I took a short leave from Hopkins to develop some ideas around securing online poker. Here is a short, lay-friendly paper describing my idea. Besides online poker, the idea has applications to areas such as online banking, online investing, and any online interaction that involves sensitive information.
The key idea is to split the activity between a user's computer and their smartphone. Everybody has a computer. Everybody has a smartphone. Computers get hacked. Smartphones get hacked. But it is hard for an attacker to target a specific person and hack their smartphone and their computer at the same time. That is my main premise. We can secure many online applications by requiring use of both devices throughout the session.
I'm heading to Vegas to play in the World Series of Poker, and I'll bring copies of my paper with me. I'd like to pitch my idea to the online poker service providers.