Encryption Securing Mobile Money Transfers Can Be Broken

An anonymous reader writes: A group of researchers has proved that it is possible to break the encryption used by many mobile payment apps by simply measuring and analyzing the electromagnetic radiation emanating from smartphones. Modern cryptographic software on mobile phones, implementing the ECDSA digital signature algorithm, may inadvertently expose its secret keys through physical side channels: electromagnetic radiation and power consumption which fluctuate in a way that depends on secret information during the cryptographic computation.

Acceptable risk

[Opportunist]

Yes, that "security hole" has been known for a while now. Yes. We know. In the end, the complexity of the attack and the circumstances required are so specific that it simply isn't a viable attack vector.

In other words, yes, you can die from a lightning strike. But that doesn't keep you inside, does it?