|
|
|
|
|
|
by ccmoberg
4959 days ago
|
|
|
Thanks for your feedback! Responses: "My pre-question qualifier: most of the use cases that immediately spring to mind for have the user holding an authenticating block, and not the touchscreen device."
-Could you say a little more about the use cases you are thinking of? Who do you consider to be the "user"? Most of our targeted use cases involve transactions where many smartphone users need to interact with a single, centralized system, person or installation. For example, our loyalty apps are downloaded by a retailer's customers, and then credits for purchases are added to their apps via a stamp placed at the retailer's point of sale. We consider both the customers and the retailer to be "users", though. As for the security question, the capacitive touch points are embedded in a low capacitance elastomer, so physical duplication (e.g. casting) without destroying the stamp isn't an option. We also have other optional authentication layers (GPS-gating transactions to a stamp's known lat & lon, time-gating transactions to a stores hours of service, etc.) that would make even a duplicated stamp much harder to use. Remember, its not hard to make a functional copy of the mag stripe on your credit card. I would argue it is much easier to do that than it is to spoof one of our stamps. Further, we don't print the "secure key" (the stamp point coordinates) on the front of our stamps, but your credit card number is plastered across the front of your plastic . . . |
|
|
---
Embedded in elastomer makes sense. I had several ways to skin that cat pop into mind, but I figured there was just one piece of the extant ID block I was missing. Thanks for clarifying.
---
All other security points well taken. Wasn't trying to get down on the idea at all. Indeed have numerous use cases in mind that would work well in a reversed use-case of the consumer facing implementation. Not all situations need high grade security.
-phil