Spin-out to develop secure mobile payments | University of Oxford
Mobile applications
Mobile applications

Spin-out to develop secure mobile payments

New Oxford University spin-out company OxCEPT is set to develop simple, secure ways of transferring information so that people can safely make payments from their mobile phones.

OxCEPT, set up by the University's technology transfer company Isis Innovation, is gearing up to provide a peer-to-peer payment app for mobile users. The new app uses a family of security protocols developed at Oxford University's Department of Computer Science that will allow users to create a new secure network or to secure an initially insecure network.

The technology is purely software-based, doing away with the need for cables or network connections. Once both parties have downloaded the app the payer authenticates the payee and authorises a payment. There is no swiping, scanning or card reading. No pass codes, account information or credit card details are disclosed.

In addition to securing payments, the Oxford team have used and tested the security protocols in a map-based application for secure data sharing or 'coalition working' in disaster recovery scenarios. This allows separate groups including police, humanitarian teams, civilians and armed forces to work securely together on common challenges.

Developed with US military funding, the OxCEPT protocols have been field tested and have demonstrated their real world 'security class' capability as part of this programme. The protocols can also be used for other applications including configuring security for machine-to-machine communications and securing data.

Shawn Modarresi, president and co-founder of OxCEPT, said: 'At the moment it is almost impossible to deter intruders and prying eyes using software. As it becomes second nature for us to transmit delicate information between mobile devices, reliable software based security protocols will be a key tool for all mobile users.'

Professor Bill Roscoe of Oxford University's Department of Computer Science led the research group responsible for developing and testing the protocols over the last 12 years. 'These protocols resist many of the threats such as so-called 'man in the middle' attacks associated with online security solutions,' he said. 'We create security without having to rely on any pre-existing infrastructure such as a public key infrastructure, and we do it from the things human users know and trust.'

Perry Anderson, CEO of OxCEPT, said: 'The security protocols used by OxCEPT are protected by granted patents. In practice, it simply does what we all require of a security app and allows us to transfer money or data without fear of it being intercepted.'

Tom Hockaday, managing director of Isis Innovation, said: 'OxCEPT brings to market a technology that Professor Roscoe and his team have perfected over recent years. It is very satisfying to bring together Oxford technology and a management team with qualifications from Oxford's Saïd Business School to create a strong and promising business.'

OxCEPT has raised an initial £250,000 to fund early operations and will have offices in London and Silicon Valley.