After a very remarkable step of demonetization, Indian Government is continuously forcing indians to switch to e-banking mode and make the economy cashless but India is still not prepared for it. This time it is not about the technical literacy but the digital payment mode itself. As the e-wallet and mobile banking applications are not using hardware level security which can make the online transactions more secure.
Recently Qualcomm senior director, product management Sy Choudhary showed his concern in this matter by saying, “You will be surprised because most of the banking or wallet apps around the world don’t use hardware security. They actually run completely in Android mode and users password can be stolen. Users use fingerprint which might be captured … in India that is the case for most of all digital wallets and mobile banking apps.”
Further he threw light on the matter that even the most famous digital payment applications are not using hardware level security. The reason he gave about his awareness in regards to the flaw was that Qualcomm is working with OEMs (original equipment makers) directly.
Here the remarkable thing is that the Government is forcing people for using digital payment applications and one of the market leader of mobile chipset manufacturer of 37percent of market share globally is warining people about the digital payment modes.
Choudhary further showed his concern on this matter by saying, “Everyone is getting connected, everyone is getting authenticated by device. How do you know that your device is getting ready for demonetisation? When you download a mobile banking app you don’t know if it is using hardware security or not.”
He said that Qualcomm is taking initiative for providing secure execution environment in the chipsets. This layer separates transactions on mobile phone from operating system. This checks any malware from effecting transactions.
And he further threw light on the upcoming unique features in mobile chipsets from 2017 that verify user with payment gateway using unique features like device id, phone manufacturer signature, Android version in the phone, root kit of operating system, location and time, which will be nearly impossible to duplicate.