It's funny that the idea has resurfaced in blockchain discourse, but tragic that consultants are still writing about it in fantastical terms. 

Nothing will ever stop someone going to court to dispute a signature.  Even if I apply a digital signature myself, fully consciously, I might find myself disadvantaged somehow, and seek remedy in the legal process.  Perhaps my digital signature software didn't properly render the transaction, or was simply buggy? Perhaps the contract was unconscionable?  Perhaps I was coerced or under duress?  

Non repudiation is non-sensical. Get real people. 

It's not quite clear what's going on here. One part of the story suggests that LoopPay's "magnetic secure transmission (MST) technology" was compromised, which might mean card data could be spoofed and fraudulent transactions created.  But in another part of the story, LoopPay management refers only to their corporate network being breached. 

If there is any possibility of LoopPay transactions being compromised, then it's time to review the legitimacy of this type of product. There has been a wave of innovative technologies in the past three years that exist to squeeze a bit more life out of obsolete mag stripe systems.  LoopPay bombards a magstripe card reader with pulsating magnetic fields that simulate the induction pattern of a card as it is swiped.  Competing approaches Plastc and Coin simulate a ferrite tape with a programmable magnetic transducer.  In all these cases, the card scheme branded plactic card is being replaced by a clever gadget.  

But here's the thing.  Read the merchant services agreement of Visa or MasterCard and you'll find black-and-white clauses that say the merchant must only accept cards that exhibit the trademarks, holograms and other tamper resistance measures of the scheme.  If the merchant doesn't check, and if a Card Present transaction goes bad, then the merchant can be liable for the charge-back. 

When these card simulating gadgets work well, it seems everyone is happy to turn a blind eye.  But when they start going bad at the hands of criminals, you have to think at some point the card companies will step in and enforce the rules.   That's what the rules are for.  These stop-gap gadgets offer to delay the inevitable shift to EMV, but EMV exists for a reason: it's much much harder to spoof a chip than a magnetic stripe.  

The crazy thing about LoopPay, Coin and Plastc is they actually exploit the very weaknesses that EMV shuts off.  These gadgets are themselves cases of hacking!  Their legitimacy in my mind has always been dubious. 

I take a different view from Andre Stoorvogel. The convenience tradeoff with cloud based wallets is too great. With smart phone penetration around 70% and in two years time, Secure Elements and TEE expected to be at similar rates of availability, we should indeed be using local, user owned hardware security. Secure Elements do scale insofar as they are apporaching ubiquity. We don't put EMV cards or ATMs "in the cloud". All serious payments security rests on local hardware based cryptography (see http://lockstep.com.au/blog/2014/03/26/uniform-approach-cnp) and mobile payments should not be any different. 

See also 

"USAA’s facial recognition requires users to look at the screen and, when prompted, blink their eyes."
Blinking is supposed to be the anti-spoofing mechanism?
Reminds me of the first face recognition systems using laptop cameras. You could hold up a photo of the target's face and wiggle it up and down to fool the algorithm into thinking there was some facial expression happening.
We have to remember that computer vision is utterly utterly unlike human vision. The idea that algorithms are ready to mimic the way humans perceive and recognise faces is dangerous. 

OMG. If credit card fraud was a really really difficult problem to solve, then it might merit the application of unproven quantum mechanical engineering. But it's not and it doesn't.  

Digitally sign a transaction using a private key secreted inside a tamper-resistant chip, and Card Present is made reasonably secure.  That's Chip-and-PIN. Do the same thing for Internet transactions, using a private key in a networked chip like an RFID card or smart phone Secure Element, and Card Not Present fraud would also be manageable. 

See http://lockstep.com.au/blog/2014/03/26/uniform-approach-cnp. 

On the other hand, re-purposing of shopping habit data can't go on without limit. There are significant moves to limit the amount of data breadcrumbs left behind as we transact (with electronic cash being the extreme response). 

I'd also like to see the "card fraud" figures broekn out into carding (Card Present) versus Card Not Present. At one level, it's all "card fraud" insofar as illict charges are made against a cardholder account. But the vectors are different.  EMV brings carding down, but we need to know how much carding fraud then migrates to online CNP fraud, reion by region. 

Mark Scott would be right that fraud economics is the proper way to look at this -- if we had the data to do the calculations. But we don't.  We do not know the real life False Detect Rate of biometrics solutions.  We do know that they are much worse than the laboratory measurements occasionally released.   There are no standards as yet for spoof resistance; there isn't even agreed terminology for liveness detection.  All we have is peoples' calming guesstimates that the Galaxy S5 and the iPhone 5S are "secure enough".  This is not how professional information security should be done. 

The serious problem in all this is that while the security situation is lax and adh hoc, consumers are being told that biometrics is the way of the future.  We already have talk of cloud biometrics, and 'ubiquitous' biometrics for the Internet of Things.  But the das truth is this technology is not well understood even in the lab.  There are few if any standards, and no field data.   

You cannot do security by guess work.  "Near enough" is not good enough, not when vendors are agitating for broader consumer uptake, and at the end of the day, there is no way to cancel and recover from a stolen biometric.