a smart card based internet

8/7/2019 A Smart Card Based Internet

1/30

A Smart Card Based InternetMicropayment Infrastructure: TechnicalDevelopment and User Adoption

Kar Yan TamDepartment of Information and Systems Management

School of Business and ManagementHong Kong University of Science and Technology

Shuk Ying HoDepartment of Accounting and Business Information Systems

Faculty of Economics and CommerceThe University of Melbourne

As online shopping services proliferate, the need for a secure and convenient paymentinfrastructure becomes critical. While credit card payment has become common foronline purchases, a payment solution has not yet been developed that can be used tosupport transactions involving a monetary value in the range of a few dollars or even

cents. In this study, the authors report their experience in developing a smart cardbased micropayment infrastructure in collaboration with a major bank. The infra-structure makes use of Mondex, a cash card standard adopted by major financial insti-tutions worldwide. The infrastructure provides a platform to support online transferof Mondex value over the Internet. Unlike other cash card products, Mondex is theonly standard that can support card-to-card transfer without a mediating party. Thetransactions are immediate and anonymous. This article outlines the technical ap-proach used in the development of the infrastructure and presents a behavioral adop-tion model to identify and assess factors that may affect its adoption. The findings in-dicate that the use of the adoption model in the early stages of product developmentcan provide valuable insights to a development team. Theoretical contributions and

practical implications specific to the Mondex Internet micropayment infrastructureare also discussed.

micropayment infrastructure, Mondex, Internet payment, anonymity, divisibility,transferability, cash-like feature, technology acceptance model, security

JOURNAL OF ORGANIZATIONAL COMPUTINGAND ELECTRONIC COMMERCE 17(2), 145173 (2007)

Correspondence and requests for reprints should be addressed to Kar Yan Tam, Department of Infor-mation and Systems Management, School of Business and Management, Hong Kong University of Sci-ence and Technology, Clear Water Bay, Kowloon, Hong Kong. E-mail: [email protected]


2/30

1. INTRODUCTION

As online shopping services proliferate, the need for a secure and convenient pay-

ment infrastructure becomes critical [13]. The Internet has become a unified chan-nel for advertising, selection, ordering, and delivery of information goods [4, 5].The entire transaction cycle from ordering to delivery can be completed online [6,7]. For example, it has now become feasible for a consumer to select informationgoods (e.g., a report in PDF format), pay for them, and receive them over theInternet within seconds. With this extremely short transaction cycle, existing pric-ing schemes have to be redefined to take advantage of new flexibilities [8]. For ex-ample, chapters of a textbook can be priced and distributed individually; audioand video products can be priced for each play using streaming techniques ratherthan charged on a per media basis (e.g., for a CD or a tape); and game playing can

be charged on a per session (say 30 s) basis.Value propositions derived from the increased flexibility of repackaging infor-mation goods cannot be realized unless a mechanism is put into place to supportthe exchange of goods and payments [9]. Although credit cards are currentlywidely used as a payment method on the Internet, they are not designed for smalltransactions that are ubiquitous in the economy. Also, Internet-based transactionsthrough credit cards are creating large databases of information about users, theirdemographics, and their purchase habits for banks. The privacy of users is beingeroded [10, 11]. In other words, there is no equivalent of coins and notes on theInternet that features anonymity and provides a cost-effective platform for smalltransactions [1214].

Consider the following scenario: A fan of Patti Page is interested in playingHowMuch Is That Doggie in the Window for 25 cents from a Patti Page fan site. The Website has developed a streaming technology that enables pay-per-play; that is, it is anonline music jukebox. However, there is no proper payment instrument to settlethe transaction electronically. Subscription is an option, but the fan is 15 years oldwithout a bank account or a credit cardto settle thesubscription payment. Most im-portant, the fan does not want others to knowabout his music selection and that histaste is rather unique among his peers. A micropayment solution will provide ameans to facilitate such a transaction, possibly with anonymity. This scenario illus-trates a case of unbundling existing information goods, which is advocated as hav-

ing great appeal to customers. However, to realize the market potential ofunbundling strategies, it is important to establish an economy-wide micropaymentinfrastructure [15] to settle very small transactions online. This micropayment in-frastructure should support not only business-to-consumer (B2C) transactions, butalso person-to-person (P2P) transfer of value [2].

Since the mid-1990s, several electronic payment systems (EPSs) have been de-veloped specifically for the online community. However, many of these systems arenot widely circulated, at least not at the economy-wide level, for the following rea-sons. First, many EPSs require users to prearrange with an intermediary party orregister with a third-party payment service provider. This limits the scope of trans-actions to certain vendors, registered members, and account holders. Second, mostEPSs are not designed for micropayment; they are not cash-like in the sense thatthey do not support the transfer of value from one individual to another online or

146 TAM AND HO


3/30

offline with anonymity. They cannot replace coins and notes in B2C and P2P ex-changes. That is, individuals are not able to transfer small amounts of value fromone person to another with the same degree of ease and convenience as handling

coins and notes. The transfer is not direct, immediate, or anonymous.Perhaps the most important questions to senior managers have to do with the

perceived value of a micropayment infrastructure. Will customers adopt the infra-structure? What will be their concerns? A secure and easy-to-use payment solutionis critical for companies to extend their services and products to the online commu-nity. Security and ease of use are ranked among the most important issues by users[1618]. So far, information systems (IS) research has been confined to internal sys-tems or interorganizational systems that are not directly accessible by end users[19, 20]. For example, payment systems such as point of sale (POS) are used by staffrather than directly by buyers. In the e-commerce era, the information architecture

has to be extended to include direct interfaces with end consumers. It has becomeimportant for IS managers to understand the behavioral aspect of end customerswho are the target users of these systems. IS research in this area is scant, despitethe proliferation of Web-based applications launched by companies worldwide.

Our work makes two contributions. First, we report our experience in extendingan economy-wide digital cash solution, Mondex, to the Internet. Mondex is a smartcard based digital cash system that was launched in the mid-1990s. Unlike otheronline payment systems, it is based on a card-to-card model that does not necessi-tate an intermediary party to facilitate an exchange of value [21]. Both B2C and P2Ptransactions are supported. In collaboration with a major international bank, we

have developed a payment infrastructure that supports micropayment usingMondex over the Internet. Second, we believed some of the constructs developedin previous adoption studies could be used in the design phase of a micropaymentinnovation. We conducted a behavioral adoption study to identify and assess fac-tors that may affect the systems adoption and highlight that the adoption modelused in the early stage of product development can provide valuable insights for adevelopment team.

The article is organized as follows: In the next section, we present an overview ofEPSs and explain the cash-like feature of Mondex. Section 3 introduces the techni-cal approach of extending the offline Mondex payment system to the Internet plat-

form.Sections 4 and 5 present the user adoption model of theMondex Internet Pay-ment solution and the findings from a survey study. Section 6 discusses theimplications of the adoption study. Section 7 concludes the article.

2. OVERVIEW OF ELECTRONIC PAYMENT SYSTEMS (EPSs)

2.1. Attributes of Electronic Payment Systems

With the growing demand for online services, several payment solutions for trans-actions conducted over the Internet have been developed during the last few years.While marketed as different products, these systems are based on a common set of

AN INTERNET MICROPAYMENT INFRASTRUCTURE 147


4/30

attributes. In the following, we focus on the set of attributes that have direct rele-vance to end users.

2.1.1. Mediating/Nonmediating Mediating refers to the need to interact with atrusted third party for any transaction to take place. A mediated EPS requires boththe merchant and the customer to connect to a trusted third party to authenticatethe two sides of the transaction and to enforce nonrepudiation. Very often this re-quires both the merchant and the customer to be online during the transaction. Inthe case of nonmediating transactions, the transfer of value is carried out directlybetween the merchant and the customer. For these transactions, the value is notnecessarily associated with the transferred parties. Authentication is therefore notrequired. Typically, the transaction of a mediated EPS requiresa network setup andis less mobile. It is obvious that nonmediated EPSs are more flexible than are

mediated EPSs and a transaction on a nonmediated EPS can usually be processedfaster.

2.1.2. Degree of Anonymity The degree of anonymity describes what kinds oftransactional information are generated and determines which party has the rightto access the information. Anonymity imposes technological constraints on pay-ment systems [22]. Some EPSs do not hide the identity of the parties involved in atransaction. As a result, parties involved in a transaction are able to know the iden-tity and transaction details of others. The level of anonymity is determined by thesecurity technologies of an EPS. Many existing online payment systems (e.g., on-line credit card payment) are based on a secure socket layer, which provides chan-

nel-level security. However, the level of anonymity is not high because the mer-chant can access customers financial details (e.g., credit card information) and thebank knows about the purchase details. A higher level of anonymity is attained us-ing secure electronic transaction (SET), which can hide the customers financial de-tails from the merchant and the purchase details from the bank. However, there isnot yet an online payment system that can maintain anonymity on both sides of thetransaction. In this sense, cash is definitely an anonymous payment instrument.The effect of having anonymity is twofold. On one hand, anonymitycan protect theprivacy of customers; on the other hand, money laundering becomes an issue. Toalleviate the adverse effects of illegal use of anonymous cash-like products, regula-

tory bodies in many countries impose upper limits on the amount of value that canbe stored about and represented by these instruments. In recent years, because userprivacy is becoming a more significant issue [11], we believe that a payment infra-structure supporting B2C and P2P transactions has gained importance.

2.1.3. Software/Hardware Software-based EPSs require no extra hardware toperform the transaction. The only requirement is to install the payment software onthe computer. Whereas hardware-based systems require additional hardware (andalways come with a piece of software) to process a transaction, software-based sys-tems are more suitable for use with a large population or across country bound-aries. This is because there is no need to purchase an additional piece of hardware,

which always requires a considerably long period of time to ship, whereas softwarecan be available via the Internet almost instantly.

148 TAM AND HO


5/30

2.1.4. Divisibility The degree of divisibility of an EPS can be defined as theminimum amount of money that can be cost-effectively processed in each transac-tion. From an economic standpoint, it is related to the transaction cost of the EPS. If

both the minimum charge and the transaction cost are low, then the EPS is consid-ered to have high divisibility and vice versa. Having high divisibility is an advan-tage because such a system affords greater flexibility to both customers andmerchants.

2.1.5. Transferability Transferability of an EPS describes the ability to transfervalue between different parties. For example, cash is highly transferable becausethere is no restriction on who the payee is and who the payer is. In contrast to cash,a credit cards transferability is low because only approved merchants can acceptcredit card payment, whereas an individual cannot.

A summary of a number of EPSs and their characteristics as compared with cashis shown in Table 1.

2.2. Cash-Like Features of Mondex

The offline system we considered is the Mondex payment system. It was launchedin Hong Kong and many other countries in the late 1990s. It is an economy-widepayment solution and is accepted by many stores in Hong Kong. Mondex is aglobal electronic payment scheme providing an alternative to traditional notes andcoins. The principle of the Mondex system is that money can be downloaded elec-

tronically on a microchip and transferred securely from one microchip to another.For ease of handling and security reasons, the Mondex electronic cash system oper-ates on a smart card called the Mondex Card, which resembles an ordinary debit orcredit card and stores information on its microchip. Each microchip contains anelectronic purse that stores Mondex value. The purse is divided into five separatepockets, allowing up to five different currencies to be held on the card at any onetime. The microchip also features advanced Mondex encryption technologies tosupport secure transactions between one Mondex Card and another. Mondex canbe used for simple, everyday cash transactions. Mondex value can be transferreddirectly to a retailer, merchant, or other outlet to pay for goods or services. It can be

transferred between persons, at the point-of-sale (POS), via automatic teller ma-chines, or even over a telephone line. To facilitate adoption of Mondex among mer-chants, Mondex-compatible POS devices are provided by the Mondex value issuerin Hong Kong at no cost.

A unique feature of Mondex is that it is cash-like. It is regulated by the govern-ment in the same way that coins and notes are regulated. Another digital cashproduct that is available worldwide is VisaCash. In contrast to Mondex, VisaCashis regulated more like a credit instrument. The cash-like feature of Mondex is illus-trated in the map, generated using multidimensional scaling procedures, shown inFigure 1. This map depicts the 14 EPSs summarized in Table 1. The X dimensionrepresents how easily money can be transferred among parties (e.g., transferabilityand mediating), while the Y dimension represents how much user information isdisclosed (e.g., anonymity).



6/30

T

able1

ExamplesofEPSs

EPS

Mediating

Divisibility

Anonymity

Device

Transferability

P2P

Remarks

Autho

rizenet

Yes

High

No

Software

Lowa

No

Creditcardbased.

BidPa

y

Yes

Low(ma

x.purchase

isU.S.$700)

No

Software

Lowb

Yes

Mailsphysicalmoneyordertopayee.

BillPo

int

Yes

High

No

Software

Lowb

Yes

eBayanno

uncedthecompletionofitsacquisit

ionof

PayPal.

Billpointwillremainapaymentopt

ionon

eBaythr

oughtheendof2002andwillbegin

tobe

phasedoutinearly2003.

Cash

No

High

Full

N/A

High

Yes

Cashb

ox

Yes

High

Yes

Hardware

Lowa

No

Intertradersystemmainserverrequired.

Cyber

Cash

Yes

High

Yes

Software

Lowa

No

Boughtby

VeriSign.Currencyserverrequired.

Direct

Pay

Yes

High

No

Software

Lowa

No

Creditcardbased.

Ecash

Yes

High

Yes

Software

High

Yes

Acomputer-generatedsystemallowsitemsto

be

purchasedbyproprietarycredits,creditcard,ATM,

debitcard,orcheck.

eMoneyMail

Yes

High

No

Software

High

Yes

BankOneseMoneyMailservicewasdiscontin

uedJuly

31,2002.

Mond

ex

No

High

Yes

Hardware

High

Yes

NetBill

Yes

High

No

Software

Lowa

No

Bankaccountsystem.

PayPa

l

Yes

High

No

Software

High

Yes

37.6millio

nactiveaccountsinDecember2006;

internationalpaymentspossible.

PayPalwa

srecentlyacquiredbyeBay,andist

he2002

SIIACodieAwardswinnerforBesteComm

erce

Solution

.

VisaCash

No

High

Yes

Hardware

High

No

Yahoo

!PayDirect

Yes

Low(transaction

limitsapplied)

No

Software

High

Yes

StandalonebutalsointegratedintoYahoo!Ser

vices

aCustomertomerchantonly.

bForauctiononly.


7/30


8/30

3. TECHNICAL OVERVIEW OF THE MONDEX

INTERNET PAYMENT SYSTEM

In order to assess the technical feasibility of using the Internet as a delivery plat-form for Mondex transactions and to study user behavior toward this new pay-ment method, we have implemented a Mondex Internet Payment solution basedon clientserver architecture. The major components of the architecture are out-lined in this section.

3.1. System Components

The system runs on Microsoft Windows platforms to provide the following system

services:

3.1.1. Access to the Mondex Card. The hardware interfacing with a MondexCard is a general-purpose PC Smart Card Reader, the Gemplus GemPC410 (seeFigure 2). The system communicates with a Mondex Card (which is inserted into acard reader)via theMicrosoft PC/SC Smart Card Support provided by WIN32 sys-tem services. We chose to use this model of smart card reader because it is designedto plug into a PC environment common to most home-banking and e-purse facili-ties, and it is also very simple to use and install. The user needs no technical knowl-edge. The average cost is relatively cheap (about U.S. $30).

3.1.2. Network Access. The system requires network access for communica-tion with a remote purse during payment transfer. This network communicationuses the TCP/IP network protocol provided by the Windows Operating System(OS).

3.1.3. Runtime Environment. As a typical Windows application, the softwarerequires the support of Windows runtime environments, the OS services provided

152 TAM AND HO

Figure 2. GemPC410 card reader.


9/30

via the Windows system DLLs. Other runtime environments may be required, de-pending on the actual implementation. For example, a Java-based implementationrequires the corresponding Java Runtime Environment anda Java Virtual Machine.

The Windows runtime environment should be available on any properly installedWindows PC; other runtime environments must be included in the installationpackage.

3.2. Operating Scenarios

The architecture supports two operating modes, as shown in Figures 3 and 4. Thefirst scenario is a local operation. It involves basic operations for the local purse,such as checking balance, selecting currency, card locking, changing the PIN

code, and so forth. All are local operations and no communication with a remotedevice is involved. Figure 4 illustrates the second scenario, which involves trans-fer of value with a remote purse. The transfer could be between two persons or


Figure 3. Operations on local purse.

Figure 4. Operations involving remote purse.


10/30

between a customer and an online merchant that accepts Mondex payment.These two operating scenarios form the building blocks of more complicatedtransactions that involve more parties or are bundled with third-party software

(e.g., I Seek You [ICQ] payment).

3.3. Software Architecture

In terms of software design, Mondex EPS is designed to maximize opportunity forreuse. The softwareconsists of three major packages, as shown in Figure 5. The GUIpackage is used to support the interaction with the user. The middleware acts as abridge between the GUI and low-level system services. The net package is respon-sible for making payment exchanges between two purses on a TCP/IP network. By

developing separate packages and supporting the three distinct functions (graphi-cal user interfaces [GUI], card interface, and network communications), we aim atmaximizing the reuse of code and the interoperability of the system components.

3.3.1. GUI Package. The GUI package consists of a set of classes for building aGUI that supports communication with the user. The GUI contains three majorclass sets: View, Model, and Controller. A typical scenario involving the GUI isshown in Figure 6.

This design is based on a principle called MVC (Model-View-Controller), whichis frequently used in object-oriented programming languages. One may think ofthe model as storage, the view as human interface devices (such as the keyboard

and monitor), and the controller as the CPU. This design separates the view (i.e.,the user interface) from the data. Futureenhancements can then be made by addingnew views or replacing or extending the existing views without affecting the over-all design. In terms of implementation, the controller does not always need to beseparated from the view. The controller can be incorporated with its corresponding

154 TAM AND HO

Figure 5. Software architecture.


11/30

view, especially when the controller processes only events that originate from itscorresponding view or if it is not associated with too many objects.

3.3.2. The Middleware Package. The function of the middleware package is toprovide an abstraction of thehardwareso as to reduce the complexity in interfacingwith the smart card. A basic service object communicates with the smart carddriver provided by the OS, on behalf of the purse object. The purse object in turncommunicates with the basic service object and the GUI (Figure 7).

3.3.3. Net Package. This package provides the core functions for payment ex-

change. The package uses the GUI to prompt for input or to give feedback from/tothe user when certain conditions are met. The package uses middleware to process


Figure 6. GUI package.

Figure 7. Middleware package.


12/30

payment messages. The package uses a TCP/IP network for communicating withthe counterparty software (Figure 8).

3.3.4. Services Package. A peripheral package consists of a set of objects forcommunicating with a Mondex Card using low-level Application Protocol Data

unit command calls (through the Microsoft PC/SC Smart Card Support providedby the Windows OS) according to the Interface Device (IFD)-Purse Application In-terface specification. Its actions include basic operations such as selecting theMondex purse application, getting the installed card readers name, monitoringthe presence of a card in a card reader, doing IFD-Purse interface transactions(making Mondex commands, interpreting Mondex responses), and reportingtransaction errors (usually by detecting exceptions). The objects abstract the com-plexity (such as the offset for the locking state) of doing a Mondex purse operationand, therefore, decrease the overall complexity of the software. These objects pro-vide a foundation for the purse object.

3.4. B2C Mondex Internet PaymentMerchant Server

The B2C implementation of the Mondex EPS is code named ecPAY4B. It is areal-time payment server that receives Mondex value from multiple consumers onbehalf of the merchant. The ecPAY4B is designed for easy integration with mer-chants existing Web sites. It provides a set of protocols for merchants to requestservice from ecPAY4B and for ecPAY4B to report payment transaction results to theserved merchants. Figure 9 depicts the schematic of the B2C system.

The ecPAY4B is developed based on the components and architecture describedearlier and inherits its features: standard conformance, security, robustness, andscalability. Both PC/SC smart card readers and GIS value vaults are supported by

156 TAM AND HO

Figure 8. Net package.


13/30

default. Other card-accepting devices can also be supported by extendingecPAY4B. The ecPAY4B is implemented as a Web server through Java Servlet. JavaServlet is portable, robust, and scalable. In addition, Java Servlet is supported byWeb servers such as Apache Web Server, Netscape Enterprise Service, SunMicrosystems Java Web Server, and IBM WebSphere Application Server.

3.5. Client InstallationecPAY4u

Our client-side application is code-named ecPAY4u. It is an online, real-time, reli-able payment transfer solution that allows two users to exchange Mondex value onthe Internet without the participation of a third party. The ecPAY4u is designed forindividual users andwas type-approved by MondexInternational in May2000. Wewill highlight some of the core features in the following sections.

3.5.1. User Interface. The targeted users of the Mondex EPS are individualswho may have different levels of computer literacy. To serve our target users,ecPAY4u must be intuitive and easy to use. The ecPAY4u GUI should provide asimple, user-friendly, and consistent look and feel. The client software we have de-veloped is compatible and follows closely the user interface specification of theMondex standard. Figure10 displays a screen shot of theuser interface of ecPay4u.


Figure 9. Interactions between customers and online merchants via ecPAY4B.


14/30

The ecPAY4u provides no unnecessary buttons or menus that complicate theuser interface. It provides buttons that are necessary and sufficient for all funda-mental Mondex purse operations: balance, statement, lock purse, unlock purse, setnew personal code, change current personal code, change currency, transfer value,and check locking state. This should increase the overall user efficiency, as seven iswithin the capability of human short-term memory [23].

The ecPAY4u does not pop up unnecessary windows that may overlap each

other and cause confusion in the user. All results of Mondex purse operations thatdo not require users feedback are displayed in the informational panel located inthe middle of the interface. This eliminates the need to close or move windows. Onthe other hand, ecPAY4u will use pop-up dialog boxes to ask for feedback from theuser in scenarios such as setting a personal code or reporting errors.

3.5.2. Security and Robustness. Security is a critical issue in the design ofecPAY4u. In addition to following Mondex specifications, in no circumstance willecPAY4u provide a mechanism for the user or the developer to damage anyMondex Card or to access a personal code stored in a Mondex Card. In addition,

ecPAY4u will not save any Mondex Card data, including data generated by theMondex Card in any transaction, into any secondary storage. The ecPAY4u alwaysinforms the user whenever an error has occurred. Whenever possible, ecPAY4u isable to provide services to the user after an error has occurred.

3.5.3. Design Flexibility. Software components of ecPAY4u are designed to bereusable. The ecPAY4u is designed using object-oriented methodology and is im-plemented in Java, a robust, cross-platform, object-oriented programming lan-guage. It is designed and implemented in such a way that its components can be re-used in other applications, allowing a short development cycle for relatedproducts. Both the components and their design patterns can easily be reused orextended for a large-scale application such as a payment server. As shown in Fig-ure 4, each of the subsystems can be extended or modified without affecting the

158 TAM AND HO

Figure 10. Checking transaction history using ecPAY4u.


15/30

other subsystems. Components of the subsystems can be reused or integrated intothird-party products.

4. ADOPTION MODEL FOR THE MONDEXINTERNET PAYMENT SOLUTION

While there is a genuine demand for micropayment solutions [24], translating userexpectations into design features and finally into a payment solution remains a major challenge. To appeal to users, such a solution should provide attractivefunctionalities as well as ergonomic advantages. Like any IT innovation, to assessthe market reaction of Mondex EPS requires an understanding of factors that havean impact on the adoption intention of potential adopters.

The proliferation of IT-based services and products has resulted in a continuousstream of research on IT innovation adoption. In this study, we construct a modelthat consists of a set of factors that is hypothesized to facilitate or prohibit the adop-tion of the Mondex EPS. As a guiding theoretical frame, the technology acceptancemodel [2527] provides some of the core constructs used in our empirical study. Inthis study we are particularly interested in security-related factors, as they haveconsistently been reported as a major concern among online users [28, 29]. Recentwork has focused on developing measurement constructs for trust in cyberspace[30, 31]. In e-commerce, trust describes a relationship between consumers and on-line merchants that plays a key role in helping consumers to overcome perceivedrisk and insecurity. In these studies, the focus is on the transacting parties and not

on the medium of transaction. We argue that a general measurement of perceivedInternet security might not extend well to a particular application or service if theuser is able to develop a belief in the security of the application itself. Also, the na-ture of microtransactions may not entail the same set of concerns as in the case ofcredit card based transactions. Therefore, a general measure of Internet security isnot sufficient. Attitudes toward security of the application need to be addresseddirectly.

Furthermore, the majority of adoption studies have so far been ex post factostudies conducted after the launch of the innovation. The focus is on how attitudetoward a fixed set of innovation characteristics can affect the adoption decision. In

this study, the adoption model is applied during the product development stage.Responses are obtained from participants who have first-hand experience with theinnovation. The impact of the current design can be channelled back to the designteam for improvement. This provides a guiding frame for the project team on anumber of technical and user behavior issues related to the design and implemen-tation of the system. The Mondex Internet Payment solution is assessed based onuser feedback. The major factors are described in detail below.

4.1. Perceived Internet Security and Perceived Mondex Security

Perceived security of the innovation exerts positive influence on adoption [32, 33].When Mondex is extended to the Internet, one of the major concerns among online



16/30

users is presumably ubiquitous fraud [34, 35]. The higher levels of perceived riskand insecurity that confront users may serve to highlight the importance of effec-tive interface design to influence and support the users adoption decision.

In the current model, security is measured along two dimensions: Internet secu-rity and Mondex EPS security. Perceived Internet security (PIS) measures the gen-eral attitude of users toward conducting transactions over the Internet. It does notfocus on a particular service, vendor, or payment mechanism but on a general per-ception of security on the Internet. We hypothesize that Internet security will havean impact on the intention to adopt the Mondex EPS.

The second dimension, Perceived Mondex Security, focuses on security issuesthat are directly related to the Mondex Internet Payment solution. By goingthrough a demonstration and acquiring hands-on experience with Mondex EPS, auser may develop an attitude that is different from his or her general perception of

Internet security. By developing two different dimensions of security (general andspecific), we try to delineate general perceptions developed through observationsand media effects from perceptions toward innovation-specific features that theuser can experience directly. Similar to Internet security, it is hypothesized thatMondex EPS security has an impact on the intention to adopt Mondex EPS.

4.2. Perceived Ease of Use and Perceived Usefulness

The technology acceptance model (TAM) has served as the foundation for many in-novation adoption studies since it was first introduced. The two major constructs

in the TAM areperceived ease of use andperceived usefulness.Because Mondex EPS is user-centric software, ease of use is very important [36].

One way to make the extended Mondex EPS easy to use is to ensure its compatibil-ity with its offline counterpart, which reduces the training costs for Mondex users.Thus, in the development process, we follow closely the ergonomics guidelinesprovided by Mondex International. That is, all of the icons, interactions, and mes-sages strictly follow Mondex Standards. Also, we have taken special care when de-signing the user interface of the client software (see Section 3.5).

The functionality of Mondex EPS follows the Mondex specifications, and all im-portant operations are implemented. Such connections to the original Mondex sys-

tem enhance the perceived usefulness of Mondex EPS. Whether the proposed EPSserves its function (i.e., providing a means for micropayments) will be assessed bythe perceived usefulness factor.

4.3. User Characteristics

Users demographics and knowledge of the innovations can also be determinantsin the adoption decision. In this study, we examine whether ones Internet experience(IE) andMondex experience (ME) are factors affecting the adoption intention. As us-ers gain more experience on the Internet or become familiar with Mondex Cards, it

becomes more likely that the proposed Mondex EPS will be adopted. Those whohave less experience with the Internet are less likely to adopt it. User characteristics

160 TAM AND HO


17/30

are considered to have direct impacts, instead of moderating effects, on behavioralintention in some IS exploratory studies (e.g., [37]). Also, in our setting, becauseMondex was recently launched, users do not have much experience. Moderating

effects may not be observable at this stage.Both the perceived ease of use and the usefulness factors are based on items used

in previous adoption studies. Measurement items for Internet experience, Internetsecurity, andMondexEPS security were developedspecifically for this study. All ofthese factors are hypothesized to have an effect on the adoption intention. Thestudy setup and data analysis are described in Section 5.

5. RESEARCH DESIGN AND DATA ANALYSIS

5.1. Pretest

Measurement constructs depicted in the model (see Appendix) were developedand pretested using a sample of 20 undergraduate business students. Constructsfor perceived ease of use and perceived usefulness were adopted from Davis [25].For Internet security, we made references to constructs developed in trust andInternet user survey studies [30, 31] and modified them to fit the context of onlinepayment transactions. Internet experience was collected from participantsself-reported expertise in computers, the World Wide Web, and e-mail. Mondex ex-perience was the participants number of months using a Mondex Card. For

Mondex security, we developed our measurement construct based on: (a) featuresof the Mondex EPS, (b) feedback from the bank and Mondex International, Ltd.(MXI), and (c) existing users of the Mondex Card. Pretest results were satisfactory,given the exploratory nature of the study.

5.2. Participants

Next, we proceeded to test the model in a 1-h study setting. Seventy participantswere recruited from a public university in Hong Kong. Of the 70 participants, there

were 41 women and 29 men. All were undergraduate students, age 19 to 22.Forty-nine participants had never used Mondex before and 3 participants had hadMondex Cards before. Eighteen were current Mondex Card users, of which 11 usedtheir own cards to complete the procedures. Most of them had Internet access avail-able at home or the office. In terms of computer/Internet related experience, partici-pants had average or above average knowledge of general uses of a computer, theWeb, and e-mail tools.About half of them had experience with netmeetings and ICQ.

5.3. Procedures

The procedure consisted of three tasks. Participants were divided into different ses-sions with at most 5 participants in each session. Each session of the study lasted



18/30

for about an hour, and a token of appreciation (U.S. $15) was provided to each par-ticipant. The first task required participants to visit a selected Web site to becomefamiliarized with online shopping. Three commercial sites were selected. One was

a local grocery store,Wellcome,1 onewasan international bookstore, Amazon,2 andthe third site was a local department store, CitySuper.3 Navigating the first twoWeb sites allowed theusers to get familiar with online shopping environments. Thelast Web site was a SET-compliant shopping site. Participants were asked to pur-chase products from these sites and go through the checkout procedure until theshopping site prompted for payment details. The objective of the first task was toprovide participants with an opportunity to practice Internet shopping to ensure amore uniform background in online payment.

In the second task, a video was shown to the participants, introducing theMondex EPS. In the video, two online applications were illustrated. One involved

an online souvenir shop and the other was based on a university online studentprint quota update service. Both applications featured Mondex EPS. In this task,we explained the features of Mondex EPS to theparticipants, such as degree of ano-nymity and degree of divisibility.

The third task was a hands-on exercise for the participants to conduct onlineshopping using the Mondex EPS. They were asked to select one product from theonline souvenir shop and use a Mondex Card to pay for the item. Participants whowere Mondex Card owners could choose to use their own cards for purchase. RealMondex Cards with a preloaded value were also provided to the rest of the partici-pants. After the checkout process, the participants were requested to complete aquestionnaire as the final task of the study.

5.4. Validity Tests

We factor-analyzed the items and tested for reliability, convergent validity, anddiscriminant validity. The items were grouped into five factors (see Table 2). In thereliability test, the internal consistency for each factor was assessed by computingCronbachs alpha. As shown in Table 3, the alpha values ranged from 0.890 to 0.923.Nunnally [38] suggests that a reliability value of 0.7 or above is acceptable. Hence,the set of factors in our study was deemed reliable.

Convergent validity is achieved if there are correlations between items of thesame factors. To assess this validity, Pearson correlation coefficients were com-puted with a two-tailed t test. Table 4 provides the correlation matrix. All correla-tions between pairs of items within the same factor were statistically differentfrom zero at the 0.01 level of significance. Thus, convergent validity wasdemonstrated.

Discriminant validity is demonstrated if an item correlates more highly withitems of the same factor than with items of a different factor. The degree of validityis determined by counting the number of times an item has a higher correlation

162 TAM AND HO

1

See: http://imsp001.netvigator.com/shopping/wellcome/index.html2See: http://www.amazon.com3See: http://www.setshopping.com/citysuper/index.html


19/30

with an item from another factor than with items of its own factor. Campbell andFiske [39] suggest that a count of less than one half is acceptable. We performedmore than 800 comparisons by examining the correlation matrices of items.Twenty-four correlation values between items from different factors were higher

than those between items of the same factor. Based on this assessment, the items ineach factor had discriminate validity.


Table 2

Rotated Component Matrix From Factor Analysis

Factor 1 Factor 2 Factor 3 Factor 4 Factor 5

IE1 0.182 0.032 0.012 0.173 0.905IE2 0.095 0.020 0.111 0.195 0.916IE3 0.126 0.133 0.059 0.082 0.886PU1 0.347 0.179 0.021 0.739 0.248PU2 0.449 0.137 0.043 0.680 0.294PU3 0.442 0.229 0.091 0.667 0.153PU4 0.292 0.203 0.042 0.812 0.061PU5 0.201 0.219 0.069 0.760 0.065PE1 0.831 0.092 0.075 0.227 0.070PE2 0.716 0.217 0.015 0.202 0.046PE3 0.818 0.189 0.021 0.181 0.155PE4 0.787 0.085 0.067 0.167 0.105PE5 0.858 0.090 0.062 0.233 0.141PE6 0.777 0.120 0.188 0.355 0.163PIS1 0.149 0.090 0.830 0.000 0.043PIS2 0.067 0.034 0.743 0.067 0.055PIS3 0.004 0.113 0.819 0.173 0.032PIS4 0.040 0.025 0.878 0.083 0.110PIS5 0.020 0.102 0.879 0.016 0.010PMS1 0.398 0.780 0.065 0.016 0.043PMS2 0.038 0.750 0.021 0.171 0.020PMS3 0.147 0.831 0.063 0.066 0.053PMS4 0.046 0.881 0.113 0.092 0.065PMS5 0.210 0.794 0.029 0.326 0.147

PMS6 0.086 0.821 0.032 0.254 0.085

Total variance explained = 75.155%; extraction method = principal component analysis; rotationmethod = varimax with Kaiser normalization; rotation converged in 6 iterations.

Table 3

Reliability of Factors

Factors No. of Items Cronbachs

IE 3 0.920

PU 5 0.907PE 6 0.923PIS 5 0.890PMS 6 0.916


20/30

5.5. The Model

We then used Structural Equation Modeling (SEM) for data analysis. Among thetwo popular SEM approaches, Partial Least Squares (PLS) and Linear StructuralRelationships (LISREL) modelling, we employed PLS in the current study. BothPLS and LISREL are capable of constructing structural relations among latent vari-ables. However, LISREL uses maximum likelihood estimation, for which it is nec-essary to fulfill the multivariate normal data requirement. Consequently, LISRELgenerally works on large samples [40]. Because of the small sample used in ourstudy, we used PLS to take advantage of its flexibility in handling small samples.

Table 5 presents the descriptive statistics. In general, the participants perceivedthe Mondex Internet Payment solution to beeasy to use (M = 6.319)and useful (M =5.906). The cash-like features of the Mondex Card and the simple ecPAY4u interfaceexplained the relatively high ease of use evaluation. The participants felt comfort-

164 TAM AND HO

Table 4

Correlations Between Manifest Variables and Latent Variables

Factor IE PU PE PIS PMS ME BI

IE1 0.936 0.015 0.035 0.002 0.054 0.049 0.000IE2 0.911 0.037 0.016 0.092 0.017 0.087 0.042IE3 0.928 0.030 0.022 0.044 0.053 0.001 0.020PU1 0.054 0.872 0.000 0.043 0.017 0.036 0.008PU2 0.104 0.871 0.063 0.042 0.045 0.018 0.014PU3 0.011 0.858 0.062 0.066 0.039 0.063 0.025PU4 0.090 0.868 0.048 0.017 0.005 0.047 0.038PU5 0.078 0.795 0.097 0.004 0.021 0.185 0.015PE1 0.038 0.028 0.880 0.009 0.033 0.075 0.034PE2 0.102 0.008 0.766 0.078 0.069 0.041 0.056PE3 0.031 0.014 0.866 0.037 0.041 0.020 0.006PE4 0.032 0.015 0.798 0.077 0.041 0.128 0.052PE5 0.032 0.020 0.907 0.039 0.039 0.034 0.022PE6 0.055 0.088 0.884 0.102 0.001 0.032 0.024PIS1 0.070 0.076 0.127 0.721 0.128 0.067 0.121PIS2 0.037 0.055 0.030 0.871 0.028 0.004 0.062PIS3 0.002 0.056 0.003 0.821 0.041 0.011 0.000PIS4 0.120 0.063 0.054 0.778 0.031 0.066 0.109PIS5 0.022 0.009 0.013 0.830 0.106 0.021 0.081PMS1 0.076 0.056 0.151 0.042 0.829 0.090 0.013PMS2 0.031 0.048 0.089 0.025 0.780 0.068 0.038PMS3 0.080 0.066 0.037 0.049 0.801 0.056 0.093PMS4 0.001 0.059 0.101 0.119 0.839 0.134 0.188PMS5 0.115 0.140 0.074 0.030 0.895 0.015 0.055

PMS6 0.031 0.025 0.048 0.019 0.881 0.040 0.065ME 0.013 0.051 0.102 0.189 0.191 1.000 0.066BI1 0.028 0.027 0.017 0.040 0.056 0.065 0.952BI2 0.029 0.027 0.017 0.041 0.057 0.066 0.950

Note. IE = Internet experience; PU = perceived usefulness; PE = perceived ease of use; PIS = per-ceived Internet security; PMS = perceived Mondex security; ME = Mondex experience (in months); BI =

behavioral intention.


21/30

able with Internet security (M = 6.613), but they perceived Mondex EPS to be lesssecure (M = 5.444). The result from a one-sample t test shows that the participantscould differentiate the security of the Mondex Internet Payment solution from theapplication platform (i.e., the Internet) in which the transactions take place (p 0.1) and usersMondex experience (path coefficient = 0.078,p > 0.1) have no statistically signifi-cant impacts.

6. DISCUSSION

The adoption model can play a key role in the design and implementation ofinnovations. In the case of Mondex EPS, most factors, except perceived useful-ness and Mondex experience, were found to be significant in determining the in-tention to adopt the Mondex Internet Payment solution. Our findings are not to-tally in line with the TAM. The importance of perceived usefulness is weakenedin the study of Mondex EPS adoption, probably because users behave differentlywhen they encounter a new technology, which may lead them to take risks.Therefore, they consider the usefulness of this technology to be less important inthe adoption decision. Furthermore, Mondex experience is also not a significantfactor. We believe that when the bank shifted the offline Mondex to the onlineplatform, there were some significant changes in software interfaces and transac-tion operations. The experience of using an offline Mondex is not applicable to


Table 5

Descriptive Statistics

Factor M SD

IE 4.871 1.262PU 5.906 1.395PE 6.319 1.306PIS 6.613 1.543PMS 5.444 1.684ME 3.500 6.253

Note. IE = Internet experience; PU = perceived usefulness; PE = perceivedease of use; PIS = perceived Internet security; PMS = perceived Mondex secu-rity; ME = Mondex experience (in months); BI = behavioral intention.


22/30

Figure 11. PLS model for adoption of the Mondex Internet Payment System.


23/30

using the online system. The model provides useful guidelines for revising thedesign choices and fine-tuning the features of the Mondex EPS.

This finding has a number of implications. First, the perception of Internet secu-rity had higher scores than perception of Mondex EPS security. Participantsseemed to feel comfortable with security on the Internet, but were concerned withthe security of Mondex EPS. This also shows that they were able to differentiate thesecurity of the application (i.e., Mondex EPS) from that of the environment (i.e., theInternet) in which the application operates. Although security is consistently listedamong the top inhibiting factors of Internet applications, this study illustrates that

as long as specific security issues related to the application are satisfactorily ad-dressed, the general perception of security on the Internet may not have a majorimpact on the adoption decision. Furthermore, IT managers and marketers shouldfocus their attention on innovation-specific features that appeal to potential usersrather than addressing the general sentiment toward the environment in which theinnovation operates.

Second, theusers considered Mondex EPS security to be not good enough. Whatdrives the users to have a perception of Mondex EPS as insecure? After a discussionwith the development team, we determined the reason to be related to the MondexEPS interface design. When theusers experienced the Mondex EPS in Task 3, nearly

all icons on ecPAY4u were for functional purposes, such as checking the balanceand checking completed transactions. Only one icon on the wallet interface,LOCK/UNLOCK, is used to manipulate the security level of Mondex EPS. The us-ers may have misunderstood the capabilities of Mondex EPS and thought that itprovided few functions on security management. At the technical level, it is possi-ble to incorporate additional security features such as e-certificates or a mandatorypassword authentication process every time one uses the Mondex EPS. However,the increase in security features is likely to result in a more complex operating pro-cedure, thus reducing the level of ease of use. Without information on the relativeimpact of each factor on adoption intention, the developer will find it difficult todecide on the trade-off. In this study, we demonstrate that findings based on an

adoption model can help a developer to manage this trade-off. Because MondexEPS security has a higher level of impact on adoption intention, our findings imply


Table 6

PLS Model for Adoption of the Mondex Internet Payment System

Factor Path Coefficient Path Coefficient t p

IE 0.141 1.380 0.086PU 0.198 1.240 0.110PE 0.342 2.506 0.007PIS 0.230 2.351 0.011PMS 0.429 2.569 0.006ME 0.078 1.096 0.139

Note. IE = Internet experience; PU = perceived usefulness; PE = perceived ease of use; PIS = per-ceived Internet security; PMS = perceived Mondex security; ME = Mondex experience (in months); BI =

behavioral intention.


24/30

that it is appropriate to tip the balance toward design features that instill a sense ofsecurity rather than to focus solely on ease of use. The feedback loop provided bythis study illustrates the relevance of adapting the theoretical innovation adoption

model as a methodology to collect user feedback in the design stage of an ITartifact.

Third, as advocated by Orlikowski and Iacono [41], there is a need to theorizethe IT artifact that we are studying. To make a significant contribution, IS studiesshould incorporate the theory in the IT artifacts, and at the same time, seriouslystudy the effects, context, and capability of the technology. Although the advan-tages of a parsimonious model such as the TAM are its generality and universalapplicability, these advantages are gained at the expense of the richness of thecontext in which the artifact operates. We believe it is equally important to de-velop a user acceptance model that takes into account the context and use of the

innovation. This study draws on findings from previous research (e.g., perceivedease of use and perceived usefulness) and enriches them with the specific contextand issues related to the innovation. The difference in user perceptions towardInternet security and Mondex EPS security provides interesting insights into theability of the users to differentiate and separate application and platform issues.By theorizing the IT artifact, one could better understand the complex relation-ship between the technology and the context in which it exists, as well as its in-teraction with humans.

7. LIMITATIONS AND CONCLUSION

In this article, we introduced a micropayment infrastructure that can be used tosupport B2C and P2P transactions. On the technical side, we have outlined the im-plementation and the design rationale of the system. On the user side, we have de-veloped an adoption model specific to the micropayment infrastructure and testedit in a survey setting.

This study is not without limitations. Some of them are highlighted here. First,our sample size was on the low end. This precludes us from employingdata-intensive techniques such as LISREL in our analysis. To minimize the size ef-fect, we employed regression as well as PLS, as suggested by one of the reviewers.

Both analyses showedsimilar results, indicating stable estimates of the parameters.Nevertheless, the size effect should be taken into consideration in interpreting theresults. Second, participants consisted of both Mondex and non-Mondex users, sothe results might be affected by the experience of current Mondex users. Althoughwe attempted to reduce this effect by engaging all participants in a real Mondextransaction (Task 3 in the study) and including the variable, Mondex experiencein the model, the experience effect may still prevail. Third, in future research, morespecific design features can be included in the survey to provide more useful feed-back to the design team.

The availability of a widely adopted micropayment infrastructure will openup new opportunities for e-commerce. Unlike payment solutions that leverageexisting interbank network and settlement processes, a sustainable

168 TAM AND HO


25/30

micropayment infrastructure will entail a cost structure that is quite differentfrom traditional interbank networks. The nature of micropayment and the rela-tively low risk involved will no longer necessitate a mediating party to coordi-

nate the transfer of funds, as in the case with interbank transfer and credit cardpayment. The decoupling of value (i.e., monetary value) and the value holder(i.e., the account) in a transaction is a necessary condition for anonymous pay-ments. Because user authentication and account settlement are not necessary,value can be transferred directly from one value holder to another, as long ascounterfeiting the value is made almost impossible. Mondex employs an encryp-tion technology that allows Mondex value to be transferred directly from onecard to another without any mediating mechanism. The Mondex EPS presentedin this article extends the card-to-card capability of Mondex Cards to the Internet.As indicated in our findings, the intention to adopt Mondex EPS is only slightly

affected by the users previous Internet experience. Users of the Mondexmicropayment infrastructure seem to perceive it as an extension of thefunctionalities of existing Mondex Cards and evaluate it independently of theirprior experience with the transport medium, that is, the Internet. By tightly ad-hering to Mondexs ergonomic standards, the look and feel of Mondex EPS isvery similar to that of devices used in offline transactions, enabling an easy mi-gration from offline to online usage.

We demonstrated that an adoption model can be used as a managerial tool indifferent phases of the development process, from concept initiation to designand implementation to customer support, and we distinguished individuals pre-

adoption beliefs and attitudes from their postadoption beliefs and attitudes[4244]. Current system development methodologies are premised on the central-ity of user requirements in system development. Models and tools are providedto support the elicitation, documentation, and transformation of user require-ments into functional and data models that lend themselves to machine-execut-able code. The implicit assumption is that a system that conforms to the require-ments when built will be automatically accepted by the user community.However, evidence abounds that many systems fail not because they fall short inmeeting the requirements, but because of a lack of interest on the users side. Fornovel information applications such as the proposed Mondex EPS, the problem iseven worse because user requirements are lacking at best or nonexistent in mostcases [45]. The decision to adopt in these cases depends more on beliefs about theinnovations features (although not necessarily equivalent to the actual set of fea-tures) and the attitude toward it. Thus, it is important to understand users be-liefs and how they affect their adoption intentions. Parsimonious models such asthe TAM provide a core set of elements, but they are not sufficient to provide im-plementation guidelines in terms of design features, functionalities, and perfor-mance levels. To be practically useful, these models need to be extended to cap-ture innovation-specific features. This study demonstrates that adoption modelsare of interest to researchers, who typically have an ex post facto perspective oninnovations, and that they can indeed be applied, with some extension, in the de-

sign and implementation of the innovations themselves.



26/30

APPENDIX

Items and Scales

In the following, all items have been standardized. All correlations havep value

a smart card based internet

Documents