View page as slide show

Resources

Mobile payment

  • Payment conducted with mobile device
  • Goals for payment system
    • Security
    • Interoperability
    • Privacy
    • Global acceptance
    • Ease of use
  • All the goals not required for

MeT

  • Mobile Electronic Transactions Initiative was formed 2000
    • to faciliate the different types of mobile payments.
  • Changed to MeT Ltd in 2002
  • Vision of Mobile phone as Personal Trusted Device
    • Ultimate digital wallet used for mobile transactions e.g. Mobile wallet
      • Application on mobile phone
        • Trusted storage that holds tickets, payment applications, receipts, discount cards
        • Supports remote and local transactions
    • Requires security element
      • handles encryption,
      • authentication
      • holds the secret data e.g. pin codes, keys, certificates
      • Can be external hardware, software or ICC (Integrated Circuit Card, Smartcard)
  • Currently concentrates on contactless payment systems based on NFC.

Mobile payment landscape (by MeT)

Payment environments

1. Remote

  • Distance between payment service and customer is longer.
  • Connections done over networks
    • accessing Internet with some access tehcnology: Wireless LANs, Mobile phone technologies, (Bluetooth)
    • Phone payments: Mobile phone technologies (http://www.payway.fi/)
  • Third party handles the charging
    • service charge in phone bill
  • Example applications
    • SMS based services: logos, ringtones …
    • Phone call services: parking tickets, coke machines
    • Browsed services: Internet shopping
  • Payment
    • through bank account in Internet
    • by giving credit card details (either via SMS or Internet)
    • on phone bill

2. Local (proximity)

  • services reside in the proximity of the customer
    • coke machine, shop cashier…
  • service and payment accessed via local link
    • NFC, RFID, Infrared, Bluetooth, (Wireless LANs).
  • No direct connection to third party
  • several approaches
    • prepaid accounts
    • tickets
    • payment cards
      • Visa Electron RFID chip
      • Creadit card number

3. Desktop

  • Shopping done via desktop computer
  • Mobile phone used for payment
  • Special case of local payment

Mobile Commerce process

  • Buying
    • Process for customer to select what to buy.
    • After selection customer states the will to buy the products
      • Customer is usually identied at this point.
      • Discount can be given to a regular customer
    • At the end of buying process, a bill is delivered to the customer.
  • Paying
    • Customer checks the bill and hopefully accepts it.
    • Customer sends it's acceptance of the bill with the payment device to service
    • Customer is charged
      • Loss of payment ticket
      • Money taken from account
      • Charging order sent to third party
  • Receipt
    • Receipt is delivered to customer
      • etiher paper or electronic
    • Verification of the transaction event.

ECML

  • Electronic Commerce Modelling Language
  • IETF effort to standardize the notation used for payment information
    • version 1.1 defined on RFC 3106
    • version 2 defined in RFC 4112.
      • Released June 2005
      • RFC 3505 defines requirements for ECML v2
      • update to version 1.1
  • XML based
  • Allows compatibility between different systems
    • Helps the customer

Payment types

  • Beforehand
    • Tickets, accounts (for customer)
  • During transaction
    • accounts (for service provider), credit cards (for service provider)
  • Afterwards
    • billing, credit cards (for customer)

Mobile tickets

  • Ticket: a proof of right to use or access a service
  • Two types of mobile tickets in MeT

1. Virtual ticket

  • proof/ticket resides at ticket's issuer server.
  • Ticket redemption requires user authentication.
  • Requires connection to the ticket issuer's server at the use time
  • acquisition of ticket does not require any object download to mobile device
  • Mobile device requires ID certificate that is accepted by service provider
    • physical e.g. SIM
    • downloadable certificate
    • Stored at mobile wallet?
  • Ticket use
    • mobile device ID is delivered to service
    • Service connects to ticket service and verifies the right of use.

2. PTD ticket

  • Ticket resides at the mobile device
  • Possession of the ticket is proof enough
  • Ticket downloaded from ticketing server
    • Certficate
  • Whole ticketing application downloaded e.g. Java program
  • Ticket use
    • No connection required to ticket issuer
    • Ticket is uploaded to the server
  • Require secure handling
    • Prevent copy, multiple use
  • Single use tickets vs multiple use tickets
    • Tamper proof
  • SMS tickets used for busses and trams in Helsinki.

Example: How to use Nokia wallet for payment

1. First the consumer browses a merchant's online service and selects the items to buy.

2. To pay for the purchases, s/he selects wallet payment and receives a payment request, i.e., a payment data form that must be filled in.

3. When the cursor is in an empty field of the payment request, the consumer goes to the Options menu and selects Use wallet or the browser can detect ECML fields and automatically ask if user wants to use the walleet.

  • To get access to the wallet application, user needs to enter wallet PIN code.

4. The consumer then selects the payment card to be used. User is directed back to the browser and can check the information that has been entered into the form before accepting the order.

5. In case of a high-value purchase, a merchant may require the consumer to digitally sign the payment. After accepting the order, the consumer receives a signing request and can sign the payment with his/her personal digital signature PIN. That requires a security module (SIM/WIM) in the terminal.

6. The merchant sends the consumer an acknowledgement or a digital receipt of the successful payment.

Things to consider

  • How is my service used
  • Can I charge from the use of the service
  • What would be the best way for customer to pay for the service
  • Do I need to have contracts with third parties for billing
    • Mobile operator
    • Credit card companies
  • What is the overhead cost from the payment system to the service?
  • Closed or open payment system?
    • can the tickets we sell used only on our services or do we need to provide world wide compatibility?
Last modified: 2013/07/01 14:42