Mobile Payments 101 Richard A. GibbsJune 1, 2011 Karen Ross
Andrew Lorentz How do they work?
Slide 3
2 Agenda What is a mobile payment? Mobile payment technology
Near field communications Value proposition and challenges Critical
issues
Slide 4
3 What is a mobile payment? Mobile payment a payment (transfer
of funds in return for a good or service) where the mobile device
is involved in the initiation and confirmation of the payment
includes P2P transfer of funds Mobile banking access to banking
functionality (query + transaction) via the mobile device includes
the provision of part or all of the banking functionality already
provided by banks over the Internet in the form of online banking
Mobile transaction transaction where the mobile phone is used
simply to initiate an order but not make a payment or to receive
delivery of goods or services (e.g., event ticket bar code)
Slide 5
4 Mobile payments technology Short Message Service (SMS) SMS is
a communication protocol allowing interchange of short text
messages Problems as a mobile payment platform Slow,
store-and-forward operation No security or encryption, sent in
clear text only (except during transmission over the air) No
inherent proof or confirmation of receipt or delivery Generally
used to purchase digital goods (ringtones, avatars, games) or send
money P2P or P2B Send money Send a text to 729725 (PAYPAL). Specify
the amount and the recipients phone number or email address. Send
money Request money Send a text to 729725 (PAYPAL). Include the
words get and from, and then specify the amount and the phone
number of the person youre requesting money from.
Slide 6
5 Mobile payments technology Unstructured Supplementary Service
Data (USSD) USSD is a mechanism for transmitting information via a
GSM network Unlike SMS, USSD offers a real-time connection during a
session which makes it faster Used extensively overseas for mobile
financial services such as remittances and bill payment Examples:
M-Pesa in Kenya, TchoTcho Mobile in Haiti
Slide 7
6 Mobile payments technology Quick response (QR)
two-dimensional barcodes Popular for closed-loop applications
Starbucks, Target, other retailers
Slide 8
7 Mobile payments technology Near field communication (NFC) NFC
is a short-range high frequency wireless communication technology
that enables the exchange of data between devices over about a 4
cm. distance Allows emulation of existing contactless payment
standards (MasterCard PayPass, Visa payWave, American Express
ExpressPay, Discover Zip) Allows P2P transfers (NFC device to NFC
device) Can read tags from smart posters for offers or coupons
Slide 9
8 NFC applications Source: Essentials for Successful NFC Mobile
Ecosystem, NFC Forum (Oct. 2008)
Slide 10
9 NFC business models Mobile network operator centric model MNO
independently deploys mobile payment service Can bypass financial
institutions or develop open wallet application Challenged by lack
of connection to existing payments networks Generally limited to
remittances and P2P Financial institution centric model Financial
institution develops a mobile payment application to be used on any
mobile device Ensures merchants have necessary POS capabilities MNO
involvement may not be necessary Collaborative model Financial
institutions, MNOs, and trusted service managers collaborate to
deliver mobile payment Model favored by the Federal Reserve P2P
model Third party develops application to provide P2P or other form
of mobile payment
Slide 11
10 NFC stakeholders Key Stakeholders Consumer Financial
Institutions (FI)/Banks Mobile Network Operators (MNO) Merchants
Trusted Service Managers (TSM) Supporting Stakeholders Payment Card
Associations Handset Manufacturers Secure Element Manufacturers
Technology Providers (NFC Chipset, POS Terminals) Third Party
Application Providers Standard Bodies
Slide 12
11 NFC mobile payment ecosystem You have banks competing with
carriers competing with Apple and Google, and its pretty much a
goat rodeo until someone sorts it out. Drew Sievers, chief
executive of mFoundry (developer of mobile payment software for
merchants and banks)
Slide 13
12 NFC stakeholder roles Consumers who use the mobile payment
device Issuers and Acquirers who are regulated financial
institutions with access to payment networks (banks and money
transmitters) Merchants who can accept contactless payments Mobile
network operators who ensure a supply of NFC-capable mobile devices
and may be gatekeepers for secure elements Payment networks who set
standards and promote acceptance of payment cards Chip and handset
manufacturers of NFC-capable mobile devices who comply with
standards Trusted service managers who provision and manage the
applications on NFC-capable mobile devices Issuing and acquiring
payment processors who process payments on behalf of issuing and
acquiring banks Application issuers who offer applications for
specific purposes (e.g., proximity payment cards, transit, vending,
person-to-person payments) Application developers who develop
applications for use on NFC-capable mobile devices
Slide 14
13 Standards bodies involved in NFC Maintains, evolves, and
promotes standards for payment account security. Drives adoption of
its technical standards, which provide an open and interoperable
infrastructure for transactions performed using smart cards,
systems, and devices. Engages in technical, commercial, and public
policy initiatives to ensure that mobile services are interoperable
worldwide. Develops mobile service- enabler specifications to
promote interoperability. Establishes international standards,
including standards applicable to financial transactions and
contact and contactless smart cards. Develops, maintains, and
drives adoption of its programming language and APIs, which provide
an open and interoperable infrastructure for applications and
secure communications within devices. Develops specifications for
NFC devices that are based on ISO/IEC standard 18092 for
contactless interfaces, ensuring interoperability among devices and
services.
Slide 15
14 Overview of NFC device components
Slide 16
15 Securing NFC mobile payments Security critical applications
that require payment and account credentials need secure hardware
storage and a secure execution environment Role is handled by the
secure element (SE) A secure element is a platform where
applications can be installed, personalized and managed, which
consists of hardware, software, interfaces, and protocols that
enable the secure storage of credentials and execution of
applications for payment, authentication, and other services
Slide 17
16 Secure element location options On the universal integrated
circuit card (or UICC) Typically this is the phones subscriber
identity module or SIM. MNOs have control of the UICC. On a
separate chip or SD card inserted in the phone. Financial
institutions have the option to be MNO independent. Embedding the
secure element in the phone itself. Preferred option for the
location of the Secure Element
Slide 18
17 Deployment scenarios Simple ModeA MNO- centric model where
only the MNO performs SE lifecycle management functions but TSM can
monitor and verify loading of applications
Slide 19
18 Deployment scenarios closed model One MNO One TSM
Slide 20
19 Deployment scenarios Delegated ModeTSM is authorized to load
applications and perform application lifecycle management
functions
Slide 21
20 Deployment scenarios Authorized ModeSeveral entities are
authorized to load applications and perform application lifecycle
management functions
Slide 22
21 Deployment scenarios open model Multiple MNOs Multiple
TSMs
Slide 23
22 Collaborative business model for NFC
Slide 24
23 Collaborative security model for NFC
Slide 25
24 NFC advantages Security Multiple layers of security (secure
element, PIN, additional authentication factors [phone number, SMS
challenge], information never passed as clear text Lower merchant
liability costs Mag-stripe data exposure is eliminated Lower issuer
costs No physical card distribution Reduced fraud due to lost
cards
Slide 26
25 Value proposition and challenges Customer is always on-line,
which allows for Improved customer relationship management Receipts
sent to phone after purchase Increased yield from marketing spend
Co-marketing purchase concert ticket and get a e-gift card for
purchase of music on iTunes Targeted offers Messages and offers can
be sent to customer in conjunction with a transaction (e.g., rebate
coupons, map to event just purchased) Paperless coupons Smart
offers customized offers sent to customers based on customers
demographics and transaction history
Slide 27
26 Value proposition and challenges Stakeholders have varying
motives for pursuing mobile payments Financial institutions Mainly
a defensive play to protect current payment products Prevent
further disintermediation of the financial institution by keeping
financial institution involved in any solution developed Reduction
of transaction costs of existing payment methods, especially cash
and checks Mobile network operators Provision of value-added
services to subscribers to reduce churn and increase average
revenue per unit through associated increases in airtime and data
usage
Slide 28
27 Value proposition and challenges Merchants Faster checkout
Ability to send directed marketing messages Reduced transaction
costs and fraud liability Increased customer satisfaction and
loyalty through offers and reward programs Consumers Faster
checkout Security Convenience
Slide 29
28 Value proposition and challenges High cost for merchants POS
terminal updates or replacement New systems may need development
Adoption by consumers Consumers averse to change No incentive to
use contactless payment card (even if they have such a card) What
is the revenue model? More players in the revenue food chain
Untested technology
Slide 30
29 Critical issues privacy and control Whose customer is it?
Whose data is it? How can I market to these customers? How can I
help others market to these customers? Google Offers, mobile
couponing How can I use information about these customers?
Geo-location, etc Who controls collection? Who controls
communications with customers? Who safeguards the customer data?
(liability for breach)
Slide 31
30 Critical issues financial services Who powers the payments
and how? What payment instruments? Debit instruments subject to
possible Fed rate cap What authority? (bank or money transmitter)
How does the financial institution meet its compliance obligations?
If the MNO wants control how does it comply with financial services
laws and regulations?
Slide 32
31 Critical issues technology and operations How should the
solution be implemented? Whose intellectual property is used? Is
the business model financial institution- or mobile
operator-centric? Who manages the secure element and applications
on the secure element? Will the application be open or closed (or
somewhere in the middle?) Consumer choice and ubiquity
Slide 33
32 Critical issues - economics What are some possible revenue
models? Incremental revenue attributable to NFC Pay-as-you-go model
MNO or TSM obtains revenue from application issuers for
personalization and provisioning Landlord-tenant model MNO obtains
revenue from charging application issuer rent for space of secure
element Interchange and transaction revenue Banks obtain revenue
through current interchange process no matter which business model
is chosen, however, interchange usage fee must be shared with more
parties MNO obtains revenue from increased data usage