digital financial inclusion: policies and regulation …..."digital financial inclusion":...
TRANSCRIPT
:"Digital Financial Inclusion":
Policies And Regulation(Khartoum - Sudan, 24-25 August 2016)
ITU Arab Regional Workshop on
SESSION 4: DIGITAL FINANCIAL SERVICES: ACCESS, INFRASTRUCTURE, SECURITY, DIGITAL
IDENTITY, AUTHENTICATION AND RISK
MANAGEMENT
عزالدين كامل أمين مصطفى. د
Dr. Izzeldin Kamil Amin Mustafa
"Digital Financial Inclusion": Policies And Regulation
(Khartoum - Sudan, 24-25 August 2016)
ITU Arab Regional Workshop on
1. Two Distinct TYPE of Models .2. Which Business Model to Adopt? .3. Actors and Their Roles.
4. Enablement.
5. Technologies Enabling Mobile Money.6. Customer’s Journey.7. Infrastructure.8. Infrastructure: Financial …9. Infrastructure: Success Factors .…10. Infrastructure: Success Ingredients.11.Infrastructure: Consumer Risks…
3September 8, 2016DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management3
* Agenda.
12. Security13.Digital Identity.14.Data Protection15.User Protection.16.Consumer Protection.
2 Agenda.
• Mobile phone is utilised as an additional channel for a bank account through which services may be delivered (Additive Model). OR
• Mobile phone is linked to financial products that are made available to customers who belong to unbanked group of people (Transformative Model).
• THOSE GROUP ARE largely low income people.
September 8, 2016 5DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
* Two Distinct TYPE of Models ….
• A Transformational Model has the following characteristics:1. Uses Existing mobile communications infrastructure
linked to financial products to reach unbanked people.
2. Is Driven by New players; such as Telcom operators, targeting different markets from those of traditional banks,
3. It may strengthen the power of new networks for cash transactions, such as Telecom agents for credit top-ups; in addition to existing merchant POS or ATM networks of banks.
4. Cost less than fees for conventional banking services due to low overhead and large volume.
September 8, 2016 6DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
* Characteristics of Transformational Models
Actors and Their Roles ….
Actor Roles Expectations
Mobile Network Operators (MNO)
* Can Act as intermediaries or
Providers of Financial Services.
* These services may or may not be
linked directly to a bank account.
•Add Value to existing services
•Increase Customer Loyality.
•New Revenue Channel.
•Increase average revenue per user.
•Reduce Airtime distribution Cost.
Bank * A bank can be the provider of
Financial Services or just an
intermediary for some financials
services offered by MNOs.
•Branding and Customer Loyalty.
•New Customers.
•Ownership or Co-ownership of a new
payment application.
•Secure and Trusted Payment services.
•Anti-Money Laundering requirements.
•Integration/Use of existing infrastructure
and payment methods.
Distribution: Agents and Agent Network
•Physical points in the Network.
•Facilitate the important cash-in/cash-
out transactions by converting physical
money to eMoney and vice versa
(Direct OTC Transaction).
•Perform Registration of Users.
•Earn Commission on transactions.
•New Revenue streams.
•Increase Traffic and Sales.
Customers. •Mobile Phone owner that through the
Agent Network subscribe to the
services and potentially buy eMoney.
•Reduced Risk of Carrying Cash.
•Minimal Learning Curve.
•Low or zero additional cost of usage.
•Security of Transactions.
•Person-to-person Transactions.
•Able to receive and send Money.
• Mobile Banking will in fact be Transformational in a country with enabling environment.
• Enabling environment refers here to the set of conditions which promote a sustainable conditions of market development.
• Enabling environment allows widespread access; and, therefore, transformational models are more likely to succeed.
September 8, 2016 9DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
* Enablement …….
* Technologies Enabling Mobile • How? Enabling Technology.
1. USSD (Unstructured Supplementary Service Data)– A protocol that is used by MNO to communicate
with Customers irrespective of the type of handset. It is commonly used for balance messages and Network messages.
2. STK: SIM ToolKit– Menus that resides on the SIM card within the
phone that users can access directly from the handset. When in use, it communicates with MNO systems and servers generally using SMS.
– Requires SIM swap. September 8, 2016 10
DFS: Access, Infrastructure, Security, Digital Identity, Authentication and Risk Management
2 Technologies Enabling Mobile • How? Enabling Technology.
3. Other Technology:
i. Application/Mobile Internet- WAP (Wireless Application Protocol).
• Must Have a smartphone and Good data Connection.
ii. NFC
• Uses an Internal CHIP to activate the money transfer to other NFC enable Device.
• Need a modern Smartphone as well as hardware enabled counterpart device.
September 8, 2016 11DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
3 Technologies Enabling Mobile • How? Enabling Technology.
3. Other Technology:
i. Application/Mobile Internet- WAP (Wireless Application Protocol).
• Must Have a smartphone and Good data Connection.
ii. NFC
• Uses an Internal CHIP to activate the money transfer to other NFC enable Device.
• Need a modern Smartphone as well as hardware enabled counterpart device.
September 8, 2016 12DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
1 Customer’s Journey.
• A Customer’s Journey from awareness to registration, and finally to regular usage, is quite complex.• There is always a Gestation period even when customers are aware of the service, they may not necessarily understand how they would benefit from using it. •Using mobile money represents a significant behavioural change in economies where almost all payment transactions are conducted in cash.
September 8, 2016 13DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
Ratio of Active Accounts to Registered Accounts is 30%
September 8, 2016 14DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
* Number of Active (90 Days) and Accounts Globally (June 2013).
2 Active Mobile Money Accounts
• The question every MM service provider is asking: How can one shorten the Gestation period and increase customer activity and therefore mobile money Average Revenue per Subscriber (ARPUs)?
• It was found that Customers encounter a positive experience at the point of registration (e.g. an Agent who thoroughly explains the service) is likely to transact on that same day and have an increase in ARPU of 100% [1].•
September 8, 2016 15DFS: Access, Infrastructure, Security, Digital
Identity, Authentication and Risk Management
• It is obvious that infrastructure availability is a needed before MM scheme can be implemented.
• Both Technology infrastructure as well as financial infrastructure are needed.
• Telecom network is used as a transport carrier for the MM services.
November 18, 2015 mPayment: 16
* Infrastructure ….
• Many MM practices ignore the need for the Financial Infrastructure.
• Settlement and Reconciliation among participants in the MM operation should be taken seriously especially after the expansion of the services to cover millions of customers.
• In addition, it can be a mixture between small amount settlement and medium size amount of settlement.
• Banks should be the focal point for all these settlements.
2 Infrastructure: Financial ….
1. Interoperability.
2. Technology Impact on Ecosystem.
3. Regulatory Issues.
4. Consumer Risks.
5. Security Issues.
6. User Friendliness.
* Infrastructure: Success Factors .…
• Interoperability is a factor that we shall deal with later and is needed on two levels: local level and for for Cross-boarder operations
• Technology Impact on Ecosystem: How the technology is supporting the growth of the business and alleviating some of the drawbacks of the services.
* Infrastructure: Success Ingredients …
2 Infrastructure: Success Ingredients …
•User Friendliness: This is normally referred to the ease of the MM process starting with the registration and until the account becomes active for a reasonable period of time (normally 90 days).
•.
2 Infrastructure: Consumer Risks…
Despite the high satisfaction of many customers with DFS, accumulating evidence shows that consumers also perceive or encounter common problems that can open them up to risks including financial loss.
These include the following[3]:
•.
3 Infrastructure: Consumer Risks…
1. Inability to transact due to network/service Downtime.
2. Insufficient agent liquidity or float, which also affects ability to transact.
3. User interfaces that many find complex and confusing.
4. Poor customer recourse.5. Nontransparent fees and other terms.6. Fraud that targets customers.7. Inadequate data privacy and protection.
• Two main areas for security:
– the regulatory environment and
– the customers and financial institutions concerns about the data protection of the transactions.
* Security …
• The main concerns that regulators may have:– Legal Status: if the MM is MNO driven, will the
MNO be acting as a bank?
– Money Laundering – could the system be used to launder money?
– Security – is the system secure for the customers?
• Since the Customer is always in control of the MM account, it is hard to claim that MNO is acting like a Bank.
• In addition, the MM can be made Bank lead instead of MNO lead.
2 Security …
• Other Legal matters can be covered gradually through revision of existing laws and regulations.
• For the protection against Money laundry, Customers can be divided into groups with caps for the total amunt of money that can be dealt with.
• KYC can be imposed accordingly.
3 Security …
• With the growth in number number of online services, the level of risk associated with it has increased.
• The need for more sophisticated, secure and convenient ways of creating, managing and applying digital identities is becoming more urgent.
* The Outlook of Digital Identity …
• Mobile identity represents a powerful platform which offers a compelling proposition for businesses and governments seeking to provide secure access to digital services.
• Some of the supporting signs for the mobile to act a suitable platform for a secure digital identity solution are[4]:
2 Mobile Identity as a Digital Identity …
– The Mobile Phone is an enabler uniquely placed to provide the convenience and security consumers want when accessing online services
– Mobile is already causing transformation in Payments and represents a natural extension to be used as digital identity.
– The SIM card is constantly authenticating and can be upgraded to assume its role as an identity into next generation.
– The value of mobile identity lies in its ability to provide increased convenience and accessibility, strong security and enhanced privacy for people.
– Lower implementation costs and higher uptake of digital services.
• Thus mobile identity unlocks the potential of the digital economy.
• In most of the surveys conducted for MM security (protection of Customers’ Money) was raised as a concern and issue that needed to be addressed before they would use mobile payments.
• In response to this, the European Central Bank has set out five guiding principles which mobile payment solutions should implement:– Strong customer authentication and
– secure data handling,
– implementation of robust data protection mechanisms to protect sensitive data whenever it is transmitted, processed or stored.
* Data Protection …
• The authentication of MM user should be through one of 3 choices:
(i) something only the user knows (e.g. a static password, code or personal identification number);
(ii) something only the user possesses (e.g. a token, smart card or mobile device 6); and
(iii) something the user is (e.g. a biometric characteristic, such as a fingerprint).
• In addition, the breach of one does not compromise the other(s); i.e. the elements selected must be mutually independent.
• At least one of the elements should be nonreusable and non-replicable (except for inherence), and not capable of being surreptitiously stolen.
* User Protection …
• Regulation is needed to balance between different actors on the market offering the same or similar services.
• We shall come back to this isue in session 6.
November 18, 2015 mPayment: 31
* Regulation ….
• The reach of MM services to consumers in rural and remote areas is a critical success factor.
• Banks have learned through this experience to utilise agents to deliver bank’s services in remote areas.
• Protection of consumers has become a paramount issue for Regulators (in both the financial services and the Telecoms sectors).
November 18, 2015 mPayment: 32
* Consumer Protection ….
• MM is widely used among the poorest in countries with a regulatory framework that supports interoperability[2].
• However, stronger consumer protection seems to be associated to lower usage among the poorest.
• One possible explanation is that stronger consumer protection regulation increases the cost of providing MM services, thus reducing its usage among the poorer.
November 18, 2015 mPayment: 33
* Stronger Consumer Protection…
[1] Porteous, D. (2006). The Enabling Environment for Mobile Banking in Africa, Bankable Frontier, commissioned by the Department for International Devel opment. Available:
http://www.Bankable/rontiercom/assets/ee.mobil.banking.report.v3.1.pdf
[last accessed 15 October 2015].
[2] Eva Gutierrez, Sandeep Singh, “What Regulatory Frameworks Are More Conducive to Mobile Banking?”, The World Bank Publication, Latin America and the Caribbean Region, Finance and Private Sector Development, October 2013.
November 18, 2015 mPayment: 34
1 References …
[1] The GSMA’s Mobile Money programme, “STATE OF THE INDUSTRY 2013 Mobile Financial Services for the Unbanked”, www.gsma.com/mobilemoney.
[2] European Central Bank, “RECOMMENDATIONS FOR THE SECURITY OF MOBILE PAYMENTS”, accessed at:
https://www.ecb.europa.eu/paym/cons/pdf/131120/recommendationsforthesecurityofmobilepaymentsdraftpc201311en.pdf
On 07.08.2016.
[3] McKee, K., Kaffenberger, M. and Zimmerman, J. (2015), “Doing Digital Right: The Case for Stronger Mitigation of Customer Risks.”, Available at: http://www.cgap.org/sites/default/files/Focus-Note-Doing-Digital-Finance-Right-Jun-2015.pdf
[4] GSMA, Feb 16, 2016, “The future of digital identity in building a successful digital society”, at site:
http://www.gsma.com/personaldata/the-future-of-digital-identity-in-building-a-successful-digital-society
On 10.08.2016.
2 References …
m-Payment infrastructure and its ICT applicationNovember 24, 2015 36
Many Thanks.