4-+Secruity+issues

Privacy and Security in the mobile payments market is evidently one of the largest concerns. We are taking steps to ensure that all transactions are properly safeguarded with security measures ensuring that the individual performing the transactions is indeed the actual owner of the phone. Kingston MPS will constantly be sending and receiving payment data so to protect our customer’s information the data will be encrypted. Encryption prevents the data from being intercepted and understood by a third party without the proper passphrase. (Borlongan 2010) In addition, we want security measures to provide consumers with a smooth and quick mobile payment experience. This being said, we intend to include various levels of security based on the amount of money involved in each transaction.
 * Privacy and Security **

//__ Level 1: $0.01 - $99.99 __// Payments under $100.00 fall under the category of common everyday purchases such as gas, cigarettes, transit fees, meals, etc. Consumers need to be able to make these transactions as quickly as they would with a credit card or debit card and optimally as fast as paying with cash. These smaller purchases would require the user to enter a pin number similarly to debit cards. However, the pin could be entered, for instance, while the person is waiting in queue so that when they reach the checkout all they would need to do is hold their mobile device up to the NFC terminal and the transfer would be made. Originally the limit for this level was to be set at a maximum of $60.00 but because many clothing purchases, such as a single pair of jeans, tend to hover somewhere in the $80.00-$99.99 region we decided to increase the limit to $99.99. //__ Level 2: $100.00 - $499.00 __// Larger payments used for more serious purchases will require 2FA (2 factor authentication). The second level of security will require each user to carry with them a key fob attached to their keychain that acts as a token which when pressed sends a short verification code to the user. He or she would then have 60 seconds to enter the verification code into their phone. This is a great way to conduct authentication because it ensures 2 things: that the person KNOWS something (their pin number) and that they HAVE something (the key fob token). //__ Level 3: $500.00+ __// The highest level of security will implement biometrics technology to confirm the client’s identity. Consumers making purchases totaling $500.00 or more will need to be verified on a 3FA (3 factor authentication) system, requiring the user to provide voice recognition verification. As smart phone adoption rises, Kingston MPS hopes to integrate fingerprint identification / iris scanning. This is the third and final type of authentication; something the user IS / DOES. Large purchases in general, usually take more time to process and confirm. The time required for the user to go through the 3 factor authentication process will not be seen as a major drawback compared to other payments services currently available. //__ Auto-Lock Feature __// Upon entering the required security checks, the mobile device will be open to transactions. Once the phone is left idle for 2 minutes the device will be locked out preventing the transfer of funds until the user inputs the pin once again. The point of this is to restrict a thief from paying with a phone that had been unlocked by a user who forgot to re-lock their mobile payment connection.