Presentation on theme: "A Secure Mobile Payment Service Stamatis Karnouskos Fraunhofer FOKUS András Vilmos SafePay Systems"— Presentation transcript:
A Secure Mobile Payment Service Stamatis Karnouskos Fraunhofer FOKUS András Vilmos SafePay Systems
2 General Mobile Payment Info 118 million Europeans145 million Asians22 million Americans 118 million Europeans, 145 million Asians and 22 million Americans intend to use their mobile phone for paying small purchases (TowerGroup) $225 Billion by 2005 volume of mobile business will reach $225 Billion by 2005 (United Nations Conference on Trade and Development ) 5 billion Euros in billion Euros in 2006 Mobile Internet-based mobile payment market will grow from around 5 billion Euros in 2002 to nearly 55 billion Euros in 2006 (Wireless World Forum ). 44% 44% of 5,600 mobile phone users on 4 continents surveyed in the February 2002 (global Mobinet study) would like to use their mobile phones for small cash transactions 2.5 G beyond 2.5 G beyond killer application? Why are we not paying TODAY with our mobile phones ???
3 mPay Actors
4 SEMOPS Consortium The largest mobile payment project of the Commission this year: – – 24 months (more than 550 MMs) – – 4 countries (15 participants) – – 6 million Euro budget – – 2 phases - research and development + demonstration
5Tasks Development of a Pan European payment service – technology design – technical development – elaboration of standards – definition of security framework – preparation of EU conformant legal regulation – definition of business model Introduction of the service – pilot operation Hungary, Greece in 2004 – preparation of other demonstration sites Design Development Testing Trial
6Environment There is no suitable payment service!. What there is, is either: not secure not user friendly not recognized Customers are distrustful. Availability is limited. SLOW DEVELOPMENT OF E AND M COMMERCE. A NEW PAYMENT SERVICE CAN SUBSTANTIALLY CHANGE THE OUTLOOK OF THE INDUSTRY. New products and services are available. New customers are making purchases. New transaction types appear.
7 Merchant Merchants Bank Customer Customers Account Manager 1. Transaction data 2. Payment request Data Center 3. Payment notice 4. Verify Payment 5. Transfer money General SEMOPS architecture 1. 1.Merchant provides transaction data to Customer Customer prepares payment request sends it to its trusted partner (Account manager) Customers account manager processes payment request and forwards it through Data Center to Merchants bank Merchants bank advises merchant real time about the payment Settlement is through regular interbank procedures.
8 Evaluation of the model The solution is based on the cooperation of banks and MNOs. It is a general model for internet and mobile payments, for all size transactions (micro, mini, macro), for different payment conditions, with global introduction. The whole service is decentralized, customers and merchants do not have to know each other in advance, do not pre- register with any single third party service providers. Clients of all member banks and MNO-s can transact with each other. The service is account based does not require any cards or any other payment instruments. Both customer and merchant are only communicating with their trusted partners. (Banks, MNOs) No sensitive information is provided by customer to merchant. Customers may even retain their anonymity. (lawful interception is possible, with the cooperation of the two payment processors.)
9 Evaluation of the model (cont.) Customers individually approve each transaction with a PIN (PKI optional, according to the banks policy) After the transaction information leaves customers trusted partner it cannot be traced back to customer by anyone else. (There is no reason to hack communication lines or the Data Center, as there is not any valuable information available, not even for profiling.) Merchants are receiving real-time payment assurance from their own banks. Real time authorization. Banks may even elect to credit the merchant accounts also real time. With the exception of the new SW applications traditional banking infrastructure and processes are utilized. The service allows payment for anything, anytime, anywhere, with the same process. (from the same personalized menu, a couple of clicks and a PIN). Based on standard technology and homogenous rules and regulation even cross-border transactions will be possible.
10 Trust both the customers and merchants are interacting with their trusted partners, the banks and mobile operators Key specifics of the service Speed full automation real time processing Openness account based no centralized authentication no entry barrier for new members (banks, MNO-s) User friendliness easy operation – menu selection, personalization simple preparation With the same process payments can be performed anywhere, in any end-device. Security process customers remain anonymous do not provide personal information to merchant merchant receives guarantee from its own bank hardware and software protection PKI: each transaction is authorized by the customer data storage: the system does not store sensitive information (on non trusted parties) Regulations & Standardisation EU conformity, Integration with state of the art technologies
11 Favourable effects Favourable effects Banks: allows inexpensive entry to E- and M-business generates new transaction revenues allows inter-bank, bank-mobile operator cooperation improves access to other home banking products leverages traditional banking processes and infrastructure Merchants: increases collection security. increases the number of realized transactions opens E- and M-commerce to new clients cost savings Customers: provides secure payment method in E- and M-commerce simplifies and accelerates payment transactions allows payments to a large number of persons, retailers, or businesses Mobile operators: increases transaction revenues opens new line of business, with related new revenue sources allows cooperation with banks and other mobile operators increases customer loyalty paves the way to new mobile services and applications branding