Tuesday, August 14, 2012

Beyond NFC Security For Mobile Payments A Greater Threat Looms

Tuesday, August 14h, 2012

There has been so much hype around NFC mobile payments security that perhaps other threats have been ignored.

As technology speeds forward at 'Mach 5', we are fast approaching a new destination, the need to secure our smartphones from hackers. Very soon the same types of threats that exist for our PC's may run rampant on mobile. NFC is now in Android phones to power mobile payments, as well as someday soon serving as a key to lock and unlock our cars, computer, home and office. But for NFC to work it must be turned on to transmit it's signal. So it appears there is yet another problem to solve as to how best accomplish this.

CNN Money interviewed Charlie Miller, a security specialist with Accuvant. Charlie was quoted as saying "with doing something as simple as paying for your cab, you may end up getting malware on your phone."

What this malware could do to relay private or financial data is uncertain, but what is certain is that cyber thieves are always on the prowl near new technologies as they are more vulnerable to attacks.

Charlie also stated that "anytime you add new technology to your phone, it increases the risk that something can go wrong." Charlie did not hint at specifically at Bluetooth but it seems this too could be yet another door in need of locking.

Ramon Ray a Editor & Technology Evangelist for Smallbiztechnology.com recently wrote: "When I give presentations on security, especially mobile security, I stress that it’s important for mobile professionals to turn their Bluetooth devices OFF. The reason for this is that hackers can access your mobile devices through their Bluetooth connectivity."

In the CNN Video Charlie points out that we store banking, GPS data and pictures on our phones and implied that malware could be a threat to steal this data. The question for us all is how do we best secure our phones?

Ryan Whitwam in a recent article pointed out that "Android antivirus apps are useless." The story summarizes that the best antivirus app for Android was only 80% effective, with most being 50% or less effective at stopping malware from being downloaded.

Ryan makes several suggestions to how best secure our phones. One suggestion he has is as follows:
"If a relatively simple app, like a wrapper for a website, asks for permission to send and receive SMS messages, that is a serious red flag. In fact, a large number of these so-called “SMS Trojans” are in circulation around the seedier parts of the web. When installed, they text premium rate numbers to rack up charges."

It seems to me like the security front on mobile is a bit like the Wild West in that one must be proactive. To defend one's mobile turf one cannot yet rely on 'automated antivirus' to do the job of policing and securing our phones or devices. With innovation cool new products are born, but unfortunately at first it seems demand always outpaces security concerns, at least until they become a serious problem. So the story is ever-changing, but forever remains the same. Vigilance will always have it's place.

About Mobile Wallet Media
Mobile Wallet Media is a media, analyst and consulting firm focused on the future of mobile commerce. The company mission is to highlight industry innovation and provide insights and opinions that will be relevant and forward-looking. The author, Randy Smith, is the primary founder, inventor and former CEO of MobilePayUSAa TechCrunch Disrupt Startup Alley Winner.

No comments:

Post a Comment