Forecast 2013: Giving top technologies a beta test

These forward-thinking IT shops are testing out new ways to use the latest technologies to drive revenue, enhance customer service and more.

1 2 3 Page 3
Page 3 of 3

Customers Pay Safely With Secure Mobile App and Device

More than a quarter (26%) of the Computerworld 2013 Forecast survey respondents who are engaged in testing said they're developing security technologies. For example, Esco, an IT company serving the loan settlement industry, and its Portsmouth, Va.-based subsidiary MyCaPa have developed a secure Android app that's designed to eliminate the need to show a credit card when making a payment in a restaurant or store.

"Our goal here is to eliminate fraud," says Esco CIO Paul Robert. "The main source of fraud with credit cards is that the merchant has enough information from your credit card that if it gets into the wrong hands, then fraud happens. So let's eliminate that information from the credit card cycle."

A small device the size of a cigarette lighter connects to the merchant's printer and PC and to secure Linux transaction servers. Customers use a four-digit code printed on their receipt to authenticate and verify payment on an Android phone. Patrons can also use the app to add a tip -- all without revealing their names or credit card numbers to the business, Robert says.

"Only four pieces [go out from] the phone application to the server: the vendor number, invoice number, amount paid and tip," he says. The phone app authenticates the payer through a series of questions and codes.

The devices and app are being tested in "a couple of stores and restaurants today," Robert says, and will roll out in mid- to late 2013.

Esco is also looking to eliminate denial-of-service attacks during loan settlement transactions where hundreds of thousands of dollars are at risk. The company has taken a Linux kernel and reduced the instruction set in the kernel so that laptops used by title company reps in settlement transactions can communicate only with a few known IP addresses.

"TCP/IP only has about 37 commands inherent to it. We decided that only six of those commands are necessary," Robert explains. "If you send the TCP/IP to our server, where these IP addresses are, and it isn't formatted the way we expected and if it's not one of the six commands, or if it doesn't have the encryption we want, we discard the packet."

The technology, based on Linux Trustix, completed six months of beta testing in February and is now being piloted with customers. "We're approaching about 500 real estate closings a week" using the secure Linux technology, Robert says.

Next: Setting a mobile risk strategy

Collett is a Computerworld contributing writer. You can contact her at stcollett@comcast.net.

Copyright © 2012 IDG Communications, Inc.

1 2 3 Page 3
Page 3 of 3
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon