The funny thing about this presentation is that I have first been invited to attend the e-Smart version of it (this week as well, in Sophia Antipolis). When I declined, they told me that the same talk was given at JavaOne, so here I am. From Onzo’s Tim Holley and Oracle’s Jean-Yves Bitterlich, this is …
UPDATED ON 04/06/10: Additional comments about security requirements Securing Web servers is hard work, as OWASP periodically reminds us. Of course, this applies to smart card web servers, regardless of the underlying technology. I received a comment from someone who noticed that some of the Java Card 3.0 Connected sample applications have really bad security. …
Smart card security doesn’t often get on traditional media, so we can all (at least, the French-spaking ones) be happy that France Culture will spend an hour discussing the security of payment cards, trying to provide an answer to the question “Comment améliorer la sécurité des cartes bancaires?“. Among the speakers, we will have Jean-Louis …
It seems that the American plastic cards are getting them in trouble, at least when they travel in Europe. Of course, cards without chips still work perfeectly in restaurants, hotels, and stores. However, things are very different at automated machines. If you are in France and you want to pay for underground parking, for renting …
RATP has been working for a while on the future deployment of their Navigo transport cards over NFC phones. Such a move perfectly makes sense for a utility company, since card issuance is a pure cost for them, so dematerialization sounds good. One of the promises of such a deployment is over-the-air renewal of monthly …
The PlaySIM project is about using a SunSPOT device as a Java Card 3.0-enabled SIM card. It is a collaboration between Sun and Telenor, and as far as I know, it is the first experiment based on Java Card 3.0 performed by a mobile operator. The interest of this project is to combine the expressive …
Visa seems to be investigating a new way to use magnetic stripe cards. The article does not give much details, but the basic idea seems to be that the magnetic stripe is scanned with a high definition, which provides a “unique” pattern, which Visa compares to the DNA or fingerprint of the card. Of course, …
One year ago, I blogged on Android security. I recently received a comment asking if my impression had changed now that Android actually exists, even on devices. Well, no. Not at all.
Reports about cloning debit cards have been all around, for instance here. The combination of cloning cards and making millions with a fraud scheme instantly makes smart card people happy: we told you that your magstripe cards would lead to big problems! OK. But let’s try to analyze this a bit deeper.
Juniper Research has just published a study on Mobile Payments, 2008-2013, which is announced in a press release. The report promises wonderful things, like $75 billion in yearly mobile payments by 2013. The author of the report, Howard Wilcox, is however quite cautious, and he is cited in the press release as saying: Whilst trial …
