subscribe: Daily Newsletter

 

Futureproofing key for mobile payment services

0 comments

Fundamo CEO, Hannes van Rensberg, examines the trends in mobile payment channels and highlights the need for robust and scalable solutions to ensure future relevance

There is no doubt that mobile payments will be the way of the future.  The uptake in both emerging and developed countries has been exponential. Organisations wishing to offer this service, however, need to be mindful of the rapid technical advancement taking place in payment channels.
Futureproofing your organisation against the fickle nature of technology trends is the only way to guarantee delivery to customers.
Companies choosing to offer a mobile payment service will be facing a myriad of considerations. Currently there are three readily available channels which can be used to deliver mobile payments.  Each with its own pros and cons.
Security is obviously the main concern and, as with online and ATM banking, making use of at least a dual factor authentication is imperative.  
Security is broken down into what you know (password or pin) who you are (biometrics such as fingerprints or voice recognition) and something you have (one-time passwords).  
By making use of at least two of these, customers are assured of a reasonable level of security.  In fact dual factor security is legislated in the US.
Currently, payments can happen through the use of a browser, application (Java or other) or through a sim browser.
At the moment, using a sim browser is the most secure of these options as the menu is based on the phone's firmware.
Sim cards are also hard to copy, which is a further security feature.  The development of high capacity sims will only add to the opportunity to increase security features.  These sims are shipping with between 500Mb and 1Gb of memory.
Add to that the phenomenal increase in processing power ­ ten to fifteen times of what we currently have ­ and the benefits of using sim-based technology are clear.
That said, the development of the new java standard, JSR 144 which allows the application sitting on the mobile device to talk directly to the firmware, will see a marked increase in application security.
There is also the added benefit of building what is termed "sandboxes", which sit on the computing area of the handset.  This essentially creates a virtual machine to isolate suspicious files from the rest of the system while they are quickly analysed for malicious content or behaviour.  The idea is to create a separate and uncrackable area where the transaction takes place.
However, as we all know, it never takes long before a hack is developed. Add to this, the speed and cunning of phishing and pharming events and it is clear why customers view new technology with suspicion.
The other new technology, which is already in use in Japan, is Near Field Communication (NFC). This enables users to pay for services or goods just by holding a mobile phone close to a compatible reader.
Gartner has predicted that NFC payments will be available in half the world's developed markets by 2012. However, there is still some ironing to be done the protocol and standards side.  Financial institutions will also need to allay fears around privacy and transaction integrity.
It would make sense in this, and indeed all mobile payment technologies, for banks, mobile carriers and other service providers to work in tandem to promote the new technologies and educate the users to boost the adoption rate.
It is also clear when examining the multitude of new standards and payment methods that companies wishing to offer these technologies need to ensure that they have systems that are both robust and scalable.
Banks are currently processing hundreds of payments a second, mobile networks however are processing tens of thousands of transactions a second. Having a solution that can gear the banking backend to engage with the networks requires software solutions that can integrate with both systems.
More importantly, companies must also ensure then that their solution can weather the ongoing and swift change in technology, deliver failsafe service and remain secure no matter what channel has been chosen.