On February 12 and 13, the Second Annual CTED Conference took place in Abu Dhabi, titled: “Enhancing Economic Development through Technology: Focus on Africa and other Developing Countries”. Read below guest blogger Elizabeth Dickinson‘s post on the second Mobile Money Panel, with panelists from academia. Click here for an article on the first Mobile Money Panel.
“As techies across emerging markets are looking for new ways to build mobile banking, Michael Paik, a researcher at CTED, is trying to do something else: Break it. “The good news,” he told a panel at the annual Abu Dhabi conference on Sunday, is that “M-Pesa, [the popular Kenyan platform for mobile
money,] is secure–for the time being.”
The bad news, however, is that not every telecom system’s mobile banking system lives up to that high standard. And even more alarming, mobile banking could be one of the hottest targets in coming years for online theft. “What we celebrate [about mobile banking] is volume and access,” Paik continued. “But
this is exactly what makes it attractive to target.”
Paik is one of a handful of researchers trying to uncover the system’s weaknesses and encourage the industry to pre-empt attacks. What’s at stake if hackers did break into the system, he argues, is not just the individual acts of theft. It’s the image of mobile banking—as a secure and reliable platform—that
is at risk. “It’s the weakest player in the market that causes market panic,” he points out. If even one mobile banking platform failed, consumer trust could be shattered worldwide.
Lakshmi Subramanian, Co-Principal Investigator of CTED, has been working on one answer: an encryption technology called PaperSpeckle. The unique imprint of any sheet of paper (or a substance like fabric or metal) is transferred into a small dot—and is virtually impossible to counterfeit. “This can easily be
integrated with mobile money” to improve security, he explained at the conference. Printable receipts of account balances are one example; or a sim card could itself have a speckle to insure it can’t be copied.
Another option, suggests Paik, is simply for tech developers to jointly collaborate on a platform that is equally secure across countries and service providers. Similar open-source projects have been successful in limiting other online tools’ vulnerabilities to attack—Mozilla’s Firefox browser, for example, is much
more secure than Internet Explorer.
“What we need to do is turn [this security] crisis into own opportunity,” says Paik. “M-Pesa has best practice, but that won’t always be the case. All the players in the market need to collaborate on the platform.”