Three Star Approach – An Interface less Interface for Mobile Commerce

AbstractWith our growing appetite to adapt to technology, we are confronted with insatiable demand for high speed flexible commerce services and growing needs for a secure anytime anywhere commerce solution. Due to tremendous popularity, mobile phones have emerged as a medium to allow technology access to maximumnumber of people and hence are of greater business value.

We define m-commerce

as using a mobile device for business transactions performed over a mobile telecommunications network, possibly involving transfer of monetary values.

This paper explores how a new easy-to-use mobile payment protocol can ease the present scenario of mobile payment solutions. The protocol acts as an interface-less-interface, allowing technology access to all mobile phone users irrespective of the hardware used. As the suggested approach is build on existing network capabilities, it can be implemented with a minimalist framework and industry regulations put in place. The suggested solution has the potential to maximize the reach of m-commerce services to even the users with a basic mobile phone and hence providing a wider choice of users for m-commerce service providers.

Keywordsm-commerce, three star approach, mobile payment

Copyright is held by USID Foundation (earlier USID Foundation)

USID2008, September 4 – September 6, 2008, Hyderabad, India

Author

Mudit Mittal,

Human Factors International

Mumbai, India.

mittal.mudit@gmail.com

Shimolee Nahar,

Human Factors International

Mumbai, India

shimolee@gmail.com

2

IntroductionTechnical advances in the field of mobile payment solutions, mobile banking and upcoming near field communication devices have strengthened the feasibility of cashless transactions and mobile wallet. The bottleneck of the existing and upcoming mobile commerce solutions is their dependence on software, hardware or both. Further, slow mobile internet connections coupled with unintuitive user interface for small screens, adds to user problems. These factors limit the reach and using capabilities, hence reducing their effectiveness.

We need an easy-to-use mobile payment interface which can allow fast and secure transaction capabilities to mobile users irrespective of the type mobile handset or network used. Three Star approach attempts to utilize the capabilities of packet data networks to allow money transactions which are as intuitive as making a call. The approach has two versions, each of which is explained below with help of a scenario, designed

based on the context of use.

Three Star Approach – Receive MoneyThe Three Star approach is a simple, intuitive and secure approach to transfer money at speed. This approach can allow any mobile user to transfer money using mobiles by creating a service request to ‘Receive’ money. The process is initiated by the ‘Receiver’ – the person who is the beneficiary. For clarity of flow, the concept has been defined with help of a scenario.

Figure 1.

Mr. Prakash wants to help Rahul improve his English vocabulary skills and hence gets him a dictionary. Rahul wants the book so he calls his father to make the payment.

3

The service request comprises of three types of information separated by a ‘*’. User initiates a money transfer request by dialing a ‘*’. The first information is the mobile number of the ‘Payer’ – the person whose account will be deducted. The information after the second ‘*’ specifies the transaction amount. Finally after third ‘*’, user enters security PIN and press the dial button.

Figure 2.

Rahul asks his teacher Mr. Prakash to send a money transfer request to his father Mr. Anil.

Mr. Prakash quickly types Mr. Anil’s mobile

number, transfer amount, his PIN and

press ‘CALL’ button to send a money

transfer service request.

4

The service request goes to the network which verifies and authenticates the ‘Receiver’ and connects to the network of the ‘Payer’ much in the same way as it connects the call. After verification at the end of ‘Payer’ network, a confirmation message is sent to the ‘Receiver’ confirming the acceptance of money transfer request. As a security measure the identity of ‘Payer’ is not revealed immediately. At the same time, ‘Payer’ gets a message asking for confirming the payment request.

Figure 3.

Network sends SMS to both the users from 729.

5

The difference here is that Mr. Prakash sent a special service request, while Mr. Anil has to reply via SMS. This difference in interaction ensures that the written record of payment confirmation exits in the system. The reason for choosing 729 as the service center number for payment request SMS is the large distances between the keys reduce chances of user making a mistake while generating the request. Also, for mobiles, while typing in text mode the same key combination is used to type ‘PAY’.

To cancel the payment request, user can either reply in a similar format, but keeping the amount field blank(e.g. sends *9325581639**1704 via SMS to 729) or not do anything for 1 hour. The service request expires automatically if not replied to within an hour. This ensures added safety and network quality-of-service.

Figure 4.

Mr. Anil makes a payment by replying via SMS.

6

On successful transfer of amount, system delivers a receipt to both the parties revealing date, time, amount of transfer and the identity of other party.

Though this approach can handle money transfer requests, but it is limited by the fact that the ‘Receiver’ or the beneficiary needs to initiate the process. In our daily lives, we come across many situations where it is not possible for the beneficiary to generate a transfer request. Though the suggested approach can take care of all individual-to-individual level daily transactions, we surely require a variant of this approach to address individual-to-institution level transactions, for example payment of electricity bills, etc.

Figure 5.

Network confirms transaction by providing receipts to both the parties.

7

Three Star Approach – Pay MoneyThe approach explained above focused on requests from individuals to receive money from other individuals. This variant of the above approachattempts to address requests from individuals to directly request for paying the amount to institutions.

Here, the paradigm is completely different as the user is expected to have a pre-existing relationship with the institution (e.g. Electricity Board, Municipality Board, Income Tax, etc). Allocating a 6 digit Unique Identification Number to each institution will allow ease of operations for networks and users as well. User can send a request to the UIN of the institution followed by their PIN to initiate the payment request. The entire approach is described in detail with help of a scenario.

This service request is meant to initiate the payment procedure only. The request is first verified for authenticity and then the network provides a ‘Pay Key’ to the user which has to be included by user in place of mobile number to generate an authorized payment request. The ‘Pay Key’ is generated on run-time basis for the request received by the network and remains valid for a period of 1 hour only. Another change in the approach is that the payment request SMS are sent to 925 instead of 729, to avoid confusions.

Having a two step process allows network to identify the beneficiary and the ‘Pay Key’ ensures a safe and secure transaction for both the parties.

Figure 6.

While on a business trip Mrs. Sheetal gets a

reminder to pay for her electricity bills. She

immediately creates a service request and

press CALL button.

8

Figure 7.

Mrs. Sheetal gets a reply from the network.

The service center number is 925.

Figure 8.

Mrs. Sheetal creates a payment request

based on the ‘Pay Key’ received from the

network.

9

This is how both the three star mobile payment approaches work. As none of the two approaches have dependency on mobile devices or the user interface, they have the potential to be an easily acceptable and scalable solution models in the mobile commerce industry market.

Figure 9.

Mrs. Sheetal gets a payment receipt from

the network.

10

Fig 10. Implementation structure and system entities

Implementation ModelsThe three essential entities involved in all the transactions are the end users, the network service provider and the banks. Three Star approach can offer tremendous flexibility of implementation to all the stakeholders involved.

1. End user – For debit or credit of the money, users can register with either a Bank or a Third Party or the Service Provider itself (as an additional service). But in all cases a registration with the service provider shall be necessary.

2. Service Provider – They shall have the option to offer Mobile Wallet facility to users wherein for all transactions, the amount is not debited or credited to user’s bank account.

3. Bank – The banks can offer credit as well as debit facilities to their customers, depending on their credibility and account history. This can also help simplify their existing mobile banking solutions.

11

Security ChallengesStudies have shown that it takes an average of 68 minutes for a person to realize that his/her mobile phone is missing compared to 26 hours to realize thattheir credit card is missing. Also, credit cards, once stolen can be used by anyone without the knowledge of actual owner, while mobile payments require secure passwords and network approaches for encrypted transactions can be put in place to enhance security levels. So, in a way mobiles are better suited for commerce transactions when compared to conventional credit cards.

As per Trintech, a world leader in providing transaction risk management solutions, solution to electronic fraud is to implement a system that complies with the basic tenets of:

1. Authentication – In both the versions of the three star approach, system has to verify the authenticity of the request and only then the network can authorizes the transaction after successful validations.

2. Confidentiality – This is a major concern for people which can define the level of acceptance of the solution. Due attention has to be given to protect the identity of mobile users from malicious or unwanted sources. To a large extent, the approach takes care of this challenge.

3. Non-repudiation – This is a prime concern in case of legal disputes. Sending a confirmation message to both the parties involved in the transaction and saving a copy of the same on the central server takes care of such issues.

4. Data Integrity – The quality-of-service parameters for the network ensures the level of accuracy and reliability for the time taken for the transactions to take place in real-time.

Business DriversThe networks play a big role in setting up the approachand making it look easy for the users, so a small premium charged to avail payment services would be widely acceptable. Looking at the number of mobile users (over 2 billion globally and over 100 million in India, as of June 2006), it is a lucrative proposition for the networks, the financial institutions and the device manufacturers to take up the opportunity. There are three major drivers that are mobilizing companies to deploy mobile payment:

1. Maximization of revenue from wireless services –The motivation for network operators is to drive data services through their networks. In order to do this, the payment requirements for data services will be the responsibility of network operators and these include –handle payment and settlements for third party content or services; maximize reach by supporting various payment models; and charge on a wide range of metrics.

2. Handset as personal trusted device - This is one of the main motivators for financial institutions. For banks and payment associations, the wireless device could solve one of their most difficult problems: how to secure all virtual transactions and reduce fraud. The network security protocols coupled with a personal PIN can assure safety and security of transactions.

12

3. Encouraging adoption of next generation mobiles -For the major device manufacturers, the roll-out of 2.5G and 3G applications is crucial to their long-termfuture. Availability of flexible and easy-to-pay options will allow content developers to come up with more personalized and useful services and hence creating a desire to upgrade the mobile devices.

Similar SolutionsThe field of mobile commerce is still in its infancy, but it has been witnessing rapid growth in recent times. As a result of this, a host of mobile commerce solutions exist already. Many banks have already come up with their customized mobile banking solutions, though due to user interface problems, most of them failed to gain any popularity. Recently Oxigen, an Indian group backed by Microsoft, launched mobile payment service by the name of Oxicash which is an example of the third party being involved in the transaction cycle. As an another example Mumbai’s public transport operator, BEST launched ‘Go Mumbai’, an alternative for paying bus fares.

At international level, RFID solutions are being experimented in an attempt to come up with the best option. Mobile commerce is already a common term in Japan and to some extent in US. Many European countries have been chosen for field testing of the upcoming Near Field Communication (NFC) devices. The NFC devices are expected to add new dimensions to the capability of mobile commerce.

ConcernsIt has never been easy to come up with scalable and easy-to-use solutions for small screens. Most of the present mobile commerce solutions are limited by constraints like lack of standards, form factor, hardware, software, interaction styles, limited user attention, dynamic environment and context.

As the Three Star approach has no interface of its own, it has minimalistic dependency on the listed constraints. But still the service providers need to follow a standardized payment framework to make it easy for end user. Another aspect is that this approach is more suitable for micro transactions, i.e. transactions involving small amounts. Macro transactions demand a sophisticated and more advanced solution as the needs and desires of the user change accordingly. The concern here is to define the levels distinguishing between micro and macro level of transactions, though the task may sound easy, but it might not be so. Also, there is a requirement to have legal, financial and regulatory frameworks in place before such services are launched.

13

ConclusionThe three star approach in its raw sense allows any mobile user to experience advantages of mobile commerce and hence, if implemented, it has huge potential to revolutionize the current trends. The fact that the approach is easy-to-use and has no dependence on mobile device, can make it as common as a regular calling phone application.

Though many other alternatives are being developed and tested globally, this solution has an advantage over other RFID, NFC or other related solutions as this can prove to be useful when dealing with a remote user.

AcknowledgementI thank my colleagues at Human Factors International, my friends and my family for their tremendous support. I also like to extend a special thank to those who took time to give feedback on the user testing of the concept.

References[1] Grosche, S.S., Knopse, H. Secure M-Commerce.

[2] Roussos, G., Kourouthanasis, P., Moussouri, T. Designing appliances for mobile commerce and retailtainment.

[3] Tarasewich, P. Designing Mobile Commerce Applications.

[4] Paulos, E., Vora, P., Joki, A., Burke, A. AnyPhone:Mobile Applications for Everyone.

[5] Baxley, B. Universal Model of a User Interface.

[6] Thomas, T. Seminar Report on Survey of Smartcard and Mobile Payments.

[7] Bushe, S. Mobile Commerce – The Future Starts with M2MPayments.

[8] Mobile User Stats. http://sifybroadband.techwhack.com/264-180905-more-than-2-billion-mobile-users-in-the-world.

[9] Mpayment Paper. http://www.epaynews.com/downloads/mpayment_paper.pdf

[10] Trintech. www.trintech.com

[11] Oxigen Group. www.oxicash.com

[12] NXP. www.nxp.com

[13] Macalla Platform. www.macalla.com