Harried holiday shoppers should welcome a security technology developed at the U.K.’s Oxford University. Bill Roscoe, PhD, professor of computing science and senior research fellow, is developing technology that will allow shoppers to make payments using their mobile phones. The technology is designed to work in almost all situations: person-to-person, in a shop or restaurant, at a vending machine, online, or as part of a telephone conversation. “We have technology which enables anyone to easily create a secure connection between two devices,” Roscoe explains. “It can work via Bluetooth, WiFi, the internet, or across ordinary telephone or SMS connections.”
The core of the technology is a security protocol that enables strong cryptographic keys to be created with the least possible work. “The protocol prevents anyone from doing any searching to break into the transaction,” Roscoe explains. When using the system, a payer would check whether a short numeric code (4-8 digits for most applications) generated within his or her phone is the same as the one generated by the payee. Since the number is random, it does not have to be secured. The process ensures that the customer’s mobile is correctly connected to the store or individual mobile receiving the payment, which can be made through electronic cash or credit stored on a mobile phone, authorization of a credit card payment, or instruction to a bank to pay a merchant or individual a specified amount. Payment occurs without the exchange of sensitive information such as credit card numbers or PINs, and the phones do not need hardware modifications. “The technology puts the payer in charge of the connection and lets him or her have direct control over how much is paid and to whom — very much like a check,” Roscoe says. Isis Innovation, U-Oxford’s tech transfer company, is working with Roscoe and seeking partners to commercialize the technology.
Source: PhysOrg.com