Safety problem

Note: One breath is written in this article, and then the Internet is searched for the relevant news, and I found that the risks of Ali Xiaowei Finance Hu Xiaoming have made formal response. Click to read the original text to view his open letter.


Recently, there is an article about Alipay security. If the mobile phone is lost, others can log in to Alipay account, retrieve the password, and the digital certificate, finally give money from Alipay go.

There is a friend to send a message to ask me to ask for the authenticity of this article. I was not very concerned about this hydrology, because Alipay did not lack this negative news from beginning to end. But there is more people, I think it is quite good by this opportunity.

First, in “WeChat payment” challenge the sensitive season such as “Alipay”, I think this article is like WeChat’s soft text, even if it is not, WeChat should pay it. Why do you say this? Because this article writes very high. But not to say that this article is wrong. On the contrary, from some point of view, it does have a certain reason.

In the book I wrote, “Web Security” book, the first chapter “My Safety World View”, the discussion of the outline is the essential problem:

“The essence of security issues is the problem of trust.”

I used to say that I have said that I have said to my friend, I have to take this book as my “Open Mountain Repay”, and the system elaborates my safety concept. The most essential is the first chapter, but I believe that most practitioners are only interested in some of the specific cases, this is actually a sesame, lost watermelon.

If you understand the problem facing Alipay in accordance with the “Safety of Security Problems”, it is very understandable.

The main starting point of the article on the Internet is to control the mobile phone, and everything in the Alipay account is controlled because all business (including security processes) can be done via mobile phones.

In fact, the security model of Alipay is designed, the phone is used by default as the last ring in all “trusted” links, and its priority is higher than the other “trusted” reference.

Design any security program, it must eventually have something that is “hypothetical”, just watching this “trusted”, the probability of attack is successful. If you don’t do this, you can’t do any security solution.

For example, you bought a car and got the remote control car key, so you have to assume that the lock and car key are safe. However, in fact, the remote control car key is not safe. There are a lot of thieves that have a car that will record the signals emitted by the remote control car key. After the owner is leaving, the signal will be retrieved to unlock. This is to break the original trust hypothesis.

Going back to Alipay, the reason why Alipay is to set the phone to “the last ring in the trusted link”, the reason is because many safe authentication methods used before. It is not reliable. The online article mentioned in the article is verified by mailbox, using a digital certificate, etc., solves the problem of Alipay, but I don’t know that the two things have been hacked by hackers. If you don’t say the mailbox, Trojans to the Digital Certificate have been rampant many years ago, so Alipay will only add mobile phone SMS verification.

However, in fact, mobile phone certification has also begun to encounter challenges a few years ago, and even some fraud cases are called the victim, disguise into customer service, and ask the victim to receive the mobile phone verification code just received. Victims often take the initiative to tell the liar mobile phone verification code, then the money is turned away by the liar.

The reason why these problems today suddenly attract high concern, and the powerful enhancement capabilities of “Yu Bao” cannot be opened. The money in the existence of Alipay has suddenly changed much, and it is a magnitude-magnitude growth, the amount is huge, and the individual users are almost inevitable. Once the news media enlarges the problem, they are all in the grass.

Alipay has been creating “you dare to pay, I dare to pay”. In the early days of online shopping, many people didn’t dare to pay online, so Alipay put forward this slogan in order to solve this trust. Today, Alipay is the same, it is the same, it began to encounter a reputation crisis. We may get less and less beginning to hear the news of “Alipay Claims”.

If it is me to solve this problem, will start from such a few aspects:

First, rely on the mailbox authentication, the digital certificate is a reverse of history. Therefore, when the mobile phone is no longer reliable (hundreds of millions of users, the problem is inevitable, even if the proportion is very terrible), you need to find a more trusted way than the phone.

But today Alipay may not be clear that when there is a huge customer, his service capacity has not correspondingly improved to the VIP level. This is the biggest difference with the bank. Serving a customer above a million yuan, with a customer who serves only one hundred pieces of customers must have different standards.

I remember once I used the credit card to brush the consumption of tens of thousands of yuan. In the two minutes, the bank called immediately, and manually confirmed. This service capability is the current lack of Alipay. When the system does not do perfect, it can be properly introduced to make up.

(Note: At present, Alipay solution is a two-factor, such as mobile phone verification code plus ID card information. But it is still not strong.)

Second, large extraction should have some restrictions, and some abnormal behavior should also be frozen in time. There is no need to talk about these “general methods”, because Alipay has invested this matter in the security model of the user’s behavior. But it may be because the user is too large, so it will inevitably have a fish. Finally, the highest level of security is selling insurance. How to encourage big users to put money? Sell ??insurance to him. Alipay should apply for licenses and qualifications for insurance industries in time, which is useful for the entire Ali. Even if you can’t get it, you can also find a partner to provide insurance services, so you can truly let users rest assured. In fact, the essence of “you dare to pay, I dare to compensate” is to solve the user’s psychological barriers and give users a insurance. (Note: Just checking that Alipay has cooperated with Ping An Insurance in April 2013, but how the effect is not experienced.)

In July last year, I wrote a “simple payment of the payment” on the Blackboard, and the safety product design of Alipay is getting more complicated, but there is no truly solving. A stacked safety function is useless, it is unclear, and it is cut. Back to the beginning mentioned this article, know why I said that this may be “WeChat’s soft text”? Because Alipay is to trust these suggestions, it is taken to the ditch. The problem is not solved, it may also make things more complicated, and finally the user experience will only get worse.

(Today’s questions: SBN Sigorta, Author: candas arin)

Taoist blackboard

Literary white hat walking on the path of entrepreneurship.