Hi All, Please join us tomorrow for a presentation by Sam Castle on his ongoing PhD research here at UW. Sam will be talking about fraud in the digital financial service ecosystem of emerging markets.
*What: *Sam Castle - Addressing the Challenges of Fraud in Financial Servicesfor Emerging Digital Economies *When: *12pm, Tuesday February 14 *Where: *CSE 203 *Abstract* According to the World Bank, more than 2 billion people worldwide have no access to any financial services. In the developing world, where traditional banking infrastructure is limited, 8 out of 10 people now own a mobile phone, which can be used to save, send, and borrow money. Where there is money, there must be security, yet prior work on mobile money identified discouraging vulnerabilities in the current ecosystem. We assess these security concerns from two directions: (1) the risk introduced by existing vulnerabilities and (2) the actual exploits which occur in practice. We begin by defining a systematic threat model for this domain and applying it throughout our work. To understand existing vulnerabilities, we conducted a large-scale analysis of 197 current Android deployments and examined 71 products in more detail. After detecting substantial potential vulnerabilities, we interviewed 7 software developers in Africa and South America to investigate the root causes of ! these issues. We found that competent developers consistently lack relevant security tools, and we propose a way forward for designing such tools. In parallel research we attempted to measure the prevalence of exploits occurring in practice. Based on anecdotal evidence from users, mobile operators, and news sources, social engineering is the most common attack on mobile money users. We collected a new corpus of data on phishing over SMS, and we present an initial evaluation of this phenomenon with proposals to mitigate the risk of fraud.
_______________________________________________ change mailing list firstname.lastname@example.org http://changemm.cs.washington.edu/mailman/listinfo/change