Strategic Niche Management (SNM) beyond sustainability. An exploration of key findings of SNM through the lens of ICT and privacy

Recently the governance of socio-technical transitions to sustainability is gaining attention in the field of innovation studies. One particular approach is that of Strategic Niche Management (SNM), which advocates the creation of protected space to experiment with radically new sustainable socio-technical practices. This paper contributes by asking whether this approach is also useful for analysis and governance of other types of socially desirable change. This question is addressed through a review of six key-findings of Strategic Niche Management and an original case study in the field of Near Field Communication (NFC) technologies for mobile payment. The social value at stake in this case is not sustainability but privacy. We draw three main conclusions. First, we find that the key-findings and concepts in SNM for sustainability are helpful to understand and interpret much of the data collected for the NFC case and privacy. However, there are notable differences in each of the key-findings, i.e findings related to a) the local-global distinction in SNM, b) expectations, c) social networks, d) learning, e) protection, and f) niche-regime interactions. Second, in relation to governance, the role of sustainability values (being a promising value to pursue) and privacy values (being a bottom-line value to defend) are notably different. Third, these differences result in different roles of public bodies in niche development. The paper ends with discussing the consequences for SNM for sustainability research and future research topics.Strategic Niche Management, sustainability, NFC, mobile payment, privacy

Analysis of roles and position of mobile network operators in mobile payment infrastructure

A number of different mobile payment solutions have been presented the last decade. The phone subscription with its security mechanisms are used for user identification and payments. This is the case for SMS based payment and ticketing systems that are getting more and more popular. However, there are other ways to implement a Trusted Element (TE) , where a SIM card architecture is only one. It can be in the mobile phone, as a separate integrated circuit, as an optional customer deployed plug-in device (e.g., microSD) or be running as an application on a server existing entirely as software. In this paper we analyze what roles and responsibilities different actors have in different types of mobile payments solutions. The main focus is on the implications for the mobile operator business. It turns out that new types of intermediary actors in most cases play an important role. Sometimes mobile operators are not even involved. The emergence of new payment together with other non-SIM card based TE solutions opens up for many different market scenarios for mobile payment services. --

Technology payment cards communication with banking institutions in the field of cashless payment

The aim is now used to describe the infrastructure of payment cards, ATMs, now used to describe the infrastructure of payment systems, mainly the payment cards and NFC technology and secure payment throw the internet. In this article, we examine a new technology application which is coming into its own around the world, in association with the revolution in wireless connectivity. Our findings are intended to guide in dealing with the economic aspects of mobile payments, and to help identify some important directions for the research

Near field communication: an assessment for future payment systems

In this paper, we present an assessment of near field communication (NFC) in the context of a payment market. During these past years, we have been witnessing a number of mobile payment trials based on NFC. Early experiences are already quite encouraging and many expect NFC to become a highly efficient and effective technology for mobile payments. The objective of our research is to evaluate in a systematic manner the potential of NFC as an upcoming technology for mobile payments. In order to ensure the rigor of our research, we used a formal and structured approach based on multi-actor multi-criteria methods. Our research provides one of the first assessment of NFC and a realistic picture of the current Swiss situation as we involved numerous mobile payment experts. Our findings show that Swiss industry experts are quite enthusiastic about the future of NFC

Survey and Systematization of Secure Device Pairing

Secure Device Pairing (SDP) schemes have been developed to facilitate secure communications among smart devices, both personal mobile devices and Internet of Things (IoT) devices. Comparison and assessment of SDP schemes is troublesome, because each scheme makes different assumptions about out-of-band channels and adversary models, and are driven by their particular use-cases. A conceptual model that facilitates meaningful comparison among SDP schemes is missing. We provide such a model. In this article, we survey and analyze a wide range of SDP schemes that are described in the literature, including a number that have been adopted as standards. A system model and consistent terminology for SDP schemes are built on the foundation of this survey, which are then used to classify existing SDP schemes into a taxonomy that, for the first time, enables their meaningful comparison and analysis.The existing SDP schemes are analyzed using this model, revealing common systemic security weaknesses among the surveyed SDP schemes that should become priority areas for future SDP research, such as improving the integration of privacy requirements into the design of SDP schemes. Our results allow SDP scheme designers to create schemes that are more easily comparable with one another, and to assist the prevention of persisting the weaknesses common to the current generation of SDP schemes.Comment: 34 pages, 5 figures, 3 tables, accepted at IEEE Communications Surveys & Tutorials 2017 (Volume: PP, Issue: 99

Inter-firm Alliances during Pre-standardization in ICT

alliances, ICT, standardization

Attacks On Near Field Communication Devices

For some years, Near Field Communication (NFC) has been a popularly known technology characterized by its short-distance wireless communication, mainly used in providing different agreeable services such as payment with mobile phones in stores, Electronic Identification, Transportation Electronic Ticketing, Patient Monitoring, and Healthcare. The ability to quickly connect devices offers a level of secure communication. That notwithstanding, looking deeply at NFC and its security level, identifying threats leading to attacks that can alter the user’s confidentiality and data privacy becomes obvious. This paper summarizes some of these attacks, emphasizing four main attack vectors, bringing out a taxonomy of these attack vectors on NFC, and presenting security issues alongside privacy threats within the application environment

Mobile contactless payments adoption challenge in the complex network actor ecosystem

Mobile contactless payments (MCP) technology brings an important dual use dilemma where consumer adoption can be halted if consumer is not fully persuaded that the security risk behind the technology use is very low. Currently, although many projects on the implementation of MCP solutions have commenced, MCP is still not picking up. Why? To fill this research gap and better understand how security is affecting MCP implementation, we employ triangulation approach to understand if security is the main obstacle to further adoption and extension of MCP solution. The results reveal that consumer security is the crucial factor in a successful MCP implementation. Our result offers important and new insights for practitioners as it provides a security dimension to consider in the entire contactless payment ecosystem

Host card emulation with tokenisation: Security risk assessments

Host Card Emulation (HCE) é uma arquitetura que possibilita a representação virtual (emulação) de cartões contactless, permitindo a realização de transações através dispositivos móveis com capacidade de realizar comunicações via Near-Field Communication (NFC), sem a necessidade de utilização de um microprocessador chip, Secure Element (SE), utilizado em pagamentos NFC anteriores ao HCE. No HCE, a emulação do cartão é efetuada essencialmente através de software, geralmente em aplicações do tipo wallet. No modelo de HCE com Tokenização (HCEt), que ´e o modelo HCE específico analisado nesta dissertação, a aplicação armazena tokens de pagamento, que são chaves criptográficas derivadas das chaves do cartão original, críticas, por permitirem a execução de transações, ainda que, com limitações na sua utilização. No entanto, com a migração de um ambiente resistente a violações (SE) para um ambiente não controlado (uma aplicação num dispositivo móvel), há vários riscos que devem ser avaliados adequadamente para que seja possível materializar uma implementação baseada no risco. O presente estudo descreve o modelo de HCE com Tokenização (HCEt) e identifica e avalia os seus riscos, analisando o modelo do ponto de vista de uma aplicação wallet num dispositivo móvel, que armazena tokens de pagamento para poder realizar transações contactless

An empiric path towards fraud detection and protection for NFC-enabled mobile payment system

The synthesis of NFC technology accompanying mobile payment is a state-of-the-art resolution for payment users. In view of rapid development in electronic payment system there is rise in fraudulent activity in banking transactions associated with credit cards and card-not-present transaction. M-Commerce aid the consumers and helps to bestow real-time information in payment system. Due to the familiarization of m-commerce there is cogent increase in the number of fraudulent activities, emerging in billions of dollar loss every year worldwide. To absolute the security breaches, payment transactions could be confined by considering various parameters like user and device authentication, consumer behavior pattern, geolocation and velocity. In this paper we formally assay NFC-enabled mobile payment fraud detection ecosystem using score-based evaluation method. The fraud detection ecosystem will provide a solution based on transaction risk-modeling, scoring transaction, business rule-based, and cross-field referencing. The score-based evaluation method will analyze the transaction and reckon every transaction for fraud risk and take pertinent decision