30 August 2014

Beyond TEDIPAY

Alexander Peschkoff - TEDIPAY

102 | posts 371,013 | views 466 | comments

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

NatWest throws in the towel. Who is next?

08 October 2012  |  3663 views  |  0

In June this year, NatWest and RBS proudly announced the arrival of the new era of cardless ATM withdrawals.

In my comment on that page, I explained that any OS-only financial solution is "almost secure" (which is similar in concept to being "almost pregnant").

There is no "secure" without "secure element". App-based solutions are fully exposed to all types of fraud, including - most importantly - "zero day" attacks.

When I wrote that "the next question is how long will it take for it to be hacked" I was thinking to myself that NatWest's cardless ATM platform would be compromised by busy Christmas period. It seems they finally understood that too and are now pulling the plug on that service, just over three months after its launch.

I am reliably informed that field tests at NatWest lasted for at least six months - yet, Ross Anderson's team at Cambridge University would have exposed security holes in the NatWest's flawed architecture in half a day.

Most importantly, cardless ATM service has been offered by NatWest for years (!). It was only when they moved it to a "naked" mobile platform that things got interesting for the attackers. NatWest were lucky not to see even the tip of that iceberg that could have turned the bank into the Titanic.

The question now is who will be the next victim. I'll share my thoughts on that soon.

Are cardless ATM withdrawals a great idea? Absolutely! That convenient approach allows, in particular, to move all existing ATMs from the "steal my money quick" magnetic stripe to a platform whose security beats EMV ("Chip and PIN") hands down. In matter of days. Worldwide. If done right.

Watch this space...

TagsMobile & onlinePayments

Comments: (1)

Alexander Peschkoff - TEDIPAY - London | 08 October, 2012, 13:43 As for cardless ATMs, this is the shape of things to come: http://thefinanser.co.uk/fsclub/2012/10/the-future-of-the-cash-machine-.html
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Alexander

Cash is king, but of which kingdom?..

09 June 2014  |  2240 views  |  2  |  Recommends 1 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

Checking my crystal balls

02 June 2014  |  1306 views  |  1  |  Recommends 0 TagsPaymentsInnovationGroupInnovation in Financial Services

Apple's Siri - iPhone security hole

23 May 2014  |  2841 views  |  2  |  Recommends 0 TagsSecurityPaymentsGroupInnovation in Financial Services

Colonic irrigation for payments

04 April 2014  |  1612 views  |  1  |  Recommends 0 TagsMobile & onlineInnovationGroupInnovation in Financial Services

What Steve Jobs knew back in 1984 and why that matters today

10 March 2014  |  2371 views  |  1  |  Recommends 0 TagsPaymentsInnovationGroupInnovation in Financial Services
name

Alexander Peschkoff

job title

CEO

company name

TEDIPAY

member since

2012

location

London

Summary profile See full profile »
I am the co-founder and CEO of TEDIPAY, the company that is bringing to the market a game-changin...

Alexander's expertise

What Alexander reads
Alexander writes about

Who is commenting on Alexander's posts

Richard Sanders
Brett King
S S
Matt Scott
Sian Bentley
Bjorn Soland
Bo Harald
Martin cox
Henry Young
Andrew Smith
Daniel Smith
Ketharaman Swaminathan