Monday, January 18, 2010

An Android re-take on security for mobile money applications

Financial payment applications are a unique breed of applications. These are the applications installed in the ATM's on the chip in your EMV cards and running on chips in Point of Sale machines. These applications manages and sits at the heart of the fibre of electronic payments. Without them, retail operations, cash dispensing, electronic bill payment and many more essential functions would not be possible.

In order to ensure a safe, secure and predictable environment, these applications should be tamper-proof, well identified (signed), well tested and understood. These applications are always certified by an independent body and many external controls are built into the system to ensure integrity and balance.

It is most likely that mobile phones will be used to perform many of these payment functions (retail payments, cash disbursement etc.). As a matter of fact, mobile phones would be doing the bulk of these transactions as well as payment transactions that were never possible before. Utilising applications on mobile phones that break down the principles needed for security, predictability and transparency is dangerous and irresponsible to say the least.

The Android operating system is probably the most open operating system for mobile phones today with extremely rich features. With Android it is now possible for anyone to build applications and trick others to load it on their phone. These applications (quite unique to Android) can easily be loaded on the phone in a (relatively) uncontrolled way, can run in the background (unique to Android), can interact with applications residing on other devices (remote from the actual phone) and can launch other applications (unique to Android) with no information to the consumer.

I am not the best hacker that I know, but I can tell you this: Android is the perfect platform to build the perfect application with ill intent, and those applications will be built.

The big pity is that a few unfortunate incidents created in this way, will lead to immeasurable damage to the trust in mobile money solutions in the eye of the man in the street.

2 comments:

Marius said...

Hannes, actually the Maemo OS on the new Nokia N900 is far more open than the Android but both have far more stringent and strick security mechanisms under which processes may execute than Win Mobile or Symbian, even better than the iPhone.

Yes there will be apps that will try to bypass these security measures but this applies to all Mobile OS's. Just as user need to be cautious on what they access and execute on their PC so should they be on the mobile devices. It is just another computing device.

leogaggl said...

I don't think the argument that an open platform (regardless of what particular platform) is more vulnerable in terms of security stands up at all.

Check out this article http://news.cnet.com/8301-13505_3-10059767-16.html and the US National Security Agency (NSA) or talk to any computer security professional worth their money.

I think there are much more dangers in the proprietary platforms such as the iPhone OS.

http://cryptopath.wordpress.com/2010/01/ as one example (plenty others).

As far as platforms go Android is not even the most used one (although the trend is certainly up).

Symbian
Android & Palm WebOS
Maemo
Moblin
....

And on another note - I highly doubt that the biggest problem with Smartphone platforms is installable Apps - most vulnerabilities are in basic systems such as browser and messaging (phishing, ...)