Security Research on a Social Payment App

Apart from being used only for communication, mobile devices change our business life, our everyday life and our habits in many areas of our lives.These changes facilitate our lives and enable us to live a better life.With mobile apps, it’s now possible to do almost anything you can think of.Among them, mobile payment technologies are taking place.Mobile payment technologies can also be used to define the next generation of commerce. Today’s consumers are able to do these transactions with applications that pay with mobile wallets, gift cards, credit / debt or registered value accounts. ”According to a 2015 study among mobile payment users in the United States,” 20 percent is afraid of basic security concerns about mobile payments, the likelihood of someone cutting out payment information or other data, and about 13 percent of their phones being attacked ”[1 ].ISACA is a non-profit organization dedicated to the development, adoption and use of globally accepted knowledge and practices for information systems.ISACA conducted a comprehensive survey of 2015 mobile payment security specialists with 900 member cyber security experts to investigate the biggest security risks.Only 23 percent of survey respondents said they believe mobile devices are safe enough to secure personal information, while 47 percent claimed that mobile payments are not secure.The overwhelming majority expected 87 percent, an increase in violations of mobile payment data next year [3]. As a result, when investigations are examined, the safety concerns for mobile payments are still of great importance and it can be said that the consumer complaints about the current situation have prevented mass acceptance.The proliferation of viruses and malware that affect mobile devices, especially with the real danger of lost or stolen devices, is causing consumer unease in terms of the reliability of personal information and documents. There are a few different types of mobile payment systems that all work a bit differently. Some might require your phone to be near the other device receiving the payment, like with NFC (near-field communication) payments, while others just use the internet. Most mobile payment systems can be identified in one of these categories:

1.Everyday Transactions

2.Point of Sale Payments

3.Closed Loop Mobile Payments

4.Carrier Payments

5.Mobile Payment Apps

The Mobile Network Operator provides the necessary infrastructure for the wireless WAN service. In addition, there are also regulators that are included in the monitoring of compliance. There are two types of mobile payment systems between organizations:

1.Remote Payment Systems

On remote mobile payments, the customer first sends a payment request over a wireless network to the PSP using a remote wireless communication technology.

2.Proximity Payment Systems

With proximity mobile payments, the customer usually credits the payment using a short-range wireless technology. To ensure the safety of the mobile payment system as a whole, each layer in the mobile payment system must be resistant to attacks such as man-in-the-middle, replay attacks, or impersonation attacks.There are several kinds of mobile payment process. Some of them are physical POS, android share, apple share and samsung share.Physical POS refers to such things as Apple, Samsung and Android Pay. The other share applications are the rendering platforms developed by Google, Apple and Samsung respectively.Even on these platforms there are some risks. But as days go by, the infrastructure under mobile payments becomes more robust and naturally can be regarded as completely safe now, due to most system tokenization. For example, the entrepreneur noted that a signal could not be attacked using the Samsung Pay icon, the KNOX security frame, and fingerprint authentication.Existing risks:

In terms of reducing these risks, the security of the implementation is influenced by the formation of large demand differences in terms of self-sufficiency and reliability.That’s why the PA-DSS standard is available for the development of mobile payment applications within the scope of some bases.Applications should avoid scams and provide customers with security in mobile wallets and payment applications.There are various options to verify the identity of mobile payments and to secure customer data in the mobile, contactless world.These are ;

User Solutions

Mobile Payment transactions can be taken by the user by taking the following factors into consideration.

2) Hardware Solutions

Some activities can be avoided, such as hardware solutions that can be received in the mobile device itself and SMS sending without permission.

3) Reseller-Based Solutions

It is an obligation to evaluate the written application in terms of every risk, to keep up with the current deficits and to reach their solutions, to take the necessary precautions and then to present it to the user.

Thank you for reading!

Related posts:

Three figures pose for a shot. Who are these figures? There is the psychoanalyst, Lou Salome, and then the two philosophers, Nietzsche to the right and between them, Paul Ree. The photographic…