Export page to Open Document format View page as slide show

Mobile Payment

Mobile payment

  • Payment conducted with mobile devices
  • Goals for payment systems
    • Security
    • Interoperability
    • Privacy
    • Global acceptance
    • Ease of use
  • All goals not required for all


  • Few categories of mobile payments
  1. Mobile P2P – mvia mexico, mPesa
    • Reimburse a friend, pay babby sitter, give kid sister pocket money via PayPal, …
  2. Mobile POS – BlingNation
    • Hardware oriented i.e. RFID, NFC, POS Readers
    • Chip credentials jump start the POS transactions – adoption barriers
  3. Mobile commerce
    • Buying item from mobile (browser/App) not desktop/notebook
    • Ovi, Windows Market place, iPhone store, Android market, Amazon, ebay, etc
  4. Mobile payment acceptance – PAYware Mobile, Android Square
    • Swipe attachment to your phone then use it to receive transaction payments

Mobile Electronic transactions (MeT)

  • MeT initiative formed in 2000
    • To facilitate the different types of mobile payments
  • Changed to MeT Ltd in 2002
  • Vision of mobile phone as Personal Trusted Device (PTD)
    • Ultimate digital wallet used for mobile transactions e.g. mobile wallet
    • App on mobile phone
      • Trusted storage holding tickets, payment Apps, receipts, discount cards
      • Support remote & local transactions
    • Needs security elements
      • Handle encryption
      • Authentication
      • Hold secret data e.g. pin codes, keys, certificates
      • Can be external hardware, software or ICC (intergrated circuit card, smartcards)
  • Currently focused on contactless payment systems based on NFC

Mobile payment landscape (by MeT)

Payment environments

  1. Remote
  2. Local (Proximity)
  3. Desktop

1. Remote

  • Distance between payment service & customer is longer
  • Connections done over network
  • 3rd party handles the charging
    • Service charge in phone bill
  • E.g. Apps
    • SMS based services – logos, backgrounds,ringtones, …
    • Phone call services – parking tickets, coke machines, ..
    • Browsed services – Internet shopping
    • Payment through bank account in Internet (netbank)
    • By giving credit card details (SMS or Internet)
    • In phone bill

2. Local (Proximity)

  • Services are in proximate distance of the customer
    • Coke machine, shop cashier, …
  • Services & payment accessed via local link
    • NFC, RFID, Infrared, Bluetooth, (WLAN)
  • No direct connection to 3rd party
  • Numerous approaches
    • Prepaid accounts
    • Tickets
    • Payment cards
      • Visa electron RFID chip
      • Credit card number

3. Desktop

  • Shopping done via desktop computer
  • Mobile phone used for payment
  • Special case of local payment

Mobile commerce process

  1. Buying
  2. Paying
  3. Receipt

1. Buying

  • Process for customer to select what to buy
  • After selection customer states the will to buy the selected product
    • Customer is often identified at this point
    • Discount give to regular customer
  • At the end of buying process bill is delivered to the customer

2. Paying

  • Customer checks/verifies the bill & hopefully accepts it
  • Customer send his acceptance of the bill with the payment device to the service
  • Customer is charged
    • Loss of payment ticket
    • Money taken from account
    • Charging order sent to 3rd party

3. Receipt

  • Receipt is delivered to customer
    • Either in paper / electronic form
  • Verification of the transaction event

Electronic commerce modelling language (ECML)

  • IETF effort to standardise the notation used for payment information
    • v 1.1. defined in RFC 3106
    • v 2 defined in RFC 4112
      • Released June 2005
      • RFC 3505 defines requirments for ECML v2
      • Update to v 1.1
    • XML based
    • Allows compatibility between different systems
      • Helps the customer

Payment types

  • Before hand
    • Tickets, accounts (for customers)
  • During transaction
    • Accounts (for service provider), credit card (for service provider)
  • Afterwards
    • Billing, credit cards (for customer)

Mobile tickets

  • Ticket – a proof of right to use or access a service
  • Two type of mobile tickets in MeT
    1. Virtual tickets
    2. PTD tickets

1. Virtual tickets

  • Proof/ticket resides at ticket's issuers server
  • Ticket redemption requires user authentication
  • Requires connection to the ticket issuer's server at the use time
  • Acquisition of ticket does not require any object download to mobile device
  • Mobile device requires ID certificate acceptable by service provider
  • Physical e.g. SIM
  • Downloadable certificate
  • Stored at mobile wallet
  • Ticket use
  • Mobile device ID delivered to service
  • Service connects to ticket service & verifies the right of use

2. PTD tickets

  • PTD tickets
    • Ticket resides at the mobile device
    • Possesion of the ticket is proof enough
    • Ticket downloaded from ticketing server
      • Certificate
    • Whole ticketing App downloaded e.g. Java program
  • Ticket use
    • No connection needed to ticket issuer
    • Ticket is uploaded to the server
    • Requires secure handling
    • Prevent copy, multiple use
    • Single use tickets Vs multiple use tickets
    • Tamper proof
    • SMS tickets used for busses & trams in Helsinki

Case: Payment with Nokia wallet

  • Consumer X browses merchant's online service & selects items to buy
  • To pay for the purchase - X selects wallet payment & receives a payment request
    • i.e. a payment data form that must be filled in
  • When cursor is in an empty field of payment request, X selects from Option menu:
    • To use wallet / browser auto detects ECML fields (auto ask if X want to use the wallet)
    • To get acces to the wallet App, X needs to enter wallet PIN code

Case: Payment with Nokia wallet ...

  • X selects the payment cards to be used.
    • X is re-directed to the browser & to confirm data entered before accepting the order
  • In high-value purchase, merchant may require X to digitally sign the payment.
    • After accepting the order X receives a signature request
    • X can sign the payment with their personal digital signature PIN
    • This requires a security module (e.g. SIM) in the terminal
  • The merchant sends X an acknowledgement or digital receipt of the successful payment


  • How is my service used?
  • Can I charge from the use of the service?
  • Whats the best way for customers to pay for the service?
  • Do I need to have contracts with 3rd parties for billing?
    • Mobile operators
    • Credit card companies
  • Whats the overhead cost from the payment system to the service?
  • Closed or open payment system?
    • Can tickets we sell be used only in our services? or
    • Should we provide world wide compatibility?


Last modified: 2013/07/01 14:42