W3C home > Mailing lists > Public > public-webpayments@w3.org > August 2013

Re: Interview: Kipochi founder Pelle Braendgaard

From: Kumar McMillan <kmcmillan@mozilla.com>
Date: Thu, 8 Aug 2013 21:13:37 -0500
Cc: public-webpayments@w3.org
Message-Id: <12EFA061-57E7-45A6-9B5E-726EF23D5CBC@mozilla.com>
To: Kingsley Idehen <kidehen@openlinksw.com>

On Aug 8, 2013, at 6:17 PM, Kingsley Idehen <kidehen@openlinksw.com> wrote:

> On 8/8/13 7:03 PM, Kumar McMillan wrote:
>>> We are not accepting payment orders via SMS. We only authenticate users via incoming SMS. There is no need to trust SMS messages received from them.
>> ok, thanks, I understand it better. The bitcoin wallet is not *on* the phone, it's stored on a web server like other online wallets.
> Storage on the Web is not implicitly safe. Today, you have a third party (aka. Bank) holding on to you coins, look at what's happened there.
> The safest best is storage on a device you control. The allure of perceived convenience re. online solutions is the shortest route to compromise.

I think that's an interesting model but I have yet to see a secure way to do that. I think M-Pesa requires you to use a SIM kit that has a keystore chip in it (something like that) but there aren't many standard ways to do it that I know of. If anyone knows of ways to do it I'm curious to learn about them. The challenge is how to keep private keys on a device without *any* other part of the system being able to access that. Anyway, there are lots of complications, like, what happens when you lose your phone? It's like losing a wallet with all your cash (all of it), not good. Centralized web services have their advantages.

> -- 
> Regards,
> Kingsley Idehen	
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog: http://www.openlinksw.com/blog/~kidehen
> Twitter/Identi.ca handle: @kidehen
> Google+ Profile: https://plus.google.com/112399767740508618350/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
Received on Friday, 9 August 2013 02:14:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:24 UTC