Monday, September 8, 2014

Using Payment Token for Mobile Wallet

12:29 PM     No comments

Mobile payment solutions can be classified according to the type of payment method adopted to implement the solution. There are three different models available for m-payment solutions on the basis of payment method used
a) Bank account based
b) Credit card based
c) Telecommunication company billing based
Bank Account based Mobile Payment
Banks and telecommunication can collaborate to provide an m-payment solution it is a win-win situation for both industries. In this model, the bank account is linked to the mobile phone number of the customer. When the customer makes a mobile payment transaction with a merchant, the bank account of the customer is debited and the value is credited to the merchant account.
Credit Card based Mobile Payment
In the credit card based mobile payment model, the credit card number is linked to the mobile phone number of the customer. When the customer makes a payment transaction with a merchant, the credit card is charged and the value is credited to the merchant account.
Telecommunication Company Billing of Mobile Payments
Customers may make payment to merchants using his or her mobile phone and this may be charged to the mobile airtime bill of the customer. The customer then settles the bill with the telecommunication company.

 Technologies for Mobile Payments

The Mobile payments requires the mobile application and the communication medium to send and receive payment data

Mobile Wallet Applications can be classified as

Phone-based Application (J2ME/BREW)
The client mobile payment application can reside on the mobile phone of the customer. This application can be developed in Java (J2ME) for GSM mobile phones and in Binary Runtime Environment for Wireless (BREW) for CDMA mobile phones. Personalization of the phones can be done over the air (OTA).

SIM-based Application
The subscriber identity module (SIM) used in GSM mobile phones is a smart card i.e., it is a small chip with processing power and memory. The information in the SIM can be protected using cryptographic algorithms and keys. This makes SIM applications relatively more secure than client applications that reside on the mobile phone. Also, whenever the customer acquires a new handset only the SIM card needs to be moved.  If the application is placed on the phone, a new handset has to be personalized again.

Communication medium for Mobile Payments

The mobile technology landscape provides various communication possibilities for implementing mobile payments. Essentially, a GSM mobile phone may send or receive information through 3 possible channels – SMS, USSD or WAP/GPRS. The choice of the channel influences the way mobile payment schemes are implemented. Secondly, the mobile payment client application may reside on the phone or else it may reside in the subscriber identity module (SIM).

Short Message Service (SMS)

This is a text message service that enables short messages (140-160 characters) that can be transmitted from a mobile phone. Short messages are stored and forwarded by SMS centers. SMS messages have a channel of access to phone different from the voice channel SMS can be used to provide information about the status of one’s account with the bank (informational) or can be used to transmit payment instructions from the phone (transactional).

Unstructured Supplementary Services Delivery (USSD)

Unstructured Supplementary Service Data (USSD) is a technology unique to GSM. It is a capability built into the GSM standard for support of transmitting information over the signaling channels of the GSM network. USSD provides session-based communication, enabling a variety of applications. USSD is session oriented transaction-oriented technology while SMS is a store-and-forward technology. Turnaround response times for interactive applications are shorter for USSD than SMS.USSD is also non charged as compared to SMS. Both SMS and USSD does not need data plan activated and can be used on generic cheap mobile phones also 

WAP/GPRS

General Packet Radio Service (GPRS) or Data is a mobile data service available to GSM users. GPRS provides packet-switched data for GSM networks. GPRS enables services such as Wireless Application Protocol (WAP) access, Multimedia Messaging Service (MMS), and for Internet communication services such as email and World Wide Web access in mobile phones.

Near Field Communication (NFC)
NFC is the fusion of contactless smartcard (RFID) and a mobile phone. The mobile phone can be used as a contactless credit / debit card. NFC enabled phones can act as RFID tags or readers. This creates opportunity to make innovative applications especially in ticketing and couponing. This technology needs the device to support NFC communication  

Dual Chip

Usually the m-payment application is integrated into the SIM card. Normally, SIM cards are purchased in bulk by telecom companies and then customized for use before sale. If the mobile payment application service provider has to write an m-payment application in the SIM card, this has to be done in collaboration with the telecommunications operator (the owner of the SIM). To avoid this, dual chip phones have two slots one for a SIM card (telephony) and another for a payment chip card. But, customers would have to invest in dual chip mobile devices.

SIM Based Mobile Wallet

The mobile payment application software resides on the mobile phone and the card data is stored SIM with details of the customer (and his or her bank account details or credit card information)

The Customer registers the card data and the security required with  telecom operator. On confirmation this data is send to the mobile over the air (OTA) to update the SIM storage with the m-pin which is later on send to the customer as a PIN Mailer

  •  User need to register with his telecom Operator for wallet
  •  Telecom Operator has tie up with Acquiring Bank
  •   VISA / MC act as Certificate Authority for the acquiring bank
  •   If the card is on-us the acquiring bank will validate it else it will send it to the interchange for validation
  •   If card details are fine the telecom operator will send a tokenized data to be updated to the mobile SIM on OTA using HSM and Payment Tokenization Server
  •   The generate mPIN is also send to the User through Pin Mailer


Mobile Payment Flow using Merchant POS / Website 


Mobile Payment Flow using SMS and Merchant Mobile No 


  •   Users pays on merchant NFC Pos or Merchant Site using wallet or using SMS with structured SMS data
  •   Merchant application calls the api provided by the telecom to access the SIM data using certificate and the mPIN provided by the user.
  •   The SIM will respond back the stored token which is send to the Telecom Wallet platform using SMS, USSD, API over the wap
  •   The Mobile wallet validates the token and mpin again on the HSM and sends the card data to the acquiring bank as a sale or purchase transaction
  •   After approval the response is send back to the merchant application 

Advantage of this approach

  •         Highly Secured using digital certificate and mpin 
  • .      Generic protocol can be used and no need of smart
  • .      High Mobile penetration provide a large customer base
  • .      Easy, Cheap and fast payment
  • .      Zero or low cost of usage
  • .      Easy integration to existing system
  • .      New revenue option for telecom providers
  • .      Bank can save a lot on pos machines and its operations   


0 comments :

Post a Comment

Subscribe to: Post Comments ( Atom )