SlideShare a Scribd company logo

Understanding Digital Payments

Santosh Potadar
Santosh Potadar

The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works. Topics covered - NFC;;contacless payments;Mobile Payments;smart cards chips technology;apple pay;Card operating system

Mobile
1 of 10
Download to read offline
DECODING DIGITAL PAYMENTS Methods and Technology Landscape Santosh S. Potadar Samtosh.potadar@gmail.com Abstract The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works.
Introduction Payments and downstream clearing & settlement is at the heart of commerce. We have seen evolution of payment instruments from bartering, centuries ago, to digital payments in today’s digital era. There has never been so easier access to your money on the go. The ubiquitous mobile phone has already made inroads deep into this space. Following is an attempt to decode payments by looking at different payment methods, technologies involved and some of the popular and widely accepted payment solutions revolving around mobile payments, digital wallets. This writing is a high level techno functional document that should give some insights into digital payments space. Payment Methods Remote Payments – Payments that are made from distance where payer and payee are not face to face. Primarily such payments happen through channels like mobile native app wallets, digital wallets over mobile browser or web browser, and through payment gateways that accept payment instruments like credit, debit cards, NetBank account, and in some geographies digital cheques.
Proximity Payments – Payment made where payer and payee are in the vicinity or face to face however the payment card (contactless payment instrument) may be few inches away from accepting terminal. The payment instrument may also be in direct contact with the accepting terminal e.g. contact cards. Digital wallets / mobile wallets and cards are one of the key instruments used for payments. However, globally, predominantly mobile payments is on the rise. There are about 6.5 billion mobile subscriptions out of which there are over 5 billion active mobile users. There were about 245 million mobile payment users in 2013 and Juniper Research predicts that this number will almost double to 450 million mobile payment users and according to Statista volume will grow to 721 billion dollars by 2017. Australian banks reported that due to their adoption of NFC technology the contactless payments increased from 10% to 60% in 2013. According to World Payment Report 2014 the mobile payments to grow by 60% in 2015. Technology Landscape: More or less, be it contact or contactless payment, the ecosystem uses among set of technologies as shown below. For instance, the mobile payments, a form of contactless payment when used in proximity scenario, may use NFC, SE, HCE, Tokenization, Cryptography etc in its solution ecosystem driven by specifications like EMV.
Different Types of payment chip cards: The discussion won’t be complete without the mention of types of chip cards that are used in day to day life. Payment cards are categorized into contact, contactless card and dual interface. The contact chip cards have to come in physical contact with accepting terminal. The way card interacts with terminal is governed by the EVM specifications, which have become global standard for chip card technology. a. What is EMV? – EMV is global set of standards, specifications for credit and debit payment chip card technology. (Europay, MasterCard, Visa). The specifications are managed by
EMVCo. EMVCo is an organization first established by Europay, MasterCard, and Visa. The primary purpose was to globally standardize requirements for interoperability and acceptance of cards by card readers/accepting terminals. The top reason why EMV cards are so widespread is the fact that it significantly enhances the security in transaction with added functionality in main areas like Card Authentication, Cardholder Authentication and Transaction Authorization, thus reducing the frauds emanating from counterfeit, and stolen or lost cards. Globally, 32% of transactions are EMV. There are over 2 billion EMV cards in use and more than 35 million EMV PoS machines deployment around the world. b. What is EMV Chip? – As shown in the figure the chip is small rectangular micro-controller processing unit embedded in plastic card. One of the features of this chip is there is a payment application resident in the chip. (http://www.smartcardbasics.com/smart-card- types.html) c. COS Chip Operating System The card operating system is hardware specific firmware that provides basic functionality to applications, like access to on-card memory, authentication and encryption. The COS is a sequence of instructions embedded onto ROM of smart card. Most applications make use of these instructions Two primary types of COS: a) General purpose COS and b) dedicated COS. Dedicated COS has commands specifically designed for applications. Typically, the issuer has to stick with one application developer, operating system and the chip when they come up with a chip based card product like credit card, debit card, travel card with pre-loaded money etc.
However, the trend now is multi- application cards. JavaCard and MULTOS are the most popular COSs with the bigger market exposure. (Source: http://www.cardwerk.com/smartcards/MULTOS/) d. Standards ISO/IEC 7816, ISO/IEC 14443 are the primary standards for smart cards. ISO/IEC 7816 is a multipart (about 15 in total) international standard for contact and contactless smart cards. Each part of this protocol focuses on specific area of complete card. For example, ISO/IEC 7816-1 talks about Card with Contacts – Physical characteristics. 7816-2 specifies dimensions and location of contacts, 7816-3 specifies electrical interface and transmission protocols and so on and so forth. ISO/IEC 14443 is a four part international standard for contactless smart cards operating at 13.56 MHz for proximity payments at distance less 10cm. Similar to 7816, each part of 14443 specifies certain areas and aspects of contactless cards. For example, 14443-Part 1 describes the physical characteristics of cards, 14443-Part 2 describes the radio frequency power and signal interface, 14443-Part 3 describes the initialization and anti-collision provisions and 14443-Part 4 describes the transmission protocol requirements. What is the difference between ISO/IEC 7816 and EMV standards? The EMV Chip Specifications are based on, and are a subset of, the requirements in the ISO/IEC 7816 series of standards. EMV is implementation oriented, simplified specification. According to EMVCo, if there are any differences in documents the EMV specification takes the precedence. What is difference between ISO/IEC 14443 and NFC standards? ISO/IEC 14443 is a four part standard for contactless smart cards. There are three types of contactless cards Type-A, Type-B and Type-F. The difference is primarily in the part 2 of specification where the RF modulation (signaling method) is different for different types. The actual underlying governing international standard for NFC is ISO/IEC 18092 driven by NFC forum and based on ISO/IEC 14443. ISO/IEC 18092 includes two communication modes viz active and passive (peer-to-peer and NFC tags). There are 3 modes of operations within two modes of communication in ISO/IEC 18092: 1. Read/Write 2. Peer to Peer 3. Card Emulation
There are many mobile payment solutions out there. The few innovative and disruptive ones have been described in following sections. Apple Pay How does it work? In October 2014, with the roll out of iPhone 6 and 6 plys Apple also launched a payment and a digital wallet service based on NFC, SE (Secure element) technology. Apple nicely leveraged and integrated the existing passbook, iTunes and Touch ID services into a payment ecosystems that is being adopted at very fast pace. Apple Pay is being seen as game changers in mobile payments space as it is easier to use for consumers and easier to set up for merchants. The best innovative part is that there is no intervention of MNOs (mobile network operators) required and it works with existing contactless payment terminals like MasterPass, Visa PayWave etc. There is significant reduction in complexities due to the fact that secure element (SE) is not SIM based but within phone hardware itself thus nullifying the need for integrating with MNO payment infrastructure. The secure element is where tokenized information of card credentials stored.
Apple has not yet published its Apple Pay implementation details. However based on some research and their press release here is how the underlying technology works. 1. User adds the card in Passbook or iTunes. Passbook for iPhone will also allow users to use iSight camera to capture card and add information. The default card is generally the first card that is added. Apple Pay can be used in remote payment scenario as it can be integrated with iPhone apps using the APIs. It can also be used in “tap and pay” contactless scenario. The contactless tap and pay payment only works on iPhone 6 and 6 plus. 2. Apple says that they don’t store any card payment information like PAN or any other credentials in cloud. So question is how transaction happens if no card details are stored. Here is the innovative part. Apple provisions a Token for the card in the secure element (SE) of the phone. Who gives a Token for card information? How it is provisioned in SE? Well, the way it is done is like: Once the card is entered manually or through Passbook iSight camera the PAN details are sent over to Apple servers, from there they get sent to payment networks such as MasterCard, Visa or AMEX. The payment network returns token and along with it a token key. Apple Pay is token requester (TR) and payment networks are Tokenization Service Providers (TSP). Payment networks return the token only when a request to card issuer for identification and verification of card is successful. 3. Apple Pay uses EMVCo contactless specification. When user taps the iPhone on contactless NFC terminal the NFC triggers the SE. The SE in phone generates a dynamic cryptogram using combination of token, token key, amount and other transaction details. This token, dynamic cryptogram and other details are sent to terminal. All this interaction happens in compliance with EMVco contactless specification. 4. Once the contactless terminal accepts this information the authentication, authorization process kicks in. The terminal sends this data to acquirer for verification. Acquirer passes this onto payment network. Payment network identifies the data sent as tokenized PAN and sends it to its TSP (token service provider) for de-tokenization. The PAN obtained after de-tokenization is passed onto issuer for authorization. Issuer does authorization based on customer card and account status. After authorization, information flows back to terminal for printing the receipt.
Google Wallet How does it work? Google wallet is a digital/mobile wallet. Google’s aim is to have everything in digital wallet that you typically keep in your physical wallet: credit, debit cards, loyalty cards, coupons, tickets, gift cards etc. Google has released 3 version of its wallet service, the latest one being 3.0 which was released along with Android KitKat (4.4). With this release Google introduced what it is called a Host Card Emulation technology for mobile payments. With this release google has officially ended support for physical device SE in google wallet application. http://www.nfcworld.com/2014/03/17/328326/google-wallet-ends-support-physical-secure- elements/ Google has confirmed its move to HCE: “Host card emulation allows Android applications to communicate directly over NFC on supported devices with Android 4.4 KitKat. When you tap your phone to pay, HCE enables Google Wallet to pass transaction information to the point-of-sale terminal to complete your transaction. Devices that are running older operating systems may no longer support Google Wallet’s tap-and-pay feature” Google Wallet too is compliant with EMVCo contactless specification therefore like Apple Pay there is no need of Google Wallet specific terminal infrastructure. What does HCE work? Users add credit, debit cards payment method onto google wallet account either through web interface or through mobile app. What happens when a card is added to wallet? Where is it stored? Is it really stored anywhere? Yes, unlike ApplePay, Google Wallet stores card details or payment credentials in their secure cloud servers. Secure cloud is new secure element in this ecosystem. Earlier two versions of Google wallet were solely using device based SE (either UICC or embedded device SE or SD card based SE). The NFC controller based on its “AID routing” mechanism directs the NFC communication to either HCE or SE.
The figure summarizes how NFC controller redirects the communication from reader to either SE or to host CPU for HCE transaction. In HCE transaction a host operating system (like Android) and an app running on it is involved. The app may have user interface but in turn it uses HCE service on host operating system. From security perspective HCE app on host OS does not store any card credentials. Instead, HCE app in real-time or at pre-set frequency connects with cloud before each transaction to fetch a limited validity Token or dynamic data for provisioning into the HCE app. This dynamic data is sent to contactless terminal when phone is tapped on terminal. This method is called Tokenization with cloud storage. There is also a method, cloud storage without tokenization where actual card credentials are retrieved from cloud which are then passed onto contactless terminal during the transaction. However this method is least secure. Google in March 2015 announced a revamped version of google wallet called AndroidPay. In a nutshell, Mobile payments will be here to stay with new innovations coming into play day by day. Future looks bright for NFC, contactless payments as it has already gone beyond mobile payments into payments through wearables. As Internet of Things (IoT) or Internet of Everything evolves, it could bring in business models that would require payments. This in itself would be an immense untapped opportunity to look forward to.

Recommended

Cash Less Society- Digital Payments
Cash Less Society- Digital PaymentsCash Less Society- Digital Payments
Cash Less Society- Digital Payments
mahajanmanu
 
Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india
Mathew Chacko
 
Payment gateway/payment service providers and future trends in mobile payment...
Payment gateway/payment service providers and future trends in mobile payment...Payment gateway/payment service providers and future trends in mobile payment...
Payment gateway/payment service providers and future trends in mobile payment...Danail Yotov
 
EMV Overview
EMV OverviewEMV Overview
EMV Overview
Kona Software Lab Limited.
 
Digital payments
Digital paymentsDigital payments
Digital payments
Venkatesh Kumar Maale
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
Killian Delaney
 
Contactless payment technology
Contactless payment technologyContactless payment technology
Contactless payment technology
Law of Compounding
 
Mobile Banking
Mobile BankingMobile Banking
Mobile Banking
Ajitesh Srivastava
 

Recommended

Cash Less Society- Digital Payments
Cash Less Society- Digital PaymentsCash Less Society- Digital Payments
Cash Less Society- Digital Payments
mahajanmanu
 
Overview of digital payments in india
Overview of digital payments in india Overview of digital payments in india
Overview of digital payments in india
Mathew Chacko
 
Payment gateway/payment service providers and future trends in mobile payment...
Payment gateway/payment service providers and future trends in mobile payment...Payment gateway/payment service providers and future trends in mobile payment...
Payment gateway/payment service providers and future trends in mobile payment...Danail Yotov
 
EMV Overview
EMV OverviewEMV Overview
EMV Overview
Kona Software Lab Limited.
 
Digital payments
Digital paymentsDigital payments
Digital payments
Venkatesh Kumar Maale
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
Killian Delaney
 
Contactless payment technology
Contactless payment technologyContactless payment technology
Contactless payment technology
Law of Compounding
 
Mobile Banking
Mobile BankingMobile Banking
Mobile Banking
Ajitesh Srivastava
 
Online payment gateway provider
Online payment gateway providerOnline payment gateway provider
Online payment gateway provider
Payment Gateways
 
Payment Gateway
Payment Gateway Payment Gateway
Payment Gateway
Rohit Srivastav
 
What is all about Mobile Wallet?
What is all about Mobile Wallet?What is all about Mobile Wallet?
What is all about Mobile Wallet?
Devashish Pradhan
 
Digital payments
Digital payments Digital payments
Digital payments
Umashanker Sahu
 
AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System
MOS World
 
Imps flow
Imps flowImps flow
Imps flowDuong The Vinh
 
Digital wallet
Digital walletDigital wallet
Digital wallet
Lokesh Jajoo
 
Digital wallet service in india - Netscribes
Digital wallet service in india - NetscribesDigital wallet service in india - Netscribes
Digital wallet service in india - Netscribes
Netscribes
 
Aadhaar Enable Payment System
Aadhaar Enable Payment SystemAadhaar Enable Payment System
Aadhaar Enable Payment System
Ezulix Software Private Limited
 
Unified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banksUnified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banks
CA Janardhana Gouda
 
Closed-loop payments
Closed-loop paymentsClosed-loop payments
Closed-loop payments
Daniel Baudino
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian Economy
Rajan Chhangani
 
Mobile payment
Mobile paymentMobile payment
Mobile payment
Software Park Thailand
 
Mobile banking
Mobile bankingMobile banking
Mobile banking
Manoj Karangoda
 
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIESE-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
Vinit Varma
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
Ashraf Bashir
 
E wallet
E walletE wallet
E wallet
Mrunmayee Joshi
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in India
Binod Sinha
 
The Mobile Wallet
The Mobile WalletThe Mobile Wallet
The Mobile Walletmidhun jose
 
Unified payment interface
Unified payment interfaceUnified payment interface
Unified payment interface
Ravi Raj Kamal
 
Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bank
Vikash Yadav
 
Secure element content
Secure element contentSecure element content
Secure element contentManjula Weerasinghe
 

More Related Content

What's hot

Online payment gateway provider
Online payment gateway providerOnline payment gateway provider
Online payment gateway provider
Payment Gateways
 
Payment Gateway
Payment Gateway Payment Gateway
Payment Gateway
Rohit Srivastav
 
What is all about Mobile Wallet?
What is all about Mobile Wallet?What is all about Mobile Wallet?
What is all about Mobile Wallet?
Devashish Pradhan
 
Digital payments
Digital payments Digital payments
Digital payments
Umashanker Sahu
 
AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System
MOS World
 
Digital wallet
Digital walletDigital wallet
Digital wallet
Lokesh Jajoo
 
Digital wallet service in india - Netscribes
Digital wallet service in india - NetscribesDigital wallet service in india - Netscribes
Digital wallet service in india - Netscribes
Netscribes
 
Aadhaar Enable Payment System
Aadhaar Enable Payment SystemAadhaar Enable Payment System
Aadhaar Enable Payment System
Ezulix Software Private Limited
 
Unified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banksUnified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banks
CA Janardhana Gouda
 
Closed-loop payments
Closed-loop paymentsClosed-loop payments
Closed-loop payments
Daniel Baudino
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian Economy
Rajan Chhangani
 
Mobile payment
Mobile paymentMobile payment
Mobile payment
Software Park Thailand
 
Mobile banking
Mobile bankingMobile banking
Mobile banking
Manoj Karangoda
 
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIESE-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
Vinit Varma
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
Ashraf Bashir
 
E wallet
E walletE wallet
E wallet
Mrunmayee Joshi
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in India
Binod Sinha
 
The Mobile Wallet
The Mobile WalletThe Mobile Wallet
The Mobile Walletmidhun jose
 
Unified payment interface
Unified payment interfaceUnified payment interface
Unified payment interface
Ravi Raj Kamal
 

What's hot (20)

Online payment gateway provider
Online payment gateway providerOnline payment gateway provider
Online payment gateway provider
 
Payment Gateway
Payment Gateway Payment Gateway
Payment Gateway
 
What is all about Mobile Wallet?
What is all about Mobile Wallet?What is all about Mobile Wallet?
What is all about Mobile Wallet?
 
Digital payments
Digital payments Digital payments
Digital payments
 
AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System AEPS - Aadhaar Enabled Payment System
AEPS - Aadhaar Enabled Payment System
 
Imps flow
Imps flowImps flow
Imps flow
 
Digital wallet
Digital walletDigital wallet
Digital wallet
 
Digital wallet service in india - Netscribes
Digital wallet service in india - NetscribesDigital wallet service in india - Netscribes
Digital wallet service in india - Netscribes
 
Aadhaar Enable Payment System
Aadhaar Enable Payment SystemAadhaar Enable Payment System
Aadhaar Enable Payment System
 
Unified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banksUnified Payments Interface (UPI) - easy way to transfer money through banks
Unified Payments Interface (UPI) - easy way to transfer money through banks
 
Closed-loop payments
Closed-loop paymentsClosed-loop payments
Closed-loop payments
 
Modes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian EconomyModes of Cashless Transactions - Cash-less Indian Economy
Modes of Cashless Transactions - Cash-less Indian Economy
 
Mobile payment
Mobile paymentMobile payment
Mobile payment
 
Mobile banking
Mobile bankingMobile banking
Mobile banking
 
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIESE-BANKING EMERGING ISSUES AND OPPORTUNITIES
E-BANKING EMERGING ISSUES AND OPPORTUNITIES
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
 
E wallet
E walletE wallet
E wallet
 
Digital Payment-Revolution in India
Digital Payment-Revolution in IndiaDigital Payment-Revolution in India
Digital Payment-Revolution in India
 
The Mobile Wallet
The Mobile WalletThe Mobile Wallet
The Mobile Wallet
 
Unified payment interface
Unified payment interfaceUnified payment interface
Unified payment interface
 

Viewers also liked

Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bank
Vikash Yadav
 
1. digital payments
1. digital payments1. digital payments
1. digital payments
Devi Thirupathi
 
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation CompanyDigital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
Mark Bradbury
 
Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009
rkasai
 
CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015
Patrick Bucquet
 
From Payment to Digital Wallet
From Payment to Digital WalletFrom Payment to Digital Wallet
From Payment to Digital Wallet
Sopra Banking Software
 
Innovation led Digital payments Seminar
Innovation led Digital payments Seminar Innovation led Digital payments Seminar
Innovation led Digital payments Seminar
TechXpla
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web Applications
Olivier Potonniée
 
Sector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the PhilippinesSector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the Philippines
Maurice Gonzales, MTM
 
Executing Digital Payment Strategy
Executing Digital Payment StrategyExecuting Digital Payment Strategy
Executing Digital Payment Strategy
Heru Sutadi
 
Android HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFCAndroid HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFC
NFC Forum
 
Step by-step presentation on digital payments
Step by-step presentation on digital paymentsStep by-step presentation on digital payments
Step by-step presentation on digital payments
Mahantesh Biradar
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
Backbase
 
Bipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul Kumar
 
Consumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-WalletConsumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-Wallet
Ashitha Devan
 
Paytm
PaytmPaytm
Paytm
Sujay Lakkimsetti
 
Outlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePaymentOutlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePayment
Henry Sampson
 

Viewers also liked (20)

Digital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bankDigital payment modes financial literacy initiative by syndicate bank
Digital payment modes financial literacy initiative by syndicate bank
 
Secure element content
Secure element contentSecure element content
Secure element content
 
1. digital payments
1. digital payments1. digital payments
1. digital payments
 
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation CompanyDigital Payment Processing by Apply Financial ~ The Payments Validation Company
Digital Payment Processing by Apply Financial ~ The Payments Validation Company
 
Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009Mobile Payments Whitepaper Q3 2009
Mobile Payments Whitepaper Q3 2009
 
CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015CH&Co. eYeka Misys digital money white paper May 2015
CH&Co. eYeka Misys digital money white paper May 2015
 
From Payment to Digital Wallet
From Payment to Digital WalletFrom Payment to Digital Wallet
From Payment to Digital Wallet
 
Innovation led Digital payments Seminar
Innovation led Digital payments Seminar Innovation led Digital payments Seminar
Innovation led Digital payments Seminar
 
Secure Elements in Web Applications
Secure Elements in Web ApplicationsSecure Elements in Web Applications
Secure Elements in Web Applications
 
Sector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the PhilippinesSector Study of Financial Technology in the Philippines
Sector Study of Financial Technology in the Philippines
 
Executing Digital Payment Strategy
Executing Digital Payment StrategyExecuting Digital Payment Strategy
Executing Digital Payment Strategy
 
Android HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFCAndroid HCE: An intro into the world of NFC
Android HCE: An intro into the world of NFC
 
Step by-step presentation on digital payments
Step by-step presentation on digital paymentsStep by-step presentation on digital payments
Step by-step presentation on digital payments
 
PSD2: Making it actionable
PSD2: Making it actionablePSD2: Making it actionable
PSD2: Making it actionable
 
Digital wallet
Digital walletDigital wallet
Digital wallet
 
Bipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-bankingBipul customer perception-towards-internet-banking
Bipul customer perception-towards-internet-banking
 
Consumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-WalletConsumers Perception Towards Growing Mobile-Wallet
Consumers Perception Towards Growing Mobile-Wallet
 
Paytm
PaytmPaytm
Paytm
 
Outlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePaymentOutlook on Cashless Society: Mobile Money, Banking and ePayment
Outlook on Cashless Society: Mobile Money, Banking and ePayment
 
PAYTM PROJECT
PAYTM PROJECTPAYTM PROJECT
PAYTM PROJECT
 

Similar to Understanding Digital Payments

Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022
nimbleappgenie
 
Digital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdfDigital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdf
SuccessiveDigital
 
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET Journal
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)Krishna Kumar
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
MEDICI admin
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometric
ijtsrd
 
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
QITCOM
 
E walllet / Digital Wallet
E walllet / Digital WalletE walllet / Digital Wallet
E walllet / Digital Wallet
Subhash Vadadoriya
 
Types of ewallets and their issues & challenges
Types of ewallets and their issues & challengesTypes of ewallets and their issues & challenges
Types of ewallets and their issues & challenges
nimbleappgenie
 
HCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementHCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementNick Norman
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Smart Payment Association
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)
Sahan Walpitagamage
 
Concepts of Digital Banking
Concepts of Digital BankingConcepts of Digital Banking
Concepts of Digital Banking
AbinayaS31
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment systempankhadi
 
Emerging Technologies in Payment Industry
Emerging Technologies in Payment IndustryEmerging Technologies in Payment Industry
Emerging Technologies in Payment Industry
Erfan Moradian
 
Web technology and commerce unit 4
Web technology and commerce unit 4Web technology and commerce unit 4
Web technology and commerce unit 4
arun0501
 

Similar to Understanding Digital Payments (20)

Smart cards
Smart cardsSmart cards
Smart cards
 
Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022Types of ewallets and their issues & challenges in 2022
Types of ewallets and their issues & challenges in 2022
 
Digital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdfDigital Wallet App Development Guide 2023.pdf
Digital Wallet App Development Guide 2023.pdf
 
Report
ReportReport
Report
 
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
IRJET- High Security in Automated Fare Collection for TollSystem with NFC usi...
 
Digital wallet (e-wallet)
Digital wallet (e-wallet)Digital wallet (e-wallet)
Digital wallet (e-wallet)
 
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative CompaniesAll the 12 Payment Enabling Technologies & 54 Illustrative Companies
All the 12 Payment Enabling Technologies & 54 Illustrative Companies
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometric
 
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
Mr. Ali Rashid al Mohannadi's presentation at QITCOM 2011
 
E walllet / Digital Wallet
E walllet / Digital WalletE walllet / Digital Wallet
E walllet / Digital Wallet
 
Types of ewallets and their issues & challenges
Types of ewallets and their issues & challengesTypes of ewallets and their issues & challenges
Types of ewallets and their issues & challenges
 
Money pad ppt
Money pad pptMoney pad ppt
Money pad ppt
 
HCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_ElementHCE_and_SIM_Secure_Element
HCE_and_SIM_Secure_Element
 
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
Contactless Card Shipments Jump enabling Shoppers Take Advantage of Everyday ...
 
Moneypad
MoneypadMoneypad
Moneypad
 
Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)Electronic Payment Systems (EPS)
Electronic Payment Systems (EPS)
 
Concepts of Digital Banking
Concepts of Digital BankingConcepts of Digital Banking
Concepts of Digital Banking
 
Electronic payment system
Electronic payment systemElectronic payment system
Electronic payment system
 
Emerging Technologies in Payment Industry
Emerging Technologies in Payment IndustryEmerging Technologies in Payment Industry
Emerging Technologies in Payment Industry
 
Web technology and commerce unit 4
Web technology and commerce unit 4Web technology and commerce unit 4
Web technology and commerce unit 4
 

Understanding Digital Payments

  • 1. DECODING DIGITAL PAYMENTS Methods and Technology Landscape Santosh S. Potadar Samtosh.potadar@gmail.com Abstract The document is an attempt to give insights into digital payments space on the whole. It describes the different payment scenarios or methods and how the underlying technology works.
  • 2. Introduction Payments and downstream clearing & settlement is at the heart of commerce. We have seen evolution of payment instruments from bartering, centuries ago, to digital payments in today’s digital era. There has never been so easier access to your money on the go. The ubiquitous mobile phone has already made inroads deep into this space. Following is an attempt to decode payments by looking at different payment methods, technologies involved and some of the popular and widely accepted payment solutions revolving around mobile payments, digital wallets. This writing is a high level techno functional document that should give some insights into digital payments space. Payment Methods Remote Payments – Payments that are made from distance where payer and payee are not face to face. Primarily such payments happen through channels like mobile native app wallets, digital wallets over mobile browser or web browser, and through payment gateways that accept payment instruments like credit, debit cards, NetBank account, and in some geographies digital cheques.
  • 3. Proximity Payments – Payment made where payer and payee are in the vicinity or face to face however the payment card (contactless payment instrument) may be few inches away from accepting terminal. The payment instrument may also be in direct contact with the accepting terminal e.g. contact cards. Digital wallets / mobile wallets and cards are one of the key instruments used for payments. However, globally, predominantly mobile payments is on the rise. There are about 6.5 billion mobile subscriptions out of which there are over 5 billion active mobile users. There were about 245 million mobile payment users in 2013 and Juniper Research predicts that this number will almost double to 450 million mobile payment users and according to Statista volume will grow to 721 billion dollars by 2017. Australian banks reported that due to their adoption of NFC technology the contactless payments increased from 10% to 60% in 2013. According to World Payment Report 2014 the mobile payments to grow by 60% in 2015. Technology Landscape: More or less, be it contact or contactless payment, the ecosystem uses among set of technologies as shown below. For instance, the mobile payments, a form of contactless payment when used in proximity scenario, may use NFC, SE, HCE, Tokenization, Cryptography etc in its solution ecosystem driven by specifications like EMV.
  • 4. Different Types of payment chip cards: The discussion won’t be complete without the mention of types of chip cards that are used in day to day life. Payment cards are categorized into contact, contactless card and dual interface. The contact chip cards have to come in physical contact with accepting terminal. The way card interacts with terminal is governed by the EVM specifications, which have become global standard for chip card technology. a. What is EMV? – EMV is global set of standards, specifications for credit and debit payment chip card technology. (Europay, MasterCard, Visa). The specifications are managed by
  • 5. EMVCo. EMVCo is an organization first established by Europay, MasterCard, and Visa. The primary purpose was to globally standardize requirements for interoperability and acceptance of cards by card readers/accepting terminals. The top reason why EMV cards are so widespread is the fact that it significantly enhances the security in transaction with added functionality in main areas like Card Authentication, Cardholder Authentication and Transaction Authorization, thus reducing the frauds emanating from counterfeit, and stolen or lost cards. Globally, 32% of transactions are EMV. There are over 2 billion EMV cards in use and more than 35 million EMV PoS machines deployment around the world. b. What is EMV Chip? – As shown in the figure the chip is small rectangular micro-controller processing unit embedded in plastic card. One of the features of this chip is there is a payment application resident in the chip. (http://www.smartcardbasics.com/smart-card- types.html) c. COS Chip Operating System The card operating system is hardware specific firmware that provides basic functionality to applications, like access to on-card memory, authentication and encryption. The COS is a sequence of instructions embedded onto ROM of smart card. Most applications make use of these instructions Two primary types of COS: a) General purpose COS and b) dedicated COS. Dedicated COS has commands specifically designed for applications. Typically, the issuer has to stick with one application developer, operating system and the chip when they come up with a chip based card product like credit card, debit card, travel card with pre-loaded money etc.
  • 6. However, the trend now is multi- application cards. JavaCard and MULTOS are the most popular COSs with the bigger market exposure. (Source: http://www.cardwerk.com/smartcards/MULTOS/) d. Standards ISO/IEC 7816, ISO/IEC 14443 are the primary standards for smart cards. ISO/IEC 7816 is a multipart (about 15 in total) international standard for contact and contactless smart cards. Each part of this protocol focuses on specific area of complete card. For example, ISO/IEC 7816-1 talks about Card with Contacts – Physical characteristics. 7816-2 specifies dimensions and location of contacts, 7816-3 specifies electrical interface and transmission protocols and so on and so forth. ISO/IEC 14443 is a four part international standard for contactless smart cards operating at 13.56 MHz for proximity payments at distance less 10cm. Similar to 7816, each part of 14443 specifies certain areas and aspects of contactless cards. For example, 14443-Part 1 describes the physical characteristics of cards, 14443-Part 2 describes the radio frequency power and signal interface, 14443-Part 3 describes the initialization and anti-collision provisions and 14443-Part 4 describes the transmission protocol requirements. What is the difference between ISO/IEC 7816 and EMV standards? The EMV Chip Specifications are based on, and are a subset of, the requirements in the ISO/IEC 7816 series of standards. EMV is implementation oriented, simplified specification. According to EMVCo, if there are any differences in documents the EMV specification takes the precedence. What is difference between ISO/IEC 14443 and NFC standards? ISO/IEC 14443 is a four part standard for contactless smart cards. There are three types of contactless cards Type-A, Type-B and Type-F. The difference is primarily in the part 2 of specification where the RF modulation (signaling method) is different for different types. The actual underlying governing international standard for NFC is ISO/IEC 18092 driven by NFC forum and based on ISO/IEC 14443. ISO/IEC 18092 includes two communication modes viz active and passive (peer-to-peer and NFC tags). There are 3 modes of operations within two modes of communication in ISO/IEC 18092: 1. Read/Write 2. Peer to Peer 3. Card Emulation
  • 7. There are many mobile payment solutions out there. The few innovative and disruptive ones have been described in following sections. Apple Pay How does it work? In October 2014, with the roll out of iPhone 6 and 6 plys Apple also launched a payment and a digital wallet service based on NFC, SE (Secure element) technology. Apple nicely leveraged and integrated the existing passbook, iTunes and Touch ID services into a payment ecosystems that is being adopted at very fast pace. Apple Pay is being seen as game changers in mobile payments space as it is easier to use for consumers and easier to set up for merchants. The best innovative part is that there is no intervention of MNOs (mobile network operators) required and it works with existing contactless payment terminals like MasterPass, Visa PayWave etc. There is significant reduction in complexities due to the fact that secure element (SE) is not SIM based but within phone hardware itself thus nullifying the need for integrating with MNO payment infrastructure. The secure element is where tokenized information of card credentials stored.
  • 8. Apple has not yet published its Apple Pay implementation details. However based on some research and their press release here is how the underlying technology works. 1. User adds the card in Passbook or iTunes. Passbook for iPhone will also allow users to use iSight camera to capture card and add information. The default card is generally the first card that is added. Apple Pay can be used in remote payment scenario as it can be integrated with iPhone apps using the APIs. It can also be used in “tap and pay” contactless scenario. The contactless tap and pay payment only works on iPhone 6 and 6 plus. 2. Apple says that they don’t store any card payment information like PAN or any other credentials in cloud. So question is how transaction happens if no card details are stored. Here is the innovative part. Apple provisions a Token for the card in the secure element (SE) of the phone. Who gives a Token for card information? How it is provisioned in SE? Well, the way it is done is like: Once the card is entered manually or through Passbook iSight camera the PAN details are sent over to Apple servers, from there they get sent to payment networks such as MasterCard, Visa or AMEX. The payment network returns token and along with it a token key. Apple Pay is token requester (TR) and payment networks are Tokenization Service Providers (TSP). Payment networks return the token only when a request to card issuer for identification and verification of card is successful. 3. Apple Pay uses EMVCo contactless specification. When user taps the iPhone on contactless NFC terminal the NFC triggers the SE. The SE in phone generates a dynamic cryptogram using combination of token, token key, amount and other transaction details. This token, dynamic cryptogram and other details are sent to terminal. All this interaction happens in compliance with EMVco contactless specification. 4. Once the contactless terminal accepts this information the authentication, authorization process kicks in. The terminal sends this data to acquirer for verification. Acquirer passes this onto payment network. Payment network identifies the data sent as tokenized PAN and sends it to its TSP (token service provider) for de-tokenization. The PAN obtained after de-tokenization is passed onto issuer for authorization. Issuer does authorization based on customer card and account status. After authorization, information flows back to terminal for printing the receipt.
  • 9. Google Wallet How does it work? Google wallet is a digital/mobile wallet. Google’s aim is to have everything in digital wallet that you typically keep in your physical wallet: credit, debit cards, loyalty cards, coupons, tickets, gift cards etc. Google has released 3 version of its wallet service, the latest one being 3.0 which was released along with Android KitKat (4.4). With this release Google introduced what it is called a Host Card Emulation technology for mobile payments. With this release google has officially ended support for physical device SE in google wallet application. http://www.nfcworld.com/2014/03/17/328326/google-wallet-ends-support-physical-secure- elements/ Google has confirmed its move to HCE: “Host card emulation allows Android applications to communicate directly over NFC on supported devices with Android 4.4 KitKat. When you tap your phone to pay, HCE enables Google Wallet to pass transaction information to the point-of-sale terminal to complete your transaction. Devices that are running older operating systems may no longer support Google Wallet’s tap-and-pay feature” Google Wallet too is compliant with EMVCo contactless specification therefore like Apple Pay there is no need of Google Wallet specific terminal infrastructure. What does HCE work? Users add credit, debit cards payment method onto google wallet account either through web interface or through mobile app. What happens when a card is added to wallet? Where is it stored? Is it really stored anywhere? Yes, unlike ApplePay, Google Wallet stores card details or payment credentials in their secure cloud servers. Secure cloud is new secure element in this ecosystem. Earlier two versions of Google wallet were solely using device based SE (either UICC or embedded device SE or SD card based SE). The NFC controller based on its “AID routing” mechanism directs the NFC communication to either HCE or SE.
  • 10. The figure summarizes how NFC controller redirects the communication from reader to either SE or to host CPU for HCE transaction. In HCE transaction a host operating system (like Android) and an app running on it is involved. The app may have user interface but in turn it uses HCE service on host operating system. From security perspective HCE app on host OS does not store any card credentials. Instead, HCE app in real-time or at pre-set frequency connects with cloud before each transaction to fetch a limited validity Token or dynamic data for provisioning into the HCE app. This dynamic data is sent to contactless terminal when phone is tapped on terminal. This method is called Tokenization with cloud storage. There is also a method, cloud storage without tokenization where actual card credentials are retrieved from cloud which are then passed onto contactless terminal during the transaction. However this method is least secure. Google in March 2015 announced a revamped version of google wallet called AndroidPay. In a nutshell, Mobile payments will be here to stay with new innovations coming into play day by day. Future looks bright for NFC, contactless payments as it has already gone beyond mobile payments into payments through wearables. As Internet of Things (IoT) or Internet of Everything evolves, it could bring in business models that would require payments. This in itself would be an immense untapped opportunity to look forward to.