New Security Considerations in Mobile Commerce

Pragati Ogal RaiMobile Technology Evangelist

X.commerce (an eBay Inc. Company)

X.commerce: Largest Ecosystem of Commerce Capabilities

04/12/2023 2

Consumer Products

Merchant Products

Platform Products

Capabilities

Other Storefronts

X.commerce Fabric

MerchantProducts

OVER 800,000 DEVELOPERSCommunity

Agenda

What is m-commerce?

M-commerce ecosystem

Use cases & security analysis

Standards

Best Practices

Mobile is Changing Commerce

Promotions & coupons

Mobile commerce

Payments

Location-based services

In-store research

Self-scanning & self-checkout

Social commerce

Loyalty

Mobile shopping lists

Mobile is Changing Commerce

Pre-transaction

In-store

Transaction

Post transaction

End-to-end security

So what’s different with m-commerce?

Too many expectations

New market players and dynamics

Limitations of client devices

Portability

Pervasive computing

Location aware devices

Merchant machines

Standardization & approvals

Infrastructure

Clients Merchants

M-commerce Ecosystem

Disconnected: Off-line m-commerce

• Disconnected

• Privacy

• Integrity of State

Partial Connectivity: Infrastructure Centric Model

Partial Connectivity: Merchant Centric Model

Partial Connectivity: Client Centric Model

Partial Connectivity: Security Analysis

End to end security

Privacy

Client-merchant identification

Communication authentication

More points of attack

Full Connectivity

• End to end security

PCI Standard

Standard for payment industry

PCI PTS approved add-on devices

PA DSS approved applications

Working with mobile vendors for further solutions around

mobile payments

Best Practices

Understand what mobile means for your business

Security asset identification/ threat analysis

Technology analysis

Be aware of emerging standards

Risk and fraud algorithms

Thank you!

pragati@x.com@pragatiogal

http://www.slideshare.net/pragatiogal