by Paco Hope - Principal Software Security Consultant at Cigital - Wednesday, 10 September 2014.
As an American living in Europe I have been perplexed at multi-factor authentication for payments. The Americans (laggards in my opinion) have been using magnetic stripe cards for decades and have only just begun deploying chip-and-pin. In the UK and many other European countries, chip-and-pin is standard.
In the UK we’re moving back towards single-factor payments: contactless payments that use only the card itself. Apple has solved the two factors problem, and part of their solution revolves around the order they rolled it out.
Apple has built a payment system by first rolling out the “second factor”—the biometric Touch ID—and then by rolling out the first factor: the payment application and API. They have spent a couple years acquainting themselves with the really hard bit: biometrics. Now they can do the easy bit: payments. Everyone else has gone about it in reverse order. The Americans rolled out an easy-to-use payment network. All attempts to add additional security look harder to use than the status quo
Help Net Security/ full article here/ http://www.net-security.org/article.php?id=2123
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.