When Mobile Phones are RFID-Equipped - Finding E.U.-U.S. Solutions to Protect Consumer Privacy and Facilitate Mobile Commerce

New mobile phones have been designed to include delivery of mobile advertising and other useful location-based services, but have they also been designed to protect consumers\u27 privacy? One of the key enabling technologies for these new types of phones and new mobile services is Radio Frequency Identification (RFID), a wireless communication technology that enables the unique identification of tagged objects. In the case of RFID-enabled mobile phones, the personal nature of the devices makes it very likely that, by locating a phone, businesses will also be able to locate its owner. Consumers are currently testing new RFID-enabled phones around the globe, but the phones are not yet in general use by consumers in the United States and Europe. The incorporation of RFID into cell phones in order to deliver mobile advertising and other location-based services raises a host of important privacy questions that urgently need to be addressed before the phones become widely available. Analyzing the risks to consumer privacy in this new context, this paper offers a comparative law analysis of the applicable regulatory frameworks and recent policy developments in the European Union and the United States and concludes that there are many privacy concerns not presently addressed by E.U. and U.S. laws. This article also offers specific ideas to protect consumers\u27 privacy through applications of fair information practices and privacy-enhancing technologies. When mobile phones are RFID-equipped, consumers will need new privacy protections in order to understand the risks and make knowledgeable decisions about their privacy

A multimodal speech interface for dynamic creation and retrieval of geographical landmarks on a mobile device

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2010.Cataloged from PDF version of thesis.Includes bibliographical references (p. 140).As mobile devices become more powerful, researchers look to develop innovative applications that use new and effective means of input. Furthermore, developers must exploit the device's many capabilities (GPS, camera, touch screen, etc) in order to make equally powerful applications. This thesis presents the development of a multimodal system that allows users to create and share informative geographical landmarks using Android-powered smart-phones. The content associated with each landmark is dynamically integrated into the system's vocabulary, which allows users to easily use speech to access landmarks by the information related to them. The initial results of releasing the application on the Android Market have been encouraging, but also suggest that improvements need to be made to the system.by Samuel S. Dyar.M.Eng

A Behavioral Model System for Implicit Mobile Authentication

Smartphones are increasingly essential to users’ everyday lives. Security concerns of data compromises are growing, and explicit authentication methods are proving to be inconvenient and insufficient. Meanwhile, users demand quicker and more secure authentication. To address this, a user can be authenticated continuously and implicitly, through understanding consistency in their behavior. This research project develops a Behavioral Model System (BMS) that records users’ behavioral metrics on an Android device and sends them to a server to develop a behavioral model for the user. Once a strong model is generated with TensorFlow, a user’s most recent behavior is queried against the model to authenticate them. The model is tested across its metrics to evaluate the reliability of BMS

Photo annotation and retrieval through speech

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (p. 36).In this thesis I describe the development of a speech-based annotation and retrieval system for digital photographs. The system uses a client/server architecture which allows photographs to be captured and annotated on various clients, such as mobile camera phones or the web, and then processed, indexed and stored on networked servers. For speech-based retrieval we have developed a mixed grammar recognition approach which allows the speech recognition system to construct a single finite-state network combining context-free grammars for recognizing and parsing query carrier phrases and metadata phrases, with an unconstrained statistical n-gram model for recognizing free-form search terms. Experiments demonstrating successful retrieval of photographs using purely speech-based annotation and retrieval are presented.by Brennan P. Sherry.M.Eng

Continuous and Energy-Efficient Transportation Behavior Monitoring

In this thesis we present and evaluate a novel approach for energy-efficient and continuous transportation behavior monitoring for smartphones. Our work builds on a novel adaptive hierarchical sensor management scheme (HASMET), which decomposes the classification task into smaller subtasks. In comparison to previous work, our approach improves the task of transportation behavior monitoring on three aspects. First, by employing only the minimal set of necessary sensors for each subtask, we are able to significantly reduce power consumption of the detection task. Second, using the hierarchical decomposition, we are able to tailor features and classifiers for each subtask, improving the accuracy and robustness of the detection task. Third, we are able to extend the detectable motorised modalities to cover most common public transportation vehicles. All of these attributes are highly desirable for real-time transportation behavior monitoring and serve as important steps toward implementing the first truly practical transportation behavior monitoring on mobile phones. In the course of the research, we have developed an Android application for sensor data collection and utilized it to collect over 200 hours of transportation data, along with 2.5 hours of energy consumption data of the sensors. We apply our method on the data to demonstrate that compared to current state-of-art, our method offers higher detection accuracy, provides more robust transportation behavior monitoring and achieves significant reduction in power consumption. For evaluating results with respect to the continuous nature of the transportation behavior monitoring, we use event and frame-based metrics presented by Ward et al

Holding the FBI Accountable for Hacking Apple\u27s Software Under the Takings Clause

Smartphones have swiftly replaced most-if not all-conventional methods of sending, receiving, and storing personal information. Letters, address books, calendars, and trips to the bank have been rendered obsolete by tools such as text messaging, digital contacts, iCal, and mobile banking apps. Although these digital alternatives are convenient, they are not immune from attack. Therefore, to remain competitive, technology companies must maintain safe and secure platforms on which users may freely store and share their personal information. Apple Inc., for example, strives to protect its users\u27 intimate information, consequently earning a reputation for prioritizing security. Like a king protecting his castle, Apple has erected a variety of technological and legal barriers to guard its users\u27 data and ward off unwanted intruders from vulnerabilities at a variety of stages. First, to protect user data from unauthorized access, Apple\u27s software authorizes iPhone users to set their own passcode. Next, Apple encrypts its iPhone software, essentially placing adigital padlock on its software to preclude any software alterations, including the user-determined passcode functionality. Lastly, Apple copyrights its encryption padlock, discouraging rogue actors from circumventing its technology and security features in fear of civil or criminal implications. In the spring of 2016, however, the federal government pillaged Apple\u27s digital fortress, overcoming each of these barriers. The Federal Bureau of Investigation (FBI) was investigating the terrorist attack in San Bernardino, California, and Apple\u27s security mechanisms precluded access to a shooter\u27s iPhone, which was locked with the user-determined passcode. Nonetheless, the FBI hired professional hackers to alter Apple\u27s software, thereby circumventing Apple\u27s encryption and ignoring Apple\u27s copyrights, to access the iPhone. Although the FBI opened just this one phone, just this one time, its hacking has much broader implications. By altering Apple\u27s software to circumvent its encryption, it smashed Apple\u27s digital padlock, essentially creating a master key capable of opening hundreds of millions of iPhones, jeopardizing users\u27 intimate information. The FBI has devalued Apple\u27s coveted security and risked Apple\u27s reputation. Despite Apple\u27s copyright, Apple has no statutory remedy available; however, the Takings Clause in the Fifth Amendment of the United States Constitution affords Apple a simple solution. This Note contributes to the contentious debate about prioritizing individual privacy in the face of increasingly innovative and complex national security threats. It suggests a novel way to deter governmental intrusion by establishing that Apple\u27s copyrights are prroperty under the Fifth Amendment and by characterizing the FBI\u27s investigative conduct in the San Bernardino case as a taking under the Fifth Amendment. Constitutionally requiring the federal government to pay \u27just compensation necessarily compels it to consider in its calculus the economic consequences of circumventing a technology company\u27s encryption, potentially preventing such intrusion in the first place

Enhancing personal safety and security utilizing mobile phones

Thesis (S.M.)--Massachusetts Institute of Technology, School of Architecture and Planning, Program in Media Arts and Sciences, 2006.Includes bibliographical references (p. [109]-[110]).This thesis describes the design and development of a system that is aimed for enhancing safety and security using cellular phones. This system has two main components: a master phone application to assist people who need to take care of their loved ones, and a slave phone application to provide help to care-recipients who need attention from their caregivers. This system applies location awareness (GPS), awareness of social activities (communication activity and proximity with close peers,) and peer-to-peer data communication as its core technologies. There are three sub-components that are implemented the system: First component is for providing a set of information in order to enhance awareness of crime around users' surrounding areas. This component is used to assess risk on users themselves as well as their property. The second component is a sub-system that is dedicated for detecting a possible abnormal transit behavior. Consequently, the system alerts this abnormality to both the system users and their caregivers. Third component detects nearby phone to cultivate social activities with the system user's peers.(cont.) The purpose of finding contacts is to get remote help from friends of the care-recipients. All the functions provided by the system fall into the gray area in between the state in which care-recipients are completely safe, and that in which care-recipients had an accident severe enough to require help from authorities.by Jae-woo Chung.S.M

Near Field Communication Applications

Near Field Communication (NFC) is a short-range, low power contactless communication between NFC-enabled devices that are held in the closed proximity to each other. NFC technology has been moving rapidly from its initial application areas of mobile payment services and contactless ticketing to the diversity of new areas. Three specific NFC tags highlighted in the thesis have different structures in terms of memory, security and usage in different applications. NFC information tags exploit the data exchange format NDEF standardized by NFC Forum. NFC applications are rapidly stepping into novel and diverse application areas. Often they are deployed in combination with different devices and systems through their integrability and adaptability features. The diverse application areas where NFC tags and cards are used cover smart posters, contactless ticketing, keys and access control, library services, entertainment services, social network services, education, location based services, work force and retail management and healthcare. In designing different NFC applications, it is necessary to take into consideration different design issues such as to choosing the NFC tools and devices according to the technical requirements of the application, considering especially the memory, security and price factors as well as their relation to the purpose and usage of the final product. The security aspect of the NFC tags is remarkably important in selecting the proper NFC device. The race between hackers attacking and breaking the security systems of programmable high level products and manufacturers to produce reliable secure systems and products seems to never end. This has proven to be case, for example, for trying MIFARE Ultralight and DESFire MF3ICD40 tags. An important consideration of studying the different applications of NFC tags and cards during the thesis work was to understand the ubiquitous character of NFC technology.Lähitunnistus yhteys tekniikka (NFC) on lyhyen tähtäimen, pienitehoinen, kontaktiton yhteydenpito NFC yhteensopivien laitteiden välillä, jossa laitteet pidetään toistensä välittömässä läheisyydessä tiedon siirtämiseksi niiden välillä. NFC-teknologia on siirtynyt nopeasti sen alkuperäisiltä toimialueilta eli mobiili maksupalvelujen ja kontaktittomien lippujen sovellusalueilta moninaisille uusille alueille. Kolmella NFC tagillä, joita on käsitelty tässä tutkielmassa, on muistin, turvallisuuden ja käytön kannalta erilaisiä rakenteita, joita käytetään eri sovelluksissa. NFC-tagit käyttävät tiedonvälityksessä NFC Forumin standardoimaa NDEF-tiedonvaihtoformaattia. NFC sovellukset esiintyvät yhä enenevässä määrin nopeasti kehyttyvillä, uudenlaisilla ja monipuolisilla sovellusalueilla, usein yhdessä eri laitteiden ja järjestelmien kanssa. NFC on käytettävissä erinäisten laitteiden kanssa erilaisissa järjestelmäympäristöissä. Monipuoliset sovellusalueet, joissa muun muassa NFC-tagejä ja -kortteja käytetään sisältävät seuraavanlaisia sovelluksia: älykkäät julisteet, kontaktittomat liput, avaimet ja pääsynvalvonta, kirjastopalvelut, viihdepalvelut, sosiaalisen verkoston palvelut, kasvatukseen ja koulutukseen liittyvät palvelut, sijaintiperustaiset palvelut, työvoiman ja vähittäiskaupan hallinto-palvelut ja terveyspalvelut. Erilaisten NFC-sovelluksien suunnittelussa on väistämätöntä ottaa erilaisia suunnitteluasioita huomioon kuten valita NFC-työkalut ja laitteet sovelluksen teknisten vaatimusten mukaan. Erilaiset tärkeät tekijät kuten muisti, tietoturvallisuusominaisuudet ja hinta ja niiden kaikkien toimivuus lopputuotteen kannalta on otettava huomioon. Tietoturvallisuusnäkökohta on erityisen tärkeä oikean NFC laitteen valitsemisessa, sillä käynnissä on loputon kilpajuoksu hakkerien, jotka yrittävät rikkoa ohjelmoitavien korkeatasoisten laitteiden ja tuotteiden tietoturvajärjestelmiä, ja valmistajien, jotka pyrkivät tuottamaan luotettavia varmoja järjestelmiä, välillä. Tietoturvariskiin liittyviä ongelmia on löydetty esimerkiksi MIFARE Ultralight ja DESFire MF3ICD40 tageista. Tärkeä havainto, joka saatiin erilaisten NFC sovelluksien tutkimisesta, oli oivaltaa NFCteknologian potentiaalinen kaikkialle ulottuva, yleiskäyttöinen luonne