7 comments

[ 3.8 ms ] story [ 25.2 ms ] thread
Sending money via SMS doesn't sound very secure. Lending to a phone you can just throwaway, steal or clone doesn't sound very secure either. When do Kenyan hackers fraud this service out of existence
Maybe the market is small enough, and the transactions small enough, that the competent hackers are attacking other systems.
The market is large enough, the transactions are relatively large, too.

In Kenya, M-Pesa is by far, the #1 payments service, with nearly half the country using it. It grew acceptance as a replacement for the other way of remitting money from the cities to villages - busses. Prior to M-Pesa, bus drivers would act, for a fee, as money carriers, bringing income back from the cities to families back home.

The competent hackers were, literally, brute-forcing the old system. Bus drivers are easier to compromise than mobile handsets and infrastructure.

The SIM is actually a little digital fortress. SIM Toolkit Applications are quite secure and it's not just a matter of intercepting the air-interface data and breaking A5/1.
So much amazing innovation is driven from the valley but in this case it's Kenya showing us the way. Why is that? Worth thinking about.
Because these are sectors not fully developed there. The existing institutions here are hard to topple. But their equivalents perhaps don't fully exist there, so there is a gap to fill.
There are also a lot fewer banking regulations which allow other companies to try new models with less risk of intervention. (e.g recent crowd funding/SEC issues)