Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Five factor authentication for mobile phone transactions

Jared Heng | July 8, 2008
Boost to the security of mobile commerce.

SINGAPORE, 4 July 2008 -- With the convenience of e-commerce transactions threatened to be overshadowed by malware and other cybercrime concerns, users are crying out for a secure solution.

Today, two-factor authentication may no longer be sufficient to ensure e-commerce security for users, whether through the PC or mobile phone. Credit card fraud worldwide has jumped 30 per cent in the last 12 months, and with the move to mobile phone for commerce and banking, this figure is set to increase exponentially, says Qpay's CEO and founder, Greg Walter.

Established in 2005, Australia-based Qpay provides mobile transaction services like banking, shopping and share trading through SMS. A customer who initiates a transaction will receive an automated call-back requesting transaction confirmation using PIN.

The service also provides customers with product information to help them make more informed buying decisions, Walter says.

Higher risk

The risk of conducting mobile commerce is greater than traditional internet transactions on PC because devices are usually less secure than PCs, Walter says.

To compensate for the higher risk, some banks provide less mobile banking services compared with transactions on PC, he adds.

However, Walter claims that the Qpay platform allows banking and shopping through a mobile phone safer than traditional internet transactions for the first time ever.

Qpay says that its platform is immune to online threats like Man-in-the-Middle attacks, Trojans and rootkits. Customer credit card or banking details also do not travel on the internet at any stage of the transaction process.                                          

Mobile transaction options

Customers have the option of applying for a Qpay account where funds are held to pay for purchases. If insufficient funds are available to make a transaction, the service will notify the customer.

Another option is for customers to register with Qpay their credit card details, which would be stored in a safe repository. Once a credit card transaction is initiated on the mobile phone with the correct PIN, we will follow up with the purchase request, Walter says.

Customers may also apply for both options.

Five-factor authentication

Walter claims that Qpay is currently the only mobile transaction services provider in the world to offer up to five-factor authentication. We offer a three - to five - factor authentication system, he says. Most other platforms on the market have only two-factor authentication or less, which may be vulnerable to hacking or compromise.

He adds that even three-factor authentication on mobile phones is uncommon in Europe and the US. An authentication factor is a piece of information or process used to authenticate a person's identity, or in this case, transaction for security purposes.

The company's five authentication factors help ensure security for internet banking, Walter says. Besides requiring the right internet log-in password, the user must also have a mobile phone which is registered with Qpay's system.


1  2  Next Page 

Sign up for Computerworld eNewsletters.