toddfearn.com

I’ve been using this product for about 9 months now and it rocks!  With your iPhone you can take credit card payments from anyone, anytime.

Your friend owes you $50, “yes I take credit cards Mark”. 

Now Apple has fully embraced the product by putting it into the Apple store last week.  They are most likely taking a cut of the transaction fee, but for Twitter founder  Jack Dorsey, this is a significant retail endorsement for his new company.

What about NFC?  Not sure how this fits in to the strategy for Apple.

There’s more info on TechCrunch.

I just took a quick gander at this video released from TD Ameritrade where they are claiming that they will see more mobile app based access to their systems than PC based access by 2013.

With traders increasingly looking for customized mobile solutions, TD Ameritrade recently rolled out apps for the iPad, iPhone, BlackBerry, Windows phone and Android, and has seen its mobile trading increase by 125 percent over the last year.

I don’t think we’re going to see this on the institutional side anytime soon, but the momentum continues to shift away from desktops.

This makes sense.  I saw this article from Penny Crosman at Banktech.com this morning. 

Apple has a way of doing things their own way and I think in this case they are going to attempt to push the old infrastructure aside, in the same way they dictated their own terms with the initial launch of the iPhone.

Why should Apple give the carriers or the credit card companies the opportunity to profit from this space when Apple has over 200 million registered Apple ID (iTunes) accounts?  These are accounts tied to credit cards with one-click purchase.

Apparently, according to a recent survey, 54% of Bankers Call Creating Mobile Corporate Banking Services A High Priority.  

Yet their primary concern is mobile device security.  Asked about the biggest barriers to growth in mobile corporate banking, 77% cited fraud and security concerns.

Having designed and led a team to build an iPhone/iPad app for a major wall street bank, I know first hand that this is a serious concern inside the firm.

Here are a few steps you can take:

1. Don’t store any sensitive information on the device.  Actually we don’t store anything at all, other than the login username, and this is only if the app user chooses to save this for ease of future login.  Citigroup reported a security flaw in it’s iPhone app in July 2010.  The problem: they were storing sensitive information on the device.


2. Check for a jailbroken device at startup.  When a device is jailbroken, you can gain full access (root access) to unlock all features of the said operating system, thereby removing limitations imposed by Apple.  This means a hacker can get at the apps and the data on the device.  They might even be able to decrypt your application binary and determine the logic, communication endpoints, and more. 


3. Ensure that all external communication is secure.  Use secure protocols when communicating with external bank systems (HTTPS, SSL, etc).  We actually implemented an additional redirection layer on top of this.


4. App timeout and/or closure upon exit.  In case a phone is left somewhere unlocked or let’s say without a password on the device, you want to make sure someone can’t just pickup the device and get to the app without providing credentials.  You can employ a timeout on the app, requiring login after let’s say 5 minutes of inactivity.  
   
   Apple also has an option in it’s build settings called “Application does not run in background”.  This is in the build plist file and if checked, when the home button is pressed the application will close completely, requiring a reload.  The default setting is unselected, meaning that the app stays in memory unless the device is rebooted.  In this case, you had better employ some kind of timeout period requiring credentials after timeout.


5. Hire an external vendor to perform a penetration test.  We hired a 3rd party security specialist firm to do this.  They tested all communication endpoint urls as well as the protocol and the actual device.  This is a relatively new area, so find a vendor that has experience with mobile device security.

I’m probably forgetting a few details, but these are the basics.

Everyone knows RIM is in trouble.  Last Friday RIM shares lost 10% of their value based upon poor earnings (Reuters).

Some believe that RIM can reverse its fortunes with the introduction of the QNX operating system, which will make its debut on the PlayBook.  

I personally think that RIM is too far behind the iPad.  Apple has almost an 2 year advantage with the iPad, over 65,000 apps written specifically for the iPad and another 250,000 iPhone apps that will run on the device.  You could argue that Apple really has about a 4 to 5 year advantage with the introduction of the iPod Touch in 2007.

The Playbook on the other hand will probably debut with less than 100 apps. And RIM said Thursday QNX, their killer OS, won’t appear on its phones until early next year.

I’m in the financial services industry and work primarily with hedge funds.  This industry embraced RIM from day one and loves the BlackBerry.

But, over the last year I’ve seen a departure.  Wall street firms are not building apps for the Blackberry devices, and I don’t see plans for the Playbook or Blackberry development.  No one is talking about the Playbook.  But they are rushing to deliver for the iPhone and iPad.

There’s also a huge shift away from delivering a new Blackberry devices to employees within the company.

  Instead, wall street firms are providing a free iPhone app from Good Technology to access corporate email and calendars.  This saves the company at a minimum $60 per month per employee.  This is a huge savings when you multiply this over thousands of employees.  

And the employees love it.  Now they don’t have to carry a separate corporate Blackberry along with their iPhone.

These trends are huge and they will accelerate.

This is going to be huge.  Moving your credit cards to your mobile phone means that my real-life wallet will shrink by about 90%.

Google announced a deal today (Wall Street Journal) with MasterCard and Citigroup for it’s Android platform.  Verifone, the manufacturer of most of the retail credit card terminals is also invovled.

The tech used is called Near Field Communication (NFC).  Basically, wave your phone in front of the credit card terminal, and payment can be made.  Google has an advertising angle here, displaying ads to the customer at checkout.

If you think about it, they could easily add coupons, location-based deals, etc.

Apple’s upcoming iPhone 5 is also rumored to have an NFC chip installed as well.