Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: Stephen Gornick on June 30, 2012, 06:40:00 PM



Title: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: Stephen Gornick on June 30, 2012, 06:40:00 PM
Coinapult was the first to offer a method to send bitcoins to a mobile number (where those bitcoins can be stored by the recipient or sent using nothing more than SMS text messaging).  Their SMS service is available in the U.S. and Canada only, though they assert that they are working on offering that to a wider global footprint.  Presumably, since Coinapult offers the ability to send bitcoins for free (they only charge when bitcoins are sent through their API), offering this globally would incur costs for sending the text messages.
 - http://coinapult.com/sms-wallet

Blockchain.info just added the ability to send bitcoins to any mobile, however the text message sent to the recipient contains simply an URL that is used to claim the funds using the web (thus a data plan on the mobile, or Internet access on a separate device is required.)  They too offer this service for free, apparently.
 - https://blockchain.info/wallet/send-via
 - http://bitcointalk.org/index.php?topic=40264.msg1000405#msg1000405


An SMS wallet service like Coinapult's which requires only SMS text messaging for use combined with the ability to be used globally like Blockchain.info's means bitcoin instantly becomes truly usable by oh, about four BILLION people.  When realizing this I feel like running to the rooftop and shouting Hey world, the BE-YOUR-OWN-BANK is now open!.

Of course, we're not there yet, and I'm stuck not believing we'll actually get there.  At least, not with SMS text messaging.

Here's why.

SMS text messaging is not secure.  The URL in the SMS text message from blockchain info looks like this:

Congratulations! You have been sent 0.1 bitcoins. Claim at: https://blockchain.info/wallet/claim#SwiDoPVEDoZFz6Vsid3

So if a person has access to a mobile carrier's sms gateway or network (which many of the mobile provider's staff and government (http://blogs.computerworld.com/19016/how_long_does_your_mobile_phone_provider_store_data_for_law_enforcement_access) / law enforcement do) then there's only one line needed to filter the text message stream to get access to free money.  (filter to include any "blockchain.info/wallet/claim#").

That URL is a bearer instrument.  Anyone who has access to that URL can spend those funds.

Coinapult requires a text message response from the mobile number the funds were sent to so at least with that there's no bearer code being transmitted across the SMS network.

On the surface, it would seem an SMS wallet offered globally would have the potential to be a global version of a bitcoin-denominated M-PESA.  With four billion users in the potential market, this seems like a solution so obvious that it will happen.

But it probably won't.  At least not where it is needed the most.  M-PESA is offered by a telecom company.  M-PESA shares their (relatively exhorbitant) fees with the government of Kenya (the country where M-PESA is offered.)  How many days after realizing that SMS wallets are starting to catch on before texts to and from the SMS wallet provider's number are blocked?  (and thus the user's funds left stranded, at least temporarily).   Unlike bitcoin's peer-to-peer architecture, telecom infrastructure operates as the givernment instructs them to.

Over the longer term, smartphones with data services and encrypted communications make it irrelevant what can or cannot be done using the SMS network.

But to carry bitcoin through this period of time where SMS wallets would be the only option for hundreds of million or billions of potential users, I'm wondering what path, if any, will work?

I suppose though, the benefits gained by using bitcoins could outweigh the potential financial loss should blocking or thieving of funds start to occur and as a result pursuing this approach, flaws and all, really is the correct action.

Any thoughts?


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: Peter Todd on June 30, 2012, 07:17:03 PM
Well, you know you're absolutely right I think, but I'm actually looking forward to seeing SMS payments get stolen precisely because it'll be solid evidence that carrier security isn't very good. It's like how at work I leave my spare change on my desk, completely visible, precisely so I'll find out if any of the cleaners or my coworkers aren't honest. So far, they have been.


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: bearbones on June 30, 2012, 08:26:38 PM
@OP: For starters, I agree with your overall analysis of the market penetration of SMS vs. data/internet. The developing world has roughly 22% internet penetration, but over 70% SMS penetration. Bitcoin over SMS could be absolutely huge.

No, onto your specific points below:

Their SMS service is available in the U.S. and Canada only, though they assert that they are working on offering that to a wider global footprint.  Presumably, since Coinapult offers the ability to send bitcoins for free (they only charge when bitcoins are sent through their API), offering this globally would incur costs for sending the text messages.
 - http://coinapult.com/sms-wallet

We are struggling to find a combination of cost-effectiveness and reach. We can currently send SMS anywhere, but doing so is cost prohibitive. Even in the U.S. we average more than $0.06 per send. That is, each SMS message costs us $0.01, and a typical send requires at minimum 5 messages:

1. Sender requests coinapult send funds
2. Coinapult responds with conf code
3. Sender confirms
4. Coinapult responds with success message and new balance
5. Coinapult messages recipient

Tag in a couple of information texts (i.e. balance checks, help, transaction checks, etc) and the average cost goes up further. With international SMS fees, the per message cost is easily triple. This would bring the cost of a single send transaction to roughly $0.20. Now, there are ways to bring these costs down, but only with huge volume. For instance, a dedicated short code (intended for SMS use) costs $1k/month.

In short, the main barrier to international expansion is cost effectiveness. Even in the U.S., it is hard to justify offering such a service for free. In an international setting, the costs increase, while it is likely the average transaction size would decrease. If we can work out a viable fee structure, it can be deployed almost immediately.

Coinapult requires a text message response from the mobile number the funds were sent to so at least with that there's no bearer code being transmitted across the SMS network.

We consider this basic security, but is ultimately inadequate. At the moment, the initial 'receive' message still carries a bearer code, which is vulnerable in the same way blockchain's are. We hope to release an account system which will allow us to stop sending these by the end of July.

How many days after realizing that SMS wallets are starting to catch on before texts to and from the SMS wallet provider's number are blocked?  (and thus the user's funds left stranded, at least temporarily).  Unlike bitcoin's peer-to-peer architecture, telecom infrastructure operates as the givernment instructs them to.

This problem may be a little overstated. Governments don't always act so efficiently, and they'd have a tough time blocking us in such a way. Assuming we go international through a series of phone numbers in different service areas, it would be quite easy to get new numbers for any given service area. The local gov. and mobile service provider would be playing whack a mole. What's more, I'm sure the people would have something to say about it.


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: ben-abuya on June 30, 2012, 08:40:33 PM
Quote

How many days after realizing that SMS wallets are starting to catch on before texts to and from the SMS wallet provider's number are blocked?  (and thus the user's funds left stranded, at least temporarily).  Unlike bitcoin's peer-to-peer architecture, telecom infrastructure operates as the givernment instructs them to.

This problem may be a little overstated. Governments don't always act so efficiently, and they'd have a tough time blocking us in such a way. Assuming we go international through a series of phone numbers in different service areas, it would be quite easy to get new numbers for any given service area. The local gov. and mobile service provider would be playing whack a mole. What's more, I'm sure the people would have something to say about it.


Good point. This reminds me of the Chinese govt vs Tor IPs. Most governments have nothing close to the systems set up by the Chinese, and even they're having a hard time. It also maybe possible to embarrass them in their favorite UN clubs or the world press if they start blocking numbers. I bet there are ways around the telecom guys stealing bitcoins, too -- anything from a separate one-time password device (could be super simple and cheap, even a printed card, especially because the individual transactions are mostly small) to some security questions, like "what's the 3rd letter of your son's name".


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: bearbones on June 30, 2012, 08:52:05 PM
Good point. This reminds me of the Chinese govt vs Tor IPs. Most governments have nothing close to the systems set up by the Chinese, and even they're having a hard time. It also maybe possible to embarrass them in their favorite UN clubs or the world press if they start blocking numbers. I bet there are ways around the telecom guys stealing bitcoins, too -- anything from a separate one-time password device (could be super simple and cheap, even a printed card, especially because the individual transactions are mostly small) to some security questions, like "what's the 3rd letter of your son's name".

It is a little tougher than Tor, because the mobile network infrastructure is more centralized than the internet. Still, all we need is one partner willing to work with us (and get paid messaging fees), and we're in.

The security measures described are all possible, for sure. Ideally, the system should be able to function only on SMS commands, since many users will not have a mailing address or second device. Still, secondary security measures can be implemented, such as a pin number.


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: ben-abuya on June 30, 2012, 09:42:33 PM
The security measures described are all possible, for sure. Ideally, the system should be able to function only on SMS commands, since many users will not have a mailing address or second device. Still, secondary security measures can be implemented, such as a pin number.

Can't a PIN be intercepted by the telecom guys, or are we assuming they won't be that sophisticated?


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: Stephen Gornick on June 30, 2012, 09:52:10 PM
Great info, bearbones!

We can currently send SMS anywhere, but doing so is cost prohibitive. Even in the U.S. we average more than $0.06 per send. That is, each SMS message costs us $0.01, and a typical send requires at minimum 5 messages:

Oh, so you pay for both directions (incoming/receiving as well as outgoin/sending)?

Coinapult requires a text message response from the mobile number the funds were sent to so at least with that there's no bearer code being transmitted across the SMS network.

We consider this basic security, but is ultimately inadequate. At the moment, the initial 'receive' message still carries a bearer code, which is vulnerable in the same way blockchain's are.

Ah, I forgot that Coinpult was dual mode -- the funds are automatically in the SMS wallet, or the recipient can spend using the URL in the message as well (with the URL acting as a bearer code).

How many days after realizing that SMS wallets are starting to catch on before texts to and from the SMS wallet provider's number are blocked?  (and thus the user's funds left stranded, at least temporarily).  Unlike bitcoin's peer-to-peer architecture, telecom infrastructure operates as the givernment instructs them to.

This problem may be a little overstated. Governments don't always act so efficiently, and they'd have a tough time blocking us in such a way. Assuming we go international through a series of phone numbers in different service areas, it would be quite easy to get new numbers for any given service area. The local gov. and mobile service provider would be playing whack a mole.

Oh, sure -- I forgot that with cloud / integration each transaction can get its own unique "from / reply to" number.  Ok, so they need to do payload inspection instead.  

Well, regardless this is all encouraging.  There's so very much potential when extending bitcoin to the moble wireless voice/data network as its reach goes so much further than terrestrial and wi-fi Internet access goes (geographically, and participation of a community as well)


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: bearbones on June 30, 2012, 10:32:53 PM
Can't a PIN be intercepted by the telecom guys, or are we assuming they won't be that sophisticated?
Sure, a pin can be intercepted. So can any other security code except single use codes delivered via a secondary communication method. This, however, defeats the purpose of an SMS wallet. If the network provider really wants to steal everyone's bitcoin, there is no way to stop them in an SMS-only wallet. They own the network, and all access points.

Oh, so you pay for both directions (incoming/receiving as well as outgoin/sending)?

Unfortunately, this is how all US carriers function. It is possible with international carriers that we can avoid being charged on incoming messages. Then again, outgoing fees are higher, and the sender will also be subject to international SMS fees by their own provider. Getting a number in each service area is the only way to avoid this inconvenience for users, but that carries much higher up front costs.

On a separate note, I've been researching M-Pesa and it looks like they charge the following fees:
~1% to withdraw money from the system (for cash, in person, at an associated location)
$0.40 per transaction paid by the sender

If this is correct, we could easily compete with them. Coinapult could be far more expensive than Bitcoin should be, but less expensive than what is currently available even in the best markets. M-Pesa is only Kenya, after all.

Oh, sure -- I forgot that with cloud / integration each transaction can get its own unique "from / reply to" number.  Ok, so they need to do payload inspection instead.

They could indeed do some sort of packet inspection. Presumably, however, most of the carriers would be happy to accept our money. I think they only would shut us down if forced to by a hostile state.


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: Stephen Gornick on June 30, 2012, 11:16:57 PM
On a separate note, I've been researching M-Pesa and it looks like they charge the following fees:
~1% to withdraw money from the system (for cash, in person, at an associated location)
$0.40 per transaction paid by the sender

If this is correct, we could easily compete with them. Coinapult could be far more expensive than Bitcoin should be, but less expensive than what is currently available even in the best markets. M-Pesa is only Kenya, after all.

Ya, they use tier pricing rather than a raw %, so if will vary based on the transaction size.

From one M-Pesa user to another, the fee as a % can swing wildly ... like 10% fee on a transaction worth $3.  Up to the range of $20 it drops as a % to 2%,  The fee caps out at 50 Kenyan shillings (KES) (fee of about $0.60 USD) no matter the amount transferred.
 - http://safaricom.co.ke/index.php?id=1593
 - http://mobilemoneyexchange.wordpress.com/2012/03/02/m-pesas-revised-tariffs

Viewing the following will show how Bitcoin is so unique ... it is the only one that works in every single country:

 - http://www.wirelessintelligence.com/mobile-money/unbanked
 - http://www.wirelessintelligence.com/mobile-money/download  (Spreadsheet)


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: bearbones on July 01, 2012, 12:11:42 AM
Ya, they use tier pricing rather than a raw %, so if will vary based on the transaction size.

From one M-Pesa user to another, the fee as a % can swing wildly ... like 10% fee on a transaction worth $3.  Up to the range of $20 it drops as a % to 2%,  The fee caps out at 50 Kenyan shillings (KES) (fee of about $0.60 USD) no matter the amount transferred.
 - http://safaricom.co.ke/index.php?id=1593
 - http://mobilemoneyexchange.wordpress.com/2012/03/02/m-pesas-revised-tariffs

Viewing the following will show how Bitcoin is so unique ... it is the only one that works in every single country:

 - http://www.wirelessintelligence.com/mobile-money/unbanked
 - http://www.wirelessintelligence.com/mobile-money/download  (Spreadsheet)

I see this now. The document I was reading was referring to a case study example, not a flat fee. Regardless, I think it is possible to provide Bitcoin transactions at competitive fees. It will just take a lot of research and some up front investment in infrastructure.


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: Bitcoin Oz on July 01, 2012, 12:17:34 AM
Is there a way to send sms messages over serval mesh ?  http://www.servalproject.org/


Title: Re: SMS Mobile Wallet - Can It Ever Be Secure?
Post by: bearbones on July 01, 2012, 12:23:06 AM
Is there a way to send sms messages over serval mesh ?  http://www.servalproject.org/

Yes, actually, it is possible. At least, it is proposed in the serval project white paper: http://developer.servalproject.org/site/docs/2011/Serval_Introduction.html (http://developer.servalproject.org/site/docs/2011/Serval_Introduction.html). Serval would help the end user avoid exorbitant fees and bad service areas, but wouldn't help much for running an enterprise service.

[EDIT] It just occurred to me that a serval network would be an excellent hedge against a MITM attack by or using the main cell network. Would have a very positive effect on security. [/EDIT]