eArchitecture

From Enterprise Strategy to Delivery – Architecture that delivers in Financial Services
eArchitecture » Page 'The future of Mobile Payments in Europe'

The future of Mobile Payments in Europe

We had an interesting session at the recent Tower Group event in Evian, on the future of Mobile Payments. We didn’t get through many of the prepared slides, but the delegates from a number of european banks expressed their views and experiences from the last few years. Here is my view from that session.

What is meant by mobile payments, are they needed in Europe, what form will they take and what is stopping them?

Mobile Payments, are not specifically a payments problem. The mobile is a channel just like the internet, ATM or PoS terminal. I cannot see the need or will from the banks or central infrastructures to support a new mobile payment type, and there should be no need as with SEPA Credit Transfers (SCT), SEPA Direct Debits (SDD), Card networks (with standardisation from the SEPA Cards Framework enabling new entrants; PayFair looks interesting) and in the UK Faster Payments. The payments element can be made with existing payments, maybe wrapped in a slightly more specific scheme for cross boarder operating, risk and interchange management. So then this is about a mobile channel, which could use the existing payment schemes

Europe is not Africa/Asia, obviously, and the challenges and capabilities available to customers are very different. So I am not sure it is helpful to directly look at the solutions in these regions and expect some direct translation. Even mapping them on to Europe’s un-banked does not take into account the mature levels of regulation and controls on payments in Europe which we should not loose and needs banks and governments to look at the socio-economic reasons these groups remain un-banked. These will not be solved by a bank product, device or piece of plastic.

During the evolution of Mobile Payments, it has been mixed with thinking about Contactless payments, to the point where they seem to flow into each other in discussions. These are two different mountains and the peak of mobile payments is not reachable from the NFC peak. Near Field Communications (NFC) devices, such as Inside Contactless micropass can be embedded in anything a phone, pen, card, or foil that be stuck to anything, like your watch or even mobile. This in effect replaces the card with limited security, without EMV. But this is not mobile payments, and due the risk will “never” enable payments over £100, and will probably stay in the sub £25 range. I see this as a P2B solution, as the person is interacting with a Point of Sale (PoS) terminal. It looks like phone application are able to transfer data to the NFC chip in the phone, which may enable a high level of security, but are people really going to exchange value by tapping their phones together?

Who is going to provide the mobile payment solution? The solution will have to have to have the support of the banks as only they have the systems to manage their customers accounts with the necessary risk, compliance and security demanded by their customers, governments and central banks. These burdens are increased each year and at the moment there is little likelihood in that changing so new entrants will in fact have to become banks, or PSPs. Much as the mobile operators and the hardware manufactures would want a piece of the mobile payment transaction pie, they are little more than data carriers unaware of the value of the packets of data. The mobile payment instruction has to be portable across carriers and hardware platforms, as these cannot be fixed between sender and receiver. End2end standardisation could occur between the mobile operators and hardware vendors, but so could peace in the middle east – I cannot see Apple bring its iPhone to the party with the other mobile hardware vendors.

Mobile Wallets, where the value is stored on the phone in a virtual account or pre-pay account I cannot see going unregulated due to the dangers of criminal exploitation when it goes beyond the gift card market. But this does leave the question are anonymous transfers of value are going to be possible in future? I would hope not, so the black markets have to work harder to launder their funds untraceably. Paying for airline tickets in cash, with no verifiable ID associated with the transaction, should just not be acceptable – Apple did this to stop people buying more than 2 iPhones.

The mobile payments solution could well be an application on an iPhone or internet browser on a mobile phone. As these smart phones, get smarter to the point of offering PoS level of capability and connectivity to the payment network. So is it enough to make a P2P payment, by entering your details into a application carried by other person, or would security concerns be a blocker? The feedback loop of execution and confirmation being received by both parties is going to be key, with a multiple part scheme with banks providing risk management.

This level of security is an authentication problem, of who each of the parties in the transaction are and how they can safely transfer the instructions to their respective accounts. This is an old problem solved today with the use of PKI security systems, distribution and indemnities, as provided by IdenTrust, and would be needed by both parties. The challenge is transferring that authentication message with the payment instruction and this is where mobile application to NFC could play a part. Identity is the real security battle ground, as when that can be assured and checked many other threats can be risk assessed more accurately, and transaction information intelligence applied in realtime for suspicious transfers or even purchases. If the same ID could be tied to airline ticket…

I think in Europe the core elements of a solution are in place, where mobile payments are seen as separate from card/NFC payments – channel technology, and schemes.
Banks could offer a mobile payment solution, but it will still probably require government/payment councils/EPC involvement to get to the Person 2 Person payments, irrevocable, immediate/scheduled transfer of value anywhere where, any value, any time, domestically or across borders, while maintaining regulatory compliance. But this involvement could be as little as standardising on a trust authentication method, that everyone else can be assured off, and huge as bring merchants and public/corporate/government to this marketplace – no the scale of EMV (Chip & PIN). I think this is possible on a pan-european basis but further – unless the US government realise the real value of global ID.

Posted in Banking, Payments
Tags: , ,

5 comments to “The future of Mobile Payments in Europe”

  1. […] This post was mentioned on Twitter by Sailesh Panchal, Sailesh Panchal. Sailesh Panchal said: My thoughts on Mobile Payments in Europe http://bit.ly/4OUSPd […]

  2. […] eArchitecture » The future of Mobile Payments in Europe […]

  3. It is plastic card manufacturer not difficult to understand why the Nobel Peace Prize plastic card manufacturer awarded to the land planting trees in Africa, a non-governmental organizations and individuals are plastic card manufacturer not difficult to understand why the Nobel Committee of the plastic card manufacturer judges knew the hands of some of the Nobel Peace Prize laureate has plastic card manufacturer been covered with the blood.

    but green printing still green printing willing to Nobel Peace Prize awarded to them. Perhaps the Nobel Committee judges it, green printing if they feel benevolent thoughts, discard the killings and strife,green printing population obsessed with peace and human rights, it would receive the green printing Nobel Peace Prize.

    This is a smart card security strong psychological hint, it marks smart card security the Nobel Committee for the Nobel Peace Prize is being given new meaning. smart card security They are based smart card security on forward-looking attitude, the Nobel Peace Prize awarded to smart card security those who may influence others and the world of celebrities.

  4. Interesting perspective on Mobile Payments. Clearly one of the areas for further refinement is in creating a more explicate vocabulary to describe the various types of mobile Payments under discussion or in deployment.

    As I see it of the mobile phone could be the replacement or supplemental form factor capable of enabling what is now branded PayPass/VisaWave/ExpressPay etc. Nothing is really different save a change to the reader technology at the POS.

    Clearly integration with EMV is essential to provide the requisite security, or dowe design something new for this new idea. Then there is the interesting challenge of acknowledging and then addressing the reality that most consumers carry more than one card. Will the Banks accept that their brand is visually displayed on the phone and will the consumer appreciate the application/card selection process that would have to be enabled. So will such a mechanism to enable the phone to replace and merge our cards be acceptable to the consumer and card issuers? Clearly not a technology problem a branding issue.

    Then there is the concept of P2P payments as being deployed in emerging markets where MNOs are extending the functionality of the Pre-paid accounts. Clearly the significant unbanked population assure that this will be a very succesful approach unless the Banks and Mobile Netowrk Operators get into a battle royal. In Europe as the article discusses, why?

    Added to this P2P proposition there is the international remittance market. Clearly Moneygram, Western Union acknowledge and are partnering to offer such services yet complexity does exist. There are issues of regulation, money laundering … that must be included in the design, complicating the situation. On top of this, in order to build such a solution a central switch that will allow someone in Germany to transfer value to someone in Kenya must be established or we will only be able to serve defined routes. From the consumers perspective the reduction in cost makes this an exciting opportunity. The challenge is who will play and who will administer, regulate and ultimately control.

    Back when the capabilities to enable commerce “eCommerce” via the Internet arrived the Banks felt threatened by the idea of “disintermediation” similar concerns exist with Mobile Payments given that the handset manufacturers and Mobile Network Operators see Mobile Payments as a way into the lucrative field of payments. Coming up with a business model that equitably shares revenue is an ongoing area for dialogue and disagreement.

    What I see as the real opportunity is to morph the Mobile Device into a trusted element in the process of assuring identity. Lots of work is going into the establishment of a mobile trusted computing architecture, yet what is the premise, a citizen centric model or … . The real challenge will be to embrace what is and cost effectively enhance the environment to offer such a means of assuring strong authentication.

    Another thought is to migrate the EMV level one functionality into the mobile device, upgrading the technology to support the security requirements defined for an electronic PIN pad and enable two or three factor authentication. Such an approach would assure succes and not trap Contactless (NFC) into only being effective for low value transactions. If we don’t figure out how to address cardholder verification in a NFC enabled environment the merchant will not see the advantage of speed that NFC offers. If I tap with my right, enter my PIN with my right and sign with my right hand the advantage is lost since I have to do something with my card or phone during the cardholder verification process, an interesting challenge of ergonomics.

  5. Philip,

    Thanks for taking the time to comment, and with such depth you bring up some good points.

    Defining the right vocabulary is certainly key and clearly classifying the roles of channel, schemes, regulation, merchants and users – and it may be different for different countries.

    I think the iPhone has shown that the banks solution is to release branded apps for their customer products. It will be a matter of time until most of the banks themselves or with the likes of monitise or Visa/Mastercard et al providing them with white labeled apps for the smart mobiles, release full featured apps. This way the bank/card issuer get their brand and security risk controls under their control. It will be easier for the user too, I think, to select their banks app and the method of payments it enables.

    International remittance will have to be done by the banks for their customers, it will be a long time before SWIFT message and the network of correspondent network of banks need to support such a transfer. The customers bank still hold liability if their customers funds are paid to a watch-listed person. Also the card networks could effect such a transfer but this a P2B, card holder not present type transaction.
    Cross border within Europe is certainly doable, in the “mobile payment” context – of P2P.

    Everyone wants a slice of the pie; handset, mobile operators and banks. But, it is down to who is taking the real risks in mobile payments. Manufactures and Mobile operators are dumb data carriers – customer will not let them access their bank details or even the contents and value of the transacted amounts, so at best they will get is a data rate. For high value (£50 or more) or cross border I am not sure they would want to maintain the levels of capital ratios the banks maintain to ensure in-flight transactions are protected during the D+1 to D+3 payment cycles, or fines for Financial Crime associated being thrown around at the moment. That is not to say they couldn’t be banks, as certainly within Europe the Payments Services Directive has lowered the bar.

    It’s going to be an interesting few years as the banks and card networks try and finally bring real mobile payments to the market place.
    In the UK APACS recent decision to phase out cheques by 2018 and drive solutions on the back of Faster Payments means we’ll see something in the next 3-5 years. Europe is already cheque free but without a Faster Payment scheme so the card networks are going to be important there.

    EMV in the SIM is possible, and mobile application to SIM EMV or hardware EMV is possible. I think for higher value transactions a PIN will always be required, so it will never be a tap and go. The issuer will want to reserve the right for another method of authentication. Let’s dump signatures as a PoS authentication method asap please.

    Agreed that mobile trusted transaction architecture is key, and it will have to have big customer buy in, as it will be managing their financial identity.

Leave a comment

Top of page | Subscribe to new Entries (RSS) | Subscribe to Comments (RSS)