close

IoT Wiki

IoT Wiki

How to Be Secure at the Point Of Sale

ec-cash-wallet

In 2016, retail sales made through online transaction or paid over the Internet on a device reached almost $2 trillion. Almost 50% of these digital payments were made by people in Asia Pacific countries. Reports published by eMarketer indicate an upward trend and there’s a strong indication that e-commerce in the Asia Pacific region will go up by 6% this year.

On the other side of the table is the question of cybersecurity. Just recently, the United Kingdom charged an 18-year old student for launching one of largest international cyberattacks to date. This news has made the public uneasy about making online payments anew, with issues about protection of privacy, identity and money once again brought forth and threatening the momentum that the e-commerce industry and many business establishments, online and offline, has so far gained.

Generally, cybersecurity is defined as a body of technologies, processes and practices designed to fight off or prevent any damage, attack or unauthorized access to networks and computer systems. Data protection is just one of the aspects of cybersecurity and the security industry has been very vigilant in monitoring both cyber and physical threats to digital, online security.

Still, the first responder and the first line of defense to cyber attack is you.

Self-protection

Always, the fundamental rule to security is learning to defend yourself. This is what businesses today are doing, especially for those with physical locations that accept cashless payment. What’s clear is that protecting one business from potential cyberattack is tantamount to protecting all customers across the table . In the same breadth, protection for the customer begets higher confidence and trust in the online payment system which eventually benefits the whole e-commerce industry. As cyber security encompasses everything – IoT, big data, AI, robotics and all things tech, its benefits trickle down to all end-users.

But the reality is, authorities can only do so much. Data breach has happened across the globe and we have heard reports about credit card scams, ATM skimming, identity theft and other types of online security breach. Protection at the Point of Sale (POS) is key to shielding your business from these attacks. The first steps to take are outlined below:

  • Mind the Law

The PCI-DSS (Payment Card Industry-Data Security Standard) is a cross-border standard that protects online users who put their banking data out into cyberspace. All business establishments, organizations and website owners, in fact everyone on the Internet, are required to be PCI-compliant. It ensures that all online payments are made in a secure environment. Being obedient to PCI DSS means you are following rules and best practices that will help you control and protect data, people and processes. These rules are applicable whether you are doing your business online or in a physical store.

  • Use encryption

Thankfully, modern POS systems are now highly advanced, with data protection and security assured to the last byte. However, given the cost of high-end POS systems, small businesses are often tied to less sophisticated POS systems. But this doesn’t mean it’s less secure. All POS systems have the encryption function, even the older models. Encryption is the first line of defense at the POS and all the user needs to do is be diligent enough to make sure the fundamental rules of encryption are followed, i.e. regular code or password changes. This type of cyber security has always been effective because it is done at the initial stages of a digital transaction. Any effort to breach data or install malware is immediately prevented through encryption.

  • Data Clean-up

In the digital world, security can’t get any more basic than cleaning up data. But in the case of e-commerce, data clean-up is a critical element in POS security.

Everytime a customer swipes his or her card to make a payment, the data from the card is stored in the system. In some cases, data is kept in the system to make it convenient for a regular customer to make another payment at another time. Of course, this is not the wiser option. To ensure that the data is protected, retailers need to make sure that  it is wiped off the system at the soonest time after the transaction. This makes it impossible for hackers, or even those who have digitally or physically monitored the transaction, to use or steal the data. If, for any reason, credit card data needs to be stored, using hardware security modules for data encryption is the best way to go. Experts recommend using E2EE (End-2-End Encryption) and P2PE (Point-2-Point Encryption. In any case, if it can be avoided, do not store data on site.

credit card, pos, payment, security

Cyber security is never a question of whether you need it or not, it’s a question of how much you need it. For restaurants and retailers (and its clients) that are exposed to risks every time a credit card is swiped, security should always be at the top of the priority list. Being up to date with technology is one way to reduce risks, but admittedly, the cost can blow a hole into your small budget. Fortunately, there is an option to use SaaS (software as a service) which is simple and less costly for any struggling entrepreneur to afford. In using SaaS, you only need to pay a fee to receive technical support and get regular updates to the software to keep your system secure. Even at a lower cost, it achieves the bottomline of your defense – to protect customer information.

read more
IoT Wiki

Laws to Make Smart Cars More Secure and Accessible

dreamstime_m_cardetail

Safety, convenience, theft prevention – these are some of the benefits cited by experts in the automotive industry on why vehicle owners should take IoT for cars seriously. The smart car has been around for a couple of years, but according to a study by the National Highway Traffic Administration in the United States, anxiety over hacking and generally, the security of a vehicle connected to the Internet, is preventing the smart car to get the respect it deserves.

credits: Dezeen

With in-vehicle computer systems making big waves in the car manufacturing industry on a global scale, automobile makers have been consistently reminded about investing in high-end cybersecurity for every car they make. It doesn’t help that the network architecture of mass produced automobiles today are still based on the Controller Area Network (CAN) bus which largely fails on the technology front because its infrastructure is not network-ready.

SPY Car bill

It is thus a welcome development that concerns about automobile cybersecurity has finally found its way to legislature. In the US, a bipartisan bill had been filed in the House of Representatives last January to require the National Highway Traffic Safety Administration, the Federal Trade Commission, Department of Defense and other automative industry stakeholders, to implement appropriate cybersecurity standards for new vehicles. Sponsors of the bill call it “good cyber hygiene”, but generally it constitutes universal security mechanisms for computers, such as firewalling, personal identity privacy and data protection. Interestingly, the bill is also called SPY Car Study Act which stands for Security and Privacy in Your Car Study Act of 2017. The passage of this bill is highly anticipated in the IoT tech scene as it will clearly lead to higher demand for and greater recognition of IoT for everyday lifestyle.

credits: ComputerWorld

Data Protection Act

In the UK, there are a host of issues raised about the autonomous and connected vehicles (ACVs) such as sharing of critical personal data, including insurance, taxes, fees, location, bookings and even the mileage of your car. The implication on sharing of data among multiple operators is that this makes the system vulnerable to data breach, theft and hacking. Within this scenario, tension is high as to how car makers and users will receive the Data Protection Act of 1998 and General Data Protection Regulation (GDPR) which will take effect starting May 2018.

Tech analysts cited some key challenge for the automobile industry when the law is enforced. One critical issue, as mentioned above, is the sharing of personal data among many organizations, such as the car dealer, the police, infrastructure and even commercial establishments. There is clearly a need to make privacy notices to be made a lot more evident, easily grasped and fully documented so that the car owner should be able to make an informed decision to give consent to access his or her private data. So the first question that sticks to mind is: is the user interface in smart cars for notifications sufficiently designed to protect the user’s privacy? Related to this, the Information Commissioner in the UK is mulling the use of standardized icons across all types of vehicles to represent different parts of the privacy notification.

credits: IoT.Do

The GDPR also determines the protocols for data sharing. Collaboration among organizations that requires the use of personal data of the car owner is a requirement, whereby each party has a clearly defined role and responsibility as far as the use of the personal data is concerned. This is seen to reduce the number of privacy notices that the user will have to contend with for each organization because there will now be a centralized processing mechanism for this purpose.

A key element in the GDPR is the right of the user to object from the accessing his or her personal data. One challenge lies on how users will be made to accede to the standards rather than deny themselves the benefits of IoT for their automobile.  

The e-Privacy Regulation

The European Union is also rolling the dice for IoT for its constituents with its draft e-Privacy Regulations  which is still at the very early stage of legislation. In its draft form, the law seeks to make all content, metadata and information stored on user’s devices confidential – regardless of whether or not it is personal data.

Tech experts laud this piece of legislation to give a “higher level of privacy rules for all electronic communications” and “ensures privacy of machine-to-machine communications.” When enacted, the law will apply to internet giants like WhatsApp, Facebook Messenger and Skype.

 

read more
IoT WikiSmart Home

A House is Not a Home if It’s Not “Smart”

smart-home-main

A house is not a home without people living in it. This cannot be emphasized more by the fantastic sensors that make up the “nervous system” of a smart home. The sensors know that human beings have needs, moods and preferences. IoT works smartly in a domestic setting such that it can turn an otherwise empty, dull house into a home. It can actually feel like being taken cared of at home by an invisible, intelligent and utterly efficient house help.

How do smart homes work?

Imagine a set of computers connected to each other and communicating with one another to solve problems. These computers, or computer devices can actually be installed in your house and function in a way that it interacts with you and the other computers. Your appliances and furnitures, such as thermostat, lighting system, airconditioning units, coffee maker and even the refrigerator can be turned into ‘home automation devices’ with its own processing capability and memory chip. The devices are then linked through a network, often through WiFi hub.

 

In achieving a fully automated home, you would need a WiFi hub that links all wireless home automation devices. Applications or programs can be installed in your phone to allow you to remotely control all the devices’ functions. (source: Home.Howstuffworks) With many sophisticated mobile apps now in the market, users can actually install home automation devices all they want and control them using the phone in a flick of a finger.

 

Another fascinating feature of a smart home is its capability to predict what you need. Imagine waking up in the morning with your coffee maker already brewing, your favorite news program already chattering on TV and your night lights already turned off, all because your alarm clock had rung. The IoT has taken computer intelligence into another level and, as far as smart home is concerned, more humane.
The news site editorialtoday.com describes the smart home as follows: “You could push a movie button on a touch pad which would dim your lights, close the drapes, turn on the popcorn maker, check for beer in the fridge , put your phone on voice mail, adjust heating or air conditioning in unused parts of your home while you’re watching and turn on your home theatre system.” That is a lot of effort and time saved. Quantify the effort and time to determine the value in dollars, and you would have saved lots of money, just because your home is smart.

This is how your smart home would look like. A house installed with IoT devices is capable of monitoring human activity. With your daily routine and schedules all stored in the memory of the devices, it will then be able to predict what you wake up, what time you go out and come back from work, and adjust its functionality accordingly. (credits: BeaconStac, Decoist)

In terms of value for money, the benefits of IoT for homes has been proven in many ways. But these benefits are more obvious if we talk about security and safety. In fact, keeping homes secure and safe had been the original objective of IoT for homes. The networking of alarms, security cameras and smoke detection devices were the first home automation devices to be installed. IoT has allowed the user to monitor every corner of the house in real time. It is also now possible to prevent electrical short circuits through the automatic disconnection of power around the house when smoke or short circuit is detected. Devices can also immediately detect gas leaks and warn household members by setting off the alarm and cutting off power supply.

 

With the way IoT is developing so rapidly, smart homes of the future are expected to be astoundingly intelligent. According to Business Insider, Bill Gates’ home in the Lake Washington is the smartest house on the planet. The technology used for the house is astounding and cost over a hundred million dollars because of its innovative and most advanced network. In each room, a number of sensors have been installed to determine when a person comes in, identifies the person, checks for security credentials and makes a basic background check. The room’s air conditioning unit is then turned on to a temperature that suits the temperature of the person who just came in. The room is automatically lit, and a soft background music chosen by the computer based on mood and preferences of the person who just came in. When no one is in the room or at home, the lights and thermostat turn off to save on power, and the security system turns at peak level.

 

So are you planning to go on a vacation? No worries, your smart home is house-sitting on its own.

read more
IoT WikiSecurity and Privacy

Internet of Things Security 101

iot_security

Internet of Things (IoT) security is one of the contentious issues faced by the tech industry today, so much so that special attention on how it can be resolved is given to it by IT professionals and companies around the world. IoT security simply means all computing devices that are interconnected, or linked via software or hardware, in the network ecosystem, are protected and are secure. As data is channeled through the network, the information becomes exposed to hacking, and poor protection will eventually lead to damaging crash of systems and the devices. The vulnerability of IoT to hacking could be quite worrisome.

But then, IoT industry experts are working very hard to protect the devices and shield the entire network. Smart appliances, smart kitchen, smart bedroom? If people want IoT to be part of their lives, IoT security should be made part of their routine as well. Oftentimes, hacking only happens when the buyer fails to update software, change passwords constantly and make sure that the IoT device or phone is always within view. In other words, attacks happen because of human error. Denying the attacker any entry point should the best protection for any user. The utility and relevance of IoT far outweighs the effort, and probably some resources, that you’d have to commit to make IoT secure.

Know thy enemy – that’s that first rule if we want to defeat IoT security threats. Below is a list of some of the most potent threats that could destroy stability and security of networks.

1. BotNets

According to Techopedia, “A botnet is a group of computers connected is a coordinated fashion for malicious purposes.” It is a network of “bots”, and each bot is a compromised computer that is controlled by a third party, often an attacker. The bot is used to transmit malware or spam, or launch attacks. Another nefarious name for botnet is “zombie army”.

IoT security is often compromised when users utilize computers are not safeguarded with firewalls and anti-virus programs. Botnets are notoriously dangerous as it has become useful tools for hackers and organized crime for their illegal online activities. This kind of IoT security threat is often can be used for any type of digital attack. Among the most known incidents of botnet attacks involved IoT devices such as Mirai, Aidra and Linux/IRCTelnet.

2. Data and Identity Theft

Theft of one’s identity and valuable data is always the critical focus of hackers. Interconnecting smart devices require users to input personal data which, if firewall and sufficient security safeguards are not in place, can most likely be stolen using various tools. Apart from stealing personal data for money, social engineering is a common objective for identity theft, as well.

3. Man-In-The-Middle Attack

It might sound peculiar to call an online breach “Man-In-The-Middle” attack but it is a very accurate description of what this IoT security threat really does. The aim of the attacker is to interrupt communication within the network or between two systems. The parties communicating will not have any idea that the attacker has altered the data that’s going back and forth. It’s a very dangerous ruse that can actually break down an entire system. The case of the blackberry executive and electric tea kettle should give you an idea on why you must, at all cost, prevent this security breach from happening.

Standing up against IoT Security threats

Data Security in IoT is becoming ever relevant as more and more sensors are being utilized. (credits: IoT News Network)

Tech companies, big and small, are expectedly at the forefront of the fight to rid the world of IoT of any security threat. In fact, Google, IBM and Cisco have set their sights on adding security. Some startups like Rubicon, Argus and Mocana have opened new avenues to secure IoT devices. Cisco, Intel Corporation, Symantec, Infineon Technologies and IBM are cashing in on IoT security. With all these developments, it’s not at all surprising that the IoT security market continues to grow, ballooning to USD28.90 billion by year 2020.
Given the necessity of having a robust IoT security in the face of an equally robust wave of threats, there is now such a thing as internet of security solutions. Under this concept, experts suggest that users need to segment their own networks and put restrictions to each segment. This will facilitate better monitoring of threats through the traffic flow. Privacy policies as well as comprehensive data security need to be given more investment. This should be coupled with sufficient training and provision of recurring guidelines for users. In the final analysis, there is no better solution but to go back to the fundamentals of online security and apply that throughout the four corners of IoT.

read more
IoT Wiki

Simple Explanation of the Internet of Things

Internet of Things? By now you may have heard about the term. Sounds interesting! But what does the Internet of Things mean? IoT is an evolution of global, home, and embedded applications that are being connected to the internet, integrating greater compute capabilities and using data analytics to extract meaningful information.

Billions of devices will be connected to the internet, and soon hundreds of billions of devices. As related devices connect to each other, they can become an intelligent system of systems. And when these intelligent devices and systems of systems share data over the cloud and analyze it, they can transform our business, our lives, and our world in countless ways: whether it’s improving medical outcomes, creating better products faster with lower development costs, making shopping more enjoyable, or optimizing energy generation and consumption.

Here’s an example of the big picture. Imagine an intelligent device such as a smart traffic camera. The camera can monitor the road for congestion, accidents, and weather conditions, and communicate that status to a gateway that combines that data from other cameras, creating an intelligent city-wide traffic system. Now imagine that intelligent traffic system connected to other city-wide transportation systems which get data from their own intelligent devices, creating an ever larger intelligent system of systems.

The really big possibilities come from analyzing the end-to-end data across that system of systems. For example, let’s say the city’s intelligent traffic system detect massive congestion due to an accident. That insight can be sent to the city-wide transportation system which can analyze the accident’s impact on other city systems. Recognizing the accident is near the airport and two city schools, it could notify those systems so they could adjust flight and school schedules. It can also analyze and derive optimal route around the accident and send those instructions to the city’s digital signage system, to guide the drivers around the accident. And that’s just one example of the potential benefits that can happen when intelligent devices share insight with other systems forming ever expanding systems of systems.

Credits: Intel, Pouria Ghatrenabi

read more
IoT Wiki

Internet of Things: What’s The Buzz All About?

dreamstime_l_74402644_iotconcept_buildings

 

For the past few years, the Internet of Things (IoT) has been a hot topic not just in technology circles but among the general public. The average person may find IoT somewhat irrelevant. The concept of “things having their own internet”, may even sound like science fiction with inflated claims or scary outcomes. But with a clear understanding of what really is the Internet of Things, people may just get along with it without minding that it exist because it already has naturally become part of their lives. Who knows, bulky computers in the 70’s have evolved to become our smartphones today.

credits Philips Hue
Consider an internet-connected home lighting system, wherein you can dim, adjust color, and turn on-off your lights, from anywhere using a mobile device. It can even learn your usage patterns and adjust accordingly to your lifestyle, such that it knows when you wake up or when you leave the house to ensure lights are only used when needed. Sounds creepy, right? However, in the long run, using the device may save you money from your rising electric bill or free your time for more relevant activities since you tend to worry less about it.

This example is but a small piece of narrative and can’t even measure up to the humongous potential which the Internet of Things is about to unleash. There are many challenges around the IoT, the most notable is security. But they are seriously being tackled and the benefits seem to outweigh the cons. There’s an unprecedented scale of economic opportunity across several industries, reason why IoT is catching fire in conversations everywhere. According to various market research groups, IoT’s market value is expected to swell at US$ 700 Billion to nearly US$ 2 Trillion with more than tens of billion of devices installed in the next decade.

The proliferation of the internet in the 90’s has changed the way we communicate, work and enjoy. Smartphone penetration and advancement in broadband internet in the past decade have shifted our data usage from desktop PCs to mobile phones. More and more sensors are being stuffed into our phones and embedded into vehicles, hospitals, buildings, and factories. Seems all of these are converging to a perfect category 5 storm which would be named “Internet of Things”.

Now, let’s keep things on the ground, and answer your itching question: what really is the Internet of Things?

Based on works from Postscapes and Harbor Research, we describe in our own words the Internet of Things as:

a system of data-gathering sensor devices (things), that are linked to the internet (connectivity), such that by making sense of those data (process), decisions can be made and actions taken (people).

Note the elements that make up an IoT system:

(1) things, (2) connectivity, and (3) process & people.

The end goal of an IoT system then is to effectively make decision and take action based on an inference of sensor data. This goal is a universal one, which means whatever application or industry you are in, the value of having to know what to do or automatically do certain things (in the case of automated or artificially intelligent systems), is already an enormous benefit to business operations, personal activities, and critical life-or-death scenarios. The sensors and network connectivity (internet) are all crucial elements to this highly valuable goal.

Here’s a couple of  examples to illustrate this definition:

(1) Car with sensors and internet connection

  • The car senses proximity/location of other devices (e.g. other cars, street posts, or even the road marks), as well as communicates with them
  • The internet connection gives the car real-time traffic data or in some cases, collision monitoring
  • Data is used by the car to suggest to driver which roads are not congested, availability of nearby parking spaces, or even avoid accidents, and many more

(2) Crops and soil monitoring for agriculture

  • Sensors for soil moisture, soil temperature, and leaf wetness monitor growth conditions of vegetables or crops
  • These data are visualized by the farmer via graphs or animation in his mobile device
  • Processed data is used by the farmer to decide when to activate irrigation, when to apply pesticide, what crops to plant this season, etc (these activities can even be automated, yikes)

The following infographic from Postscapes and Harbor Research tells a concise story about the Internet of Things. The material is shared under Creative Commons Attribution license.

The time is NOW to take advantage of the available technologies for the Internet of Things. Learn why it matters NOW to take the plunge on IoT.

read more
IoT Wiki

Embrace It or You’ll Be Left Behind

dreamstime_m_embrace

With the advent of the much talked about Internet of Things, the technologies for transformative business applications are at hand. Sensors and smart devices are very pervasive nowadays, that we encounter them in most of our daily activities: from your phone’s GPS which apps like Waze use to guide your driving, to your wrist watch that checks your vital signs.  Explosion of “cloud” data storage have enabled new on-the-go web and mobile services. Streaming data and being able to access them anytime anywhere, drive new data insights in real time. Taking the connectivity infrastructure aside (Telcos, WiFi speeds, etc) which may vary from country to country, the impact of IoT technologies to society cannot be understated. It can transform the way we perceive the world, and the way we use information.

With these technology availability, many companies are still slow to recognize and act on these astronomical opportunities. Wait, what? How “astronomical” are these opportunities? Get ready to be startled. We’re talking about a trillion-dollar market, and tens of billions of sensing devices in the next 5 to 10 years. Dare to grab a piece of the cake?

This infographic from Postscapes and Harbor Research shows in figures the IoT forecast (shared under Creative Commons Attribution license).

Whichever  industry you belong  and whatever your organization does, leveraging IoT for your business (whether for operations, product development, marketing/sales, or decision making) creates a solid impact to your business presence. Clearly, the steps that you take now are going to position you for the next wave of reality.

Quoting from a whitepaper discussion of Jason Mass from analytics company SAS: 

“First, the opportunity to leverage IoT as a competitive advantage is here now, so take it. If you think you don’t have an IoT use case, you need to think harder. There are opportunities across all industries. The slow progress of others can create opportunity for your business today. But if you’re not working on IoT, you may fall behind quickly.

Second, taking advantage of IoT requires different ways of thinking – about how data is used, how much of it we can handle, how fast we can process and analyze it, and ultimately where and how decisions are made. This is not just a chance to better inform and automate business processes; it is a step change in capability that provides unprecedented opportunities in business integration and customer connection. “

At IoTUpBeat, it is our mission to bring you valuable insights for integrating IoT into your business. A vital arm of this blog is the “Use Cases” section, where we feature real-world IoT deployments all over the world, as well as discuss new use cases that open your eyes to enormous possibilities. Whatever your local experience, current conditions, and growth goals, there is always a path to the Internet of Things for you.

 

read more