Contactless-enabled mobile phones could be giving out an identifiable number which hackers could use to track your movements, say researchers who are working on a crafty way of covering your tracks.
Contactless payment in both phones and bank cards employ a near field communication (NFC) chip, which uses short-range wireless technology to transfer packets of information between two points over a short distance.
The security of online transactions is important if businesses are to be able to make the best possible use of the internet.
That’s why securing online transactions is one of the main objectives of the EU’s Cybersecurity Strategy.
The EU is also helping businesses get the most out of the opportunities offered by the internet by working to establish a single market across Europe for goods and services bought online.
It works by sending out an identifiable public number – or key – which can then be securely linked to your payment method. However, the problem is that this public key could be read by any hacker who has the right equipment to decipher the NFC signal.
‘Once somebody knows this public number belongs to me as a person, then I can be tracked,’ explained Holger Bock of Infineon Technologies, Austria, who is coordinating the work as part of the EU-funded MATTHEW project, which is looking at different ways of improving mobile phone payments.
The MATTHEW project is proposing a canny way to anonymise the public number, by using group signatures. Instead of each person being identified by their entire public key, a group of people all generate a code that is read and verified by the reader.
This method disguises people’s individual identities while proving they are part of a group.
‘The idea is that you should not be traceable,’ said Bock, adding that identities can only be revealed by a special key owned by an inspector if someone begins to abuse the system.
They also used a system called Attribute-Based Credentials (ABCs) – which includes information specific to someone’s persona, such as their age or their transport subscription – to verify someone is part of an authorised group.
‘You check a certain attribute or you check that the person who has some credentials is a member of a group without revealing who he or she is,’ said Bock.
Last year, the project was able to show a working prototype. The final six months of the project will focus on further improving the privacy and group signature and ABC procedures.
Another problem facing smartphone users is password overload. Paying by mobile may be easy, but if you forget your password, the queue at the café will soon begin to grow.
The EU-funded ReCRED project is designing a way of bringing a person’s online identities together to securely allow access through one single point.
The project has developed a programme that can consolidate all your online identities – such as your email, Facebook, Reddit and Amazon logins – into one online persona. This persona can then be securely linked to you via security measures on your phone or computer to ensure that only you have access. ‘The idea is that you should not be traceable.’ Holger Bock, Infineon Technologies
‘The idea is that you should not be traceable.’
Holger Bock, Infineon Technologies
‘Sometimes we need a proof of our age or our profession but we don’t want to disclose the whole attributes of our identities,’ said project coordinator Professor Christos Xenakis of the University of Piraeus, Greece.
‘In ReCRED, the user is authenticated to his smartphone, using easy-to-use password-less techniques, while the phone is authenticated to the online payment service,’ he said.
Similar to MATTHEW, the ReCRED project does this by using attributes. However, in this case, they can be generated from typing patterns, face recognition, and mobility signatures – for example, the unique signal trail you leave as you go from house to work can be used to authenticate the login.
‘These signatures are kept encrypted within the hardware and it’s impossible for someone that is not authenticated on the device to take this signature out,’ said Prof. Xenakis.
The project is now completing the design of its programs, and will launch experiments next year.
People harbour lingering fears about the impact of robots on their jobs and welfare, but machines in the workplace have produced benefits that researchers believe are likely to continue. But for that to happen, challenges such as earning workers’ trust and improving safety and human-robot interaction must be overcome.
Artificial intelligence (AI) technology can help us fight climate change – but it also comes at a cost to the planet. To truly benefit from the technology’s climate solutions, we also need a better understanding of AI’s growing carbon footprint, say researchers.
More than two decades ago, Professor Andrew Oswald worked at the London School of Economics, UK, when he organised what he says was the world’s first conference on the economics of happiness. He put up posters, invited speakers, and waited for the crowds to come.
Alternative measures of a country’s development could help build more equal and sustainable societies.
We asked three experts about what to expect from the next decade of cancer research.
Jean-Eric Paquet tells Horizon how a new annual event - Research & Innovation Days - aims to shape European research over the next 8 years.