Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices
6 likes819 views
The document discusses the complexities of building secure mobile payment applications in a diverse ecosystem involving multiple stakeholders like retailers, banks, and device manufacturers. It emphasizes the need for an open platform model that supports customization by developers, while ensuring robust security measures through identity management and object authentication. Key considerations include understanding network operations and managing security effectively across various operating systems.
Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices
- 1. BUILDING BULLET-PROOF PAYMENT APPLICATIONS FOR MOBILE AND CONSUMER ELECTRONICS DEVICES Hadi Nahari, Principal Security & Devices Architect PayPal Emerging Technologies
- 2. AGENDA Landscape Requirements Model {ToDo || !ToDo}; That’s the Q
- 3. LANDSCAPE: FACTS ABOUT MOBILE Internet access (all means) > 1 billion/day Cellular network access ~ 4 billion/day Mobile is the only digital system many people will ever encounter.
- 4. NEW USE CASES From Back Pocket to Front Pocket From Paper to Virtual Tickets From Paper to Virtual Coupons From Mass to Personalized From Pre-Sale to In-Store
- 5. MOBILE IDENTITY CRISIS Complex landscape Identity proliferation Many players Neither trusts others Heterogeneous identity environment Retailers Banks Card Associations Mobile Network Operators Regulators Chip Vendors Trusted Service Manager Device Manufacturers
- 6. MANY STANDARDIZATION BODIES Global Platform Smart Card infrastructure Open Mobile Terminal Platform (OMTP) Usability Economic security Open Mobile Alliance (OMA) Decoupling Interoperability Near Field Communication (NFC) Forum Proximity European Telecommunications Standards Institute (ETSI) Telecom integration
- 7. YEAH, AND THE NETWORK… The network is solated from other systems, such as the Internet. Design assumptions are fundamentally different. The application should know how the network operates.
- 8. WHAT’S A PLATFORM? Marc Andreessen A "platform" is a system that can be programmed and therefore customized by outside developers and in that way, adapted to countless needs and niches that the platform's original developers could not have possibly contemplated, much less had time to accommodate. By definition a platform is open. How open? the “ we decide for you ” model the “ don’t be evil” model
- 9. AGENDA Landscape Requirements Model {ToDo || !ToDo}; That’s the Q
- 10. OPEN PLATFORM MODEL (OPM) Portal App. N\ App. 0 Development SDK. N SDK. 1 SDK. 0 App. 1 App. N\ App. N App. N\ App. N\ App. M Deployment Download Device App. N App. 0 App. 1
- 11. CLEARLY… OPM is a distributed platform By definition it is open Realizes abstraction Generic services Modularization Leaky abstractions? OPM generations
- 12. OPM SECURITY REQUIREMENTS Environment Autonomous governance of Key material Identities Secure isolation Cohabitation Well-defined interaction contracts Objects Authentication Asset protection At rest In transit Channel protection
- 13. AGENDA Landscape Requirements Model {ToDo || !ToDo}; That’s the Q
- 14. OBJECTS’ SECURITY MESH MNO Financial Portal App. N App. 0 App. 1 Retailer Regulator
- 15. ABSTRACT MODEL Cloud_m Cloud_n ID Claims Protection Declarations Enforcement Mechanisms Unforgeable, as in capability model Authorization Framework Claims Verification Authorization Framework Claims Verification
- 16. OBJECTS’ RESPONSIBILITIES Declares own security requirements Authenticates the environment Protects the key material Claims Requirement And so on Protected by object itself Declaration is a security asset ID Claims Protection Declarations Enforcement Mechanisms
- 17. ENVIRONMENT’S MANDATE Authenticates objects Based on objects’ claims Authorizes interactions Among objects Between environments Authorization Framework Claims Verification
- 18. INTER-OBJECT COMMUNICATION Based on objects’ declarations Environment facilitates only if authorized ? Authorization Framework Claims Verification ID Claims Protection Declarations Enforcement Mechanisms ID Claims Protection Declarations Enforcement Mechanisms
- 19. INTER-ENVIRONMENT COMMUNICATION Based on mutually-agreed declarations Only if allowed by both environments Cloud_m Cloud_n ? ? ? Authorization Framework Claims Verification ID Claims Protection Declarations Enforcement Mechanisms Authorization Framework Claims Verification ? ID Claims Protection Declarations Enforcement Mechanisms
- 20. AGENDA Landscape Requirements Model {ToDo || !ToDo}; That’s the Q
- 21. {TODO || !TODO}; DECOUPLING The model decouples authorization decisions. Allows autonomy of environments Enables flexible business models Objects authenticate environments too. Execution is based on mutual agreement.
- 22. FURTHER WORK Conflict resolution Among objects In between environments Allowing the environment to modify objects declaration Temporarily Permanently Updating objects declarations While in transit in between environments
- 23. CONCLUDING THOUGHTS Build solid security… … and a usable one ... Know your enemies Identify threats Use and reuse
- 24. MORE INFORMATION Cryptography is hard: don’t mess with it! Solid Vulnerability Assessment & Threat Analysis (VATA) pays off! Be mindful of various operating system versions in embedded. Linux-based: Android, Chrome iPhone Windows CE Symbian MultOS …
- 25. LEARN AND SHARE www.x.com Twitter: @paypalx www.facebook.com/paypalx Innovate 09 hashtag: #ppxi09 LEARN AND SHARE www.x.com Twitter: @paypalx www.facebook.com/paypalx Innovate 09 hashtag: # ppxi09 Proprietary