Snippings

xxx

To prevent problems like these from occurring, each IoT device needs to be able, as it were, to show an identity document—”authentication,” in professional terms. Normally, speaking, this is done with a kind of password, which is sent in encrypted form to the person who is communicating with the device. The security key needed for that has to be stored in the IoT device one way or another, Lieneke Kusters explains. “But these are often small and cheap devices that aren’t supposed to use much energy. To safely store a key in these devices, you need extra hardware with constant power supply. That’s not very practical.”

Digital fingerprint

There is a different way: namely by deducing the security key from a unique physical characteristic of the memory chip (Static Random-Access Memory, or SRAM) that can be found in practically every IoT device. Depending on the random circumstances during the chip’s manufacturing process, the memory locations have a random default value of 0 or 1.

From A fingerprint for the Internet of Things:

xxx

xxx

n contrast, the magnetic PUF is resistant to attack and insensitive to environmental variations.

“In all previously proposed MRAM PUFs, a procedure to set random magnetization orientations is necessary for their practical application,” said Zhe Guo, a post doctor in You’s team. “In our IAE-PUF, the random distribution of magnetization orientations is formed during the MgO layer thinning process, so no initialization is required.” The avoidance of setting random states with an external magnetic field or writing current makes it easier to integrate and scale down with low power consumption.

From Highly secure physically unclonable cryptographic primitives based on interfacial magnetic anisotropy:

xxx

xxx

The payment technology has largely failed to gain popularity, analysts say, as some consumers have found the sign-up process cumbersome and had concerns about how their images and data would be used. It shows that even a major fintech innovator with a large customer base can face privacy concerns and struggle to change user habits.

From In China, Paying With Your Face Is Hard Sell – WSJ:

xxx

xxx

British payments firm Pay.UK’s Answer Pay service and new enrollee Mastercard have successfully completed their first post-testing transaction involving Answer Pay’s “Request to Pay” service, Answer Pay announced on Thursday (Sept. 17).

From Answer Pay, Mastercard Execute First Transaction | PYMNTS.com:

xxx

xxx

My observation is that many digital driving licence designs being rolled out right now fail on several of these “good/better” design checks, in fact, when closely examined, most are a step backwards not forwards despite their “look at me” quality for press releases.

From (2) Digital Driving Licences – failing the test? | LinkedIn:

xxx

xxx

The EU will set up a new college of supervisors, including national and European authorities, to oversee “significant” digital currencies including Facebook’s Libra, according to the European Commission’s cryptocurrency draft proposal

From LEAK: EU to create ‘superbody’ of watchdogs to oversee digital currencies – EURACTIV.com:

xxx

xxx

The European Commission wants financial firms and other companies to share more customer data to create a “broader open finance space” with new services for citizens, according to a draft of the Digital Finance Strategy seen by EURACTIV.

The strategy, which could still be subject to changes, is expected be presented later this month. It outlines the Commission’s priority actions by 2024 to make “the benefits of digital finance available to European consumers and businesses,” the draft document reads.

From LEAK: Commission plans new revolution for “open finance” in 2022 – EURACTIV.com:

xxx

xxx

The average transaction value of fast payments in Denmark and Sweden are less than 0.3% of GDP per capita, indicating they are used mainly for person-to-person payments. At the other end of the scale, the average transaction value of fast payments in Hong Kong SAR is over 6%, suggesting that they are used mainly for payments involving businesses (eg payment of rent).

From Fast retail payment systems:

xxx

xxx

he Feds claim that between January 2019 and February 2020, somewhere between 45 per cent and 95 per cent of NS8’s listed assets appear to have been fictitious. During that period, the firm raised about $123m from investors.

From Online fraud prevention biz fails to prevent CEO’s alleged offline fraud • The Register:

xxx

xxx

To that end, the House this week finally passed the Internet of Things Cybersecurity Improvement Act, which should finally bring some meaningful privacy and security standards to the internet of things (IOT). Cory Gardner, Mark Warner, and other lawmakers note the bill creates some baseline standards for security and privacy that must be consistently updated (what a novel idea), while prohibiting government agencies from using gear that doesn’t pass muster. It also includes some transparency requirements mandating that any vulnerabilities in IOT hardware are disseminated among agencies and the public quickly:

From House Passes Bill To Address The Internet Of Broken Things | Techdirt:

xxx

xxx

“Even where a crypto-asset would qualify as a MiFID II financial instrument (the so-called ‘security tokens’), there is a lack of clarity on how the existing regulatory framework for financial services applies to such assets and services related to them. As the existing regulatory framework was not designed with crypto-assets in mind, NCAs [national competent authority] face challenges in interpreting and applying the various requirements under EU law.”

From Leaked document: EU Commission aiming for a front position on crypto regulation – The Tokenizer:

xxx