Tuesday, 25 November 2014

2FA

Two Factor Authentication sounds almost the most boring subject in the world but this is all about protecting your online identify and digital content.

Today your email address and password is used for a lot of stuff. Whether you use Android, IOS, Windowsphone or something else many websites provide the ability to login with the ID and password for one of these services. In addition you may have bought digital products like music, games, videos etc using these ids. You also may have registered your credit card on these services for easy one-click shopping. It's easy and convenient to tie all this together with your email address. It is also a magnet for criminals, scammers and fraudsters. They want your card details or your identity to commit fraud and make money.

So your password is your first line of security. A lot of people use the same one for everything but are put off from remembering complex passwords. The easy way around this is to use a identity management application like Lastpass. Lastpass, along with other programs, can help manage complex passwords and provide extra levels of password security.

However this is not enough. Two factor authentication is a way that your service provider can give you a second layer of security. Typically this involves a single use code or pin. The code only lasts for a limited time and is requested everytime you log in unless the device you use is used 'frequently'. In this latter case you can allow a device not to need two factor authentication every time. However the normal procedure is after entering your password you will be asked to type in a code that is sent to a mobile phone that you have registered. You can also register an app or other programmable device to generate a single use code.

Security should not just be about big corporations looking after your data. It also means protecting your own data and 2FA helps you do that. I recommend this to everyone.

Links

Google Two Factor Authentication

Microsoft Two Factor Authentication

Apple Two Factor Authentication

Sunday, 16 November 2014

Nineteenth Century Banking in the Twenty-first Century

Last week I got £50 in a cheque, or in the US, a check. It was cashback from house insurance that I had earlier this year. With all the recent talk about Apple Pay and NFC it was a little quaint to receive an actual printed cheque.

I left it on the table for a couple of days because I would not be near my bank but it eventually was time to get it into my account. So I took the bus into town and banked the cheque. I asked the cashier when the funds would be available. In Britain the banks like to give the impression that they are in the 21stcentury but cheques got back hundreds of years. The original cheque acts state that someone has present a cheque to the actual bank for payment. So my cheque has to physically be transmitted to somewhere and at some point the bank, whose customer my insurance company is, verifies that this did come from that customer to authorise the movement of money. Total turnaround time – 5 working days.

In other words a nineteenth century process, slightly modified for computers, is going to transfer this money. The cost of the transfer is massive. Firstly the insurance company creates the cheque and posts it. Potentially a few pounds there. The cheque is then taken on a bus ride, costing me money, and, ends up in my local bank. The bank then posts it to their clearing location and presents it to the other bank of the account holder for clearing. The face value of the money hasn't changed but the actual transfer may well have cost 10% of its face value.

The bank then tricks me. It adds £50 of uncleared funds to my account. This makes my account look bigger with funds that may not get cleared. This is totally useless money because I can't really spend uncleared funds. If something goes wrong with the process, such as the company stopping payment, then the cheque is returned and my account goes back £50. Uncleared money is not really spendable until the cheque process ends but it indicates that the bank thinks it might be OK.

Banks can move billions in minutes in their casino banking arms but most regular customers see a very nineteenth century system. On top of that they append a 40 year old credit card system.

That is why Apple Pay, Google Wallet and the rest are the next great frontier on the Internet. Getting rid of these nineteenth century processes.

Friday, 14 November 2014

The Voice

If you have a smartphone made in the last 12 months you are very likely to have voice command capability. In the mid-1980s the improbability of talking to your computer was shown on the movie Star Trek IV – The Voyage Home. Mr Scott was trying to use computer to create transparent aluminium but found that the Apple Mac (brand new at the time) was unable to understand voice commands.

Star Trek was set in the world of the late 23rd century so when you find Siri, Google Voice Search and Cortana on your mobile device the real world is becoming stranger than science fiction.

My first experience of mobile voice devices was being driven home one evening from work. On this particular contract I took public transport but tonight I was offered a ride. My colleague had a new(ish) Apple iphone and during the journey he decided to text his wife while driving. Voice commands with Siri supported this. Unfortunately he was from India and had developed, through his work in the UK, a northern British accent. The result was a complete inability of Siri to pick up even the simplest words accurately. He had more success with the weather as the iphone declared that the weather would be fine. Since we were driving in a rainstorm that proved somewhat optimistic.

Google Voice Search seems pretty good. I have used that a few times on my Android Nexus 7 tablet. It is an accurate way of doing search and does not overstate its usefulness. When combined with Google Now it can tell you quite a lot but it does depend on disregarding your privacy and being a bit creepy. I don't take the tablet out and about too often but on a couple of occasions it noticed I was in the same place and thought, as it was away from the house, it must be work. It was wrong and started reminding me I was late for work. Accuracy depends on understanding your life but it provokes the question of whether you want Google to understand your life that much.

Then there is my phone – the Lumia 1020. Microsoft claims that my voice search called Cortana is a digital personal assistant. It's not quite as creepy as Google because you can keep stuff on the phone and out of the cloud. Cortana promises it will use personal preferences without recording them. I have found that it copes with my British accent pretty well but it seems to still have difficulty discovering where I work, helping me with public transport and the personal information that you would expect a personal assistant to know.

We are still some way from Star Trek but I am amazed we are this far along at all.

Saturday, 1 November 2014

On the bandwagon


This is the Microsoft Band. Only available in the USA right now but the first product by Microsoft to get into the watch/wearables market.

One of the interesting things about this wearable is that it is not just for Microsoft products. Unlike the Google Wear and the Apple Watch this product is open enough to work with IOS, Android and Windowsphone.

Right now it is only available in the USA at a relatively cheap $199. Cheap by comparison with Google and Apple wearables.

Since I am not exactly a fitness and sport person this will pass me by pretty quickly. However I do think this is another Microsoft product reflecting a focus on mobile and working across devices.

http://www.microsoft.com/microsoft-band/en-us