A smartphone wallet or a mobile wallet is a virtual wallet that stores the information of the payment card on a mobile device. It is a convenient and secure way for users to make in-store payments. It can be used at merchants listed with the mobile wallet service provider. A mobile or smartphone wallet can be understood as an app that can be installed on a smartphone, or it can also be thought of as an existing built-in feature of a smartphone.
It stores debit card, credit card, coupons, or reward cards information. After the app is installed and the user inputs payment information, the wallet stores this information by linking a personal identification format such as an image of the owner, QR code, or a number or key to each card that is stored.
Are Trusted Environments Really Secure?
The concept of a smartphone-based hardware wallet looks attractive at first glance. The ubiquity of mobile devices is a significant reason for mobile solutions to give crypto adoption a massive boost. But this comes with certain obvious security questions.
According to Samsung, their smartphones have the best features for crypto security. In a blog post last year, the company described its devices as “the best approach to short-term and medium-term storage” for the private keys of cryptocurrencies. However, some serious doubts are raised.
In the case of cryptocurrency wallets, security boils down to the availability of secure storage for private key combinations that are associated with transactions. This is where Trusted Execution Environments (TEE) come in handy. It is a hardware-based, isolated computing environment, that features its own storage space and memory that is not possible to access through the operating system of a smartphone. These can only be accessed using a secure API. This API uses trustlets, which are tiny applications that are contained within the TEE. These trustlets help in private key management. These can achieve a high degree of security.
Smartphone Complexity Might Affect Security
Though TEE’s may not be vulnerable to compromised operating systems, they are still exposed to a daunting number of potential attack vectors, due to the nature of the platforms on which they operate. When a user accesses the TEE, it is possible for malicious users to compromise the dedicated apps, and they can be programmed to make payments from the TEE. A TEE will be useful only if the apps are able to communicate with it. Adding a password requirement in the supply chain also fails to eliminate the threat. The issue of quality can also not be ignored. There have been several security issues in the TEEs of some of the top manufacturers.
Will Blockchain Help Seal the Security Holes?
Supplementing legacy systems with blockchain-based security is one way of solving these security issues. Exodus, HTC’s first blockchain-power phone, put the privacy-linked powers of DLT to use by adding a second operating system, that ran parallelly with Android. The DApps run by Exodus can eliminate the security holes of traditional apps. DApp security depends greatly on the goals and intentions of the people who created these applications. Zion, the hardware wallet that comes with Exodus, must be completely immune to exploits. Users who lose their private keys can make use of a social recovery function to regain their funds.
Smartphone Wallets for Blockchain Adoption
The XPhone of Pundi X takes this approach one step further. It is powered by a blockchain-enabled OS called Function X. This phone is a blockchain node that does not rely on centralized mobile carriers for performing its functions. The XPhone can now be used for calls through legacy cellular networks. It also sports a blockchain call feature that may be the go-to option for private calls in the future.
Though XPhone may not turn out to be revolutionary as its creators or developers hope, it can still provide significant advantages. Function X will eliminate the security vulnerabilities of a fully-fledged legacy mobile operating system like Android and will greatly enhance the feasibility of smartphone crypto wallets. The notable capabilities of Function X are data transmission and private messaging. This helps position the XPhone as a potential host platform for complex applications such as trading and security tokenization.
With blockchain still being in its infancy, it may still be in search of a problem to solve, but with full data ownership and blockchain phones, one of its real-world, proper applications can be just around the corner.
Blockchain-enabled smartphones are completely decentralized. The owner will have sole access to the information, and there is no need to give third-party software access to sensitive information. While regular smartphones increase the adoption of blockchain technology and cryptocurrencies, a blockchain smartphone does the same by eliminating the possible security risks.
For instant updates about blockchain technology, check out Blockchain Council.