India Government is asking the country people to use the digital payments by using the mobile phone due to the demonetisation. Also, most of the digital mobile payment services have started updating the security levels. However, the leading chipset maker Qualcomm reported that the India mobile wallet and banking applications are not using with the hardware level security. While, the hardware level security make online transactions more secure.
The Senior Director Product Management Sayeed Choudhury said to the reporters as “You will be surprised because most of the banking or wallet apps around the world don’t use hardware security. They actually run completely in Android mode and users’ password can be stolen. Users use fingerprint which might be captured .. in India that is the case for most of all digital wallets and mobile banking apps.”
He revealed that the most famous India digital mobile payment application is also not using the hardware level security.
The company is working with the new Original Equipment Makers (OEMs). He said that the reason that why they revealed this to the public as “Reason we are saying that none of them is using it because we work with OEM.”
Qualcomm mobile chipset
As per market research firm Strategy Analytics, Qualcomm leads mobile chipset market globally with 37 per cent share.
Choudhury said that “Everyone is getting connected, everyone is getting authenticated by device. How do you know that your device is getting ready for demonetisation? When you download a mobile banking app you don’t know if it is using hardware security or not.”
So, the Qualcomm is approaching all the digital mobile payment companies for using secure environment for processing payments by using the smartphone.
He added that the company is providing the secure execution environment in the Qualcomm chipsets. It separates the transactions on the mobile phone from OS like Android and iOS. Also, it checks the malware and protects from effecting transactions.
From 2017, the Qualcomm is introducing the new feature in its mobile chipsets. It will verify the user payment gateway using unique features like device id, phone manufacturer signature, Android version in the phone, root kit of operating system, location and time, which will be nearly impossible to duplicate.
Also, he said that the device attestation feature will start shipping in 2017. For end users it should be available by end of 2017
The new mobile phone chipset is developing with the security software of Avast. The company has tied up with security software company Avast. The feature will generate the alerts or users in case their mobile phones are infected with virus or malware.
Sayeed Choudhury has also mentioned the India Government Aadhaar authentication system and its mobile payment services. He said that, “Aadhaar initiated by Indian government, the path that it is moving now with digital version of Aadhaar is far ahead then most government in the entire world.”