BySpook Louw
An app that allows you to ask a question to users within a certain radius
3 years ago
5
Create newCreate new
Idea
Darko Savic Mar 18, 2022
Pay with bitcoin without having any devices on you by having your wallet call back a nearby phone
Image credit: Walledo / Blink Images
Please leave the feedback on this idea
Originality
Is it original or innovative?
Feasibility
Is it feasible?
Necessity
Is it targeting an unsolved problem?
Conciseness
Is it concisely described?
Bounty for the best solution
Provide a bounty for the best solution
Bounties attract serious brainpower to the challenge.
A way to pay by Bitcoin without any devices on you. The recipient sends an SMS to your phone. The phone instantly calls back and expects you to authorize the transaction by knowing matching disposable word pairs.
Why?
- Ability to pay for something while not having any devices or money on you.
- Travel light.
- Can't get robbed if you have nothing on you.
How it works
The payment recipient (shop clerk?) has a phone. S/he is standing next to the payee. The recipient uses their phone to send an SMS payment instruction to a phone number that the payee specifies. The phone that receives the SMS runs the SMS-activated Bitcoin wallet. The SMS that is sent to the wallet phone contains:
- the recipient wallet
- the amount to be paid
- your ID code
As soon as the SMS is sent/received, the same phone gets an automated callback. The app on the other side expects that the money owner (payee) answers the call. Then:
- When the call is answered the service introduces itself with an automated message.
- The service then asks the money owner to authorize the transaction (repeats last 4 letters of the recipient wallet)
- It then tells the money owner the 1st authorization word. It expects to hear the word's pair that only the owner knows.
- If the amount is higher than X BTC, the process is repeated again with the 2nd pair of authorization words. This is for increased security.
If the owner knows both word-pairs the Bitcoin wallet app takes that as authorization and sends the Bitcoin.
Service installation/configuration
To use this service, the fund owner has to:
- Install this Bitcoin wallet app that supports the phone callback authorization service
- Add some bitcoin to it
- Define at least 10-word pairs. Once a pair is used it cannot be used again.
- Define your identification code/word. You can change it any time. Payment recipient has to add your ID to the SMS to initiate the service.
- Enable the service.
What do you think? Can this idea be simplified to increase convenience without compromising security?
2
Creative contributions
Run a dedicated call-back wallet, locked in a safe
Hook such a wallet/phone on a charger and lock it in a safe. That way you always have access to some Bitcoin if you find yourself cashless.
Please leave the feedback on this idea
Security concerns
I think the way someone trying to steal your money would do it is simply send the message requests and when the app calls back, try to somehow hack the secretive info that's necessary to authorize the transaction.
They could hook up some automative replier that uses an algorithm to produce various sounds to try approximating the code words. What worries me a bit is that the code words would be transmitted through speech and speech through a phone call can be unclear, the software can easily mistake certain words for other ones (this could be seen by watching automated subtitle generations of youtube videos) this increases the chances for hacking the words by producing random sounds.
Maybe it would be better to send the text message to the recipient's phone which requests to type the code words and send them back?
The hackers could also hook up software that would send the same message many times (after failed attempts) and produce different words simply to try matching the code words by chance. Although the possibility of guessing the words by chance is too small, this could drain your phone's battery.
The wallet app should block the same number from sending requests after, say, three failed attempts to authorize transactions requested from that phone number.
Please leave the feedback on this idea
Darko Savic3 years ago
The phone would be hooked to a charger, so no battery drainage is possible.
The person sending the SMS has to know your current ID. The ID is configurable. You would change it often to start fresh. If someone tries brute-forcing with your ID code, you would pretty much know who is behind it.
If the app notices brute-forcing attempts, your ID would be switched to a new/backup ID. If that one came under the same attack, the app would pause for X hours.
There is little chance someone can guess your word pair on the first attempt. That's the risk I would be willing to take. The wallet/app would have just some spending funds. In the unlikely event that they got stolen, it wouldn't be the end of the world.
Please leave the feedback on this idea
Povilas S3 years ago
Darko Savic Battery drainage is possible even when the phone is on a charger, if there's a constant and intense activity the phone is processing, the charging speed can get behind the discharging speed, at some point the phone may simply turn off and it won't necessarily turn back on once it gets charged.
Yes, I was thinking that since the recipient has to know your wallet number and ID, those most likely to know it would be people you've had some bitcoin business with before, but it might be too hard to trace the person if you're dealing in bitcoin with many people and often, this info could perhaps also be stolen when you shop online in bitcoins. But maybe this is too much of an overthinking.
Please leave the feedback on this idea
Darko Savic3 years ago
Povilas S this solution is meant for special occasions. Anyone can remember a few word pairs, but probably not that many. One could use song lyrics of a less popular song. Seeing one word from the lyrics, there is no way someone would be able to guess which song it is and what comes next. But you would.
Reloading new word pairs would be like reloading a gun. It can only be used a few times before it has to be reloaded:)
Please leave the feedback on this idea
Add your creative contribution
General comments
Povilas S3 years ago
It took me a while to understand how the idea works, maybe it's just me not seeing the obvious, but you didn't indicate anywhere in the text, that the recipient and the payer (the person without the device) are together when the transaction activation is happening.
Technically anyone could request the payment that way, not necessarily the person with whom the payer is (anyone knowing the payer's number could send such a message), the person requesting could be physically far away, but ask for money (a debt, repayment, etc.) so that's what I thought initially after reading the idea, and also because the title reads "by calling a nearby phone", there could be many phones nearby, so it's not simply a nearby phone, it's a phone of the recipient with whom the payer is.
Please leave the feedback on this idea
Darko Savic3 years ago
Povilas S I will try to rewrite it with a clear head in the morning
Please leave the feedback on this idea
ByContrived _voice
Passive language learning app that shows pop-up translations of your words as you type them
3 years ago
2
ByDarko Savic
An app like tik-tok but for poetry and prose where your short story either goes viral or slips into oblivion
3 years ago
2
ByShireesh Apte
A piggy bank whose frown gradually changes into a smile when money accumulates in it
3 years ago
2
ByDarko Savic
An app that mutes and darkens the screen during advertisements within videos
3 years ago
ByDarko Savic
An app that converts your child's crayon drawing into cartoons they can watch
3 years ago
1
ByDarko Savic
An app that provides you with random interesting problems to think about whenever you're bored
3 years ago
2
ByDarko Savic
Lock screen app that displays photos of loved ones you haven't spoken to in a while
3 years ago
6
Please leave the feedback on this idea
Please leave the feedback on this idea