{"content":"<div class=\"discussion__comments\"><div class=\"discussion__comment\" id=\"post741\" data-id=\"741\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">Crozz<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-22T20:27:04+01:00\">22.\u200911.\u20092017 20:27<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Opravdu n\u00e1vykov\u00e9 ????<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><div class=\"discussion__comment\" id=\"post745\" data-id=\"745\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">zden\u00e1l<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T13:19:16+01:00\">23.\u200911.\u20092017 13:19<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Ano. <\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post749\" data-id=\"749\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">kubina<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T15:00:40+01:00\">23.\u200911.\u20092017 15:00<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Vysoce. Posledn\u00ed tyden jsem jinak neplatil<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post742\" data-id=\"742\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">Petr<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-22T21:49:05+01:00\">22.\u200911.\u20092017 21:49<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Co v\u0161echno vid\u00ed Google? Je n\u011bkde \u010dl\u00e1nek, kde by se to dalo do\u010d\u00edst?<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post743\" data-id=\"743\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">ANO<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T03:18:57+01:00\">23.\u200911.\u20092017 03:18<\/time><\/span><\/div><div class=\"discussion__comment__comment\">A jak je to teda bezpecne? Vzhledem k faktu, ze to probiha pres otevrene NFC, ktere nic jako HW adresu neobsahuje, tak vse musi probihat softwarove. V systemu se vytvori onen token, ktery se pak bude dat zkopirovat a prenest jinam a provest platbu z jineho telefonu. Kdyby to bylo treba tak, ze nejake urcite telefony s nejnovejsim lagroidem (tusim 8?) maji nejaky specialni cip, neco ve stylu TPM nebo tak jak to bylo u specialnich SIM karet, kde se svaze v bance jednou klic tohoto cipu, do ktereho nikdo nevidi a nemuze jej tedy zkopirovat, tak bych to jeste chapal. Proste pokud by clovek nemel fyzicky s sebou ten cip, tak smolik.<br \/>\nAle zde jsou dve veci, kdyz to funguje se vsemi lagroidy od 4.4, tak ty jiste zadny podobny cip nemaji. Takze pujde o vyslovene softwarove reseni, cili vysmech, zvlast, kdyz je mozne takto softwarove zadat PIN a vytahnout libovolnou castku.<br \/>\nA za druhe, i kdyby tam ten cip byl, tak je to zas lagroid. Rootnutelny dokonce i pres malware v oficialnim obchode. Kdyz se pak dostane malware do telefonu, neni nic jednodussiho nez nejakou jednu neomezenou platbu autorizovat v tom zarizeni a token poslat utocnikovi, ktery jej pouzije u libovolneho NFC terminalu. To je zkratka takovy bullshit, ze to svet nevidel.<br \/>\nAt je to tedy jakkoliv, tak to bude vse, jen ne bezpecne!<br \/>\nNevim jak to ma apple, hadam, ze ten to bude mit aspon trosku promyslene, ale virtualni kartu bych mu taky nesveril ...<br \/>\nNa windows to funguje pomoci specialni SIM karty vydane bankou, ktera defacto obsahuje kryptovaci cip z kreditni karty a pres SIM api standardne komunikuje s telefonem.<br \/>\nCo se tyce NFC kreditek, tam myslim, ze je jeste dalsi vrstva zabezpeceni v tom, ze musi jit o kratkou vzdalenost a dela se vicenasobna kontrola, kde se zjisti diky pingu a fyzicke rychlosti svetla, jak daleko je skutecne karta od terminalu (tak jak to funguje u bezklicoveho nastupovani u aut). Aby nebylo mozne prijit k cloveku nekde s cteckou, priblizit mu ji ke kapse s kartou a s druhym zarizenim zaplatit v obchode.<br \/>\nJeste bych na telefonu bral, kdyby to bylo do toho petikila, to bych jeste na iphonu nebo windows snesl (na androidu tak do dvacky). Ale ze je mozne po \"verifikaci\" na telefonu vybrat libovolnou castku bez fyzickeho zadani PINu na terminalu, to mi prijde opravdu desive .... <br \/>\nMozna by stalo za to, na tohle tema sepsat clanek.<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><div class=\"discussion__comment\" id=\"post744\" data-id=\"744\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">haha<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T04:33:38+01:00\">23.\u200911.\u20092017 04:33<\/time><\/span><\/div><div class=\"discussion__comment__comment\">jeste vetsi kravinu napis pls<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post746\" data-id=\"746\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">zden\u00e1l<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T13:24:15+01:00\">23.\u200911.\u20092017 13:24<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Pro ka\u017edou platbu je pou\u017eit unik\u00e1tn\u00ed token, tak\u017ee se zkop\u00edrovat klidn\u011b m\u016f\u017ee, ale bude k ni\u010demu. <br \/>\nMobiln\u00ed platby jsou prost\u011b budoucnost, klidn\u011b se v\u0161ak m\u016f\u017eete odst\u011bhovat n\u011bkam do Afriky a platit kozami a obil\u00edm. <\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post747\" data-id=\"747\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">R.O.G<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T13:55:10+01:00\">23.\u200911.\u20092017 13:55<\/time><\/span><\/div><div class=\"discussion__comment__comment\">No v\u011bt\u0161\u00ed sn\u016f\u0161ku kec\u016f jsem dneska je\u0161t\u011b ne\u010detl. Kdybys alespo\u0148 v\u011bd\u011bl jak to cel\u00e9 funguje,\u017ee p\u0159i \u010d\u00e1stce vy\u0161\u0161\u00ed jak 500,- mus\u00ed\u0161 telefon odemknout, jinak prost\u011b nezaplat\u00ed\u0161. A ano... Jakmile pou\u017e\u00edv\u00e1\u0161 Android Pay, tak nem\u016f\u017ee\u0161 m\u00edt nastaven\u00fd z\u00e1mek jen na p\u0159ejet\u00ed, ale na pin \u010di otisk prstu. Pak u\u017e je druhotn\u00e9 zabezpe\u010den\u00ed prakticky k ni\u010demu. Nehled\u011b na to, \u017ee norm\u00e1ln\u00ed \u010dlov\u011bk stejn\u011b nem\u00e1 st\u00e1le zapl\u00e9 NFC, ale ud\u011bl\u00e1 to a\u017e t\u011bsn\u011b p\u0159ed zaplacen\u00edm, tak\u017ee n\u011bjak\u00fd ciz\u00e1k se skenerem je taky sm\u011b\u0161n\u00fd. No a to nemluv\u011b o unik\u00e1tn\u00edm tokenu pro ka\u017edou platbu. Doporu\u010duji pou\u017e\u00edvat mrtv\u00fd syst\u00e9m wokna a nebo se rad\u011bji vr\u00e1tit do jeskyn\u011b, vypnout pc, nepou\u017e\u00edvat v\u016fbec mobil atd. Mimochodem paranoia se d\u00e1 celkem \u00fasp\u011b\u0161n\u011b l\u00e9\u010dit ????<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><div class=\"discussion__comment\" id=\"post748\" data-id=\"748\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><a href=\"\/uzivatele\/hudus\" class=\"avatar\"><img src=\"https:\/\/lh4.googleusercontent.com\/-DuYnlt7bcyQ\/AAAAAAAAAAI\/AAAAAAAABlc\/oAcOAQJsDvM\/photo.jpg?sz=50\" alt=\"Jan Posp\u00ed\u0161il\" \/><\/a><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><a href=\"\/uzivatele\/hudus\" class=\"discussion__comment__author\">Jan Posp\u00ed\u0161il <span class=\"discussion__comment__title\">(* mobilenet.cz)<\/span><\/a><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-23T14:10:41+01:00\">23.\u200911.\u20092017 14:10<\/time><\/span><\/div><div class=\"discussion__comment__comment\">Souhlas\u00edm. Je si mysl\u00edm, \u017ee neust\u00e1l\u00e9 zap\u00edn\u00e1n\u00ed vyp\u00edn\u00e1n\u00ed NFC je proti konceptu mobiln\u00edch plateb. Je to obrovsky zdr\u017euj\u00edc\u00ed.<br \/>\n<br \/>\nZapnut\u00e9 NFC se na stand-by v\u00fddr\u017ei telefonu nijak poznateln\u011b nepodep\u00ed\u0161e. Co se t\u00fd\u010de n\u00e1hodn\u00e9ho strh\u00e1v\u00e1n\u00ed pen\u011bz od kolemjdouc\u00edho zlod\u011bje, tak to je tak\u00e9 zbyte\u010dn\u00e1 obava. Ka\u017ed\u00fd termin\u00e1l je provozov\u00e1n n\u011bjakou bankou, tedy pokud by se n\u011bkdo za\u010dal dopou\u0161t\u011bt podobn\u00e9ho jedn\u00e1n\u00ed, tak bude velice snadno dohledateln\u00fd.<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post760\" data-id=\"760\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">J\u00e1<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-11-29T13:30:53+01:00\">29.\u200911.\u20092017 13:30<\/time><\/span><\/div><div class=\"discussion__comment__comment\">P\u0159i platb\u011b mobilem se d\u00e1 zaplatit 3x podlimitn\u00ed platbou (rozsv\u00edcen\u00edm displeje). P\u0159i 4. je vy\u017e\u00e1d\u00e1no odem\u010den\u00ed, v p\u0159\u00edpad\u011b, \u017ee nebylo odem\u010deno v pr\u016fb\u011bhu t\u011bchto 3 plateb. Ka\u017ed\u00e9 odem\u010den\u00ed nuluje \u010d\u00edta\u010d.<br \/>\nPodobn\u00e1 logika funguje p\u0159i placen\u00ed plastikem, v tomto tedy nen\u00ed vy\u0161\u0161\u00ed nebezpe\u010d\u00ed p\u0159i placen\u00ed mobilem.<br \/>\nA potvrzuji slova dal\u0161\u00edch diskut\u00e9r\u016f (Zden\u00e1l), token je unik\u00e1tn\u00ed pro ka\u017ed\u00e9 za\u0159\u00edzen\u00ed. Nen\u00ed zkop\u00edrovateln\u00e9 do dal\u0161\u00edho stroje, resp. bude nepou\u017eiteln\u00e9. (Op\u011bt zv\u00fd\u0161en\u00ed bezpe\u010dnosti - razantn\u00ed oproti plastiku)<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><div class=\"discussion__comment\" id=\"post769\" data-id=\"769\"  data-offtopic=\"0\"><div class=\"discussion__comment__avatar\"><span class=\"icon icon--account_circle\"><\/span><\/div><div class=\"discussion__comment__content\"><div class=\"discussion__comment__credits\"><span class=\"discussion__comment__author\">ANO<\/span><span class=\"discussion__comment__info\"><a href=\"#\" class=\"discussion__comment__like\" data-role=\"comment-like\"><span class=\"icon icon--thumb_up\"><\/span><span class=\"count\"><\/span><\/a><time class=\"updated\" datetime=\"2017-12-05T20:40:48+01:00\">5.\u200912.\u20092017 20:40<\/time><\/span><\/div><div class=\"discussion__comment__comment\">A jak to teda funguje??? Takze je tam softwarovy token a softwarove to odemknes treba otiskem. Kdyz mas roota, tak tohle tedy muzes obejit, psal jsem neco jineho? Ne .... pak asi odpovidas na jiny prispevek ne?<\/div><div class=\"discussion__comment__actions\"><a href=\"#\" data-role=\"answer\">Odpov\u011bd\u011bt<\/a><\/div><\/div><\/div><\/div><\/div><\/div><\/div><\/div>","url":null}