Facebook PixelPay with bitcoin without having any devices on you by having your wallet call back a nearby phone
Brainstorming
Tour
Brainstorming
Create newCreate new
EverythingEverything
ChallengesChallenges
IdeasIdeas
Idea

Pay with bitcoin without having any devices on you by having your wallet call back a nearby phone

Image credit: Walledo / Blink Images

Loading...
Darko Savic
Darko Savic Mar 18, 2022
Please leave the feedback on this idea
Originality

Is it original or innovative?

Feasibility

Is it feasible?

Necessity

Is it targeting an unsolved problem?

Conciseness

Is it concisely described?

Bounty for the best solution

Provide a bounty for the best solution

Bounties attract serious brainpower to the challenge.

Currency *
Bitcoin
Who gets the Bounty *
Distribution
A way to pay by Bitcoin without any devices on you. The recipient sends an SMS to your phone. The phone instantly calls back and expects you to authorize the transaction by knowing matching disposable word pairs.
Why?
  • Ability to pay for something while not having any devices or money on you.
  • Travel light.
  • Can't get robbed if you have nothing on you.
How it works
The payment recipient (shop clerk?) has a phone. S/he is standing next to the payee. The recipient uses their phone to send an SMS payment instruction to a phone number that the payee specifies. The phone that receives the SMS runs the SMS-activated Bitcoin wallet. The SMS that is sent to the wallet phone contains:
  • the recipient wallet
  • the amount to be paid
  • your ID code
As soon as the SMS is sent/received, the same phone gets an automated callback. The app on the other side expects that the money owner (payee) answers the call. Then:
  1. When the call is answered the service introduces itself with an automated message.
  2. The service then asks the money owner to authorize the transaction (repeats last 4 letters of the recipient wallet)
  3. It then tells the money owner the 1st authorization word. It expects to hear the word's pair that only the owner knows.
  4. If the amount is higher than X BTC, the process is repeated again with the 2nd pair of authorization words. This is for increased security.
If the owner knows both word-pairs the Bitcoin wallet app takes that as authorization and sends the Bitcoin.
Service installation/configuration
To use this service, the fund owner has to:
  • Install this Bitcoin wallet app that supports the phone callback authorization service
  • Add some bitcoin to it
  • Define at least 10-word pairs. Once a pair is used it cannot be used again.
  • Define your identification code/word. You can change it any time. Payment recipient has to add your ID to the SMS to initiate the service.
  • Enable the service.
What do you think? Can this idea be simplified to increase convenience without compromising security?
2
Creative contributions

Run a dedicated call-back wallet, locked in a safe

Loading...
Dragan Otasevic
Dragan Otasevic Mar 18, 2022
Hook such a wallet/phone on a charger and lock it in a safe. That way you always have access to some Bitcoin if you find yourself cashless.
Please leave the feedback on this idea
Loading...
Povilas S
Povilas S2 months ago
The safe walls would probably block the phone connection.
Please leave the feedback on this idea
Loading...
Darko Savic
Darko Savic2 months ago
Povilas S An external antenna could be placed on the outside of the safe.
Also the safe might not be necessary. Even if the phone is found it would be difficult to unlock. Even if the phone was unlocked, it would be next to impossible to unlock the wallet. Even if the wallet could be unlocked, it would be next to impossible to brute-force crack the password that's needed to authorize the transactions or view the seed phrase.
So just hiding the phone would be as good as keeping it in a safe.
Please leave the feedback on this idea

Security concerns

Loading...
Povilas S
Povilas S Mar 18, 2022
I think the way someone trying to steal your money would do it is simply send the message requests and when the app calls back, try to somehow hack the secretive info that's necessary to authorize the transaction.
They could hook up some automative replier that uses an algorithm to produce various sounds to try approximating the code words. What worries me a bit is that the code words would be transmitted through speech and speech through a phone call can be unclear, the software can easily mistake certain words for other ones (this could be seen by watching automated subtitle generations of youtube videos) this increases the chances for hacking the words by producing random sounds.
Maybe it would be better to send the text message to the recipient's phone which requests to type the code words and send them back?
The hackers could also hook up software that would send the same message many times (after failed attempts) and produce different words simply to try matching the code words by chance. Although the possibility of guessing the words by chance is too small, this could drain your phone's battery.
The wallet app should block the same number from sending requests after, say, three failed attempts to authorize transactions requested from that phone number.
Please leave the feedback on this idea
Loading...
Darko Savic
Darko Savic2 months ago
The phone would be hooked to a charger, so no battery drainage is possible.
The person sending the SMS has to know your current ID. The ID is configurable. You would change it often to start fresh. If someone tries brute-forcing with your ID code, you would pretty much know who is behind it.
If the app notices brute-forcing attempts, your ID would be switched to a new/backup ID. If that one came under the same attack, the app would pause for X hours.
There is little chance someone can guess your word pair on the first attempt. That's the risk I would be willing to take. The wallet/app would have just some spending funds. In the unlikely event that they got stolen, it wouldn't be the end of the world.
Please leave the feedback on this idea
Loading...
Povilas S
Povilas S2 months ago
Darko Savic Battery drainage is possible even when the phone is on a charger, if there's a constant and intense activity the phone is processing, the charging speed can get behind the discharging speed, at some point the phone may simply turn off and it won't necessarily turn back on once it gets charged.
Yes, I was thinking that since the recipient has to know your wallet number and ID, those most likely to know it would be people you've had some bitcoin business with before, but it might be too hard to trace the person if you're dealing in bitcoin with many people and often, this info could perhaps also be stolen when you shop online in bitcoins. But maybe this is too much of an overthinking.
Please leave the feedback on this idea
Loading...
Darko Savic
Darko Savic2 months ago
Povilas S this solution is meant for special occasions. Anyone can remember a few word pairs, but probably not that many. One could use song lyrics of a less popular song. Seeing one word from the lyrics, there is no way someone would be able to guess which song it is and what comes next. But you would.
Reloading new word pairs would be like reloading a gun. It can only be used a few times before it has to be reloaded:)
Please leave the feedback on this idea

Add your creative contribution

0 / 200

Added via the text editor

Sign up or

or

Guest sign up

* Indicates a required field

By using this platform you agree to our terms of service and privacy policy.

General comments

Loading...
Povilas S
Povilas S2 months ago
It took me a while to understand how the idea works, maybe it's just me not seeing the obvious, but you didn't indicate anywhere in the text, that the recipient and the payer (the person without the device) are together when the transaction activation is happening.
Technically anyone could request the payment that way, not necessarily the person with whom the payer is (anyone knowing the payer's number could send such a message), the person requesting could be physically far away, but ask for money (a debt, repayment, etc.) so that's what I thought initially after reading the idea, and also because the title reads "by calling a nearby phone", there could be many phones nearby, so it's not simply a nearby phone, it's a phone of the recipient with whom the payer is.
Please leave the feedback on this idea
Loading...
Darko Savic
Darko Savic2 months ago
Povilas S I will try to rewrite it with a clear head in the morning
Please leave the feedback on this idea