Smart wallet shuns NFC in favor of in-house magnetic flux tech

From smart cards to smartphone-based payment services, we've seen plenty of high-tech digital wallets vying for the attention of tech-savvy consumers. The Spendwallet is the latest of the bunch, an all-in-one device that opts for an in-house magnetic field technology instead of NFC.

Expert: Mobile security to be focus in 2016

As mobile use continues to expand, security in the mobile space is becoming more important. Here is how one expert believes mobile and security will change in 2016.

iOS security will take center stage
"[Expect] more iOS kernel exploits and jailbreaks for iOS 9.2 and 9.3. We believe a vulnerability similar to Stagefright will emerge on iOS, proving no OS is safe from motivated attackers. We'll also see another Airdrop-esque attack, which will allow hackers to send and install malware on any device within range," said Zuk Avraham, Founder, Chairman & CTO, Zimperium.

Android devices will continue to have late updates

"Despite all of the criticism and pressure Android received this year following our discovery of the Stagefright vulnerability, many Android devices still aren't likely to receive timely updates in 2016. Hackers will continue to target Android and we expect more exploits to take advantage of the shared address space ASLR weakness to gain system privileges. Given the further adoption of SELinux, kernel exploits will also become more important for rooting," said Avraham.

More security breech headlines

"This is due to participation in bug bounty programs, which provide compensation and recognition to hackers who discover and report vulnerabilities in a company's security infrastructure. As companies realize the value of these programs and build the internal acumen to digest the results, more organizations will formalize these programs. Legislative changes will also push researchers toward public disclosure," said Avraham.

Read More: http://www.bizreport.com/2015/12/expert-mobile-security-to-be-focus-in-2016.html

Mobile payments ecosystem comes of age in India

Although being young with only a dozen mobile wallet players in the field, India's mobile payment ecosystem has witnessed steady growth and a rapid adoption of path-breaking innovations as people started realising the benefits of technology in online payments space in 2015 -- the most popular being the "mobile wallet".

Major economies across the world have been witnessing "cashless" transactions, with the industry, estimated to be around $300 billion in 2013, making inroads in many countries in the last five years. Companies such as Apple, Alipay, Google's Android Pay and Samsung Pay have already put their own solutions in place.

In India, there are around 12 mobile wallet players that include Paytm, MobiKwik, Oxigen, Citrus Pay, Freecharge, Zaakpay, ItzCash, Airtel Money, M-Pesa, and mRupee, and their combined customer base is said to be more than 125 million. Of this, Paytm alone has a lion's share of over 50 million.

According to a study by research and consultancy firm RNCOS, the current size of the mobile wallet market in India stands at about $53 million (350 crore Indian rupees) and is estimated to touch around $183 million (1,210 crore Indian rupees) by 2019. Cash transactions account for 38 percent, while recharge and bill payments account for 30 percent of the total market.

However, there are minor irritants such as failed transactions forcing the online shoppers to go through the tedious process of filling in details, and the lack of awareness among people. But leading payment gateway company PayUbiz has launched a new feature called Magic Retry, which enables the consumers to retry a failed transaction by simply picking up from the point where the last error message appeared.

Magic Retry is specifically designed for mobile online payment and is said to be first of its kind in the digital and electronic payments ecosystem in the country.

Head of Business at PayUbiz Rahul Kothari said that though most of the online shopping was taking place over mobile devices, online transactions through mobile phones were still susceptible to payment failure due to network signal loss or a random error. "With the launch of our new feature, the usual hassles which have been traditionally associated with mobile payments are things of past," he added.

Read More: http://www.zdnet.com/article/mobile-payments-ecosystem-comes-of-age-in-india/

Robotics teams compete in first ever league play

Learning a new language between the start of term and Dec. 12 can be daunting, but the Midland High School’s robotics teams are confident it’s not out of their league. Teams from both Midland High and Lee High are competing today in the First Tech Challenge with robots programmed using Java, a change-up from last year.

“The competition changed platforms for both electronics hardware and software this year requiring teams to use Java as a new language as they build apps (applications),” said Cory Callaway, Midland High’s robotics adviser. “Midland High’s teams have been working furiously to design, build, test, redesign, and modify our robots to meet the challenges of this year’s competition.”

Teams compete from 9:30 a.m. to 2 p.m. today at the Permian Basin Petroleum Museum.

Java is considered mainstream in the tech and programming world because of its user-friendly language. The apps act as software pieces for Android phones, which are the “"brains” of the students’ robots, according to Callaway.

“We’re an engineering community, and ... engineering is continuing to incorporate more robotics technology,” he said. “College students are learning programming and coding when they’re not exposed in high school, so those exposed in high school are ahead. It’s a competition that fits the academic side of the growth in the industry right now.”

It marks the first time for the Panhandle and Plains Region to incorporate “league play,” which lets teams compete in events and accumulate points that determine the seeding for invitational qualifier matches. It also marks a first for the Petroleum Museum hosting a robotics event.

“While working with the Petroleum Museum over the past couple of years, our conversation took a natural turn toward working together to help provide more opportunities to the students of Midland,” Callaway said.

Stacie Hanna, the museum’s director of education, said it was a step toward the museum’s desire to incorporate more science, technology, engineering and mathematics (STEM) into its education curriculum.

Read More: http://www.mrt.com/news/education/article_8eabd836-a08e-11e5-9fe3-df1e4eb1ee2e.html

Disk Encryption: The Good and The Slow

Simple screen locks in the form of PINs and patterns have been around for a long time, but only recently, with the launch of Android Honeycomb, did full disk encryption make an appearance on Android. Encrypting and decrypting user data on the fly, i.e., during read and write operations, boosted device security considerably, based on a device master key.

Prior to Android Lollipop, the aforementioned master key was based on the user’s password only, opening it up to a host of vulnerabilities through external tools like ADB. However, Lollipop carries out full disk encryption at the kernel level, using a 128bit AES key generated at first boot, which works in tandem with hardware-backed authentication like TrustZone, ridding it of the ADB vulnerability.

Disk encryption can be done at two different levels, namely, at the software level or at the hardware level. Software encryption uses the CPU to encrypt and decrypt data, either using a random key unlocked by the user’s password, or by using the password itself to authenticate operations. On the other hand, hardware encryption uses a dedicated processing module to generate the encryption key, offloading the CPU load and keeping the critical keys and security parameters safer from brute force and cold boot attacks.

In spite of newer Qualcomm SoCs supporting hardware encryption, Google opted for CPU-based encryption on Android, which forces data encryption and decryption during disk I/O, occupying a number of CPU cycles, with device performance taking a serious hit as a result. With Lollipop’s mandating full disk encryption, the Nexus 6 was the first device to bear the brunt of this type of encryption.

Read More: http://www.xda-developers.com/disk-encryption-the-good-and-the-slow/

5 mobile security flaws you should know

Windows Phone, Android, iOS — no operating system is completely bulletproof from security problems.

Mobile devices can be a scary thing to think about after major security vulnerability emerged in July in Android, called the Stagefright bug — which lets cyber criminals hack a smartphone simply by sending a text message.

A Stagefright 2.0, which allowed a hacker to gain control of a smartphone via an MP3 or MP4 video, sprang up in October before Samsung, Google, LG and other tech giants enforced monthly security smartphone security updates following the original bug, according to the Guardian.

Apple devices can also be susceptible to security problems.

A hacking team received $1 million from startup company Zerodium after the group discovered an unknown, or zero-day, vulnerability in iOS.

But such risks are not limited to just smartphones.

"I think they're in the spotlight right now because they can do so many things, and carry so much information and interfaces," said Jan Volzke, Vice President of Reputation Services at Whitepages, a contact information and identity verification company.

Here's a quick list of top mobile security flaws you should know:

Clicking on links or opening a suspicious email enables hackers to collect and access sensitive information, such as Social Security numbers and SMS messages.

They can even steal credit card numbers and online banking transactions directly and install spyware on a device to access personal data.

Experts at the Alcatel-Lucent's Motive Security Labs confirmed a rapid increase of mobile device infections, with a 25% spike in 2014, compared with 20% in 2013, according to the Motive Security Labs H2 2014 Malware Report.

Read More: http://www.nydailynews.com/news/national/5-mobile-security-flaws-article-1.2451562

ANZ launches Android mobile wallet across the Tasman

ANZ Bank NZ has released a contactless payments service for Android smartphones with a zero liability protection against fraudulent debit and credit transactions.

Called goMoney Wallet, the new application is integrated into the bank's existing Android app, which allows customers to check balances, transfer money and make payments. It will be available from tomorrow.

ANZ Australia also intends to launch a mobile wallet early next year, a bank spokesperson told iTnews.

The Australian version will take a different approach to the Kiwi mobile wallet, however, and will operate as a standalone application that is not integrated with goMoney.

ANZ Australia launched the ePOS iPhone-based solution for merchants to accept credit card payments in 2010.

Liz Maguire, the bank's NZ head of digital channels and transformation, said the driver for developing the mobile wallet came from customers.

"A mobile wallet was the number one request from ANZ goMoney customers when they were surveyed this year," Maguire said.

She said the mobile wallet uses host card emulation technology via NFC supported on newer devices running Google's Android operating system, and at merchants with contactless payments terminals.

Payments can only be performed within two centimetres of the terminal and with the phone active and providing confirmation, as a precaution against accidental transactions.

ANZ said the goMoney app uses "high-grade encryption and sophisticated fraud monitoring systems". Card details are sent encrypted via NFC to the terminal, and the system meets Visa's security certification requirements, the bank said.

Read More: http://www.itnews.com.au/news/anz-launches-android-mobile-wallet-across-the-tasman-412740