Feeds

Visa approves wireless payment chip

Two phones approved to surf the payWave

SANS - Survey on application security programs

Visa has approved a microSD card for proximity payments, slotted into the BlackBerry Bold or Samsung Galaxy S, paving the way for payWave transactions on a mobile phone.

Visa's approval doesn't mean the cards, which come from DeviceFidelity, will definitely be available, but it does mean a bank currently issuing Visa payWave cards now has the option to send customers a microSD card, as long as the customer has the right kind of mobile phone.

PayWave, in common with other proximity-payment mechanisms, requires two components – an induction-powered radio tag and a cryptographically-secure element for authentication. DeviceFidelity squeezes both bits into a microSD card, but getting radio signals in and out is very dependent on what surrounds the card. Where the slot is under the battery, or sandwiched between circuit boards within a metallic case, getting a signal out might be impossible, and not every phone has a microSD slot anyway.

For the iPhone, DeviceFidelity solves the problem with a snap-on case, but now Visa has tested the internal-chip solution on two of the most-popular handsets and reckons it is up to snuff in both security and reliability terms. Visa told NFC Times that both handsets performed reliably in repeated tests, and that it looked forward to approving other handsets soon.

Putting the antenna inside the phone isn't a perfect solution: though this would mean it would be much better integrated with the phone, as in Google's Nexus S handset. But that starts an argument over who controls the secure element, or who gets the keys. A microSD card puts the keys in the hands of the issuing bank, an arrangement which will be more comfortable to many of the financial institutions involved. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
WTF happened to Pac-Man?
In his thirties and still afraid of ghosts
Reg man builds smart home rig, gains SUPREME CONTROL of DOMAIN – Pics
LightwaveRF and Arduino: Bright ideas for dim DIYers
Leaked pics show EMBIGGENED iPhone 6 screen
Fat-fingered fanbois rejoice over Chinternet snaps
Apple patent LOCKS drivers out of their OWN PHONES
I'm sorry Dave, I'm afraid I can't let you text that
Microsoft signs Motorola to Android patent pact – no, not THAT Motorola
The part that Google never got will play ball with Redmond
Slip your finger in this ring and unlock your backdoor, phone, etc
Take a look at this new NFC jewellery – why, what were you thinking of?
Happy 25th birthday, Game Boy!
Monochrome handset ushered in modern mobile gaming era
Rounded corners? Pah! Amazon's '3D phone has eye-tracking tech'
Now THAT'S what we call a proper new feature
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.