Digitization of Currencies to reduce counterfeiting of cash

Cash is the most predominant used payment instrument across the globe. Consumers choose to use cash more frequently than any other payment instrument, including debit or credit cards. In particular, cash plays a dominant role for small-value transactions, is the leading payment instrument for many types of purchases, and stands as the key alternative when other options are not available. Counterfeiting poses increasing challenges to currencies across the global. With advancement of printing technology counterfeiting has become very easy and cheap. To add to this with the help of state actors in supporting terrorism is also helping counterfeiting currencies.

Counterfeiting is a major economic problem, called “the world’s fastest growing crime wave” ……………………………………………….(Phillips, 2005).

Source RBI Report

Countries like India estimating the loss due to currency counterfeiting is still a big challenge. Some of the available statistics available in  the public domain suggest India seems to be low compare to Canada, UK, Mexico and the Euro Area which is about 40 billion pieces of notes as against 1.7 billion pieces of note in circulation in Canada.

  The counterfeiting of higher denomination is an emerging trend in the share of currency counterfeiting (Rs 500 and Rs1000). It has an effect on the Indian economy also.

In this paper I would like to discuss ways how we can prevent currency counterfeiting using   different methods

Every Currency note need to have a separate DNA / identification. Normally the serial number  identification water marks etc. But are these really very effective. Bank notes are made of heavy paper, almost always from cotton fiber for strength and durability. Some countries including Nigeria, Romania, Mexico, New Zealand, Australia and Singapore use polymers(Plastic) to improve to improve longevity and allow the inclusion of a small transparent window (a few millimeters in size) as a security feature that is difficult to reproduce using common counterfeiting techniques. Watermarks can also be made on polymer currency, for example, Australia has its coat of arms watermarked on all its plastic bills. Printed with white ink, simulated watermarks have a different reflectance than the base paper and can be seen at an angle. Because the ink is white, it cannot be photocopied or scanned. We need to evolve new ways to help currencies identify using electronic or digitize ways.

Source : Wikipedia  

1. Use of  Embedded RFID Tags : RFID tags can be embedded in the currency and have security tokens which can be authenticated by a central government system. Banks and Currency Exchangers can be provided with validation devices which can be connected with the central system to validate. Since each currency has its own DNA it would be difficult for counterfeiting. The token number can be a combination of serialnumber + date of printing (which can be only known to the central system) + denomination + some secret token. This can be done for high denomination  currencies like 500 and 1000.  

Sample Implementation

 2. Using of QR Code  or Hologram embedded in the note: This will bearing a unique encrypted "signature" whose validity can be checked electronically and signature can be verified using central system

Sample Implementation

The QR code can be a combination of same logic and can be verified using secured readers provided by government agencies / private agencies and certificated provided by the central government of RBI

It can also be a combination of both. With identification being a key for the currency it will also help the government to track the currency flow and also help in reducing black money. QR Scanner can be implemented in Mobile POS and Smart Phones to help citizen validate the currency themselves with simple mobile apps provided by RBI to validate the currency.   

. Using Digital E-Currency : Using digital currency like Bitcoin. Rupee should also have a digitize version issued by the RBI. This will save the country from printing the currency . Provide smartcard based aadhar cards which will hold the currency like rupee wallet. Making the wallet acceptable at most of the retail reduce the use of cash will also help in reducing counterfeiting. It will also help preventing fraud and misuse of Government Scheme money since the aadhar will be connected to the bank a/c. Also wallet can be implemented in the mobile in place of the aadhar card since mobile penetration is very high in the country. With Modi’s plan of Financial Inclusion Bank A/c for every citizen will help in implementing the digitization more effectively.  Digital India will also be a key driver to bring in digitization of the Indian Rupee. Using signature to transfer fund between wallet for B2C and C2C transfer will help in secured and validated transaction management. This will also help in reducing black money in the market and help us build a robust and digitized economy    

Implementing Digitization  

The Central Hub will help in Validating the Currency Token. Merchants , Banks and Citizen will use the services of the regional verification Agency to help verify the currency. The verification needs to be realtime system hence should provide only read only access. The e-currency can be implemented using the same platform for validation. Government can implement verification services using private and public partnership. The same can be used for Address and KYC verification similarly it can be also implemented on the Aadhar Verification Services. The same infrastructure can be used for Currency Token Generation using Hardware Security Devices

Some of major challenges to implement digitization of currency is the

1. Scale of economy of the currency in India

2. The acceptance of the citizen of India for usage of currency 

Read More

Using Payment Token for Mobile Wallet

Mobile payment solutions can be classified according to the type of payment method adopted to implement the solution. There are three different models available for m-payment solutions on the basis of payment method used

a) Bank account based

b) Credit card based

c) Telecommunication company billing based

Bank Account based Mobile Payment

Banks and telecommunication can collaborate to provide an m-payment solution it is a win-win situation for both industries. In this model, the bank account is linked to the mobile phone number of the customer. When the customer makes a mobile payment transaction with a merchant, the bank account of the customer is debited and the value is credited to the merchant account.

Credit Card based Mobile Payment

In the credit card based mobile payment model, the credit card number is linked to the mobile phone number of the customer. When the customer makes a payment transaction with a merchant, the credit card is charged and the value is credited to the merchant account.

Telecommunication Company Billing of Mobile Payments

Customers may make payment to merchants using his or her mobile phone and this may be charged to the mobile airtime bill of the customer. The customer then settles the bill with the telecommunication company.

 Technologies for Mobile Payments

The Mobile payments requires the mobile application and the communication medium to send and receive payment data

Mobile Wallet Applications can be classified as

Phone-based Application (J2ME/BREW)

The client mobile payment application can reside on the mobile phone of the customer. This application can be developed in Java (J2ME) for GSM mobile phones and in Binary Runtime Environment for Wireless (BREW) for CDMA mobile phones. Personalization of the phones can be done over the air (OTA).

SIM-based Application

The subscriber identity module (SIM) used in GSM mobile phones is a smart card i.e., it is a small chip with processing power and memory. The information in the SIM can be protected using cryptographic algorithms and keys. This makes SIM applications relatively more secure than client applications that reside on the mobile phone. Also, whenever the customer acquires a new handset only the SIM card needs to be moved.  If the application is placed on the phone, a new handset has to be personalized again.

Communication medium for Mobile Payments

The mobile technology landscape provides various communication possibilities for implementing mobile payments. Essentially, a GSM mobile phone may send or receive information through 3 possible channels – SMS, USSD or WAP/GPRS. The choice of the channel influences the way mobile payment schemes are implemented. Secondly, the mobile payment client application may reside on the phone or else it may reside in the subscriber identity module (SIM).

Short Message Service (SMS)

This is a text message service that enables short messages (140-160 characters) that can be transmitted from a mobile phone. Short messages are stored and forwarded by SMS centers. SMS messages have a channel of access to phone different from the voice channel SMS can be used to provide information about the status of one’s account with the bank (informational) or can be used to transmit payment instructions from the phone (transactional).

Unstructured Supplementary Services Delivery (USSD)

Unstructured Supplementary Service Data (USSD) is a technology unique to GSM. It is a capability built into the GSM standard for support of transmitting information over the signaling channels of the GSM network. USSD provides session-based communication, enabling a variety of applications. USSD is session oriented transaction-oriented technology while SMS is a store-and-forward technology. Turnaround response times for interactive applications are shorter for USSD than SMS.USSD is also non charged as compared to SMS. Both SMS and USSD does not need data plan activated and can be used on generic cheap mobile phones also 

WAP/GPRS

General Packet Radio Service (GPRS) or Data is a mobile data service available to GSM users. GPRS provides packet-switched data for GSM networks. GPRS enables services such as Wireless Application Protocol (WAP) access, Multimedia Messaging Service (MMS), and for Internet communication services such as email and World Wide Web access in mobile phones.

Near Field Communication (NFC)

NFC is the fusion of contactless smartcard (RFID) and a mobile phone. The mobile phone can be used as a contactless credit / debit card. NFC enabled phones can act as RFID tags or readers. This creates opportunity to make innovative applications especially in ticketing and couponing. This technology needs the device to support NFC communication  

Dual Chip

Usually the m-payment application is integrated into the SIM card. Normally, SIM cards are purchased in bulk by telecom companies and then customized for use before sale. If the mobile payment application service provider has to write an m-payment application in the SIM card, this has to be done in collaboration with the telecommunications operator (the owner of the SIM). To avoid this, dual chip phones have two slots one for a SIM card (telephony) and another for a payment chip card. But, customers would have to invest in dual chip mobile devices.

SIM Based Mobile Wallet

The mobile payment application software resides on the mobile phone and the card data is stored SIM with details of the customer (and his or her bank account details or credit card information)

The Customer registers the card data and the security required with  telecom operator. On confirmation this data is send to the mobile over the air (OTA) to update the SIM storage with the m-pin which is later on send to the customer as a PIN Mailer

•  User need to register with his telecom Operator for wallet
•  Telecom Operator has tie up with Acquiring Bank
•   VISA / MC act as Certificate Authority for the acquiring bank
•   If the card is on-us the acquiring bank will validate it else it will send it to the interchange for validation
•   If card details are fine the telecom operator will send a tokenized data to be updated to the mobile SIM on OTA using HSM and Payment Tokenization Server
•   The generate mPIN is also send to the User through Pin Mailer

Mobile Payment Flow using Merchant POS / Website 

Mobile Payment Flow using SMS and Merchant Mobile No 

•   Users pays on merchant NFC Pos or Merchant Site using wallet or using SMS with structured SMS data
•   Merchant application calls the api provided by the telecom to access the SIM data using certificate and the mPIN provided by the user.
•   The SIM will respond back the stored token which is send to the Telecom Wallet platform using SMS, USSD, API over the wap
•   The Mobile wallet validates the token and mpin again on the HSM and sends the card data to the acquiring bank as a sale or purchase transaction
•   After approval the response is send back to the merchant application 

Advantage of this approach

•         Highly Secured using digital certificate and mpin 
• .      Generic protocol can be used and no need of smart
• .      High Mobile penetration provide a large customer base
• .      Easy, Cheap and fast payment
• .      Zero or low cost of usage
• .      Easy integration to existing system
• .      New revenue option for telecom providers
• .      Bank can save a lot on pos machines and its operations   

Read More

Agile in Value Delivery

Agile in End to End Value Delivery 

Agile has made development faster and have frequent deployments. Business and IT operations needs stability with speed.  To bridge this gap agile need to stretch itself beyond development and deployment. Business and Development team together need to consider software as a value.

A software value chain is a series of software definition, development, deployment process and operation process.   A series of align process and tools need to work along and synchronized way to provide continuous flow of value to the customer or end user. Processes and tools need to work around the value to provide simplified development and deployment to remove unnecessary handoff and step, also accelerate the delivery of the value by implementing lean and agile principals and practices. Can agile principle be defined to operation also?

Lean and Agile have many things in common each are focused on value delivery

Legacy Dev Ops Model

Teams and Roles

Product Management : The team is responsible for define the functionalities required in the product. In tandem with the Business Operation the team strategies the requirement for the Development Team or Product Vendor for  Product Changes (using the defined Change Control  Process ).  Product Vendors have Product Owners who interact with the team and add these changes to the product log for the Agile team to define and plan Sprints

Tools Used :  Requirement Analysis and Gathering tools, Requirement Tracking and DMS tool  eg Rational, Visio, XLS, Clearcase  

Development Team: Plan and execute the sprints and publish Sprint plan for the deployment, Burn Charts for management. Weekly releases to the staging system for the UAT team to test . A group of sprint releases or one sprint release can be part of the release plan published by the Product owner to the Production and Business Operation.

Tools Used :  Version Control (SVN, CVS,GIT, Visual SourceSafe, Starteam ), ALM tools (SwiftALM, Wizible, Collabnet, Microsoft Team foundation), Continuous integration (Jenkins, Hudson )

UAT /SIT Team: The team is responsible for testing the release in the staging system for integration and system and when done provide UAT pass approval for the release team to prepare release build/ patch  for  Product team

Tools Used : Testpro, Testing Tools/ Simulators, Load runner

Release team : Is responsible for the SCM activity and release activity for both Staging and Production system. Depending on the published release plan and date the team will provide signed build and release note once a go is provided  by the SIT team in the staging server. The team publishes to the stake holders for  downtime approval.

Tools used : Continuous integration (Jenkins, Hudson ),Cruise Control,  ALM tools and PLM tools

Production Support : On downtime approval the team deploys the build or patch on the production system and runs and acceptance test with the business operation. A go-live is declared on successful deployment else it is rolled back with a failure issues logged in the incident system with severity  

Tools : Ticketing or incident management tools ( Bugzilla, Jira, Quality Center, fogbuz), PLM tools like redmine. SwiftPLM, etc

Business Operation: Responsible to provide go-live testing and also provide product changes required for Business Needs

Tools:  The product, Incident Management Tools, PLM tools to track changes status.   

Agile Process in Delivering Value in Operations

Agile team starts with a value delivery (Value Release Team). The Release is planned as a value to be delivered with the whole team. The story board is build on the value and the product log and service catalogue is build on the story board. This is the take away for the agile development   team, release team, business ops, testing team, infrastructure team and product support team.

Agile Value Model

Read More