Computer scientists and physicists have developed the first device that is able to enable quantum encryption for contactless mobile payments, which could revolutionise mobile security as we know it today.
Researchers from Oxford University, Nokia and Bay Photonics have invented a system that makes it possible to encrypt payment details and then transmit the quantum keys securely between the smartphone and the Point of Sale (PoS) payment terminal, while at the same time monitoring for any efforts to hack into transmissions.
The system makes use of quantum cryptography, which is a technology that stores information within photons (particles of light) emitted from lasers to make it much harder than ever before for anyone to decrypt the data. Just like in traditional cryptography, if you want to see the information, you have to have the secret key.
Six pairs of ultra-fast resonant-cavity LED lasers and movable mirrors transmit the secret quantum key at the speed of 30kbps over a distance of 0.5m. Each LED light is filtered to a different polarisation and position using a laser steering system – circularly polarised LEDs send out the light pulses for the main key, while the other pairs of LEDs keep watch to make sure that no one is eavesdropping on the channel.
Self-steering lasers to prevent hackers from cracking the system
The quantum key contains such a long pattern that it is impossible for hackers to unravel it, but there are still other ways. To make sure that attackers can't crack the system and figure out how the lights work and which light sends which signal, the researchers have programmed the system to be able to tell when someone is trying to measure the quantum signal.
If they try, the lasers immediately alter the signal, rendering it unusable, and shuts down communication between the mobile device and the payment terminal immediately.
The current prototype system has been made from off-the-shelf components, but the researchers are confident that the device can be miniaturised and be small enough to fit into a smartphone and the payment terminal.
Their open access paper, entitled "Handheld free space quantum key distribution with dynamic motion compensation" is published in the journal Optics Express.
"When a hacker attempts to tap into the channel it will change the content of the key. We're not saying this technology can prevent eavesdropping or hacking, but if people do, we know they are there," said Dr Iris Choi, Technology Associate at Oxford University's Networked Quantum Information Technologies Hub (NQIT) and co-author of the study.
"Contactless and internet payments have become an integral part of our daily lives, but there are still legitimate security concerns around these transactions. With further testing, our research could build consumer trust and make these purchasing options more secure."