Al Foah Mall enhances mall experience with new outlets and ‘Mall Millionaire’ promotions

Ongoing summer sales and ‘Mall Millionaire’ promotions attract mall patrons

Al Foah Mall-1.jpg

Al Foah Mall is enhancing the shopping mall experience by introducing three new tenants, Gelato Divino, Moodgood Restaurant and Ruby Salon and Spa.

Irfan Idaris Kundawala, General Manager, Al Foah Mall said, “We are delighted to welcome our new tenants, Gelato Divino, Ruby Salon and Moodgood Restaurant to Al Foah Mall as they enhance the mall experience of our patrons and bring new energy to the retail mix we offer.”

Gelato Divino offers premium quality ice cream made the Italian way, complete with fresh and natural ingredients.It was originally a small family-owned ice-cream shop in the beautiful town of Alba in the North-Western Piemonte region of Italy, internationally famous since the first expansion outside of Italy started in 2009 in the United Arab Emirates.

Ruby Salon is an organic full-service salon and spa for men offering a variety of services from facials to massages that are designed to put your body, mind and soul at ease. The multilingual staff are handpicked from the best in the industry.

Moodgood Restaurant which will open this month serves wholesome Yemeni and Emirati cuisine and its specialty includesmadghut – a flavourful rice and meat dish, salads,grilled chicken, fish and shrimps as well as kunafa with cream or cheese at reasonable prices.

Al Foah Mall has rewarding summer sales and engages residents and visitors regularly with fun filled entertainment events for all age groups. This summer, the mall offers a spectacular shopping experience as part of the ‘Mall Millionaire’ campaign that offers shoppers AED 1.5 million worth of prizes with weekly draws of AED 50,000/- and a mega prize of 1 million at the end of the summer sales.


When It Comes to a Digital ID, Where Is the Safest Place for a Citizen’s Data?

by Fabrice Jogand-Coulomb, Senior Product Marketing Manager and Mobile Security Expert at HID Global.

Today, a small number of citizens around the world are lucky enough to use digital IDs thanks to a handful of governments that have put these programs in place. For many others, digital ID is just around the corner. Nevertheless, the decision to go for a digital ID program implicates many decisions that a government must make during the process. An example of one such vital decision is where the data of the citizens will be stored.

For example, a fraudster with access to another person’s digital ID might use it to purchase certain goods, receive certain services or perform a financial transaction. So, if this hacker manages to get access to an even larger set of citizens’ data, a huge amount of damage can be done in a very short amount of time.

Therefore, every government has to think about how to create the most secure operating environment for digital IDs. It has economic consequences, but it can also determine a country’s international reputation (think of the Aadhaar data breach scandal in India) or have an impact on the relationship citizens have with their government. It should be in every country’s best interest to store their citizens’ data in the safest place possible according to its purpose and legal framework.

In general, there are two storage options that a government should consider when making its decision. Let me introduce briefly each option and provide a risk evaluation:

Scenario 1. Everything in one place – the central database

In this first scenario, all citizens’ data is stored in one single place—typically in an internet-facing database. Any system where information is verified over the internet, and where the verification system already has the information to match against, is considered an internet-facing database. For the verification, the digital ID is retrieved from the database through the internet and checked with the information of the ID holder. For countries with a national register, and therefore a central database in place, such a scenario might appear attractive.

Running all verifications through a constantly high-performing system can be quite expensive. And, there is the topic of data privacy to consider—as one single government entity manages this database, it will be able to see all incoming requests. This will also be the case when verification capabilities will be given to the private sector. Therefore, every time a person purchases alcohol or accesses an age-restricted service with his or her digital ID, the ID will be verified and will become visible to the government entity. Even if the identity of the person remains unknown, some aspects will be revealed, such as the IP address or the number of verifications.

Risk evaluation
A central database with constant access to the internet would be an excellent target for hackers, and it is not a question of “if,” but “when” they would succeed in accessing the data. In that case, the private sector would also suffer the consequences, as they would not be able to continue verification.

Scenario 2. Each citizen owns his or her data – the citizen’s phone as data storage

In the second scenario, the smartphone becomes the only place of storage for the digital ID. In this case, the data on the phone can be updated from time-to-time, over the air. The frequency can be defined by the government itself.

The digital ID does not require any internet connection to be verified, which makes it less of a risk for hackers. Hackers would need to access an individual’s phone to retrieve the data. The damage that could be done is limited to an individual person, rather than millions of citizens. Furthermore, as verification can be done purely offline or peer-to-peer, operation costs can be better controlled.

Risk evaluation
The phone itself can remain a target for hackers, as it is managed and used in an uncontrolled environment. In cases where the phone gets stolen or lost, the digital ID needs to be retrievable from the phone and the digital ID re-issued on a new phone. The fact that the mobile app is remotely provisioned through the internet can also be considered a minor security risk. Fortunately, there are solutions to overcome that risk.

Multi-factor authentication is the key to better security

In addition to considering the safest place to store data, there is another side to the security story—the amount of information that is being verified in order to ensure that the digital ID holder is the legitimate ID holder. This can be done through various methods: a fingerprint and an iris scan, a fingerprint and a palm print, a fingerprint and the digital ID holder’s name, or a fingerprint and a password. This is what the industry calls multi-factor authentication.

But while more authentication means more security, this may impact other things. If extensive verification for identity, age and multiple other factors is conducted every time a person wants to buy a bottle of beer from a kiosk, this could seriously influence the business of the kiosk and the citizen’s user experience. Multi-factor authentication only makes sense in highly sensitive environments.

The verification needs of the private sector vary depending on economic and social responsibilities

The location of data storage is not only a concern for governments that want to take great care of citizens’ data, it is also an important issue when governments think about expanding digital identity solutions to the private sector by equipping it with verification capabilities. In this case, governments need to consider the different verification needs of the private sector.