© 2014 by Nick B. Nicholaou, all rights reserved President, Ministry Business Services, Inc. Reprinted from Christian Computing Magazine
I’ve been using digital wallets for many years; they’re terrific! Having all of my credit card, ID, and password information with me at all times is very convenient. But it can also be dangerous, so how do you accomplish that safely?
Why a Digital Wallet?
Seinfeld had an episode dedicated to the thick wallets guys often carry in their back pocket (season 9, 12th episode, originally aired 1/15/1998 and called The Reverse Peephole). If you saw it, you remember that George got back problems from his overstuffed wallet.
That was my problem too! My wallet had IDs, credit cards, pictures, notes– it was a problem. So when digital devices began to flourish, like the Palm Pilot, I sought out a digital wallet to lighten my load. And it was a terrific strategy! I could actually carry more and it felt like less! Win – Win!
What Are the Dangers?
To state the obvious, the biggest danger is that someone else could gain access to this data. If I leave my digital wallet sitting around where anyone could get to it, my identity information and credit card numbers, etc could be compromised. Not to mention the pictures of my family and pets!
So putting this kind of data into a document doesn’t seem like a good idea. The same goes for a spreadsheet, though either could be encrypted and password protected.
And that is the key to safeguarding this important and sensitive data: encryption. There are different levels of encryption, of course, so it needs to be encrypted at a higher level since it is very sensitive data.
The first major encryption algorithm was developed in the 1970s and was called 56-bit DES (Data Encryption Standard). Though it had more than 70 quadrillion possible combinations, it is fairly easily broken with today’s computers and software. A new standard was developed to succeed DES called AES (Advanced Encryption Standard) that has much higher keys (128-bit, 192-bit, and 256-bit). 256-bit AES encryption (128,- 192-, or 256-bit encryption are key levels required for Top Secret data protection) has so many possible solutions that it is considered impenetrable by a brute force attack.
So encrypting your data with a strong password (at least seven digits long that includes upper and lower case letters, numbers, and common punctuation) is a strategy that can be very effective.
Do You Have One You Recommend?
I’ve been getting this question a lot over the last couple of years. The short answer is yes, but my preference comes with criteria you may or may not feel as strongly about. My criteria for a digital wallet is:
- Because this is sensitive data, I don’t want my data in The Cloud on someone’s servers. Even though those servers would likely be more secure than whatever devices I put my digital wallet on, they would be high-level targets for hackers. My devices probably are not attracting as much hacker attention as are those servers. So even though my devices are probably not as well protected, I want all of my data on my local devices.
- The digital wallet data needs to reside on all my devices. Sometimes (like when I’m shopping online) I want to look it up on my desktop or notebook computer– whether Windows or Mac OSX based. Sometimes I want to access it on my tablet or smartphone– whether Android or iOS based. Thus it needs to be completely cross-platform.
- The digital wallets on my various devices need to be able to securely synchronize their data to each other.
My first digital wallet was eWallet by Ilium Software (www.iliumsoft.com). It was encrypted and easy to use. With later hardware technology I moved to another solution that is no longer supported; I liked the graphic presentation of the data better (the MasterCard, for example, was exactly like my MasterCard). Unfortunately that solution is no longer supported, and when I looked for a replacement I found myself returning to eWallet by Iliumsoft! They’ve done a lot to make their solution much nicer graphically, and it is truly cross-platform.
What About Apple Pay & Microsoft and Google Wallets?
The most important thing to me is security. Apple’s Pay, which is scheduled to release in October, keeps the data on the local device only– if the device is an iPhone 6 or 6 Plus. It actually tokenizes the data in a chip, so the data is completely secure. However, it will not sync with any other devices or platforms. I like the security strategy, but want to access my data on whatever device or platform I’m using at the time.
Microsoft’s and Google’s digital wallets appears to store the data on their servers, which makes those servers a hacker target.
So for now, eWallet is my digital wallet of choice.