The decades old mobile technology standard, USSD remains relevant today, even more than it was back in the days. Anyone using a mobile phone can't escape dialing *123# to either check airtime balance or some other service prompt; but nowadays, USSD have gone beyond network providers' native services.

USSD, which stands for Unstructured Supplementary Service Data has got a mainstream appeal because it doesn't require data, nor airtime to access, as mobile operators typically use USSD for their native services such as airtime balance checks, top-ups, data services and promotional offers.

It’s perhaps the most basic mobile phone-based service – which potentially, have made some big strides in fintech services inclusion of the unbanked Nigeria, who are mostly living in the rural areas where network data services are abysmal or utterly unavailable.

Why the USSD Service was Introduced

As the mobile industry realized the need to facilitate easy machine-to-machine communications to take care of some basic tasks that requires the mobile device to query the network, the USSD protocol was born to supplement the existing GSM standards that mostly focused on person-to-person communications.

While network operators utilized STK (Sim Toolkit) technology in order to facilitate the reselling and subscription service offerings, the STK technology allows the operators to code a set of commands into their SIM cards which defines how the SIM cards interact with the device.

However, for STK to work, it's essential that the SIM card inserted in the mobile device is burned with the menu. Then, the application is normally protected by pin, either SIM card pin or phone lock pin and whenever the phone is locked or no sim inserted into the phone the service won't be possible.

Whereas, the USSD technology is network-deployed and not resident on the mobile device, the service is located in the mobile network and users who switched to the network will have access to the network's USSD menu. Whenever a user requests a menu, it initiates a real-time session between the USSD application platform and the mobile user once the service is invoked.

Mobile Apps vs USSD

Despite the predictions by several experts in financial services that app-powered mobile banking would be replacing USSD, it has remained the most widely adopted and successfully integrated mobile technology in emerging markets, including Nigeria.

Albeit, the USSD service has not necessarily rendered app-based services, such as banking redundant, as they’re quite different in their offerings, with different customers and market segments.

While some customers would prefer one, others might not. There are currently multiple variables that determines individual prferences, like data access, mobile device and educational background, plus of course, income. And certainly, not every customer have a smartphone and most devices don’t have data support or Wi-Fi connectivity in the rural areas.

In considerations to the factors, any financial service providers (FSPs) looking to enter the Nigerian market with mobile banking solutions should as a necessity incorporate USSD service, if they really want to succeed, as only USSD works for everyone.

Why Mobile Apps won't be replacing USSD in Nigeria anytime soon

Microsoft Teams is a collaboration platform that integrates with Office 365 subscription productivity suite, including Office and Skype, and supported extensions for third-party products.

While for the first time, Microsoft is bringing Office 365 application to the open source operating system, with the launch of Microsoft Teams as native Linux client, public preview.

The native Linux client has been the most requested Teams features on Microsoft’s forum, which plans to introduce it was announced at the company’s Ignite conference.

Before now, Linux users have been stuck with unofficial and different unsupported clients for Skype for Business; but with Microsoft Teams availability for Linux, it'll enable better collaboration experiences for the open source community, both at work and academic environments.

The native desktop app will feature all the core capabilities available in Microsoft Teams for Windows and MacOS versions, allowing developers who built apps for Teams to be able to extend their reach to new set of users.

Microsoft hopes to increase the appeal of Teams to developers by the introduction of the Linux desktop client, and for those having a commercial Office 365 subscription, they can try Microsoft Teams for Free, with information on technical requirements available in the official help page.

Finally, Microsoft Teams is now available as native Linux client

Apple has released iOS 13.3 for iPhone, with the long-awaited support for USB, NFC, and Lightning FIDO2-compliant security keys in Safari browser.

While FIDO2 is a WebAuthN browser API standard, along with the FIDO CTAP (Client to Authenticator Protocol), which builds on FIDO alliance for Universal Two Factor (U2F) authentication standard. WebAuthn is the W3C (World Wide Web Consortium) approved web authentication standard adopted by many tech industry leaders, whose API allows strong browser-to-hardware-based authentication for devices using security keys, NFC, and authenticators like TouchId.

The ability to use security keys with Safari browser is perhaps the biggest addition to iOS devices, which formerly, security keys weren’t supported on Apple’s Safari browser, except for third-party apps like 1Password. Now, the new OS makes the use of security keys such as 5Ci YubiKey possible.

Security keys represents the next level of online security, which is rather a move away from passwords that requires you to authenticate with two or more factors in a more robust way. It is easy to use and amply protects against advanced phishing attacks, whereby the hackers attempt to break into your account by having you enter your details on cloned website's log-in page.

The YubiKey 5Ci is perhaps the first iPhone compatible security key to feature USB-C with lightning connectors on a key, which makes it the best available option at the moment.

Apple's iOS 13.3 also brings other cool new features, such as improvements to the Screen Time parental controls feature, which allows you to set how your kids call, text or FaceTime, and even manage contacts with time-specific limits.

There are still some other smaller improvements with iOS 13.3, including the ability to create new videos from trimming clips in Photos, and also Apple News fresh layouts for News+ stories from sources like the Wall Street Journal and other leading newspapers, allowing you to like or dislike stories easily.

Apple's iOS 13.3 brings support for FIDO2-compliant Security Keys to iPhone

Linux systems have been reported to be susceptible to a flaw that could allow hackers to gain control of the machine through any nearby devices' WiFi signals.

The report was credited to Nico Waisman of GitHub Security Lab, who disclosed the new vulnerability which is affecting the version 3.10.1 of the Linux kernel released in 2013. It works by adding vendor-specific data elements to the WiFi beacons, which once received by any vulnerable device, will trigger the buffer overflow in the Linux kernel.

The vulnerability is marked as CVE-2019-17666 (rtl_p2p_noa_ie) and resides in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel, through 5.3.6 lacks which is an upper-bound check, leading to buffer overflow. And it stems from the RTLWIFI driver which supports Realtek WiFi chips in several Linux systems, and the flaw is activated once the device is brought within the radio range of any malicious device.

Albeit, Waisman is still studying the exploitation and working to provide a proof-of-concept attack exploiting the flaw in ways that it can be executed on a vulnerable machine.

The developers have proposed a fix which will soon be released for the OS Kernel in a few days time, and the roll-out to various Linux distributions.

Linux Flaw allow hackers to easily Hijack Systems using WiFi signals

The end of the Year is around the corner, so it behooves us to scour the Web to bring to you the best technology predictions for 2020, even as the New Year promises a lot of surprises.

The major attention is definitely on the 5G roll-out globally, which beyond doubts, will herald a new era of Internet capabilities; while technology generally is evolving in an astronomical rate, making it even harder to decide which technology to deploy for the enterprise.

As the digital age reaches its climax, the bigger attention will be around what differentiates AI from humans, which is perhaps the biggest challenge for the emerging technology and its overall applications, that is poised to affect all aspects of our interactions and also how we relate to our immediate environments.

What are the best Marketing & Technology trends in 2020?

The Internet will undergo a tremendous change, which is expected to impact the way we work and may need to define what exactly is the boundary between humans and AI. With AI (artificial intelligence) finding new application in banking and e-commerce, IT administrators must ensure that the necessary security measures are put in place to help organisations to adapt to this rapidly changing world of technology.

We have selected this top 5 predictions from Gartner’s top 10 strategic predictions for 2020 and beyond.

1. AI Driven ADS & Marketing

AI (Artificial intelligence) Marketing involves the leveraging of customer data and AI capabilities, including machine learning to predict the customer's next actions and thus, help to improve the conversion of sales.

With the increase in adoption of biometric-tracking sensors and the artificial emotional intelligence, more businesses will be able to detect, not only web actions, but consumer's current emotions, which will be useful in knowing what will satisfy them, and increase the sales. Additionally, the environmental and behavioral indicators from biometrics will enable far deeper personalization of ads.

In fact, Gartner has predicted that AI identification of emotions will influence over half of online advertisements by 2024, but brands must be transparent about how they're collecting and using the consumers’ data.

2. Addiction to Online shopping

The increased in access to consumer data, will result to marketers be able to pinpoint exactly what consumers will buy, and the point in the buyer's journey a sales will be made. As this technology becomes more sophisticated, it will become uncanny in predicting what consumers actually want, the best price for products, and where to get the consumers best attention.

This in turn will lead to consumers purchasing more and more products, which they'd find difficult to control and can’t stop the purchase, and buyers addiction will eventually set in, which shopping addictions demands greater responsibility from governments and consumer groups, who must need to take actions against such exploitative practices.

3. Beyond BYOD

Almost all organisations will be expanding the BYOD policies with perhaps “bring your own enhancement” (BYOE) which move will help to address AI in the workplace.

And IT, will definitely encounter the temptation to assert more control as human augmentation technology becomes prevalent, though the real opportunity lies in exploiting the interest in BYOE. Even as the automotive industries already employ wearable for safety, the healthcare sectors also use the technology to maximize health and productivity.

These technologies will continue to evolve, and organisations will need to consider how the augmentations can be harnessed for personal and professional empowerment.

4. Digital tracking by “Internet of Behaviour”!

The Internet of Behaviour (IoB) is used to connect a person to digital actions, more like linking your image by facial recognition to activity such as buying a ticket, which can be digitally tracked.

IoB will discourage particular practices, and may also encourage some others. For instance, speeding, and unsafe driving or even lower insurance policies.

But, there are some quite concerns for ethical issues associated with the expanding of IoB to reward or punish certain practices with access (or the lack thereof) to the social services, like schools or housing.

5. Mobile Application of Cryptocurrency

With online marketplaces and social media platforms supporting cryptocurrency payments, many people will begin to clamor for transition to mobile-accessible cryptocurrency processing, and Africa is set for major adoption of the technology, where it is also expected to see the highest growth rates.

The cryptocurrency accounts will be the new driver of e-commerce as partners emerge from areas that are previously unable to access such capital markets.

All of these show how using AI will increase accessibility at work, which is perhaps one of Gartner’s strategic predictions for 2020. And the predictions are mainly on how technology is expected to transform what it means to be human, and IT leaders must be prepared to adapt into the changing environment.

Predictions for 2020: What are the best Marketing & Technology trends to Watch?

Apple's strict privacy stance, especially on the tracking of its iPhone users, has received a hit following the controversy about the iPhone 11 Pro tracking of users' location even when not given the necessary permissions.

While the latest versions of iOS gave users more granular control over sharing of the location data, with respect to how third-party apps can access the location data. And perhaps, given that Apple made it a lot clearer, and also applying the so-called "the carrot and stick" formula to improve the privacy of its users.

But, the finding credited to Brian Krebs, a security researcher, proves that the iPhone 11 pro "intermittently seeks the user's location information even when all applications and system services on the phone are individually set to never request this data."

The persistent tracking issue appears to be present only in the latest iPhone operating system (iOS 13.2.3) on iPhone 11 Pro devices, which oddity is somewhat related to the support for super-fast WiFi 6 routers, and may involve the introduction of some new hardware.

Apple claims the culprit is the Ultra-wideband technology which is an industry-standard that is still subject to international regulatory requirements; and that iOS require users' location to help determine if the device is in prohibited areas in order to have the ultra-wideband disabled so as to comply with the regulations.

Also, the U11 chip which is present in Apple's latest devices, necessary for short-distance, and high-bandwidth data transfer uses location data; it is also used for Apple's system for sharing items directly between Apple devices without navigating to messages, known as AirDrop. And presumably, it will also apply to Apple's "tile-tracking" feature which is expected to debut in the nearest future.

Apple, however maintains that "the management of ultra-wideband compliance and its use of location data is done entirely on the device, and that it is not collecting the user location data" which should be rather a bit comforting.

Apple admits the iPhone 11 Pro intermittent Location tracking issue

Microsoft is currently working on new ‘memory safe’ programming language, which is internally referred to as “Safe Infrastructure Programming” based on Rust language.

While the company have been experimenting with the Rust language to improve its software, under Project Verona initiative, as Rust programming language is far better than the C/C++ languages commonly used to write micro-controller firmware.

According to Microsoft, for C++ developers who code complex systems, using Rust is a breath of fresh air. And the memory safety guarantees the compiler give, assures the developer much greater confidence that compiling code will be beyond memory safety vulnerabilities.

What is Rust & Why the Programming language?

Rust is a programming language that is focused on safety, though similar to the C++ language, but it provides better memory safety while ensuring higher performance.

Rust was designed at Mozilla Research by Graydon Hoare, with contributors including Brendan Eich, and Dave Herman, among others. The language was refined by the writing of Servo layout, which is a browser engine and the Rust compiler, a free and open-source software licensed under Apache License 2.0 and the MIT License.

just like C/C++, Rust has an optional “runtime” that is minimal, however the difference stems from its strong safety guarantees. Except, of course, you'd explicitly opt-out through usage of the “unsafe” keyword, Rust is absolutely memory safe. The safety guarantees from Rust is obtained by strict guidelines placed around the use of the unsafe keyword.

Memory safety issues in the C/C++ Languages

The term "Memory safety" refers to coding frameworks that protect the memory space from being taken-over by malware. But C and C++ languages are extremely good at writing low-level systems, and require very little resources on the machine, but they are very unsafe and, when developed, safety was not taken into considerations.

That is the more reason Microsoft has started experimenting with the Rust language in the attempt at minimizing bugs in their software, which will ultimately lead to memory safety in the related vulnerabilities.

Albeit, the major obstacle in achieving the goal is perhaps the fact that it isn't possible to rewrite all the software from scratch using Rust. Microsoft is, however attempting to make Rust co-exist with other languages, which unfortunately, can't guarantee complete safety.

Microsoft's attempt to create Safe Infrastructure Programming with Rust Language

The malicious activities connected with the Avast and AVG browser extensions has resulted the removal from Firefox Add-on store until the concerned companies are able to resolve the issue.

According to security researcher, Wladimir Palant, the extensions send a large amount of personal data about the browsing habits of users, which are far beyond what's supposed to be necessary for the extensions to function.

While the extensions were designed to warn the users on visit to malicious or phishing websites; with Avast and AVG, including subsidiary programs like Avast SafePrice, and AVG SafePrice, whereby the SafePrice extensions are to help online shoppers to know best offers, through price comparisons, and discount coupons available from various websites.

The stealthy nature of the software is such that downloading & installing any one of these extensions on your web browser, will automatically install the respective subsidiary add-on on the user's browser.

Personal Data Collected by the Add-ons

  • Browsing history
  • Unique User Identifier (UID) for tracking
  • Browser version and number
  • Operating system and version number
  • Location data

How the Software Uses the collected Data

The tracking and window identifiers allow Avast to create a precise reconstruction of users' browsing activities. And also, the number of tabs opened by the user, the visited websites and time spent on the site, along with what was clicked and when you switched to a different tab.

It is pertinent to note that all are connected to a number of attributes, which allows Avast to recognize you accurately and reliably, even the UID.

The issue also affects Google Chrome, albeit Mozilla was quick to take action by temporarily removing the add-ons from Firefox extensions store, but Google is yet to remove the extensions from the Chrome Web Store.

Mozilla removes Avast and AVG Browser Extensions for Spying On Firefox Users

Before now, to transfer your media files from the Facebook platform, you are required to "Download Your Information" first, which then enable you to access a secure copy of the data shared with Facebook.

Then last year, Facebook announced the Data Transfer Project, a collaboration with Google, Apple, Microsoft, and Twitter to build a common way for people to transfer data between the different services. Now, the company is testing a new feature that will allow users to transfer their photos and videos to Google Photos directly without the need to download and re-upload it.

Facebook had developed the feature using the Data Transfer Project (DTP), which is a universal protocol for data import/export that aims to give web users more control over their personal data and also allow them to quickly move it between any online services or apps they so desire.

Why is the Data Transfer Project (DTP) necessary?

The Data Transfer Project was meant to create an open source, service-to-service data portability system that allow individuals across different web platforms to easily move their data between the different online services. The project provides an open source library that these services can use to manage the direct transfers on behalf of users of the web services.

Instead of expecting web companies to build their own system from scratch, the Data Transfer Project open source framework allows them to share improvements as well as data models.

That is, if a company is using the Data Transfer Project framework, they can send existing data type to a new service by simply creating new Data Transfer Project importer for the data type. And the new importer also can contribute back to the open source project, allowing the other companies to export to the new service, with no additional technical work.

Any Security & Reliability Issues?

The system only request for the permissions required for task at hand, while access to the destination service ends when the transfer is completed. And the transfers are only initiated by the owner of the account, which requires verification, by Facebook requiring the individual to reenter password before initiating any transfer.

Also, Facebook sends an email to the registered account if a transfer is requested, which will allow them a means to stop the transfer should they change their mind or did not initiate the request.

The feature is currently been tested among select Facebook users in Ireland, UK, which for now only allow the transfer of files to Google Photos. Meanwhile, the company is expected to add support for more web services and data types in the near future.

Facebook Testing Tool to Allow Users Transfer Photos/Videos to Google Photos

The move to replace SMS with RCS messaging standard by leading mobile carriers may have hit a brick wall, as its making mobile users vulnerable to call interception, text-based attacks, location tracking, and other security threats, according to security researchers.

While the RCS standard was officially adopted by GSMA in 2008 with a Steering Committee established, the GSMA later then entered into partnership with Google and 15 other global carriers to push the adoption of the Rich Communication Services (RCS). Now, the leading mobile carriers are working with interest groups and other connected mobile companies to deploy the new messaging standard in text messaging app for Android phones.

Though the RCS standard isn't inherently flawed, but the fact that network carriers are implementing RCS on a big scale exposes mobile users to several security threats.

According to researchers at SLabs, there are flaws in how the telecoms forward the RCS configuration files to Android devices, which flaws stems from the exaction of the configuration file by identifying the IP addresses, as such any app is capable of requesting for the file, with or without permission, using the IP address.

In other words, what that means is that such apps can easily get the username and password for all your messages and voice calls.

Besides this, there are security lapses in the authentication process, the telecom simply sends a unique authentication code to verify the identity of the user, but since the carrier allows an “unlimited number of tries” that can enable hackers to bypass the authentication with several attempts.

Also, the RCS-based messages are not end-to-end encrypted, and of course Apple, one of the leading mobile player, have shown no interest in RCS as it already has more than the technology has promised with the iMessage. Therefore, how to get the standard to be compatible with the iPhone remains an issue.

These points may have hindered the general adoption of the standard, coupled with mobile carrier and phone maker's complicated policies, and the fact that service providers are offering to implement non-universal specifications for RCS standard, which limits the RCS-based messages only to subscribers of the networks.

RCS Messaging Standard adoption may suffer due to several factors