Mobile Payment Approaches

Mobile transaction costs are about 2% compared to Branch and IVR. Use of mobile services might also improve stickiness and customer retention, while lowering support costs.

Mobile is on track to rightfully take its place as the mainstream banking channel. Mobile banking is expected to overtake online banking soon, considering in June a user spent an average of 81 minutes per day on mobile apps vs. 74 minutes per day on the web. Mobile payments for digital and physical goods, money transfers and NFC(Near Field Communication) transactions are expected to reach $670 Billion by 2015v. PayPal expects to process $3 Billionvi in mobile payments this year alone that shows the popularity of mobile phones as a payment enabler, as well as positioning PayPal as one of the leaders in this space. Mobile payments have enjoyed widespread adoption overseas, especially in developing nations where the lack of infrastructure has accelerated this shift in customer payment modalities (e.g. M-Pesa in Kenya). Gartner’s latest research reportvii says mobile payment users worldwide will surpass 141.1 million this year, a 38.2% rise from last year, when users reached 102.1 million. Globally, the value of mobile payments is forecast to total $86.1 Billion, up 75.9% from last year’s figure of $48.9 Billion.

Mobile payments are currently synonymous with contactless technologies such as NFC despite the fact that NFC is not required as an enabler. Paying for physical or virtual goods as well as P2P money transfers are all possible today utilizing today's hardware and existing payment solutions. Two broad categories exist in the realm of mobile payments, namely remote payments and proximity payments. Remote mobile payments may be implemented using the existing financial payments infrastructure or using a closed loop mobile payments system. The much hyped NFC based payments support the latter, and mostly software solutions exist for the former, for e.g. PayPal. The most obvious differences between the two are speed, ease of use, and the fact that NFC payments use the existing financial payments processing infrastructure. Proximity payments may not require setting up payment processes or accounts with a trusted third party, and the payment data is linked directly to a payment card issued to the consumer by a trusted financial institution. Following, we present the three different approaches to NFC based proximity payment solutions that differ primarily on the placement of the NFC secure element (one’s encrypted payment card credentials) in the NFC enabled handset, whether its embedded in the phone hardware, on the SIM card or on a separate microSD card. Each approach has its own advantages and short falls, as listed below.

I. EMBEDDED SOLUTION:

In this approach, the NFC secure element is baked in to the phone hardware, such as in the case of the Google Nexus S, which comes with an NFC chip from NXP. RIM, Google and possibly Microsoft and Apple would prefer that the secure element be embedded on the phone so that they have access to invaluable customer spending preferences while positioning the handset makers to provide easier upgrade paths to newer handset models for customers.

Advantages include:

• Provides a common architecture for content providers independent of the mobile phone technology – GSM or CDMA
• Data encrypted while stored and remains encrypted for processing along the entire data path.

Example: A combination of the PN544 NFC controller along with an embedded SmartMX secure element was chosen for the Google Nexus S. It can also support SWP, which allows a mobile operator put a secure element in the SIM.

Disadvantages include:

• Difficult to transfer applications to a new handset.
• In the event of repair, even though encrypted, the secure element will be in someone else’s hands for an extended period.
• Not many phones exist currently that support an onboard NFC Chipviii.
• With each new device, applications will have to be re-tested, leading to delayed deployment.

II. SIM BASED SOLUTION:

Traditionally the SIM Card, which already plays a key role on handsets by identifying the subscriber and related account, was the ideal Secure Element of choice for supporting mobile payments. Its formidable security and OTA provisioning capabilities made it an ideal choice, but ultimately the evolving ecosystem blanched at giving too much control to a single stakeholder – the mobile operator. Control has slowly begun to shift from the mobile operator in to the ecosystem via external SE approaches and Trusted Service Managers (TSM). ISIS, an operator led initiative is a key example of a SIM based SE solution that started its life as an independent payments processor and morphed later in to a TSMix. Advantages include:

• Preferred by MNO’s and controlled by the issuing party.
• Meets security standards imposed by Financial Institutions
• Faster deployment as this method is independent of handsets, current and future
• OTA(Over-the-Air) Provisioning possible so that new applications can be downloaded remotely
• In the case of a lost device, all applications on the SIM can be blocked (or unblocked)
• Provides mobility for the consumer financial credentials
• Can be segmented in to a number of security compartments to support multiple cards

Disadvantages Include:

• Requires cooperation from the operator network
• When multiple payment applications are present in one SIM card, questions arise as to who maintains control and visibility of credit cards from separate banks.
• Ambiguity around the role operator networks will play in the ensuing transaction and whether they will opt for revenue sharing or a flat fee.

III. SECURE DIGITAL CARD BASED SOLUTION:

This approach commonly comprises of a self-contained SD Card/NFC antenna combo that allows the handset to communicate with contactless readers. An approach that stores the Secure Element on SD cards has the added advantage of being totally agnostic of operator networks and handset manufacturers. DeviceFidelity which provides a microSD card based Secure Element has partnered with VISA on its In2Pay microSD solution to offer NFC payment capabilities across VISA’s payWave platform. DeviceFidelity allows its microSD cards to be issued and personalized like traditional smart cards. It has partnered with Vivotech to add OTA provisioning capabilities to its In2Pay microSD productx.

Advantages include:

• Rapid application deployment
• Works with existing hardware
• Agnostic of operator networks or phone hardware and therefore, preferred by Financial Institutions
• Allows the Card Issuing Bank to own the secure element
• Secure Element can stay in the microSD card while relying on the handset for NFC capabilities.

Disadvantages include:

• No standard currently exists on secure communication between SD Card and Keypad/Screen
• May mean multiple cards for multiple banks
• Requires an available SD Card slot
• Higher Cost and ambiguity over who will pay for the microSD card - customer or the issuing bank.