Technical Paper Title: DIGITAL WALLET TECHNOLOGY
Authors: RIYAZUDDIN KHAN 1st B.Tech, ECE
College: Green Fort Engineering College, Bandlaguda, Hyderabad
DIGITAL WALLET TECHNOLOGY
The majorities of contemporary proposed digital cash techniques have many disadvantages in being directly or indirectly account based or not anonymous and offer no offline peer-to-peer transferability. This is for the majority of users – in general – not acceptable. Such an approach fails to replace the role of cash in e-commerce systems. The basic result of this research is a new prepaid multi- hop (transferable) cash payment system solution based on hardware technology implementing an electronic wallet (e- wallet) to accommodate digital coins. Transparent cash transfer (exchange) protocol software can serve at any network device as Internet host, mobile device or any future general purpose communication link. The result is a peer to peer (P2P) electronic cash transfer equivalent to a physical cash transfer in public use. This e-cash system could be a possible alternative to the physical coins & bills. It is a multi-purpose inter-operable digital cash payment scheme for domestic usage. The system is suitable for low value (micro payments in the 1 cent range), as well as for larger payments, regardless of the communication platform or transmission medium so in this paper presentation, we describe the requirements and challenges of deploying a nationwide digital wallet solution in India. We discuss why India is ready for a digital wallet and identify the key challenges in building and deploying a digital wallet. We then discuss one of the key challenges, supporting peer-to-peer cash transactions between individuals using a digital wallet, in more detail and end the paper with our proposed solution.
What is a Digital Wallet?
A digital wallet is a software component that allows a user to make an electronic payment with a financial instrument (such as a credit card or a digital coin), and hides the low-level details of executing the payment protocol that is used to make the payment.
Consider the following scenario: “Jill is at the supermarket checkout line. She fumbles through her wallet to ﬁnd credit card X, rejecting many other cards in the process, to pay for the transaction. Later in the day, she falls victim to a pickpocket who steals her wallet. Jill is now in a state of panic; she has to remember which cards she had in her wallet and then manually cancel those cards.” The above scenario highlights problems with a physical wallet; namely that ﬁnding particular items is time consuming, and evocating a lost wallet is extremely hard. In addition, managing multiple monetary and identiﬁcation implements is not easy. Monetary implements include cash, debit and credit cards, and stored value cards while identiﬁcation includes national and/or state identiﬁcation cards and driver’s licenses.
A solution would be to replace the physical wallet with a digital wallet integrated into an existing mobile device like a cell phone. This digital wallet would allow the owner to carry multiple monetary and identiﬁcation implements. These implements could be quickly searched by name, type, or other keywords. In addition, with the right software, these implements could be managed far more effectively. Finally, security would be enhanced as all data on the digital wallet would be encrypted and back up options would make recovering from loss easier.
However, the idea of a digital wallet is not new. Indeed, Japan and South Korea have already rolled out cell phone-based digital wallet solutions. Consumers in those countries can use their cell phones to pay for groceries, order drinks from a vending machine, and even identify themselves at airline ticketing counters. Other countries, such as America and Sweden, are slated to roll out digital wallet-type solutions within the next two years. In this position paper, we describe the challenges in deploying a comprehensive nation-wide digital wallet solution in India. In particular, we focus on enabling person-to-person payment schemes which, as far as we know, have not been deployed anywhere yet. We end the paper with a short description of our proposed solution and research plan.
The India Factor
Recently, the convergence of four phenomena have made India ready for a digital wallet solution. First, Indians are very tech savvy and almost all of Indian population, ≈90.4%, carries a cell phone. Indians are thus more likely to use a digital wallet if it is integrated with their cell phones; similar to solutions provided in South Korea and Japan.
Second, cell phone technology is now mature enough to support a digital wallet solution. In particular, the cell phones have the computational capability, battery lifetimes, memory, input mechanisms, and a usable screen necessary for such a solution. In addition, newer cell phones are being developed that incorporate near ﬁeld communication (NFC) chips such as Sony’s FeliCa chip . This chip provides highly secure, very short range, very low power, extremely easy to set point-to-point contactless communication between devices.
Third, every major bank in India offers Internet banking services. These banks are also constantly looking for ways to increase the number of online ﬁnancial transactions they receive as these are cheaper for them to process. A digital wallet solution achieves this and also allows the banks to leverage more out of their existing Internet banking infrastructure to support current banking products and to introduce new services that could help differentiate themselves.
Finally, in India, the ﬁnancial regulatory bodies who are the key stake holders for a digital wallet-type solution are actively seeking to integrate as many ﬁnancial services as possible. This active participation from the large ﬁnancial and regulatory bodies is crucial for a successful deployment as the Japanese and South Korean experiences have shown. The key stakeholders in India are the power ministry and Department of information technology Department of industrial policy and promotion (DIPP), Department of road transport & highway is the government agency in charge of India.
The four phenomena mentioned in the previous section, collectively, strongly suggest that India may be ready for a digital wallet. However, there are three key challenges that must be overcome ﬁrst. They are:
Mass Market Appeal: Ensuring a mass market appeal for the digital wallet is important to leverage scale economies and the network externality effect. One way to increase the mass market appeal is to make the digital wallet usable for all day-to-day transactions. Hence it is important to support both point of sale transactions and peer-to-peer transactions between individuals. Both of these require support from ﬁnancial institutions, retailers and government bodies; coordinating these stake holders is a real challenge. It should be noted that the Korean and Japanese methods to increase mass market appeal may not work in India due to differences in industrial organization and cultural preferences.
Stake Holder Dynamics: Any successful digital wallet deployment will need the cooperation of multiple stake holders such as banks, retailers, regulatory bodies, and consumer. This is a challenge because satisfying the business and strategic goals of multiple stake holders is difﬁcult. For example, bank A may choose not to be a part of a consortium where competing banks play a leading role. In addition some stake holders may have already invested in alternative technologies and may not be in a position to make further investments. Achieving buy-in from all stake holders may require the support of the government and regulatory bodies. Fortunately the Indian government is receptive towards digital wallet-type integration efforts.
Furthermore, India has different stake holder dynamics when compared to Japan and South Korea. In particular telecommunication service providers in Japan and South Korea are vertically integrated in to centrally administered companies called “Zaibatsus” or “Chaebols”. Such vertical integration makes it easier to deploy a digital wallet solution as a single organization provides all necessary services. For example, in Korea, LG Telecom manufactures NFC-enabled cell phones, provides telecommunication services and handles mobile payments. However, in India, the telecommunication ﬁrms are not similarly vertically integrated; necessitating a different approach to managing stake holders.
Compelling user experience: The third challenge is designing a digital wallet that consumers want to use. This requires a usable interface, and support for all ﬁnancial transactions that a user may want to perform. We plan to reuse some of the user interfaces and design principles developed . However there are many important features that still need to be created. These include comprehensive backup and restore solutions, integration of a large number of monetary and identiﬁcation implements, and support for peer-to-peer cash transactions. Support for cash transactions is particularly vital as Indians perform a large number of these transactions daily. For example, this is the most common payment mode when paying for taxi rides and when paying for food and drink. As such, consumers would resist using a digital wallet if they still had to carry a conventional wallet for cash transactions. We discuss the challenge of supporting peer-to-peer cash transactions in the next section.
Supporting Cash Transactions: From the consumer’s perspective, cash transactions have many beneﬁts; they are fast and easy to perform, they provide a built-in spending limit, and they are anonymous. The anonymity factor is crucial for consumers who, for various reasons, want certain transactions to remain anonymous while the spending limit is used, for example, by parents to limit their children’s spending. Supporting cash transactions require two key technology components;
1) a mechanism for placing cash in the digital wallet, and
2) mechanisms for transferring that cash to a retailer or another digital wallet. Two ways to place cash on a digital wallet.
In the ﬁrst way, consumers can top-up the cash on their devices at speciﬁc top-up machines. The cash will be stored in a cryptographically secure manner on their devices. They can use the debit or stored value
cards held in their digital wallets to pay for the cash top-up. These top-up machines might either be stand-alone machines or integrated with existing automated teller machines and self-service bill payment machines.
An online method for adding cash to the wallet. This would allow a consumer to plug her cell phone, containing the digital wallet software, into a computer, log into her bank’s online portal, and transfer cash directly into her cell phone. We are currently discussing various methods of achieving this online cash transfer with the ﬁnancial institutions.
To support peer-to-peer cash exchange, use the phone’s NFC capability together with an easy to use peer-to-peer cash application . Using the application, the payer can enter how much cash she needs to send to the other person. The payer then taps the cell phone of the payee and the cash is transferred instantaneously using NFC. The recipient is then informed of the exact amount transferred. Developing this peer-to-peer mechanism will require solving a number of challenges. For example, from a technical perspective, how do you ensure that the transfer of cash to and from a digital wallet takes place securely, atomically, and idempotent? Furthermore, what happens to cash in a digital wallet when the wallet is lost? Is it possible for the owner of the wallet to not be penalized for the stolen cash (which is encrypted and thus cannot be used except by the owner)
without compromising the anonymity of cash transactions? Finally, there are also the regulatory challenges of issuing digital cash. For example, is digital cash identical to physical cash? If so, who provides the ﬁnancial backing for the cash? In addition, how do you ensure that a ﬁnancial institution is able to verify and accept digital cash issued by another institution?
Our proposed cell phone-based solution will have the following features:
Leverage new cell phone technologies: There are two key emerging technologies that we plan to leverage. The ﬁrst are NFC chips that are already appearing in new cell phone models. These chips provide very close range (a few inches at most), low power, easy to setup up point-to-point communication. NFC as the communication medium for exchanging monetary and identiﬁcation information, such as credit card numbers and receipts, with other devices.
The second key technology is the introduction of secure programmable chips in new cell phones. This will allow the cell phone to securely store both “virtual cash” and the phone owner’s monetary and identiﬁcation implements. This chip will ensure that thieves are unable to access the digital wallet embedded in the stolen phone. This assumes that the cell phone owner secures his digital wallet with a good password. In the near future, as biometric scanners, such as ﬁngerprint readers, get smaller, cheaper, and more reliable, they could be integrated into cell phones and used for quick, easy authentication. These technologies will help make the digital wallet more compelling for end users, by providing ease of use and security, and increase its mass market potential.
Payment Models: For peer-to-peer cash exchanges, we will use the mechanisms described in Section 4. For point-of-sale transactions, we plan to develop a NFC-compatible “reader pad” that can be deployed in retail stores. When payment is required, consumers place their cell phone on/near the pad and all their valid payment options appear on a display. They then select the payment method they plan to use (cash, speciﬁc credit card, etc.) for the transaction. The pad transmits the transaction request to the appropriate ﬁnancial institutions using existing banking protocols provided by NETS, Visa, Amex, and MasterCard. The consumer can provide any necessary signatures using a digital signature pad located next to the reader pad. Once the transaction is veriﬁed and completed, the receipt is automatically sent to the cell phone and stored for future reference (the consumer can also request a printed receipt).
This payment method is similar to existing models used in many supermarkets. The main difference is that our solution integrates all payment implements and doesn’t require consumer to hunt for the appropriate amount of cash or payment card. The advantage of this method is that it is easy and familiar for consumers and it is very secure. An adversary will have to be located inches from the cell phone and the reader pad and will be easily spotted. If necessary, additional encryption will further protect the communication stream. These simple payment models make the digital wallet compelling for end users and satisﬁes stakeholder dynamics (existing infrastructure is reused).
Other Considerations: This paper lists some of the challenges in deploying a digital wallet. Many others have been omitted due to space constraints. For example, certain identiﬁcation implements, such as a drivers license, can only be entered into a digital wallet by a trusted authority. Consumers should not be allowed to create their own authentic license.
Finally, a service to backup and restore a digital wallet would provide protection against hardware and software failures and theft. However, such a service, is not trivial to deploy. For example, where would the backups be stored? Would they be stored on the consumer’s home machine, on a bank’s server, on a 3rd party service provider’s server, or on a server provided by some governmental agency? Each of these choices will result in different tradeoffs and solutions.
Our digital wallet is designed to support the goals described above. Brief descriptions of the core components of our digital wallet follow:
1. The Instrument Manager manages all of the instrument instances contained in the wallet, and, for example, may be queried to determine which instrument classes and instances are available to execute a given payment or other operation.
2. The Protocol Manager manages all of the protocols that the wallet may use to accomplish various operations, and invokes protocols to carry out the interaction between the digital wallet and the vendors and banks. The Protocol Manager relies on the Communication Manager to process low-level communications requests with other computers representing banks and vendors.
3. The Wallet Controller presents a consolidated interface for the wallet to the client. The Wallet Controller hides the complexity of the other components of the wallet, and provides a high-level interface to the client. A non-human client, or software agent, can make method calls on the Wallet Controllers interface through the Client API. A human client may use a graphical user interface (GUI) which may make method calls on the Wallet Controller. The Wallet Controller coordinates the series of interactions between the User Profile Manager, Instrument Manager, and Protocol Manager necessary to carry out high-level requests received from the client, such as purchase a product.
4. The User Profile Manager manages information about clients and groups of clients of the wallet including their user names, passwords, ship-to and bill-to addresses, and potentially other user profile information as well. In addition, the User Profile Manager keeps access control information about what financial instruments each user has the authority to access.
5. The Communication Manager provides the wallet with an interface to send and receive string messages between wallets and peer commerce components by setting up a connection with a remote Communication Manager. The Protocol Manager builds on top of the connection abstraction to support the concept of a session. A connection is typically asynchronous, while communications between peer commerce components in a Session occur in (message, response) pairs where one peer sends a message, the other peer receives the message, executes some action, and returns a response. Depending upon the implementation of the Communication Manager, the messages may be sent over different types of networks using different communication protocols.
For example, one implementation of a Communication Manager may send and receive messages over the Internet using HTTP requests and responses over a TCP/IP Ethernet network. In this case, a Session may be made up of a sequence of several HTTP GET messages and their corresponding responses. In another example, a second implementation of a Communication Manager may send and receive messages over a RS232 serial interface using TCP/IP.
Note that the Protocol Manager is responsible for making calls to the Cryptographic Engine to encrypt any data that is passed to the Communication Manager, such that the data can be securely transmitted over the communications medium. The Communication Manager cannot be responsible for encryption of sensitive data from the wallet because it is formally outside the wallet architecture, and can be replaced by another Communication Manager to run the wallet on another device. If the Communication Manager is relied upon to encrypt sensitive data, then the Communication Manager might be replaced with a malicious Communication Manager that sends all sensitive data to an adversary.
6. The Client API is an interface provided by the Wallet Controller that may be used by an autonomous software agent acting on behalf of a human user.
7. The User Interface provides a graphical interface to the services offered by the Wallet Controllers interface. The User Interface is an optional component of the wallet. Some devices, such as most smart cards, do not have the ability to display a graphical user interface, and hence the Wallet Controller interface must be accessed through the Client API. Note that the user interface is a core component within the wallet because certain parts of the user interface have access to sensitive user data. For example, the edit box object into which a user enters the password to unlock the wallet should run within the wallets protected address space. On the other hand, users may want to customize the wallets interface by plugging-in GUIs developed by other software vendors. To accomplish both these conflicting goals, the user interface exports parts of its interface as the User Interface API that may be overloaded by software vendors to render customized parts of the interface
Solution Overview and Project Status: Figure 1a shows the current infrastructure while Figure 1b shows our proposed solution. Our goal was to reuse as much of the existing infrastructure as possible to reduce the burden on stake-holders and improve the mass market appeal. We plan to achieve this by reusing the back-end infrastructure that routes credit card and debit card information between retailers and ﬁnancial institutions. We also retain the existing ATM networks and online banking solutions. The changes we propose are as follows; a) retailers will be provided with a single NFC-enabled point-of-sale device that replaces the current separate machines for credit cards and debit card purchases, and b), we extend the physical ATM machines to also provide cash top up/removal services for digital wallets. In addition, considering methods to extend existing online banking solutions to support the digital wallet.
Our project is in the preliminary stages.
(a). Current Infrastructure (b). Digital Wallet
Fig 1. Overview of proposal solution
In this paper presentation, we identify both the beneﬁts as well as the key challenges with developing a digital wallet solution. In today’s fast moving world where people live very stress full life ,this approach and innovativeness in wallet making would provide some help to people while shopping ,traveling etc as it is very easy to use. It also have tracking device which would provide safety to your cards and ultimately to money. So people should buy this wallet because of the safety purpose, easy to use and good quality.
What is the wallet application?
The wallet inside a mobile phone is the first step towards Personal Trusted Devices. A wallet application enables users to make convenient mobile transactions via WAP browsers. The application is capable of storing protected personal information, such as notes and virtual cards, inside the terminal. It simplifies storage and retrieval of personal information in mobile transactions making it possible to provide and use virtual cards flexibly. By enabling Internet type payments, where card information is transferred to the Internet merchant, the wallet makes it possible for wireless providers to adapt their e-business to the mobile world very easily.
The wallet application is based on existing open technologies WAP and ECML (Electronic Commerce Modeling Language). Nokia has selected the ECML format to make mobile transactions possible in a standard manner.
What is ECML?
An existing Internet standard, already commonly used in Internet shopping, aiming to produce common methods for transferring transaction information from the client wallet to the server application.
It can be used whenever applications need a common method for transferring e.g. address information, and not just transferring credit-card information – It is a structure, not a protocol – ECML is security mechanism-independent, and can/will be integrated to other transaction protocols and security elements when available
What does the wallet menu look like?
The wallet application menu contains three different modules: Cards, Personal notes and Settings. The Cards module is used for storing personal card information, such as payment card (credit, debit, etc.), loyalty card and dispatch note information, for different usage purposes. The card details consist of card info (name, number, etc.), account info (billing address, etc.) and shipping info (shipping address, email, phone number, etc.). From the wallet, the user can fetch the required information (stored in the ECML format) via the WAP browser and easily fill in the required fields. The Personal notes function is a notebook where the user can store private information. From the Settings, the user can switch the wallet code request on and off and change the wallet code when necessary.
Advantages of terminal wallets/benefits from mobile commerce
Wallet is a key enabler for mobile commerce. This is the basis on which future mobile commerce applications in our terminals will be built.
– With Nokia GPRS phones you can connect instantly to mobile Internet services around the world. You do not have to log on to the network: it’s always connected. The user just has to browse and choose the services he/she is interested in and use his/her wallet for convenient online transactions
– An easy way to fill data forms without keying in the information
– Protected storage inside the terminal using a wallet code for access.
– Offers many payment options (direct contact to merchants or use payment service providers).
– Easy-to-use, applications have a common Nokia look and feel
– The end-user always has the feeling of being in control of his/her transaction data
– Easy adaptation for WEB merchants
– No changes in payment clearing with bank
– Builds on existing technologies: WAP and ECML (Electronic Commerce Modeling Language)
– New channel – more efficient and extensive service offered
– Complements current Internet services
– Extensive customer base – access to millions of customers
– Reach your customers whenever you need to, wherever they are
– Location-based services
– Push advertising, direct marketing
– User profiles – personalized services
– Reach the right customers – advertise effectively!
– More efficient and extensive service offered
– If the wallet is used with payment servers, new business opportunities as a payment service provider arise – Operators are the most probable intermediaries in the future
– Generate revenue from transaction commissions
– Strategic position in customer relationship management
– Utilise the capability of providing and storing virtual cards for wallets
– The Internet is going mobile – the mobile environment offers new business opportunities for application development
– Hundreds of service providers, millions of users (mobile phones already outnumber personal computers) – demand is high
– An open platform to develop applications for mobile commerce such as ticketing, payment, etc.
For financial institutions:
– More secure and user friendly banking services
– Expanded service offered
– Trusted brand position – providing security (brand element of the phone)
– Utilise the capability of providing and storing virtual cards for wallets
How to use wallet for payment
1. Browse the merchant’s WAP service and select the items you want to buy
2. To pay for your purchase using your mobile wallet, select wallet payment and you will receive a payment request, i.e. a payment data form that you have to fill in. Note: to be able to use the wallet for payment, the acceptable payment methods indicated in the WAP service have to include mobile wallets
3. Go to the Options menu and select Use wallet info. To gain access to the wallet, enter the wallet PIN code
4. Select the payment card you want to use and ask the wallet to fill in the required information parts. Check the information has been entered onto the form before accepting the order
5. In the case of more costly purchases, the merchant may require you to digitally sign the payment. After accepting the order, you will get the signing request (such as an electronic receipt with date, amount, etc.)
6. Sign the payment with your personal signing PIN
7. The merchant sends you an acknowledgement of successful payment