Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices

•

6 gefällt mir•818 views

This session covers the technical approach to embedding payment functionality in applications. Attendees should be somewhat familiar with PayPal payment flows, knowledgeable about security risks, and aware of secure application development practices and methodologies.

Technologie Business

BUILDING BULLET-PROOF PAYMENT APPLICATIONS FOR MOBILE AND CONSUMER ELECTRONICS DEVICES Hadi Nahari, Principal Security & Devices Architect PayPal Emerging Technologies

AGENDA ,[object Object],[object Object],[object Object],[object Object]

LANDSCAPE: FACTS ABOUT MOBILE ,[object Object],[object Object],[object Object],[object Object],[object Object]

NEW USE CASES From Back Pocket to Front Pocket From Paper to Virtual Tickets From Paper to Virtual Coupons From Mass to Personalized From Pre-Sale to In-Store

MOBILE IDENTITY CRISIS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Retailers Banks Card Associations Mobile Network Operators Regulators Chip Vendors Trusted Service Manager Device Manufacturers

MANY STANDARDIZATION BODIES ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

YEAH, AND THE NETWORK… ,[object Object],[object Object],[object Object]

WHAT’S A PLATFORM? ,[object Object],[object Object],[object Object],[object Object],[object Object]

OPEN PLATFORM MODEL (OPM) Portal App. NApp. 0 Development SDK. N SDK. 1 SDK. 0 App. 1 App. NApp. N App. NApp. NApp. M Deployment Download Device App. N App. 0 App. 1

CLEARLY… ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

OPM SECURITY REQUIREMENTS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

OBJECTS’ SECURITY MESH MNO Financial Portal App. N App. 0 App. 1 Retailer Regulator

ABSTRACT MODEL Cloud_m Cloud_n ID Claims Protection Declarations Enforcement Mechanisms Unforgeable, as in capability model Authorization Framework Claims Verification Authorization Framework Claims Verification

OBJECTS’ RESPONSIBILITIES ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Protected by object itself Declaration is a security asset ID Claims Protection Declarations Enforcement Mechanisms

ENVIRONMENT’S MANDATE ,[object Object],[object Object],[object Object],[object Object],[object Object],Authorization Framework Claims Verification

INTER-OBJECT COMMUNICATION ,[object Object],[object Object],? Authorization Framework Claims Verification ID Claims Protection Declarations Enforcement Mechanisms ID Claims Protection Declarations Enforcement Mechanisms

INTER-ENVIRONMENT COMMUNICATION ,[object Object],[object Object],Cloud_m Cloud_n ? ? ? Authorization Framework Claims Verification ID Claims Protection Declarations Enforcement Mechanisms Authorization Framework Claims Verification ? ID Claims Protection Declarations Enforcement Mechanisms

{TODO || !TODO}; DECOUPLING ,[object Object],[object Object],[object Object],[object Object],[object Object]

FURTHER WORK ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

CONCLUDING THOUGHTS ,[object Object],[object Object],[object Object],[object Object],[object Object]

MORE INFORMATION ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

LEARN AND SHARE ,[object Object],[object Object],[object Object],[object Object],LEARN AND SHARE www.x.com Twitter: @paypalx www.facebook.com/paypalx Innovate 09 hashtag: # ppxi09 Proprietary

Weitere ähnliche Inhalte

Ähnlich wie Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices

The blockchain ecosystem refers to the network of people and organizations that are involved in the development and use of blockchain technology. This ecosystem includes developers who create decentralized applications (dapps), miners who verify and validate transactions, and users who interact with dapps. The growth of the blockchain ecosystem is being driven by the increasing recognition of the potential of blockchain technology. This technology has the potential to disrupt a wide range of industries, from finance to supply chain management.

Blockhain Ecosystem Development

Mobiloitte Technologies

Market Study on Mobile Authentication

FIDO Alliance

Kura M2M IoT Gateway

Eurotech

Cloud security for financial services

Moshe Ferber

Lessons from a real-life blockchain project (P2P energy), OW2con'18, June 7-8...

OW2

Practical requirements for securely demonstrating identities between two handheld devices are an important concern. The adversary can inject a Man-In- The-Middle (MITM) attack to intrude the protocol. Protocols that employ secret keys require the devices to share private information in advance, in which it is not feasible in the above scenario. Apart from insecurely typing passwords into handheld devices or comparing long hexadecimal keys displayed on the devices’ screen, many other human-verifiable protocols have been proposed in the literature to solve the problem. Unfortunately, most of these schemes are unsalable to more users. Even when there are only three entities attempt to agree a session key, these protocols need to be rerun for three times. So, in the existing method a bipartite and a tripartite authentication protocol is presented using a temporary confidential channel. Besides, further extend the system into a transitive authentication protocol that allows multiple handheld devices to establish a conference key securely and efficiently. But this method detects only the outsider attacks. Method does not consider the insider attacks. So, in the proposed method trust score based method is introduced which computes the trust values for the nodes and provide the security. The trust score is computed has a positive influence on the confidence with which an entity conducts transactions with that node. Network the behavior of the node will be monitored periodically and its trust value is also updated .So depending on the behavior of the node in the network trust relation will be established between two nodes.

SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE

Editor IJMTER

Identity privacy and data protection in the cloud – what is being done is it ...

Mark Skilton

Hypori Performance Webinar

Grafic.guru

Understanding the Basics of Decentralized Applications (dApps)

Capital Numbers

htcia-5-2015

Tony Godfrey

Combating Mobile Device Theft with Blockchain

Nagesh Caparthy

RISE OF THE MACHINES: IRM IN AN IOT WORLD

ForgeRock

2010.10.07. Le Cloud Computing pour les N...ouveaux - Loic Simon - Club Allia...

Club Alliances

Cloud expo cloud-enabled testing services (wide)_v1.0

Ewald Roodenrijs

General discussion paper for airports

Rexcy

General discussion paper for airports

Chas Yap

Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...

Mark Silverberg

OPC UA Connectivity with InduSoft and the OPC Foundation

AVEVA

Blockchain Based Car Rental App

IRJET Journal

//ABSTRACT Edge computing is rapidly on the rise. In this Meetup, we will explore the business drivers, technological changes, and global trends that are making edge computing the next must-have infrastructure. We will discuss the challenges that make edge computing unique in relation to cloud and data center. We will finish our exploration with real-world use cases from a variety of industries, showing how edge computing results in immediate business opportunities that you can leverage. //SPEAKER Kilton Hopkins, Edgeworx

Exploring the Trend Toward the Edge | Eclipse IoT Day Santa Clara 2019

Eclipse IoT

Ähnlich wie Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices (20)

Blockhain Ecosystem Development

Market Study on Mobile Authentication

Kura M2M IoT Gateway

Cloud security for financial services

Lessons from a real-life blockchain project (P2P energy), OW2con'18, June 7-8...

SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICE

Identity privacy and data protection in the cloud – what is being done is it ...

Hypori Performance Webinar

Understanding the Basics of Decentralized Applications (dApps)

htcia-5-2015

Combating Mobile Device Theft with Blockchain

RISE OF THE MACHINES: IRM IN AN IOT WORLD

2010.10.07. Le Cloud Computing pour les N...ouveaux - Loic Simon - Club Allia...

Cloud expo cloud-enabled testing services (wide)_v1.0

General discussion paper for airports

Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...

OPC UA Connectivity with InduSoft and the OPC Foundation

Blockchain Based Car Rental App

Exploring the Trend Toward the Edge | Eclipse IoT Day Santa Clara 2019

Mehr von PayPalX Developer Network

Payments Anywhere with PayPal

PayPalX Developer Network

Trends in social commerce

PayPalX Developer Network

Online Payments For Developers

PayPalX Developer Network

Monetizing with PayPal on Mobile

PayPalX Developer Network

Fueling the Wallet.Next

PayPalX Developer Network

Monetizing your Applications withPayPal X Payments Platform

PayPalX Developer Network

Social Media Metrics

PayPalX Developer Network

In Search of your Wallet ?

PayPalX Developer Network

Fowa University Session Monetizing in any ecosystem

PayPalX Developer Network

Sm Metrics from Social Media Week

PayPalX Developer Network

Monetization with PayPal Payments Platform

PayPalX Developer Network

Accept PayPal in 5 Minutes or Less Using Button Manager and Button Manager API

PayPalX Developer Network

Bill Me Later

PayPalX Developer Network

The PayPal Payflow Payment Gateway is a secure, scalable, and reliable payment service that processed $70B in 2008 and serves more than 70K merchants. Our Payflow products offer a single integration to process credit cards, eChecks, and PayPal payments. With the Payflow gateway, you can access a single interface to process PayPal payments (Express Checkout) as well as credit/debit cards using PayPal’s Website Payments Pro or a traditional internet merchant account. Payflow is the only gateway that supports PayPal’s Website Payments Pro in US, CA, and UK. In this session you will learn about our Payflow products and how these products can be used to process payments on and off the web.

One Gateway for All Kinds of Payments—the Payflow Integration

PayPalX Developer Network

Cool New Advances in PayPal Express Checkout

PayPalX Developer Network

Outsourcing identity-related services—such as customer authentication—to PayPal could speed your application development, save you the hassle of dealing with password resets, and give your customers a shorter and easier path to purchases. An authentication service is just one example of the identity services we've got planned. Come learn how all of them can improve business opportunities and enhance user experiences.

Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...

PayPalX Developer Network

Developing Secure Applications and Defending Against Common Attacks

PayPalX Developer Network

Opening Our Platform to Developers: PayPal's New Application Model and Develo...

PayPalX Developer Network

Adaptive Payments: Changing How We Pay with PIN, Pre-approved and Split Payments

PayPalX Developer Network

Streamline Your User Experience and Increase Conversion with Adaptive Accounts

PayPalX Developer Network

Mehr von PayPalX Developer Network (20)

Payments Anywhere with PayPal

Trends in social commerce

Online Payments For Developers

Monetizing with PayPal on Mobile

Fueling the Wallet.Next

Monetizing your Applications withPayPal X Payments Platform

Social Media Metrics

In Search of your Wallet ?

Fowa University Session Monetizing in any ecosystem

Sm Metrics from Social Media Week

Monetization with PayPal Payments Platform

Accept PayPal in 5 Minutes or Less Using Button Manager and Button Manager API

Bill Me Later

One Gateway for All Kinds of Payments—the Payflow Integration

Cool New Advances in PayPal Express Checkout

Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...

Developing Secure Applications and Defending Against Common Attacks

Opening Our Platform to Developers: PayPal's New Application Model and Develo...

Adaptive Payments: Changing How We Pay with PIN, Pre-approved and Split Payments

Streamline Your User Experience and Increase Conversion with Adaptive Accounts

Kürzlich hochgeladen

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Modernizing Securities Finance: The cloud-native prime brokerage platform transforming capital markets. Madhu Subbu, Managing Director, Head of Securities Finance Engineering Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

apidays

A Beginners Guide to Building a RAG App Using Open Source Milvus

Zilliz

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

ICT role in 21st century education and its challenges

rafiqahmad00786416

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Manulife - Insurer Transformation Award 2024

The Digital Insurer

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Kürzlich hochgeladen (20)

AWS Community Day CPH - Three problems of Terraform

Data Cloud, More than a CDP by Matt Robison

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Axa Assurance Maroc - Insurer Innovation Award 2024

MS Copilot expands with MS Graph connectors

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Landing an Oracle DBA Job as a Fresher

MINDCTI Revenue Release Quarter One 2024

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

A Beginners Guide to Building a RAG App Using Open Source Milvus

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

ICT role in 21st century education and its challenges

Apidays New York 2024 - The value of a flexible API Management solution for O...

presentation ICT roal in 21st century education

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Manulife - Insurer Transformation Award 2024

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices

1. BUILDING BULLET-PROOF PAYMENT APPLICATIONS FOR MOBILE AND CONSUMER ELECTRONICS DEVICES Hadi Nahari, Principal Security & Devices Architect PayPal Emerging Technologies

4. NEW USE CASES From Back Pocket to Front Pocket From Paper to Virtual Tickets From Paper to Virtual Coupons From Mass to Personalized From Pre-Sale to In-Store

10. OPEN PLATFORM MODEL (OPM) Portal App. NApp. 0 Development SDK. N SDK. 1 SDK. 0 App. 1 App. NApp. N App. NApp. NApp. M Deployment Download Device App. N App. 0 App. 1

11.

12.

13.

14. OBJECTS’ SECURITY MESH MNO Financial Portal App. N App. 0 App. 1 Retailer Regulator

15. ABSTRACT MODEL Cloud_m Cloud_n ID Claims Protection Declarations Enforcement Mechanisms Unforgeable, as in capability model Authorization Framework Claims Verification Authorization Framework Claims Verification

16.

17.

18.

19.

20.

21.

22.

23.

24.

25.

Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Ähnlich wie Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices

Ähnlich wie Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices (20)

Mehr von PayPalX Developer Network

Mehr von PayPalX Developer Network (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Developing Bullet-Proof Payment Applications for Mobile and Consumer Electronic Devices