Can you explain security behind this project? I might guess you control actual users bitcoin wallets and android users control them over api. How this can mitigate an evil gateway attack scenario? Why you would choose such kind of gateways instead of paid sms gateways with local numbers. Thank you
thx monger, good question!
the security in the system comes from a shared responsibility model, the gateway verifies the transaction by OTP to prevent number spoofing, the webservice utilizes a voice-PIN system to double-check the gateway. there are more details in the website's FAQ.