An often-overlooked facet of technology for development is the need for robust security measures. While many consider service delivery to the rural and urban poor ‘under the radar’ of potential attackers, everything from mobile money (GCASH, M-PESA) to pharmaceuticals, to medical records are subject to attack by unscrupulous parties looking to cash in at the expense of others.
The reality is that as more and more people enroll in these types of programs, the higher the potential value of information which might be gleaned from a successful attack. However, compounding the issue of security without basic infrastructure like computers and network capacity is the difficulty of educating users on good security practices taken for granted in the developed world, as well as the infeasibility of using certain basic security primitives like passwords in contexts where literacy and numeracy cannot be taken for granted. For example, in 2010, an M-Pesa reseller agent was defrauded of 35,000 Kenyan shillings, or the equivalent of 27% of the average per capita GDP – more importantly, it is a loss that would take almost 18 months for the reseller to recoup.
The development of usable security under such circumstances is one of the major research directions at CTED, including innovative security mechanisms on basic mobile phones, intelligent and context-sensitive use of biometrics, and other systems specifically designed to provide real security under often challenging circumstances. NYU Abu Dhabi is the natural place for this research as not only through the work being done at CTED, but also at The Center for Interdisciplinary Studies in Security and Privacy in Abu Dhabi (CRISSP-AD), which was established this year as a research center in Abu Dhabi that executes multidisciplinary research in computer security and privacy for both academic investigation and practical applications. Read more about CRISSP-AD and other NYUAD research initiatives here.