[LINK] itNews: 'Westpac trials contactless mobile payments'
Scott Howard
scott at doc.net.au
Tue Aug 7 10:53:13 AEST 2012
On Mon, Aug 6, 2012 at 4:53 PM, Roger Clarke <Roger.Clarke at xamax.com.au>wrote:
> At 9:33 +1000 7/8/12, Stephen Wilson wrote:
> >If this application is using the tamper resistant "Secure Element" in
> >the phone and if the software is carefully written, then this class of
> >contactless payments is actually very secure.
>
> Secure against which categories of threat?
>
> Transactions that the individual wasn't aware of, even though they
> had possession of the device at the time?
>
Yes, phones CAN protect against this one! Obviously I haven't seen the
Westpac example, but Google Wallet forces you to set a 4 digit PIN that
must be entered before you can make a purchase, thus completely removing
the "wasn't aware of' transactions.
> Transactions in an amount different from what the individual thought
> they were paying?
>
No different to any normal credit card.
> Processing of credits where the amount is recognised just after
> processing to have been wrong?
>
No different to any normal credit card.
> Transactions conducted by a person in possession of the device, but
> not authorised to conduct transactions?
>
Covered by the PIN code.
Scott
More information about the Link
mailing list