Security is a game of managing risk—pure and simple. Organizations (or individuals) should assess risk and take appropriate steps to mitigate the risk as they deem necessary. There is a huge range of risks to guard against, including the risk of theft or other loss, the risk of destruction, the risk of being known, etc. Each of these risks has products suitable to the item being protected and methods that can be implemented.
The traditional way of protecting data is through two-factor authentication, firewalls, encryption, etc. For the purpose of this article, I'm going to call this hard security that is, you are putting in hard fences, as it were, to protect the data. For most of us, unless the data is protected by these sorts of fences, it should be regarded as insecure.
However, there are some good reasons to question this mindset. Any secured item is only as secure as the threat modeling done on it. First, any secured item is vulnerable to something—no security is perfect because no one knows all the risks and attack vectors. Secondly, who's to say that these security measures are always worth the overhead they impose? These fences must be purchased and maintained, and users have to be educated about how to get to and through the gate.
Security experts have long been talking about improving the user experience of security, however, while products continue to be created and user experience improves (even if the implementation sometimes mitigates these improvements), the overall experience of security is still one of fences and barbed wire to keep the nasties out.
Secure, but no fences?
I recently came across a financial organization that created a service for its customers that would effectively serve as a digital wallet. The concept was simple—just as you'd go to an ATM and get cash out as required, so you'd use the digital wallet to send money as required.
In real world use, this means that from my mobile phone, I can send a text message to an organization's number stating Pay (mobile number or email address) (amount) (comment). This might translate to Pay 0213456789 $40 for that bet you won. When the organization receives this, they will put it into the wallet of the receiver and send them a text message saying they've received it. If the receiver doesn't have a wallet, the organization will send them a message telling them they have money waiting and that they should sign up for a wallet to receive the money.
The first question to ask in this circumstance is How is this secured? In the world of hard security, you'd probably expect to see two-factor authentication (perhaps the mobile phone and a pin number) as a minimum, or perhaps some sort of software on the phone that authenticates with the back-end system via the Internet. However, in this case, the process I outlined above is all that is required. Initially, I thought this was horribly insecure, but after consideration of the risks and mitigation, it may not be as bad as I first thought.
What's the real risk?
Is it insecure? Sure it is. If you lose your phone and it is not locked, anyone can pick it up and send money to their own account. But then, if you lose your wallet and it has money in it, anyone could pinch the money from that too.
Having said that, who is the target market? Obviously this is aimed at a younger age range—those between 14 and around 35. Those in this group are the most comfortable with text messaging and using this type of technology as a rule.
Lets say that the key risk is losing your phone—how can we mitigate this risk? Continuing with the wallet analogy, how much money are you likely to have in your wallet if it gets lost? In my case, not much. In this case, the maximum that can be transferred from the digital wallet in one day is about $140. And again, just like a conventional wallet, the digital wallet has to be replenished when its empty. The strategy in this case should be to keep smaller amounts of money in the wallet so that the risk is limited to that amount a maximum of $140.
Printer-friendly version
