appMobi launched a new 1-Click payment technology called cloudKey which secures users' credit card information for online purchases on their device, not on remote servers. With the wave of recent high-profile hacking attacks on companies like Sony, Citi and AT&T, even non-security minded folks have become aware of the need for improvements to the current system.Today, mobile application development vendor
Until now, credit card accounts and personal information have been stored in centralized, online databases, making them vulnerable to attacks. With the new cloudKey system, which uses standard encryption technology and a "distributed key" topology, appMobi aims to deliver a more secure solution.
Security: Too Much Work for Hackers
With cloudKey, customers' private data is stored using 256-bit AES (Advanced Encryption Standard), which is the NSA-approved data encryption standard. It also uses a "distributed key" topology, which means that the appMobi servers don't house the private data themselves, only decryption keys. These keys on their own are worthless - a hacker would still need to get hold of a user's device in order to obtain the credit card data.
Even then, doing so would be difficult. The data on the device is encrypted, too, and hackers would have to crack a password to get access to that information. Even if a hacker was able to break through all these barriers, the payoff would be minimal - perhaps just one credit card number. For most hackers, that would represent too much work for too little reward.
The new cloudKey e-commerce system easily integrates with payment gateways from PayPal, Authorize.net and even direct carrier billing. It has been tested in all major browsers, including Chrome, Firefox, Opera, IE 6+ and Safari, and works both online or on mobile.
The system's technology does not require specialized hardware, either, which makes it different than point-of-sale focused payment systems that use NFC, for example. With NFC, devices have to come equipped with secure storage - a special on-device hardware storage area where credit card information and other private data is saved. Although appMobi's system is not competitive with NFC, as it's designed for online and mobile purchases, not physical ones taking place at a cash register, it is possible that parts of this system could be used to enable a secure storage area of sorts on NFC-equipped phones that lack the necessary hardware, like Nokia's C7 and N9. These new Nokia devices, it's been discovered, are not capable of supporting mobile payments or mobile wallets, for that very reason.
Where to Get It
The cloudKey technology will be immediately integrated into appMobi's 1Touch payment system, for use by mobile and Web developers. It will be free for 30 days, and afterwards, there will be a flat rate of 10 cents per transaction.