Updates
0 new
0
Recommendations
0 new
0
Followers
0 new
1
Reads
0 new
98

Project log

Maurizio Cavallari
added a research item
Mobile technologies are increasingly pervading a substantial portion of everyday life. In particular, the economic sector of consumers and private sales has shown a very high rate of utilization of mobile applications. Mobile payments are no exception, and the economic development relies more and more on mobile technologies. Bank institutions and financial firms are privileged targets for cyber attacks and organized crime, exploiting vulnerabilities of smart mobile devices in particular for host card emulation wireless payments. The research analysis was based on mobile platform Android and identified ten original (novel) controls that can avoid possible attacks on payment transactions and/or privacy. The study has practical implications as practitioners and organizations, like banks, shall control the risks associated with the taxonomy of tamper IDs. Organizational implications can be regarded as the need for banks to look into software development for mobile applications.
Maurizio Cavallari
added a research item
The widespread use of cloud computing and services has modified IS architectures which have been well established and consolidated in the past. We can call this “The Era of (software) MicroServices” which has led towards the adoption of Information Systems models independent from traditional tiered-architecture. MicroServices offer a new conceptualization adopting a distributed system decomposing the architecture legacy in micro-components, each one with an independent life-cycle yet interconnected and correlated. Two new concepts arise: “Continuous Integration”, referred as CI, and “Continuous Delivery”, referred as CD. Each MicroService is hosted within a single object denominated “container” which has a proper lifecycle and often with a unikernel-operating system with minimal sets of executable libraries. The paper then discusses the new technological tendencies under the lens of an organizational approach to new aspects of development and the emerging security solutions introduced by MicroServices, in particular for existing legacy systems.
Maurizio Cavallari
added 4 research items
Most major banks, credit card payment processors/issuers and large businesses have come to adopt mobile pay- ment applications for smartphones. A ica, Asia, South America and other developing countries are no exceptions. e rate of growth of developing countries’ smartphone market penetration and usage have increased tremendously in recent years. Based on previous research ndings (Cavallari et al., 2015; 2016), the present study regards mobile payments as one of the new architectures at the heart of “social commerce”. e paper discusses research into the tech- nological aspects that pertain to security issues of smartphones. e novelty of present work resides in the authors’ tailor-made approach. e empirical results highlight the extent of the information that can be passively accessed within the endpoint (smartphone) and the most vulnerable areas to consider. is study is especially pertaining to developing countries where smartphones models and versions of Operating Systems are particularly old or outdated. We conclude that the most critical risk carriers are linked to an abundance of devices with obsolete operating systems and that are no longer supported by the supplier. is has shown to be particularly true about A ica, Latin America and other developing countries, (Duncombe 2014; Han 2012; Asongu 2013). e research concludes that whilst the payment clearing companies are incapable of protecting endpoints, their development and deployment of payment solutions based on HCE architectures will increase the risk of criminal transactions. So the foreseen scenario will see aud schemes that will migrate to the virtual payment environments found in the endpoint, instead of exploiting the weaknesses in the physical POS and/or credit card payment system. Practical research ndings illustrate the most vulnerable areas of mOS in order to prevent attacks and tampering.
Near Field Communication (NFC) and contactless applications are increasing at unprecedented rate and their value is being recognised by the financial industry (Ok et al., 2011). Attacks are also increasing and they can compromise the business value on NFC applications (Murdoch and Anderson, 2010, Trend Micro, 2015). The present paper analyse the anatomy of possible attacks, uncovering vulnerabilities and suggesting possible countermeasures. The value of the paper is found in the contribution to practical mitigation of risk in the mobile payment financial business, with respect to the technology side. Host Card Emulation (HCE) is a technology solution that permits the creation of a virtual representation of a smart card using only software components, effectively eliminating the need for Secure Element hardware in the device. NFC/HCE technologies has proved itself very vulnerable in a variety of aspects. The paper would go through specific vulnerabilities and vulnerable situation, like: a non-secure-device/cloud communication channel; access to data saved locally in wallet; reusability of token; use of fake POS; malware and fake application; specific vulnerabilities of "Tap & Pay"; device/cloud decoupling. Countermeasures that have been proved effective are offered to readers along with Organisational aspects to be taken into account.
Mobile Application Software (M-Apps) are increasingly popular and by now represent the interactive trendiest software. Investigations about their valuation paradigms are so increasingly common. Even if M-Apps belong to the broad category of Intellectual Property assets, their underlying business model is so innovative and different from traditional intangibles that they require new valuation paradigms. The main research question of this paper is to investigate about Service as a primary value driver of M-Apps. A Service-Value-Approach is proposed as a new appraisal method, which embodies customers' perception of M-Apps service value. The empirical evidence fully confirms the hypothesis of the mediating role of Service Quality on application value. This study has practical implications for both scholars and professionals as it provides significant empirical evidence of the role of Service Quality into M-Apps valuation, and value co-creation between providers and users.