Come Up with Payment Security Issue, ITB Student Become A World Champion

By Ahmad Furqan Hala

Editor Ahmad Furqan Hala

BANDUNG, itb.ac.id - Recently, wireless transaction technology have been developed fastly. Not only by electronic card technology like credit card, but also having been integrated with other devices such as smartphone and other technology. Since 2004, a short-range wireless technology called NFC have been developed. This technology now have been applied widely for short-range communication and even in electronic payment and transaction. However, the system that applied in this technology has security vulnerability which is potential to become risky for client. Firman Azhari (Electrical Engineering ITB, Master Program), came up with this issue in Kaspersky Academy Student London Final this June.
Firman, which has won the same competition for Asia Pacific Region (Singapore, NUS, March 2013) once again crowned as overall winner for final round of Kaspersky Academy Student Cyber Security in London. This final round was taken place at Royal Holloway, University of London on 25-27 June. Fourteen participants which represent ten countries and five regions in over the world came and joined this final round. Previously in elimination round, each participant had to present a short proposal related to cyber security theme.

This final round consisted of some sessions. The first session is a challenge to promote product that the participant brought with to the judging panel. The purpose of this challenge is to persuade the judging panel to invest on this product. The overall winner of this session is Ivan Dominic Baguio from University of Phillippine Dilman. The second session is a video news challenge. The participants was asked to make a three-minutes news reporting video about a world cyber security issue that likely to happen in 2020. This session was won by Firman Azhari, which then crowned as the overall winner for this final round.

The Kaspersky Academy Student "Cyber Security for Next Generation" is the culminating event for all the previous competition. In this final round, the participant is not only have a competition, but also other activities like seminar, workshop, games, and other fun activities. The participant also is not only allowed to show off their expertise, but also given a chance to have a direct interaction with the industry driver and cyber security expert, which become the judging panel for this final round.

The main purpose of this Kaspersky Academy Student is to facilitate these bright youth for sharing and exchanging knowledge about cyber security; meeting the expert and industry driver; and learning from each other experiences. Kaspersky, which organize this event, is one of major software industry for cyber security, and centered in Moscow.


"I am so glad. I don't expect to have a glorious victory here. To join this competition, I got so much help from my lecturer, Prof. Suhono Supangkat, Budi Rahardjo, PhD, Dr. Joko Suryana, Dr. IGB Baskara, and many others. I also got help from my friends in making the video newss and research brochure. My family especially supporting me is a big help in this competition.

"After finishing my thesis, I will continue doing a research in communication technology at Tokyo Institute of Technology for one year (YSEP program). I have a dream to build a company actually, but not specifically in cyber security only," said Firman.

Detect The Security Vulnerability in NFC Vital Application in Indonesia

The issue that Firman came up with in Kaspersky Academy Student London Final is about the security vulnerability in vital NFC-based applications in Indonesia. Near Field Communication (NFC) is a short-range wireless technology, generally about 10 cm in distance, which can be used in contactless transaction, data exchanging, or even a more complex communication like Wi-Fi. NFC can also be used for one-way transaction between smartphone or other NFC devices and NFC chips, called tag.

The NFC devices that used for contactless transaction have a similar principle with credit card or any other electronic tickets. However, with NFC, the cardholder can use the devices like smartphone or oter devices to do the transaction, instead of only card. Generally, the transaction mechanism started with card identification and continued with payment and transaction or top up and balance check. Top up and balance check will get through the online verification while the payment and transaction will be verified at the end of the day. This mechanism is considered risky for the cardholder if hacked, not only for the balance, but also for the private data inside it. This is why Firman came up with the solution to do the online and real-time verification for each transaction and payment. To apply this system, Firman proposed to do card detection by NFC inspector, prevention with card-sectoring algorithm, and for e-payment by Hopfield algorithm.

"The solution proposed in this opportunity is only a prove of concept. However, for any instances that have applied a less secured system, I have provided some solution that will work," said Firman, which is also a researcher in Blackberry Innovation Centre ITB.