1 / 29

The Future of Online Money: Creating Secure Payments Globally

Keynote from the We Are Developers conference (Vienna, Austria) on May 11th, 2017.

jcleblanc
Download Presentation

The Future of Online Money: Creating Secure Payments Globally

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Future of Online Money Creating Secure Payments Globally Jonathan LeBlanc Twitter: @jcleblanc Book: http://bit.ly/iddatasecurity

  2. 10 Years ago, the iPhone launched

  3. Mobile, by the Numbers... 2013: More cell phones than toilets (time.com) 7 billion people, 6.5 billion with cell phones, 4.5 billion with access to toilets. 2014: More cell phones than people (independent.co.uk) 7.22 billion cell phones, 7.19-7.2 billion people. 2015: More people own a cell phone than a toothbrush (CTA) 3.7 billion people own a cell phone, 3.5 billion own a toothbrush. 2020: More people with a phone than electricity (cnet.com) 5.4 billion people will own a cell, 5.3 billion will have electricity, 3.5 billion with running water, 2.8 billion cars on the road.

  4. The IoT Market by 2020 and beyond 3 Years: IoT vendor revenue could top $470 billion for hardware, software, and solutions. - Bain 5 Years: Nearly $6 trillion will be spent on IoT solutions. - BI Intelligence 10 Years: IoT market will grow from 15.4 billion devices (2015) to 30.7 billion devices (2020), and 75.4 billion (2025). – IHS 15 Years: Investment is expected to top $60 trillion. - GE

  5. We’ve Built a New Generation of Inventors

  6. Prototyping and Mainstreaming

  7. Contextual Commerce

  8. Removing Interaction Hurdles

  9. Applications need to know about you & what you want

  10. How do we Secure Payments?

  11. Securing Payments within unsecure channels

  12. Securing Channels: Asynchronous & Synchronous Cryptography

  13. Credit Card Tokenization Credit Card Information 7e29c5c48f44755598dec3549155 ad66f1af4671091353be4c4d7694 d71dc866 Address Information Card Holder Name ...

  14. Apple / Android pay tokenization system EMV payment tokenisation specification

  15. Network handles direct merchant requests. Vault stores surrogate to token lookup. Merchant register is changed to hardware transfer bridge

  16. Host-based Card Emulation Secure Element

  17. Context and Verification

  18. What do we Need to Identify Someone? 33 bits of entropy to identify approximately 8 billion people uniquely.

  19. What do we Need to Identify Someone? ΔS = -log2 Pr(X=x) ΔS: Reduction in entropy, measured in bits Pr(X=x): Probability that the fact would be true of a random person

  20. Building up Bits of Entropy Date of Birth Birth Month: ΔS = -log2 Pr(MOB=December) = -log2 (1/12) = 3.58 bits Birthday: ΔS = -log2 Pr(DOB=Dec 6th) = -log2 (1/365) = 8.51 bits Location ZIP code is 95123: ΔS = -log2 (65,276/7,503,205,943) = 16.81 bits City is Santa Clara: ΔS = -log2 (122,192/7,503,205,943) = 15.90 bits State is CA: ΔS = -log2 (39,140,000/7,503,205,943) = 7.58 bits

  21. Browser Fingerprinting https://panopticlick.eff.org/

  22. Device Fingerprinting

  23. Retrieving Build Information for Android Device //------------- // Build Info: http://developer.android.com/reference/android/os/Build.html //------------- System.getProperty("os.version"); // OS version android.os.Build.DEVICE android.os.Build.MODEL android.os.Build.VERSION.SDK_INT android.os.Build.SERIAL // Device // Model // SDK version of the framework // Hardware serial number, if available

  24. Location Awareness

  25. Purchase History Ninety percent of individuals could be uniquely identified using just four pieces of information - telegraph.co.uk

  26. Getting Paired Devices

  27. The Future of Secure Payments

  28. Thank you! https://www.slideshare.net/jcleblanc Jonathan LeBlanc Twitter: @jcleblanc Book: http://bit.ly/iddatasecurity

More Related