Microsoft-Alipay security partnership nets 23M Chinese users

Microsoft and Alipay officially launches their Internet security collaboration in China, which they say has seen promising user adoption from its pilot deployment last month.

The alliance was established to address the lack of user awareness and proliferation of e-commerce threats in the country and is an extension of Microsoft's "device health model", Jing De Jong-Chen, government security director at Microsoft, said in a phone interview Tuesday. Over the past eight months, both companies had been working on the technical implementation of this model, Jing said.

Microsoft and Alipay, China's largest online payment network, signed a letter of intent in June last year to collaborate on improving Internet safety in China and develop an Internet security tool for personal computers, mobile phones, and other end-user devices. The software would be first deployed on Windows PC before being extended to run on mobile device systems such as Windows Phones.

Officially launched in China on Tuesday, the security product began its pilot deployment on January 23 and has since been adopted by 23 million users.

The software, unveiled during RSA Conference in February last year, was built based on China's public health model of sharing information and aimed to prevent consumers' devices from infection, Jing explained. For instance, users will receive warnings during Internet transactions if their devices lacked effective protection, she said.

The partnership is key to Microsoft's TrustWorthy Computing (TWC) vision on security she added. At the RSA Conference 2013 held this week in San Francisco, U.S., Scott Charney, corporate vice president for Microsoft's TWC group, said collaboration between all players was essential to protecting users from cybercrime and cybersecurity.

"The partnership with Alipay reflects the same thinking," Jing said. "We will work on security fundamentals, collaborate across the industry to drive greater security." She added that, moving forward, Microsoft and Alipay hopes to get 100 million Chinese users on board their security collaboration.

Besides the Internet security partnership, Microsoft also inked another agreement with Alipay in January 2013 to enable its customers to purchase apps from the Windows Phone appstore through a local credit card, debit card or Alipay.

Low consumer awareness, high e-commerce threats in China
According to Jing, the Microsoft-Alipay partnership was established due to the lack of consumer awareness in China regarding online and mobile transactions. Many Chinese consumers do not have strong technical backgrounds and understanding of cyberattacks targeting this space and, hence, lack awareness of security threats, she explained.

At the same time, there has been a drastic increase in phishing and other threat activities such as malware, Trojan, and data leak through third-party services which have less security built into them, she added.

Wei Xu, senior director of Alipay, agreed. He observed that, on the consumer side, many third-party providers request for user data which is risky because the data can be compromised and used without the owner's knowledge. From the merchant end, there is also risks from unauthorized transactions, and fake identities and accounts, Wei added.

Their views echoed those from John Ellis, director of enterprise security at Akamai Technologies, who previously told ZDNet Asia Chinese e-commerce companies were the main victims of the country's cybercriminals, who were on the lookout to steal identities for monetization and fraud activities. The country's real-name rule also exacerbated security risks.