SlideShare une entreprise Scribd logo

Understanding Digital Payments

Santosh Potadar
Santosh Potadar

The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works. Topics covered - NFC;;contacless payments;Mobile Payments;smart cards chips technology;apple pay;Card operating system

Mobile
1  sur  10
Télécharger pour lire hors ligne
DECODING DIGITAL PAYMENTS Methods and Technology Landscape Santosh S. Potadar Samtosh.potadar@gmail.com Abstract The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works.
Introduction Payments and downstream clearing & settlement is at the heart of commerce. We have seen evolution of payment instruments from bartering, centuries ago, to digital payments in today’s digital era. There has never been so easier access to your money on the go. The ubiquitous mobile phone has already made inroads deep into this space. Following is an attempt to decode payments by looking at different payment methods, technologies involved and some of the popular and widely accepted payment solutions revolving around mobile payments, digital wallets. This writing is a high level techno functional document that should give some insights into digital payments space. Payment Methods Remote Payments – Payments that are made from distance where payer and payee are not face to face. Primarily such payments happen through channels like mobile native app wallets, digital wallets over mobile browser or web browser, and through payment gateways that accept payment instruments like credit, debit cards, NetBank account, and in some geographies digital cheques.
Proximity Payments – Payment made where payer and payee are in the vicinity or face to face however the payment card (contactless payment instrument) may be few inches away from accepting terminal. The payment instrument may also be in direct contact with the accepting terminal e.g. contact cards. Digital wallets / mobile wallets and cards are one of the key instruments used for payments. However, globally, predominantly mobile payments is on the rise. There are about 6.5 billion mobile subscriptions out of which there are over 5 billion active mobile users. There were about 245 million mobile payment users in 2013 and Juniper Research predicts that this number will almost double to 450 million mobile payment users and according to Statista volume will grow to 721 billion dollars by 2017. Australian banks reported that due to their adoption of NFC technology the contactless payments increased from 10% to 60% in 2013. According to World Payment Report 2014 the mobile payments to grow by 60% in 2015. Technology Landscape: More or less, be it contact or contactless payment, the ecosystem uses among set of technologies as shown below. For instance, the mobile payments, a form of contactless payment when used in proximity scenario, may use NFC, SE, HCE, Tokenization, Cryptography etc in its solution ecosystem driven by specifications like EMV.
Different Types of payment chip cards: The discussion won’t be complete without the mention of types of chip cards that are used in day to day life. Payment cards are categorized into contact, contactless card and dual interface. The contact chip cards have to come in physical contact with accepting terminal. The way card interacts with terminal is governed by the EVM specifications, which have become global standard for chip card technology. a. What is EMV? – EMV is global set of standards, specifications for credit and debit payment chip card technology. (Europay, MasterCard, Visa). The specifications are managed by
EMVCo. EMVCo is an organization first established by Europay, MasterCard, and Visa. The primary purpose was to globally standardize requirements for interoperability and acceptance of cards by card readers/accepting terminals. The top reason why EMV cards are so widespread is the fact that it significantly enhances the security in transaction with added functionality in main areas like Card Authentication, Cardholder Authentication and Transaction Authorization, thus reducing the frauds emanating from counterfeit, and stolen or lost cards. Globally, 32% of transactions are EMV. There are over 2 billion EMV cards in use and more than 35 million EMV PoS machines deployment around the world. b. What is EMV Chip? – As shown in the figure the chip is small rectangular micro-controller processing unit embedded in plastic card. One of the features of this chip is there is a payment application resident in the chip. (http://www.smartcardbasics.com/smart-card- types.html) c. COS Chip Operating System The card operating system is hardware specific firmware that provides basic functionality to applications, like access to on-card memory, authentication and encryption. The COS is a sequence of instructions embedded onto ROM of smart card. Most applications make use of these instructions Two primary types of COS: a) General purpose COS and b) dedicated COS. Dedicated COS has commands specifically designed for applications. Typically, the issuer has to stick with one application developer, operating system and the chip when they come up with a chip based card product like credit card, debit card, travel card with pre-loaded money etc.
However, the trend now is multi- application cards. JavaCard and MULTOS are the most popular COSs with the bigger market exposure. (Source: http://www.cardwerk.com/smartcards/MULTOS/) d. Standards ISO/IEC 7816, ISO/IEC 14443 are the primary standards for smart cards. ISO/IEC 7816 is a multipart (about 15 in total) international standard for contact and contactless smart cards. Each part of this protocol focuses on specific area of complete card. For example, ISO/IEC 7816-1 talks about Card with Contacts – Physical characteristics. 7816-2 specifies dimensions and location of contacts, 7816-3 specifies electrical interface and transmission protocols and so on and so forth. ISO/IEC 14443 is a four part international standard for contactless smart cards operating at 13.56 MHz for proximity payments at distance less 10cm. Similar to 7816, each part of 14443 specifies certain areas and aspects of contactless cards. For example, 14443-Part 1 describes the physical characteristics of cards, 14443-Part 2 describes the radio frequency power and signal interface, 14443-Part 3 describes the initialization and anti-collision provisions and 14443-Part 4 describes the transmission protocol requirements. What is the difference between ISO/IEC 7816 and EMV standards? The EMV Chip Specifications are based on, and are a subset of, the requirements in the ISO/IEC 7816 series of standards. EMV is implementation oriented, simplified specification. According to EMVCo, if there are any differences in documents the EMV specification takes the precedence. What is difference between ISO/IEC 14443 and NFC standards? ISO/IEC 14443 is a four part standard for contactless smart cards. There are three types of contactless cards Type-A, Type-B and Type-F. The difference is primarily in the part 2 of specification where the RF modulation (signaling method) is different for different types. The actual underlying governing international standard for NFC is ISO/IEC 18092 driven by NFC forum and based on ISO/IEC 14443. ISO/IEC 18092 includes two communication modes viz active and passive (peer-to-peer and NFC tags). There are 3 modes of operations within two modes of communication in ISO/IEC 18092: 1. Read/Write 2. Peer to Peer 3. Card Emulation
There are many mobile payment solutions out there. The few innovative and disruptive ones have been described in following sections. Apple Pay How does it work? In October 2014, with the roll out of iPhone 6 and 6 plys Apple also launched a payment and a digital wallet service based on NFC, SE (Secure element) technology. Apple nicely leveraged and integrated the existing passbook, iTunes and Touch ID services into a payment ecosystems that is being adopted at very fast pace. Apple Pay is being seen as game changers in mobile payments space as it is easier to use for consumers and easier to set up for merchants. The best innovative part is that there is no intervention of MNOs (mobile network operators) required and it works with existing contactless payment terminals like MasterPass, Visa PayWave etc. There is significant reduction in complexities due to the fact that secure element (SE) is not SIM based but within phone hardware itself thus nullifying the need for integrating with MNO payment infrastructure. The secure element is where tokenized information of card credentials stored.
Apple has not yet published its Apple Pay implementation details. However based on some research and their press release here is how the underlying technology works. 1. User adds the card in Passbook or iTunes. Passbook for iPhone will also allow users to use iSight camera to capture card and add information. The default card is generally the first card that is added. Apple Pay can be used in remote payment scenario as it can be integrated with iPhone apps using the APIs. It can also be used in “tap and pay” contactless scenario. The contactless tap and pay payment only works on iPhone 6 and 6 plus. 2. Apple says that they don’t store any card payment information like PAN or any other credentials in cloud. So question is how transaction happens if no card details are stored. Here is the innovative part. Apple provisions a Token for the card in the secure element (SE) of the phone. Who gives a Token for card information? How it is provisioned in SE? Well, the way it is done is like: Once the card is entered manually or through Passbook iSight camera the PAN details are sent over to Apple servers, from there they get sent to payment networks such as MasterCard, Visa or AMEX. The payment network returns token and along with it a token key. Apple Pay is token requester (TR) and payment networks are Tokenization Service Providers (TSP). Payment networks return the token only when a request to card issuer for identification and verification of card is successful. 3. Apple Pay uses EMVCo contactless specification. When user taps the iPhone on contactless NFC terminal the NFC triggers the SE. The SE in phone generates a dynamic cryptogram using combination of token, token key, amount and other transaction details. This token, dynamic cryptogram and other details are sent to terminal. All this interaction happens in compliance with EMVco contactless specification. 4. Once the contactless terminal accepts this information the authentication, authorization process kicks in. The terminal sends this data to acquirer for verification. Acquirer passes this onto payment network. Payment network identifies the data sent as tokenized PAN and sends it to its TSP (token service provider) for de-tokenization. The PAN obtained after de-tokenization is passed onto issuer for authorization. Issuer does authorization based on customer card and account status. After authorization, information flows back to terminal for printing the receipt.
Google Wallet How does it work? Google wallet is a digital/mobile wallet. Google’s aim is to have everything in digital wallet that you typically keep in your physical wallet: credit, debit cards, loyalty cards, coupons, tickets, gift cards etc. Google has released 3 version of its wallet service, the latest one being 3.0 which was released along with Android KitKat (4.4). With this release Google introduced what it is called a Host Card Emulation technology for mobile payments. With this release google has officially ended support for physical device SE in google wallet application. http://www.nfcworld.com/2014/03/17/328326/google-wallet-ends-support-physical-secure- elements/ Google has confirmed its move to HCE: “Host card emulation allows Android applications to communicate directly over NFC on supported devices with Android 4.4 KitKat. When you tap your phone to pay, HCE enables Google Wallet to pass transaction information to the point-of-sale terminal to complete your transaction. Devices that are running older operating systems may no longer support Google Wallet’s tap-and-pay feature” Google Wallet too is compliant with EMVCo contactless specification therefore like Apple Pay there is no need of Google Wallet specific terminal infrastructure. What does HCE work? Users add credit, debit cards payment method onto google wallet account either through web interface or through mobile app. What happens when a card is added to wallet? Where is it stored? Is it really stored anywhere? Yes, unlike ApplePay, Google Wallet stores card details or payment credentials in their secure cloud servers. Secure cloud is new secure element in this ecosystem. Earlier two versions of Google wallet were solely using device based SE (either UICC or embedded device SE or SD card based SE). The NFC controller based on its “AID routing” mechanism directs the NFC communication to either HCE or SE.
The figure summarizes how NFC controller redirects the communication from reader to either SE or to host CPU for HCE transaction. In HCE transaction a host operating system (like Android) and an app running on it is involved. The app may have user interface but in turn it uses HCE service on host operating system. From security perspective HCE app on host OS does not store any card credentials. Instead, HCE app in real-time or at pre-set frequency connects with cloud before each transaction to fetch a limited validity Token or dynamic data for provisioning into the HCE app. This dynamic data is sent to contactless terminal when phone is tapped on terminal. This method is called Tokenization with cloud storage. There is also a method, cloud storage without tokenization where actual card credentials are retrieved from cloud which are then passed onto contactless terminal during the transaction. However this method is least secure. Google in March 2015 announced a revamped version of google wallet called AndroidPay. In a nutshell, Mobile payments will be here to stay with new innovations coming into play day by day. Future looks bright for NFC, contactless payments as it has already gone beyond mobile payments into payments through wearables. As Internet of Things (IoT) or Internet of Everything evolves, it could bring in business models that would require payments. This in itself would be an immense untapped opportunity to look forward to.

Recommandé

Digital payments
Digital payments Digital payments
Digital payments Umashanker Sahu
 
Digital payment
Digital paymentDigital payment
Digital paymentRushikesh Maddalwar
 
Cash Less Society- Digital Payments
Cash Less Society- Digital PaymentsCash Less Society- Digital Payments
Cash Less Society- Digital Paymentsmahajanmanu
 
Digital payments
Digital paymentsDigital payments
Digital paymentsVenkatesh Kumar Maale
 
Digital Payments
Digital PaymentsDigital Payments
Digital Paymentsrohancool
 
Ewallet
EwalletEwallet
EwalletLaxminarayan Sharma
 
Step by-step presentation on digital payments
Step by-step presentation on digital paymentsStep by-step presentation on digital payments
Step by-step presentation on digital paymentsMahantesh Biradar
 
Cashless economy - Presentation of Cashless economy methods to follow
Cashless economy - Presentation of Cashless economy methods to followCashless economy - Presentation of Cashless economy methods to follow
Cashless economy - Presentation of Cashless economy methods to followAbhinav Reddy Lattu
 

Recommandé

Digital payments
Digital payments Digital payments
Digital payments Umashanker Sahu
 
Digital payment
Digital paymentDigital payment
Digital paymentRushikesh Maddalwar
 
Cash Less Society- Digital Payments
Cash Less Society- Digital PaymentsCash Less Society- Digital Payments
Cash Less Society- Digital Paymentsmahajanmanu
 
Digital payments
Digital paymentsDigital payments
Digital paymentsVenkatesh Kumar Maale
 
Digital Payments
Digital PaymentsDigital Payments
Digital Paymentsrohancool
 
Ewallet
EwalletEwallet
EwalletLaxminarayan Sharma
 
Step by-step presentation on digital payments
Step by-step presentation on digital paymentsStep by-step presentation on digital payments
Step by-step presentation on digital paymentsMahantesh Biradar
 
Cashless economy - Presentation of Cashless economy methods to follow
Cashless economy - Presentation of Cashless economy methods to followCashless economy - Presentation of Cashless economy methods to follow
Cashless economy - Presentation of Cashless economy methods to followAbhinav Reddy Lattu
 
Payment Gateway
Payment GatewayPayment Gateway
Payment GatewayKillian Delaney
 
Digital Payment System
Digital Payment SystemDigital Payment System
Digital Payment Systempoojaagrawal153
 
E payment systems
E payment systemsE payment systems
E payment systemsJaipal Dhobale
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in IndiaBinod Sinha
 
Innovation led Digital payments Seminar
Innovation led Digital payments Seminar Innovation led Digital payments Seminar
Innovation led Digital payments Seminar TechXpla
 
E banking
E bankingE banking
E bankingmaartinaa
 
Presentation of digital payments
Presentation of digital paymentsPresentation of digital payments
Presentation of digital paymentspro prosecl
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyRajan Chhangani
 
Epayments system in India and globally iit project
Epayments system in India and globally iit project Epayments system in India and globally iit project
Epayments system in India and globally iit project abhiROCKS1103
 
Mobile Wallet functions
Mobile Wallet functionsMobile Wallet functions
Mobile Wallet functionsMikhail Miroshnichenko
 
Digital wallet(p)
Digital wallet(p)Digital wallet(p)
Digital wallet(p)Gyana Ranjan Swain
 
Cashless Transaction in India
Cashless Transaction in IndiaCashless Transaction in India
Cashless Transaction in IndiaSayanSil2
 
Digital Payments
Digital PaymentsDigital Payments
Digital PaymentsShivam Saxena
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital paymentsArshit Agarwal
 
E wallet
E walletE wallet
E walletMrunmayee Joshi
 
Atm reconciliation manual
Atm reconciliation manualAtm reconciliation manual
Atm reconciliation manualCharles Itsuokor
 
Cashless transactions
Cashless transactionsCashless transactions
Cashless transactionsKabeeranban
 
customer preference towards mobile wallet
customer preference towards mobile walletcustomer preference towards mobile wallet
customer preference towards mobile walletPranav Mital
 
debit cards
debit cardsdebit cards
debit cardsPreeti Agarwal
 
Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankVikash Yadav
 
Secure element content
Secure element contentSecure element content
Secure element contentManjula Weerasinghe
 

Contenu connexe

Tendances

Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in IndiaBinod Sinha
 
Innovation led Digital payments Seminar
Innovation led Digital payments Seminar Innovation led Digital payments Seminar
Innovation led Digital payments Seminar TechXpla
 
Presentation of digital payments
Presentation of digital paymentsPresentation of digital payments
Presentation of digital paymentspro prosecl
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyRajan Chhangani
 
Epayments system in India and globally iit project
Epayments system in India and globally iit project Epayments system in India and globally iit project
Epayments system in India and globally iit project abhiROCKS1103
 
Cashless Transaction in India
Cashless Transaction in IndiaCashless Transaction in India
Cashless Transaction in IndiaSayanSil2
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital paymentsArshit Agarwal
 
Cashless transactions
Cashless transactionsCashless transactions
Cashless transactionsKabeeranban
 
customer preference towards mobile wallet
customer preference towards mobile walletcustomer preference towards mobile wallet
customer preference towards mobile walletPranav Mital
 

Tendances (20)

Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
 
Digital Payment System
Digital Payment SystemDigital Payment System
Digital Payment System
 
E payment systems
E payment systemsE payment systems
E payment systems
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment system
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in India
 
Innovation led Digital payments Seminar
Innovation led Digital payments Seminar Innovation led Digital payments Seminar
Innovation led Digital payments Seminar
 
E banking
E bankingE banking
E banking
 
Presentation of digital payments
Presentation of digital paymentsPresentation of digital payments
Presentation of digital payments
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian Economy
 
Epayments system in India and globally iit project
Epayments system in India and globally iit project Epayments system in India and globally iit project
Epayments system in India and globally iit project
 
Mobile Wallet functions
Mobile Wallet functionsMobile Wallet functions
Mobile Wallet functions
 
Digital wallet(p)
Digital wallet(p)Digital wallet(p)
Digital wallet(p)
 
Cashless Transaction in India
Cashless Transaction in IndiaCashless Transaction in India
Cashless Transaction in India
 
Digital Payments
Digital PaymentsDigital Payments
Digital Payments
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital payments
 
E wallet
E walletE wallet
E wallet
 
Atm reconciliation manual
Atm reconciliation manualAtm reconciliation manual
Atm reconciliation manual
 
Cashless transactions
Cashless transactionsCashless transactions
Cashless transactions
 
customer preference towards mobile wallet
customer preference towards mobile walletcustomer preference towards mobile wallet
customer preference towards mobile wallet
 
debit cards
debit cardsdebit cards
debit cards
 

En vedette

Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankVikash Yadav
 
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation CompanyDigital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation CompanyMark Bradbury
 
Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009rkasai
 
CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015Patrick Bucquet
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web ApplicationsOlivier Potonniée
 
Sector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the PhilippinesSector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the PhilippinesMaurice Gonzales, MTM
 
Executing Digital Payment Strategy
Executing Digital Payment StrategyExecuting Digital Payment Strategy
Executing Digital Payment StrategyHeru Sutadi
 
Android HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFCAndroid HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFCNFC Forum
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionableBackbase
 
Bipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul Kumar
 
Consumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-WalletConsumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-WalletAshitha Devan
 
Outlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePaymentOutlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePaymentHenry Sampson
 
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...Cashless Society (Cashless Economy, Online Transactions, is india moving towa...
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...Jeet Amrutiya
 
Cashless Powerpoint
Cashless PowerpointCashless Powerpoint
Cashless Powerpointguest6faf386
 

En vedette (20)

Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bank
 
Secure element content
Secure element contentSecure element content
Secure element content
 
1. digital payments
1. digital payments1. digital payments
1. digital payments
 
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation CompanyDigital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
 
Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009
 
CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015
 
From Payment to Digital Wallet
From Payment to Digital WalletFrom Payment to Digital Wallet
From Payment to Digital Wallet
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web Applications
 
Sector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the PhilippinesSector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the Philippines
 
Executing Digital Payment Strategy
Executing Digital Payment StrategyExecuting Digital Payment Strategy
Executing Digital Payment Strategy
 
Android HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFCAndroid HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFC
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
 
Digital wallet
Digital walletDigital wallet
Digital wallet
 
Bipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-banking
 
Consumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-WalletConsumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-Wallet
 
Paytm
PaytmPaytm
Paytm
 
Outlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePaymentOutlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePayment
 
PAYTM PROJECT
PAYTM PROJECTPAYTM PROJECT
PAYTM PROJECT
 
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...Cashless Society (Cashless Economy, Online Transactions, is india moving towa...
Cashless Society (Cashless Economy, Online Transactions, is india moving towa...
 
Cashless Powerpoint
Cashless PowerpointCashless Powerpoint
Cashless Powerpoint
 

Similaire à Understanding Digital Payments

Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022nimbleappgenie
 
Digital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdfDigital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdfSuccessiveDigital
 
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...IRJET Journal
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)Krishna Kumar
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesMEDICI admin
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometricijtsrd
 
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011QITCOM
 
Types of ewallets and their issues & challenges
Types of ewallets and their issues & challengesTypes of ewallets and their issues & challenges
Types of ewallets and their issues & challengesnimbleappgenie
 
HCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementHCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementNick Norman
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Smart Payment Association
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Sahan Walpitagamage
 
Concepts of Digital Banking
Concepts of Digital BankingConcepts of Digital Banking
Concepts of Digital BankingAbinayaS31
 
Emerging Technologies in Payment Industry
Emerging Technologies in Payment IndustryEmerging Technologies in Payment Industry
Emerging Technologies in Payment IndustryErfan Moradian
 
Web technology and commerce unit 4
Web technology and commerce unit 4Web technology and commerce unit 4
Web technology and commerce unit 4arun0501
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0Nugroho Gito
 

Similaire à Understanding Digital Payments (20)

Smart cards
Smart cardsSmart cards
Smart cards
 
Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022
 
Digital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdfDigital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdf
 
Report
ReportReport
Report
 
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometric
 
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
 
E walllet / Digital Wallet
E walllet / Digital WalletE walllet / Digital Wallet
E walllet / Digital Wallet
 
Types of ewallets and their issues & challenges
Types of ewallets and their issues & challengesTypes of ewallets and their issues & challenges
Types of ewallets and their issues & challenges
 
Money pad ppt
Money pad pptMoney pad ppt
Money pad ppt
 
HCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementHCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_Element
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
 
Moneypad
MoneypadMoneypad
Moneypad
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)
 
Concepts of Digital Banking
Concepts of Digital BankingConcepts of Digital Banking
Concepts of Digital Banking
 
Emerging Technologies in Payment Industry
Emerging Technologies in Payment IndustryEmerging Technologies in Payment Industry
Emerging Technologies in Payment Industry
 
Web technology and commerce unit 4
Web technology and commerce unit 4Web technology and commerce unit 4
Web technology and commerce unit 4
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0
 

Dernier

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun serviceanilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual serviceanilsa9823
 
9892124323 | Book Call Girls in Juhu and escort services 24x7
9892124323 | Book Call Girls in Juhu and escort services 24x79892124323 | Book Call Girls in Juhu and escort services 24x7
9892124323 | Book Call Girls in Juhu and escort services 24x7Pooja Nehwal
 
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,Pooja Nehwal
 
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPsychicRuben LoveSpells
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRnishacall1
 

Dernier (7)

BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 71 Noida Escorts >༒8448380779 Escort Service
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best Night Fun service
 
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best sexual service
 
9892124323 | Book Call Girls in Juhu and escort services 24x7
9892124323 | Book Call Girls in Juhu and escort services 24x79892124323 | Book Call Girls in Juhu and escort services 24x7
9892124323 | Book Call Girls in Juhu and escort services 24x7
 
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
Call US Pooja 9892124323 ✓Call Girls In Mira Road ( Mumbai ) secure service,
 
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost LoverPowerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
Powerful Love Spells in Arkansas, AR (310) 882-6330 Bring Back Lost Lover
 
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCRFULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
FULL ENJOY - 9999218229 Call Girls in {Mahipalpur}| Delhi NCR
 

Understanding Digital Payments

  • 1. DECODING DIGITAL PAYMENTS Methods and Technology Landscape Santosh S. Potadar Samtosh.potadar@gmail.com Abstract The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works.
  • 2. Introduction Payments and downstream clearing & settlement is at the heart of commerce. We have seen evolution of payment instruments from bartering, centuries ago, to digital payments in today’s digital era. There has never been so easier access to your money on the go. The ubiquitous mobile phone has already made inroads deep into this space. Following is an attempt to decode payments by looking at different payment methods, technologies involved and some of the popular and widely accepted payment solutions revolving around mobile payments, digital wallets. This writing is a high level techno functional document that should give some insights into digital payments space. Payment Methods Remote Payments – Payments that are made from distance where payer and payee are not face to face. Primarily such payments happen through channels like mobile native app wallets, digital wallets over mobile browser or web browser, and through payment gateways that accept payment instruments like credit, debit cards, NetBank account, and in some geographies digital cheques.
  • 3. Proximity Payments – Payment made where payer and payee are in the vicinity or face to face however the payment card (contactless payment instrument) may be few inches away from accepting terminal. The payment instrument may also be in direct contact with the accepting terminal e.g. contact cards. Digital wallets / mobile wallets and cards are one of the key instruments used for payments. However, globally, predominantly mobile payments is on the rise. There are about 6.5 billion mobile subscriptions out of which there are over 5 billion active mobile users. There were about 245 million mobile payment users in 2013 and Juniper Research predicts that this number will almost double to 450 million mobile payment users and according to Statista volume will grow to 721 billion dollars by 2017. Australian banks reported that due to their adoption of NFC technology the contactless payments increased from 10% to 60% in 2013. According to World Payment Report 2014 the mobile payments to grow by 60% in 2015. Technology Landscape: More or less, be it contact or contactless payment, the ecosystem uses among set of technologies as shown below. For instance, the mobile payments, a form of contactless payment when used in proximity scenario, may use NFC, SE, HCE, Tokenization, Cryptography etc in its solution ecosystem driven by specifications like EMV.
  • 4. Different Types of payment chip cards: The discussion won’t be complete without the mention of types of chip cards that are used in day to day life. Payment cards are categorized into contact, contactless card and dual interface. The contact chip cards have to come in physical contact with accepting terminal. The way card interacts with terminal is governed by the EVM specifications, which have become global standard for chip card technology. a. What is EMV? – EMV is global set of standards, specifications for credit and debit payment chip card technology. (Europay, MasterCard, Visa). The specifications are managed by
  • 5. EMVCo. EMVCo is an organization first established by Europay, MasterCard, and Visa. The primary purpose was to globally standardize requirements for interoperability and acceptance of cards by card readers/accepting terminals. The top reason why EMV cards are so widespread is the fact that it significantly enhances the security in transaction with added functionality in main areas like Card Authentication, Cardholder Authentication and Transaction Authorization, thus reducing the frauds emanating from counterfeit, and stolen or lost cards. Globally, 32% of transactions are EMV. There are over 2 billion EMV cards in use and more than 35 million EMV PoS machines deployment around the world. b. What is EMV Chip? – As shown in the figure the chip is small rectangular micro-controller processing unit embedded in plastic card. One of the features of this chip is there is a payment application resident in the chip. (http://www.smartcardbasics.com/smart-card- types.html) c. COS Chip Operating System The card operating system is hardware specific firmware that provides basic functionality to applications, like access to on-card memory, authentication and encryption. The COS is a sequence of instructions embedded onto ROM of smart card. Most applications make use of these instructions Two primary types of COS: a) General purpose COS and b) dedicated COS. Dedicated COS has commands specifically designed for applications. Typically, the issuer has to stick with one application developer, operating system and the chip when they come up with a chip based card product like credit card, debit card, travel card with pre-loaded money etc.
  • 6. However, the trend now is multi- application cards. JavaCard and MULTOS are the most popular COSs with the bigger market exposure. (Source: http://www.cardwerk.com/smartcards/MULTOS/) d. Standards ISO/IEC 7816, ISO/IEC 14443 are the primary standards for smart cards. ISO/IEC 7816 is a multipart (about 15 in total) international standard for contact and contactless smart cards. Each part of this protocol focuses on specific area of complete card. For example, ISO/IEC 7816-1 talks about Card with Contacts – Physical characteristics. 7816-2 specifies dimensions and location of contacts, 7816-3 specifies electrical interface and transmission protocols and so on and so forth. ISO/IEC 14443 is a four part international standard for contactless smart cards operating at 13.56 MHz for proximity payments at distance less 10cm. Similar to 7816, each part of 14443 specifies certain areas and aspects of contactless cards. For example, 14443-Part 1 describes the physical characteristics of cards, 14443-Part 2 describes the radio frequency power and signal interface, 14443-Part 3 describes the initialization and anti-collision provisions and 14443-Part 4 describes the transmission protocol requirements. What is the difference between ISO/IEC 7816 and EMV standards? The EMV Chip Specifications are based on, and are a subset of, the requirements in the ISO/IEC 7816 series of standards. EMV is implementation oriented, simplified specification. According to EMVCo, if there are any differences in documents the EMV specification takes the precedence. What is difference between ISO/IEC 14443 and NFC standards? ISO/IEC 14443 is a four part standard for contactless smart cards. There are three types of contactless cards Type-A, Type-B and Type-F. The difference is primarily in the part 2 of specification where the RF modulation (signaling method) is different for different types. The actual underlying governing international standard for NFC is ISO/IEC 18092 driven by NFC forum and based on ISO/IEC 14443. ISO/IEC 18092 includes two communication modes viz active and passive (peer-to-peer and NFC tags). There are 3 modes of operations within two modes of communication in ISO/IEC 18092: 1. Read/Write 2. Peer to Peer 3. Card Emulation
  • 7. There are many mobile payment solutions out there. The few innovative and disruptive ones have been described in following sections. Apple Pay How does it work? In October 2014, with the roll out of iPhone 6 and 6 plys Apple also launched a payment and a digital wallet service based on NFC, SE (Secure element) technology. Apple nicely leveraged and integrated the existing passbook, iTunes and Touch ID services into a payment ecosystems that is being adopted at very fast pace. Apple Pay is being seen as game changers in mobile payments space as it is easier to use for consumers and easier to set up for merchants. The best innovative part is that there is no intervention of MNOs (mobile network operators) required and it works with existing contactless payment terminals like MasterPass, Visa PayWave etc. There is significant reduction in complexities due to the fact that secure element (SE) is not SIM based but within phone hardware itself thus nullifying the need for integrating with MNO payment infrastructure. The secure element is where tokenized information of card credentials stored.
  • 8. Apple has not yet published its Apple Pay implementation details. However based on some research and their press release here is how the underlying technology works. 1. User adds the card in Passbook or iTunes. Passbook for iPhone will also allow users to use iSight camera to capture card and add information. The default card is generally the first card that is added. Apple Pay can be used in remote payment scenario as it can be integrated with iPhone apps using the APIs. It can also be used in “tap and pay” contactless scenario. The contactless tap and pay payment only works on iPhone 6 and 6 plus. 2. Apple says that they don’t store any card payment information like PAN or any other credentials in cloud. So question is how transaction happens if no card details are stored. Here is the innovative part. Apple provisions a Token for the card in the secure element (SE) of the phone. Who gives a Token for card information? How it is provisioned in SE? Well, the way it is done is like: Once the card is entered manually or through Passbook iSight camera the PAN details are sent over to Apple servers, from there they get sent to payment networks such as MasterCard, Visa or AMEX. The payment network returns token and along with it a token key. Apple Pay is token requester (TR) and payment networks are Tokenization Service Providers (TSP). Payment networks return the token only when a request to card issuer for identification and verification of card is successful. 3. Apple Pay uses EMVCo contactless specification. When user taps the iPhone on contactless NFC terminal the NFC triggers the SE. The SE in phone generates a dynamic cryptogram using combination of token, token key, amount and other transaction details. This token, dynamic cryptogram and other details are sent to terminal. All this interaction happens in compliance with EMVco contactless specification. 4. Once the contactless terminal accepts this information the authentication, authorization process kicks in. The terminal sends this data to acquirer for verification. Acquirer passes this onto payment network. Payment network identifies the data sent as tokenized PAN and sends it to its TSP (token service provider) for de-tokenization. The PAN obtained after de-tokenization is passed onto issuer for authorization. Issuer does authorization based on customer card and account status. After authorization, information flows back to terminal for printing the receipt.
  • 9. Google Wallet How does it work? Google wallet is a digital/mobile wallet. Google’s aim is to have everything in digital wallet that you typically keep in your physical wallet: credit, debit cards, loyalty cards, coupons, tickets, gift cards etc. Google has released 3 version of its wallet service, the latest one being 3.0 which was released along with Android KitKat (4.4). With this release Google introduced what it is called a Host Card Emulation technology for mobile payments. With this release google has officially ended support for physical device SE in google wallet application. http://www.nfcworld.com/2014/03/17/328326/google-wallet-ends-support-physical-secure- elements/ Google has confirmed its move to HCE: “Host card emulation allows Android applications to communicate directly over NFC on supported devices with Android 4.4 KitKat. When you tap your phone to pay, HCE enables Google Wallet to pass transaction information to the point-of-sale terminal to complete your transaction. Devices that are running older operating systems may no longer support Google Wallet’s tap-and-pay feature” Google Wallet too is compliant with EMVCo contactless specification therefore like Apple Pay there is no need of Google Wallet specific terminal infrastructure. What does HCE work? Users add credit, debit cards payment method onto google wallet account either through web interface or through mobile app. What happens when a card is added to wallet? Where is it stored? Is it really stored anywhere? Yes, unlike ApplePay, Google Wallet stores card details or payment credentials in their secure cloud servers. Secure cloud is new secure element in this ecosystem. Earlier two versions of Google wallet were solely using device based SE (either UICC or embedded device SE or SD card based SE). The NFC controller based on its “AID routing” mechanism directs the NFC communication to either HCE or SE.
  • 10. The figure summarizes how NFC controller redirects the communication from reader to either SE or to host CPU for HCE transaction. In HCE transaction a host operating system (like Android) and an app running on it is involved. The app may have user interface but in turn it uses HCE service on host operating system. From security perspective HCE app on host OS does not store any card credentials. Instead, HCE app in real-time or at pre-set frequency connects with cloud before each transaction to fetch a limited validity Token or dynamic data for provisioning into the HCE app. This dynamic data is sent to contactless terminal when phone is tapped on terminal. This method is called Tokenization with cloud storage. There is also a method, cloud storage without tokenization where actual card credentials are retrieved from cloud which are then passed onto contactless terminal during the transaction. However this method is least secure. Google in March 2015 announced a revamped version of google wallet called AndroidPay. In a nutshell, Mobile payments will be here to stay with new innovations coming into play day by day. Future looks bright for NFC, contactless payments as it has already gone beyond mobile payments into payments through wearables. As Internet of Things (IoT) or Internet of Everything evolves, it could bring in business models that would require payments. This in itself would be an immense untapped opportunity to look forward to.