cse-302 mobile payment
DESCRIPTION
CSE-302 Mobile Payment. Dr. R. B. Patel. What is Driving Mobile Payment?. Maximization of revenue from wireless data services The handset as personal trusted device Encouraging adoption of next generation mobile devices. What is payment?. - PowerPoint PPT PresentationTRANSCRIPT
1
CSE-302 Mobile Payment
Dr. R. B. Patel
2
What is Driving Mobile Payment?
• Maximization of revenue from wireless data services
• The handset as personal trusted device
• Encouraging adoption of next generation mobile devices
3
What is payment?
• A payment is the transfer of wealth from one party (such as a person or company) to another.
• A payment is usually made in exchange for the provision of goods, services, or both, or to fulfill a legal obligation.
• The simplest and oldest form of payment is barter, the exchange of one good or service for another.
4
Continue…
• In modern age a payment system is a set of procedures and associated computer networks used to settle financial transactions in bond markets, currency markets, and futures, derivatives and options markets, and to transfer funds between financial institutions.
• Due to the backing of modern fiat currencies with government bonds, payment systems are a core part of modern currency systems
5
Continue…
• Barter is a type of trade in which goods or services are directly exchanged for other goods and/or services, without the use of money.
• It can be bilateral or multilateral, and usually exists parallel to monetary systems in most developed countries, though to a very limited extent.
• Barter usually replaces money as the method of exchange in times of monetary crisis, when the currency is unstable and devalued by hyperinflation.
6
Continue…
• In the modern world, common means of payment by an individual includes money, check, debit, credit, or bank transfer, and in trade such payments are frequently preceded by an invoice or result in a receipt.
• However, there are no arbitrary limits on the form a payment can take and thus in complex transactions between businesses, payments may take the form of stock or other more complicated arrangements.
• In law, the payer is the party making a payment while the payee is the party receiving the payment.
7
What is micropayment?
• Micropayments are means for transferring very small amounts of money, in situations where collecting such small amounts of money with the usual payment systems is impractical, or very expensive, in terms of the amount of money being collected.
• Micropayment originally meant 1/1000th of a US dollar, meaning a payment system that could efficiently handle payments at least as small as a tenth of a cent, or few paisa to rupees.
• but now is often defined to mean payments too small to be affordably processed by credit card or other electronic transaction processing mechanism.
• The use of micropayments may be called Micro-commerce.
8
Continue…
• A micropayment is an online transaction of a small denominations e.g. $2, £3.50, or €4, and can be used for digital content purchase such as music, news or consumer reports.
• A micropayment can also be used to charge for digital services such as P2P applications and access to website member areas.
9
Continue…
• A micropayment system is an online payment systems which supports charging relatively small amounts for online content or services.
• Here the speed and cost of processing payments are critical factors in assessing a schemes usability.
• Fast user response is essential if the user is to be encouraged to make a large number of purchases.
• Processing and storage requirements placed on micropayment providers and vendors must be economic for low value transactions.
10
What is a macropayment system?
• A macropayment is an online transaction of higher denominations e.g. €10.
• Macropayments play a key role in the billing of tangible goods but are also commonly used for digital content and services e.g. subscriptions, software, games and more.
11
Continue…
• A macropayment system is an online payment system specialized on the processing of higher amounts in comparisn to micropayment.
• Apart from speed and costs a high degree of protection is essential such as scoring and creditworthiness checks, risk management and fraud protection.
12
Evolution of Online Payments
13
Mobile payments
• Mobile payments can be split into three categories- mobile content, out-of-band and proximity.
• Because of their expertise in the area of billing, network operators are suited to deliver - payment services for mobile content.
• This type of payment is sometimes referred to as in-band where the content and the payment channel are the same.
• An example is a chargeable WAP service over GPRS. Users will either be offered subscription or per usage payment models.
• For per-usage users, the nature of the technology and services means that transactions will be small, so operators need to implement low-friction micropayment.
• Applications that could be covered by in-band transactions included video streaming of sports highlights or video messaging.
14
Continue…
• Out of band refers to the fact that the payment channel is separate to that used for a shopping phase.
• For example, a credit card holder may use their mobile device to authenticate and pay for a service they consume on the fixed line Internet or interactive TV.
• In order to make the wireless device suitable for authenticating payments, financial institutions are especially interested in wireless PKI, shared secret (or symmetrical key) schemes, or best of all merging with their chip card programs via dual slot or dual chip devices.
• Public Key Infrastructure (PKI) enables the implementation of legally binding virtual transactions using digital signatures critical to stem the losses suffered by financial institutions through payment repudiation and other fraud.
15
Continue…
• A promising payment application for mobile commerce is proximity transactions using the device to pay at a point of sale, vending machine, ticket machine, tolls, parking, etc.
• By leveraging parallel technologies, such as Bluetooth and 802.11, mobile devices can be transformed into sophisticated payment devices that can process both micro and macro payments.
• Pilots are already under way in Japan and Scandinavia using technologies such as SMS, infrared and contact fewer chips (RFID).
16
Evolution of mobile payments
17
Mobile payment typesPayment Type
Mobile Content Out of band Proximity
Example Anne is on holiday, and uses her Nokia 7650 to take a photo, adds audio comment, and sends it via MMS to Robert. She is charged $1 to her prepay account
An SMS notifies Anne that U2 concert tickets have just gone on sale. From an Internet café she browses to the ticket vendor site, books her tickets and pays with her Visa card. The payment authentication request
Appears on her mobile phone via SMS, and she authenticates using a personal PIN, digitally signing the order. A receipt is sent to her phone.
Back at home , Anne is at her photo and imagine shop; she transfers her holiday photos from her digital camera to the store computer over as Bluetooth link; the payment request is sent to telephone, also over Bluetooth, where she accepts it, and her credit card information is returned to the store point of sale device.
Technology Enablers
EMS, MMS2.5G (Eg. GPRS) 3G
SMS, SIM Toolkit application, WAP Push, WPKI, Dual slot, Dual SIM, J2ME.
Bluetooth 802.11b, IrDA
Payment Features
Meditation system integrated with real time stored value micropayment system
Wallet server with SMS and wireless PKI support, Acquiring gateway
Payment Java applet on mobile phone and point of sale device.
18
Phases of Mobile Payment Transaction
19
Secure Electronic Transaction (SET)
• Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.
• It was supported initially by Mastercard, Visa, Microsoft, Netscape, and others.
• With SET, a user is given an electronic wallet (digital certificate) and a transaction is conducted and verified using a combination of digital certificates and digital signatures among the purchaser, a merchant, and the purchaser's bank in a way that ensures privacy and confidentiality.
• SET makes use of Netscape's Secure Sockets Layer (SSL), Microsoft's Secure Transaction Technology (STT), and Terisa System's Secure Hypertext Transfer Protocol (S-HTTP).
• SET uses some but not all aspects of a public key infrastructure (PKI).
20
Key features
• To meet the business requirements, SET incorporates the following features:
• Confidentiality of information • Integrity of data • Cardholder account authentication • Merchant authentication
21
Participants
A SET system includes the following participants:– Cardholder – Merchant – Issuer – Acquirer – Payment gateway – Certification authority
22
Transaction
1. The customer obtains a credit card account with a bank that supports electronic payment and SET
2. The customer receives an X.509v3 digital certificate signed by the bank.
3. Merchants have their own certificates 4. The customer places an order 5. The merchant sends a copy of its certificate so that the
customer can verify that it's a valid store 6. The order and payment are sent 7. The merchant requests payment authorization 8. The merchant confirms the order 9. The merchant ships the goods or provides the service to the
customer 10. The merchant requests payment
23
Mobile Payments: Trends in Enabling Technology
• A number of mobile payment models have been proposed, piloted and implemented.
• They use a range of technologies including SMS, WAP, SIM application toolkit (SAT), USSD, IVR, dual slot phones, dual SIM phones, Bluetooth, Infrared, bar code readers and contactless chips.
24
Continue…
25
Mobile operator payment systems
• A Server Wallet: This is an encrypted store of users, personal data- payment data, addresses, personal preferences, receipts.
26
Continue…
• An Acquiring Gateway: This system, used as an electronic point of sale (ePOS), is capable of routing or switching payment transactions for multiple merchants and currencies to different backend systems. For example, the same system might process a prepay top-up request for a Visa card and a purchase with a debit card. This module also provides online merchant/content provider reporting and transaction management.
27
Continue…
• Prepay Top-Up System: This allows top up requests originating from multiple sources . Terminals over PSTN or X.25, IVR systems, Web and WAP, ATM to be processed, and routed to multiple prepay systems for on-line top-up of voice or other stored value. It can also handle off-line top-up by storing and managing top-up codes, which is more cost effective than using scratch cards.
28
Continue…
A Prepay (stored value) System: • This system manages the user’s accounts,
maintaining their balance, and providing features such as parent and child accounts.
• Transactions may debit the system in real-time, or an external application may draw funds and refund any unused portion.
• This module also facilitates managing loyalty programs and private label on us, telco cards, and some operators may even issue their own plastic cards
29
Continue…
• A Merchant Accounting System: This is used to maintain merchant accounts, calculate commissions and generate settlements for the merchants, such as writing checks or performing EFT file transfers.
30
Continue…
Internet and Operator Data
Services Network
Content Provider
Consumer
Operator Payment System
Merchant A/C
System
Stored Value Prepay
Bank
Prepay Top-up
Wallet Server
Acquiring Gateway
Voice Prepay
Billing System
31
Financial Institution Payment Systems in Mobile Environment
• Wallet Server - In the past, banks deployed wallets to their customers in an effort to maintain a relationship with their customers in an on-line environment.
• Most wallets were stored on the users desktop and were difficult to install and use.
• The wallet server plays a similar role as in the operator environment-as a secure repository of personal data.
Financial institutions choose various models for authenticating payments- such as via SMS and SIM toolkit applications, WPKI, single use passwords, pseudo numbers, Visa 3-D Secure and MasterCard SPA.
32
Continue…
Risk Management Modules:
• For avoiding fraud- authentication of cardholders (by User ID and password/PIN, chip cards and digital signatures).
• The use of pseudo numbers in place of real card numbers, and the implementation of protocols devised by Visa (3-D Secure, or
• Verified by Visa) and MasterCard SPA. These security mechanisms are normally implemented as part of a wallet server type platform
•
33
Continue…
Acquiring Gateway. This is an essential system for an acquiring
bank, allowing payment transactions to be routed to multiple backend interfaces.
Payment transactions based on credit cards, debit cards, corporate purchase cards and loyalty cards are routed onto private financial networks through a payment gateway.
The types of transactions include topping up a voice or other stored value system, paying for a transaction, subscription or settling a bill.
34
Continue…
Card Management System Essential for a payment card issuer, this
system handles the cardholder accounts, manages the account creation process, interfaces to card embossing systems, real-time authorizations, and settlements.
For risk control using pseudo numbers and MasterCard SPA, the Card Management System is linked with the Wallet Server.
35
Continue…
• Merchant Accounting System- Acquiring banks use merchant account systems to manage their merchant base, including commission calculation and settlements.
36
Continue…
• Dispute Resolution System- A critical component for both issuers and acquirers, this automates the management of disputed payment transactions and is applied to both issuing and acquiring systems
37
Continue…
Internet and Operator Data Service Network
Content ProviderConsumer
Bank payment System
Merchant A/C
System
Card Management
System
Dispute Resolution
Risk Management Control e.g. Pseudo Numbers,
MasterCard SPA, Visa 3D Secure
Wallet Server
3D Secure
Pseudo Numbers
M/C SPA
Acquiring Gateway
Financial Network
38
Open and Closed Systems
• The question of open and closed systems often arises in mobile commerce.
• An open payment system is one in which the payment instrument can be issued by one or more. Issuers-and can be acquired by one or more Acquirers.
• Typically an Interchange Association exists to set the rules and administer an interchange network-for example, Visa or MasterCard in the case of payment cards, or NACHA in the case of US direct debit/ACH.
• In a closed payment system, the payment issuing and acquiring are performed by the same entity. American Express, Diners Club and Discover Card are examples of closed systems.
39
Trintech Payment Systems-PayWare
Internet and Operator Data Service
Network
Content ProviderConsumer
Trintech Payment System
PayWare eCMS
Acquirer
PayWare eCMS Issuer
PayWare Resolve
Bank
PayWare Prepay
PayWare elssuer
PayWare eAcquire
3D Secure Pseudo Numbers
M/C SPA
mAccess
Voice Prepay
40
Point of Sale (POS) Payment
POS provides the following to Strategic Partners:
• A turn-key solution.• Assistance with the bankcard Association of co-branding application and
subsequent card order.• Assistance with applying for a PIN for the new card if applicable.• Card and account management for all POS VISA debit cards issued by the
Bank. Settlement services.• Transaction processing, including-
– Loading Visa Electronic Card accounts.– Account maintenance.– Visa Electronic Card authorization.– Customer Support.– Second level customer support – using IVR, call center and Web based
technology.– Continued product and service innovation.– The ability to leverage the POS brand as we continue to expand in the
global prepaid marketplace.