Author: Mike Hearn 2014-03-06 13:44:26
Published on: 2014-03-06T13:44:26+00:00
In an email exchange between Andreas Schildbach and an unknown recipient, they discuss the use of iso-dep in a payment system. Andreas expresses his uncertainty about whether iso-dep is the way to go as the connection breaks when the phone is picked up. He suggests that if the phone isn't willing to immediately authorize, it would have to fall back to HTTPS or Bluetooth as normal. When asked how to risk-analyze the memo field, Andreas replies that only the amount and destination are relevant for risk analysis. Regarding optimization to speed up signature checking, Andreas suggests making it lazy. The user can inspect the payment while signatures are being checked. He notes that even the current ~10 second roundtrip is a huge improvement to the status quo, citing an example where it took him 7 full minutes just for the payment process when trying to buy a subway ticket. In response, the recipient jokes that the subway kind of sucks. They also mention the low latency Oyster cards used in London's transportation system.
Updated on: 2023-06-08T04:06:55.736504+00:00