delegated decisions - the highland council
TRANSCRIPT
Seminar Report on
Survey of Smartcard and Mobile Payments
Tijo Thomas (03229401)
KReSIT IIT Bombay
Guided by: Prof. Bernard Menezes
Jan 2006
1 Abstract
Almost a decade ago we all might have heard about the smart card and its role in the financial sector, especially for retail transactions. Smartcard provides a special security when compare to normal money transaction. But its implementation in the case of Retail payments has not been so popular. But it found really useful in the area of transit payments and Personal Identification. But some other sectors like mobile telecommunication found this more useful and started using in Mobile phones as a Subscriber Identification Modules (SIM). In this paper we are trying to re evaluate the use of smart card and its importance in the financial transaction.
2 Executive Summary
The smart card has been technically proved to be secure even almost a decade ago. But so far the industries have failed its technological advantage. There were a few implementations of the smart card payment systems and ultimately it did not receive enough attention. Some of the hindrance for its popularity is as mentioned.
• The Financial Industries were watching the technical developments in smartcard technology to get matured.
• The standardization of different smartcard technology slowed down the “fast to market” strategy of the industry.
• Since the use of smart card is mainly for the financial industry, security of the smartcard need to be proved before going for any implementations
• Infrastructures to implement the smart card payment like smartcard reader were expensive.
• The emergence of new Payment scheme based on this new Technology might have led to new Business Model. This new business models itself need to be proved towards profitability.
• After the initial Buzz about the smart card, customers had much higher expectations.
The implementations in the last decade have proved that smartcard found its application in Personal Identification and transit application as compared to the payment applications. Mean while mobile telecommunication industry started using it as an Identification Module viz Subscriber Identification Module (SIM). With the introduction of new technology in smart card where in which multiple applications can be active inside a single smart card with out harming one another, has opened a new business area. Some of the market drivers for this, includes the integration of personal ID card, payment applications with the mobile SIM instead of separate card altogether. As the industry is ready to tap the potential of m-commerce as a next revenue generating area, different options of reliable transactional backbone for payments was evaluated. Mobile Telecommunication Industry has started giving mCommerce applications as bundle services with limited options of transactions. These services will act like value added services for the mobile customer. Today’s mobile commerce industry is still in the initial stage itself but there is a huge untapped potential market for m-commerce. This Business scenario is advantages to financial institutions, mobile hardware vendors, mobile operators and service providers.
3 Introduction
A smart card, a type of chip card is a plastic card embedded with a computer chip that stores and transacts data between users. The card data is transferred via a reader that is part of a computing system. Smart card-enhanced security systems are in use today throughout several key applications, including healthcare, banking, entertainment and transportation. To various degrees, all applications can benefit from the added features and security that smart cards provide. According to Dataquest, the worldwide smart card market will grow to 6.8 Billion units and $11
Billion by 2006. Introduction of smartcard technology has found its way to a number of proprietary financial applications like credit/debit card , transit application, Personal Identification card, loyalty card for purchasing applications…etc . This paper covers smart card and mobile payment schemes that are available in the market. With the introduction of high ended smart card like java card as SIM card, even mobile phone are also equipped with payment applications. The next section describe briefly about the existing payment schemes in market. Also we cover in brief the potential of mobile payment schemes in the coming years. In the final section gave a small survey result regarding the future of electronic payments.
4 Methodology of Study
For this survey we have undergone the following steps and strategy. Step 1: We have collected the details about the existing payment schemes, like EFT, Debit/Credit card payments, Paypal. Etc Step 2: We collected the existing implementation of Smart card and Mobile payments Step 3: Surveyed Smart card and Industry standards for Payments Step 4: Collected responses to questionnaire and surveyed results on similar questionnaire Step 5: Collected information from focus group. Step 6: Studied various kinds of smart cards and its applications. Step 7: Studied the security feature of Java card. Step 8: Studied how Mobile SIM card is related to Smart card. Step 9: Surveyed the Business Trends of M-Commerce and its future
5 Existing Payment Schemes
Some of the electronic payment schemes which are popular now days are the credit/Debit card payments, Electronic Fund transfer...etc. But these schemes are in the verge of extinct due to the lack of security in the transaction. VISA and MasterCard has announced that they won’t be supporting the magnetic stripe card from December 2004 onwards but had agreed for an extension. VISA also stopped the settlement of dispute due to any fraudulent transaction due to the use of magnetic stripe card.
5.1 Smart card Payments
The primary motivation for evangelizing the smartcard is due to its security. In addition to the security the smart card is capable for saving the information inside the card itself. This information can be used to identify the user itself, for e.g. in simplest case the PIN card of the user can be saved inside the card. Security implementation can be made, so that the transaction will be initiated only when the user enter the PIN correctly. The second motivation is its ability to validate offline. Many of the magnetic card requires the online authorization with the authorizing agency, where as in the case of smartcard the authorization is secured offline. Yet another reason for the adoption of smart card is due to its processing ability. This allows the vendor of the smartcard to implement additional security implementation for e.g. security based on PKI. This also allows easy modification/addition of the new/existing applications in to the smart card.
The above mentioned reason contributes much towards the adoption of smartcard for financial applications. For more details regarding the security of the smart card has included in the Appendix. Base on the security requirement and ease of its use, there are different types of smart cards available. These types are defined based on some criteria
• The type of chip implanted in the card
• How the interface with the external devices are defined
• Memory capacity A brief discussion regarding the different types of smart card has been given in the Appendix.
5.2 Mobile Payments
“Mobile commerce is the use the of mobile hand held devices to communicate, inform,
transact and entertain using text and data via connection to public and private networks”
(Lehman Brothers)
With the high penetration of mobile phone in the daily life have led a new business opportunities for the mobile operator. They have started providing value added services to retain their customers. The competition in their market was so heavy that they started thinking about some “killer Application” to hold their customer so as their business. One such application has led the way to mobile commerce or m-commerce. Various methods adopted to communicate with the operator for the fund transfer. The different schemes can be classified based on the technology used for its communication. Some of the criteria’s are as follows
• SMS Based Payments
• WAP/GPRS
• Reverse SMS Billing
• Proximity Payments
5.2.1 SMS Based Payments
In this payment schemes secure messages are used to transfer money from one mobile users account to another. Here the mobile operator plays an important role in the transaction. The Mobile operator provides the customer with the payment application installed in the SIM card. The detail about his credit card or debit card is stored inside the SIM. When customers want to transfer the money to a merchant, he accesses the application and enters merchant’s phone number. The application running on his
mobile encrypts his credit card or debit card details along with the amount to transfer, to the operator. The operator then reqest for a confirmation to the user and once the operator receives the confirmation the amount is transferred from the customer account to merchant account. This is the simplest Business case of this kind. Things are more complex when one or more operators are involved. There can be the case where the customer and the merchant have the account in different banks. In this case there is a need for a third agency which can do the account settlement between the two banks and also to settle the dispute if there any. The major advantage of this scheme is the simplicity to use. The customer just need to know the merchants phone number and also the merchant will not know the customers card number or any of its financial details. This gives an additional level of security. The customer needs to trust only the operator.
5.2.2 WAP/GPRS based applications
The next type of mobile payment is using the Wireless Application Protocol (WAP). In this scheme the user connect to the bank’s WAP gateway and do the transaction online. One of the constraints for this scheme includes the relatively high cost of transaction. Since the user is connected online. As the cost for the GPRS connectivity is coming down. This also could be a viable solution for the mobile transactions in the coming future. Since Payment applications are used very often, the application invocation also needs to be faster. So browsing through any financial institutions site and doing the transaction through a WAP browser, is cumbersome and time consuming. Alternatively this kind of application can have a thick client installed in the Mobile and this client communicate with the server using some communication protocol e.g. web services over WAP.
5.2.3 Reverse SMS Billing
The mobile service providers have invented new schemes which also come in the area of the mobile commerce. In this scheme mobile provider over charge some special SMS called Premium SMS. So the price for that SMS would be the price for the goods purchased plus the price for sending the SMS. The user dials a special service number and mention the amount to be transferred, also the Merchant phone number. He then receives a SMS from the operator which is billed accordingly. Another variation of this scheme is reverse billing SMS. An additional amount is charged for receiving certain kind of “Special SMS”. This reverse billing SMS is very popular and widely used for accessing the digital contents like ring tones, music, video as well as special services from the mobile operator. The major advantage of this scheme is no changes are required in the existing setup. This will help in creating a new revenue stream with out much investment.
5.2.4 Proximity Payments
Proximity payments are also called Point Of Sale (POS) payments. Proximity Payments are those payments in which the transaction initiation devices are in the same vicinity. In case of a user paying for the goods he purchased from a grocery store, his payment device need to communicate with the merchants’ device. Because of this reason Proximity payments are also called Point of Sale (POS) Payments. In countries where smart card payments are popular, mobile operator also tried to tap this potential market and attempts are made to convert smart card kinds of payments with the mobile phone. In addition to this there are some technical reasons. With the wide acceptance of Infra Red as well as Bluetooth interfaces, financial institutions started thinking about integrating the smart card payment application in to the mobile phones, since this will reduce the infrastructure requirement for accepting the smart card like smartcard reader and the like. Industry has also come up with the required standard and specifications that the application needs to follow. This will allow the interoperability of the financial applications. EMV, CEPS (Common Electronic Purse Specification) are few among them. This scheme work mainly based on offline mode. The mobile device will not communicate with the server while doing the transactions. At some particular interval, the mobile device updates the server with the details regarding the transaction. Proximity payments have the popularity because of less operation cost like communication cost, infrastructural cost etc. This make it capable of doing micro transaction, since no communication with the server is required to do the transaction. There by reducing the cost for each transaction. Cost per transaction is significant when the user transact with small amount. Some of the hindrance for accepting this kind scheme by the financial institution is the development of other technology. As the cost for GPRS connectivity is coming down, the transaction cost for online transaction, even for small amount may be affordable in coming future.
6 Business Drivers
The number of mobile Internet users is expected to increase in the coming years. The mobile phone manufacturers are aiding this growth by flooding the market with mobiles that offer a pleasing surfing experience. All the new mobiles are equipped with features like GPRS, WAP etc. Add to this the fact the 80% of online population is now either buying or researching products on the Internet and the proportion of
online users continue to grow. [Reference: Jupiter Research Survey, www.724.com]. Subscribers are presently comfortable with the online trading model. Enhancing this experience to the mobile device can greatly increment the business growth. Mobile operators are looking for new revenues streams as increased competition has driven down Average Revenue Per Unit (ARPU) from traditional mobile communication services. India mobile operators have one on the lowest ARPU in the world at $8. The average industry [Indian mobile] ARPU has seen a decline of 3% from quarter ending March 2005 to quarter ending June 2005. Delhi metro telecom circle saw the largest fall of 4.5%. [Source: COAI press Release 17th Aug 2005] Banks offering financial services is a likely scenario since in many ways it is just an extension of the mobile subscription. Mobile to mobile funds transfer puts the operators in the role of a middleman who facilitates the transfer. According to recent estimates there are twice the mobile phones as PCs. This explosion in the mobile communication arena has seen the convergence of many applications on to the mobile phones. The latest mobile phones being released in the market has a variety of features including internet access, content surfing etc. Given a choice, customers would prefer a single device for all their interaction needs. Instead of logging on to the wired internet to purchase an item, the consumer would prefer it if they could do it from their mobiles. That would truly bring in the anytime-anywhere shopping. The current trend is such that an ordinary person may forget to take his pen or jacket while going out, but will always have their mobiles with them. As an omni-present and portable device, they are hard to compete with. A key driver for mobile providers venture into m-Commerce field would be the trust factor. Mobile operators have huge subscriber base, performs millions of transactions per day and are trusted by the consumer and as such are well positioned to offer financial services to the customers. Mobile phones provide for real-time information and communication in a way that desktop PCs will never be able to do. The constraint of time and place do not apply to mobiles as long as there is coverage. Sending mails, bidding, trading stocks and a whole variety of transactions can be performed even while on the move. The mobile phone always knows its location and as such location specific services can be provided to customers. Mobile phones are more suited to wireless commerce as they provide more security in the sense that while wired devices used in e-commerce (like PC ) are shared by multiple users, mobile phones are mostly confined to use by a singe user. One of the main features of m-Commerce is the replacement of credit cards by mobile devices. In places where credit card penetration is low but mobile penetration is considerably well, it would be easier to implement payment based m-Commerce
services. Also, studies have shown that it takes an average of 68 minutes for a person to realize that his/her mobile phone is missing compared to 26 hours to realize that their credit card is missing. [Source: Mobile Commerce – The Future Starts with M2MPayments; Susan Bushe] Emergence of new technology like 3G will push the need for mobile based commerce platforms. With India gearing itself for the onslaught of 3G services as soon as TRAI [Telecom Regulatory Authority of India] gives its nod, mobile based commerce will be the new revenue stream the players will want to exploit.
7 Relation between SIM card and Smart card
Subscriber Identification Module (SIM) is a smartcard which is being used by the mobile phone to identify each mobile device with other. This Card is provided by the mobile network provider. Each SIM card contains a unique key. Mobile phone will use data encrypted with this key to communicate with its network. The Mobile equipment (ME) will talk to the SIM card for the encryption in some standardized way. The ME talk to the SIM in some format viz APDU (see Appendix). When the user connects to the mobile network, the mobile equipment requires executing some command for authorizing/authenticate the user. This is done by the application inside SIM card. For this purpose the ME initiate a set of gsm standard commands in some particular order and achieve the result. The GSM specification standardized the communication with the SIM. For more details regarding the security see Appendix. For a GSM mobile phone the steps and procedure for all the functions are standardized by the GSM mobile community. This Standard is defined in GSM11.11. SIM card contain an application which can respond to the command which are initiated by the ME. In short SIM card is a smartcard with an application which implement the gsm11.11 specification. With the technological advancement in the area of smart card especially with java card, it is possible to implement more than one application in the same java card. This enables the java card to be used as SIM card as well as smartcard for payment application. See appendix for more details regarding the security of java card.
8 Future Trends
The Business drivers and survey results by the various research organizations have clearly shows the need for new payment schemes. Result of various survey shows that there is high penetration of mobile phones in society. As mobile phones may become payment instruments, we hope that there is the possibility that cards could be replaced by mobile phones. Even the financial institution has the plan to make use of mobile
network as a new channel for the financial transactions. There is a trend that magnetic cards will be replaced with small chip set and RFID tags which is embedded in all mobile devices. For effective adoption of mobile payment a committee and focus group which include the representatives from financial institution, mobile operators, mobile hardware providers and settlement agencies are formed. These groups have come up with effective standards like EMV, CEPS etc. which address the issues on financial transactions. The detail discussion regarding the standard have mentioned in the appendix. Major steps are being taken by each bank as well as the mobile operators to proactively promote the new payment schemes. The suggested advantages financial institutions have over mobile operators are their brand names. In fact, consumers trust and are loyal to classic payment schemes. If banks decided to extend the use of their payment systems to mobile payments, they would have instant recognition from the consumers since they already know the brand and they have been using other kind of transaction facilities on many occasions without any problems.
9 Conclusion
The smart card being most secure and proven for its security, but was not popular amount the payment schemes. The financial institutions were watching the developments in the area of smart card, until it get mature. But inspite of its proven capability in the area of security, smart card failed to get enough popularity. One of the reasons of it is the lack of acceptance by the user.
The penetrations of mobile device like mobile phone and PDA have made a significant impact in the area of e commerce. The mobile operators are also try to sell “Hard” their product by providing additional value added services. Even the Customer wants to have useful application in their mobile devices. The financial institutions are looking for a new revenue generation business and M-Commerce is one of those new areas. Steps are taken by the financial organization to set the standards for m-commerce. From the above discussion it is evident that the financial institute, mobile operator and customer are looking towards a reliable, flexible and proven framework for mobile commerce. If this frame work is in place and supported by financial institutes, then customer will trust the new scheme and mobile commerce is going to be new area of commerce.
10 Reference
[1] American Express Express Pay -wwww.americanexpress.com/expresspay [2] Master card paypass - www.mastercard.com/aboutourcards/paypass.html [3] American Public Transportation (APTA) - www.apta.com [4] www.erggroup.com [5] www.alittleworld.com [6] www.javacardforum.org [7] http://www.smartcardalliance.org/ [8] http://www.gemplus.com/pss/banking/ [9] http://www.international.visa.com/footer/contact.jsp [10] www.theruthgroup.com [11] PayPass http://www.oti.co.il/content.aspx?id=101 [12] http://www.mastercardmerchant.com/paypass/ [13] https://www124.americanexpress.com/cards/loyalty.do?page=expresspay [14] www.mobilepaymentforum.org [15] http://www.mobilepaymentsworld.com/ [16] http://www.mondex.com/ [17] Prepaid Wireless Service Billed in Real Time, Web ProForum tutorial, www.iec.org [18] Economic Times of India [19] www.cepsco.org [20] www.cellular.co [21] www.emvco.com [22] www.accesskeyboards.co [23] www.coai.com [24] www.findwhitepapers.com [25] Delivering Pre-paid content, Richard Hallet, Intec telecom Systems [26] European Committee for Banking Standards : Implementation guideline for mobile Payments – IG606 V1 March 2005 [27] A Framework for M-Commerce, White paper on Wireless Commerce Solution-VeriSign [28] ETSI GSM Technical Specification GSM11.11 [29] Towards A Holistic Analysis of Mobile Payments: AMultiple Perspectives Approach by Jan Ondrus, Yves Pigneur
11 Appendix
11.1 Smart card Security
Security of the smart card is a complex problem. The Java Card platform provides a secure execution environment with a firewall between different applications in the same card. This allows different applications on the same card to function separately and independently from each other as if they were on separate cards.
Even though smartcard is secured by PKI, Some of the vulnerability that could happen with the smart cards is as follows.
11.1.1 Hardware Security:
All the data in the smart card is maintained in the EEPROM and can be erased or modified by unusual voltage supply. Another kind of threat includes heating the controller to high temperature or exposing to UV ligh there by removing the contents in the EEPROM. Physical attacks are also possible where in which the card is cut and processor is removed and the layout of the chip can be reverse engineered. Another successful attack is using Differential Power Analysis (DPA). This is a statistical attack based on the power consumed by the smart card while it execute the instruction.
11.1.2 OS security:
The information in the smartcard is organized in tree hierarchy. The root is called the master file . Master file contains several elementary files and several dedicated files. Dedicated files are like directories and elementary file are analogues to the files. All the files contain header information where in which all the security attributes are defined. Any application can traverse the file tree based on the security attributes defined on that file.
11.1.3 Access Rights
There are five levels of security is defined Always (ALW): Access of the file can be performed without any restriction. Card holder Verification 1 (CHV1): Access can be only be possible when a valid CHV1 value is present Card holder Verification 2 (CHV2): same as CHV1 Administrative (ADM) : Access to the admin privillages of the card Never (NEV): Access of the file is forbidden CHV1 and CHV2 are the two security PINs stored in the card. Where as CHV1 is common user identification PIN and other is a specific unblocking PIN pre-stored in the card. The OS block the card after a wrong PIN is entered after some consecutive time. The card can be unlocked only with the unlocking PIN. There are also restrictions for the number of times the card can be unlocked, after which the card becomes useless. To cater the increasing demand for financial applications in portable and small devices, javasoft have taken initiative to address this problem. Java Card was introduced by Schlumberger and submitted by Java Soft as a standard. Java Card is a subset of the Java programming language that is interpreted on a standard 8-bit smart card microcontroller. In addition to providing APIs, Java Card also specifies the card initialization, personalization and secure loading and development aids.
11.1.4 Java Card Platform
The Java Card platform is the leading platform for multi-application cards in mobile telephony. It is also the only platform that has passed security evaluations for issuance by all major financial payment associations. In addition, it has passed security assessments by leading government authorities, including the US Department of Defense and the US National Security Agency. The Java Card platform provides further security enhancements, such as transaction atomicity, cryptographic classes and the applet firewall. A wide body of scientific publications is available for use in formal evaluation of systems, like the Java Card run-time environment and the applets loaded in the card. Smart card products built using different, proprietary OS designs cannot provide the level of code reusability and data integrity guaranteed by the Java programming language.
11.1.4.1 Transaction atomicity
This means that either all updates to persistent memory in a marked transaction will be performed if the transaction is completed normally, or none of updates will persist if the transaction is aborted Atomicity contributes greatly to the security of the smart card. For example, if the card is prematurely removed during a transaction between reader and card
11.1.4.2 Application Firewall
The Java Card platform provides a secure execution environment with an applet firewall between different applets in the same card. A Java Card applet resides in the card isolated from other applets by the firewall. The firewall is a feature of the Java Card runtime environment to provide detailed control over the use of data stored in objects that have a shared implementation. The firewall mechanism transparently gives an applet a private partition of the card memory. As a result, a malfunctioning or even hostile applet cannot affect the functioning of the card or any another applet loaded on the card.
Java Security package
The Java Card security and cryptography packages allow an approach to application management that is analogous to the secure class loader of Java 2 Standard Edition. The cryptography and security classes support: ■ symmetric encryption and decryption algorithms; ■ asymmetric encryption and decryption algorithms; ■ key interfaces; ■ signature generation and verification; ■ message digests; ■ random data generation; and ■ PIN management.
This cryptography and security support can be used to provide a secure mechanism for downloading and authenticating Java Card applets.
11.1.4.3 Secure Applet loading and deletion
Global platform specification defines the procedure for loading and unloading the class using either Public Key or Symmetric key Cryptography.
11.1.5 Advantage of using java card over other smart cards
Java card is using Java programming language and the Java Card API for development modern object-oriented programming can be used to create secure applications quickly and easily. java card application can encapsulate sensitive data into the object which gives and additional level of security. The separation of the security aspect from the programming part to architectural part help the programmer to develop the application fast and easy The Java language is a strongly typed language. Type mismatches in the source language are detected at compile-time. This helps to minimize the runtime errors. The Java language does not support pointers, preventing security risks known from the C and C++ languages. The Java language provides transparent storage allocation, preventing programming errors by unintended reuse of memory The Java Card framework and run-time environment provide essential security, in case if there is some vulnerability in the OS. The Java Card framework and run-time environment provide these essential security features: transaction atomicity, the applet firewall, and classes to support cryptographic signing and authentication of CAP files.
11.2 GSM Specification and its security requirements
This Global System for Mobile communications Technical Specification (GTS) defines the interface between the Subscriber Identity Module (SIM) and the Mobile Equipment (ME) for use during the network operation phase of GSM as well as those aspects of the internal organisation of the SIM which are related to the network operation phase. This is to ensure interoperability between a SIM and an ME independently of the respective manufacturers and operators. Any implementation of this standard can act as a SIM card in the mobile. It can be implemented in any of the native smart card technologies or in java cards. Java card make use of j2me which is very similar to java but with minimal api set. The GSM standard defines the following characteristics of the SIM to make it internationally inter -operable. Physical characteristics :
Physical characteristics like format and layout of the sim card, its electronic signals and transmition protocols like supply voltage external physical contacts, clock ,baudrate etc.
Logical Model:
Logical model desribes the logical structure for a SIM card, the code associated with it, and the structure of files used.
Security feature:
The security features supported by the SIM enables the following:
• authentication of the subscriber identity to the network;
• data confidentiality over the air interface; File access conditions.
We will be discussing about the security feature in more detail in the coming sections.
Description of the functions:
This defines a functional description of the commands and their respective responses, associated status conditions, error codes etc.
Description of the commands:
This states the general principles for mapping the functions onto Application Protocol Data Units which are used by the transmission protocol. The standard application protocol is APDU (see section IO unit).
Contents of the Elementary Files:
This specifies the Elementary files (EFs) for the GSM session defining access conditions, data items and coding. A more description about the different type so file in SIM will be cover in the coming sections.
Application protocol:
The SIM interfaces with ME; it should follow some protocols/procedure. A list of standard operations between SIM and ME in GSM network operation is listed below.
General Procedures:
• Reading an EF
• Updating an EF
• Increasing an EF
SIM management procedures:
• SIM initialization
• GSM session termination
• Language preference request
• Administrative information request
• SIM service table request
• SIM phase request
CHV related procedures:
• CHV verification
• CHV value substitution
• CHV disabling
• CHV enabling
• CHV unblocking
GSM security related procedures:
• GSM algorithms computation
• IMSI request
• Access control information request
• HPLMN search period request
• Location Information
• Cipher key
• BCCH information
• Forbidden PLMN information
Subscription related procedures:
• Dialling Numbers (ADN, FDN, MSISDN, LND)
• Short messages (SMS)
• Advice of Charge (AoC)
• Capability Configuration Parameters (CCP)
• PLMN Selector
• Cell Broadcast Message Identifier (CBMI)
• Group Identifier Level 1 (GID1)
• Group Identifier Level 2 (GID2)
• Service Provider Name (SPN)
11.2.1 Security features SIM
SIM implements three kind of security.
• Subscriber Identity Authentication
• User and Signalling Data Confidentiality
• Subscriber Identity Confidentiality
11.2.1.1 Authentication and cipher key generation procedure
This is about the authentication mechanism and cipher key generation which are invoked by the network. The network sends a Random Number (RAND) to the MS. The ME
passes the RAND to the SIM in the command RUN GSM ALGORITHM. The SIM returns the values SRES and Kc to the ME. The ME sends SRES to the network. The network compares this value with the value of SRES which it calculates for itself. The comparison of these SRES values provides the authentication. The value Kc is used by the ME in any future enciphered communications with the network until the next invocation of this mechanism. A subscriber authentication key Ki is used in this procedure. This key Ki has a length of 128 bits and is stored within the SIM for use in the algorithms. This key is unique for each mobile user.
There are 2 standard algorithm which are used very commonly used
• Algorithm A3 to authenticate the MS to the network;
• Algorithm A8 to generate the encryption key.
So the the two algoritm are comined in to a single algorithm viz A38 which compute SRES and Kc.
11.2.1.2 User and Signaling Data Confidentiality
The GSM services need user data confidentiality and signaling data confidentiality. Encryption is achieved by means of a ciphering algorithm A5 which produces a key stream under control of a cipher key Kc. This key stream is then bit-for-bit exclusive-or'd with the data transferred over the radio path between the MS and the base station (BS). The cipher key is established at the MS as part of the authentication procedure, as described in the last section, and is transferred through the fixed network to the BS after the MS has been identified.
11.2.1.3 Subscriber Identity Confidentiality
This service allows mobile subscribers to originate calls, update their location, etc, without revealing their International Mobile Subscriber Identity (IMSI) to an eavesdropper on the radio path. It thus prevents location tracing of individual mobile subscribers by listening to the signaling exchanges on the radio path. In order to provide the subscriber identity confidentiality service it is necessary to ensure that the IMSI, or any information which allows an eavesdropper to derive the IMSI, it not (normally) transmitted in clear in any signaling message on the radio path. The mechanism used to provide this service is based on the use of a temporary mobile subscriber identity (TMSI), which is securely updated after each successful access to the system. Thus, in principle, the IMSI need only be transmitted in clear over the radio path at registration. The MS has been allocated a TMSI, denoted by TMSIo, and the network knows the association between TMSIo and the subscriber's IMSI. The MS identifies itself to the network by sending TMSIo. Immediately after authentication (if this takes place), the network generates a new TMSI, denoted TMSIn, and sends this to the MS encrypted
under the cipher key Kc as described in the last section. Upon receipt of the message, the MS deciphers and replaces TMSIo by TMSIn.
11.3 Smart card Standards
In order to ensure that smart cards, smart card readers and smart card applications are interoperable, international standards are essential. Smart card standards have originated from:
• International standards organizations (ISO, CEN etc.)
• Industry based
11.3.1 International Standards:
International Standard for smart card includes the following organizations
The International Standards Organization (ISO): ISO 7816 standard specifies the physical and electrical characteristics as well as the formats and protocols for information exchange between the smart card and the reader
The European Committee for Standardization: This organization defines the CEN 726 standard - Requirements for IC cards and terminals for telecommunications use.
The European Telecommunications Standards Institute (ETSI): A subscriber identification module (SIM) is a smart card that is inserted into a GSM (Group Special Mobile/Global System for Mobile Communications) cellular telephone. The European Telecommunications Standards Institute (ETSI) has published a number of standards dealing with SIMs and their relationship with a GSM phone. In particular, the GSM 11.11 standard provides a specification for the interface between the SIM card and the GSM cellular telephone. In contrast to the master/slave relationship between a smart card and reader defined by ISO 7816, the GSM 11.4 standard allows the SIM to initiate communication with the phone. Consequently the card contains two APIs: one providing services on the card and one providing services on the phone
11.3.2 Industry Standards
EMV: Three bank card associations, Euro pay, MasterCard and Visa, collaborated in early 1996 to produce the EMV specifications that define an international, open encryption standard to allow safe, easy electronic commerce. It is used in conjunction with the Chip Card Payment System (CCPS) to offer a cross-platform and banking setup for the use of smart cards. Both EMV and CCPS are non-proprietary systems that allow for common smart card chips as well as standard ATM and point-of-sale platforms to be produced by vendors for sales worldwide
The EMV specification defines smart card transaction processing and so is more than an API. It is also unique in that it describes a multi application smart card - a smart card that contains more than one application.
Mobile 3D: This is Visa International’s new global specification that ensures security of internet payments made over mobile phones. But the interface for this standard is magnetic interface. It was launched in 2001 and was based on existing payment technologies. It was developed in conjunction with 15 major industry players for a comprehensive e-commerce program designed to ensure safe and secure online payments. The Mobile 3-D Secure specification extends payment authentication initiatives into mobile commerce, enabling Visa card issuers to validate the identity of their cardholders in real time. It ensures that payment data sent over open networks is not compromised and allows consumers to actively protect their Visa accounts from unauthorized use when shopping on-line over mobile devices. It provides for global interoperability regardless of device being used to access Internet. [Source: http://www.cellular.co.za/technologies/mobile-3d/visa_mobile_3d.htm]
EMV would be the most apt standard for the operator because of the following reasons:
Most of the mobile phones in the market today come with facilities like GPRS, WAP and 3G (in the near future). These provide for wireless connectivity and internet access. The secure SIM based solution does not require other compliances in the hardware as such.
Financial institutes prefer the EMV standards. Once the services start to roll out and gain momentum the other standards might fade away.
Most of the e-commerce transactions require the presence of a card association as a key player. And most card associations have already issued mandates for pushing EMV compliance.
Visa EU (Western Europe region) has already set a deadline for EMV compliance of smart card based payment devices. [Source: EMV- Global framework for smart card payments 2003] After the deadline, the responsibility of fraudulent transactions rests with the banks.
EMV is already being deployed in many parts of the world.
OpenCard Framework (OCF): OpenCard was developed by a consortium including IBM, Netscape, NCI and Sun Microsystems. OpenCard provides architecture and a set of APIs that enable application developers to build applications in Java which use smart card readers on any target platform. The Card Terminal component encapsulates all the card reader related classes. A reader can only be accessed through classes in the card terminal component. The Card Agent component facilitates the interaction with a number of card operating systems. This is the only component that is not directly accessible by the applications.
Personal Computer/Smart Card (PC/SC): Microsoft and several other leading personal computer and smart card companies founded the PC/SC Workgroup which resulted in PC/SC which is an interface for communication between smart cards and Win32-based platforms for personal computers. The purpose of the PC/SC architecture and specification is to allow smart card manufacturers and reader manufacturers to develop their products independently. In addition, application programmers can develop smart card applications that are not dependent on a particular type of reader.
Java Card: Java Card was introduced by Schlumberger and submitted by JavaSoft as a standard. Java Card is a subset of the Java programming language that is interpreted on a standard 8-bit smart card microcontroller. It is comprised of standard classes and APIs that enable Java applets to run directly on an ISO 7816 compliant smart card. Java Card does not include 32 or 64-bit data types, threads, multidimensional arrays or garbage collection. Smart card specific libraries (such as EEPROM management, security, T=0 and T=1 communication, data protection) are provided to allow programmers to develop applications independent of the underlying specific hardware. In addition to providing APIs, JavaCard also specifies the card initialization, personalization and secure loading and development aids. A brief description of Java Card is given in the next section.
11.4 Flavors of Smart cards
The smart card can be categorized based on its usability, security requirement, interface and its cost.
11.4.1 Contact cards
This card is most popular and also less costly when compared to contact less cards. It has electrical contacts located on the outside of the card connect to a card reader when the card is inserted. Increased levels of processing power, flexibility and memory add cost. On average the cards typically comprise only 10 to 15 percent of the total system cost with the infrastructure, issuance, training and advertising making up the other 85 percent.
11.4.2 Memory cards
Memory cards have no sophisticated processing power and cannot manage files dynamically. All memory cards communicate to readers through synchronous protocols. In all memory cards you read and write to a fixed address on the card. There are three primary types of memory cards:
• Straight Memory Cards
• Protected memory cards
• Stored Value memory cards
11.4.2.1 Straight Memory Cards
These cards just store data and have no data processing capabilities. These cards are the lowest cost per bit for user memory. They should be regarded as floppy disks. These cards are easily duplicated and cannot be tracked by on-card identifiers.
11.4.2.2 Protected memory cards
These cards have built-in logic to control the access to the memory of the card. Sometimes referred to as Intelligent Memory cards, these devices can be set to write protect some or the entire memory array. . Segmented memory cards can be divided into logical sections for planned multi-functionality.
11.4.2.3 Stored Value memory cards
These cards are designed for the specific purpose of storing value or tokens. The cards are either disposable or rechargeable. Most cards of this type incorporate permanent security measures at the point of manufacture. These measures can include password keys and logic that are hard-coded into the chip by the manufacturer. The memory arrays on these devices are set-up as decrements or counters. There is little or no memory left for any other function. For simple applications such as a telephone card the chip has 60 or 12 memory cells, one for each telephone unit. A memory cell is cleared each time a telephone unit is used. Once all the memory units are used, the card becomes useless and is thrown away. This process can be reversed in the case of rechargeable cards.
11.4.3 CPU/MPU Microprocessor Multifunction Cards
These cards have data processing capabilities. Within the card is a microprocessor that manages this memory allocation and file access. This type of chip is similar to those found inside all personal computers and when implanted in a smart card, manages data in organized file structures, via a card operating system (COS). This capability permits different and multiple functions and/or different applications to reside on the card, allowing businesses to issue and maintain a diversity of products through the card.
In addition to this there can be multiple chips to enhance specific functions in the smart card like Cryptographic PKI functions. The smart can again be categorized by defining the difference is in the Encryption Capabilities of the OS and the Chip. These are typically distinguished by Symmetric Key and Public Key.
11.4.4 Contact less card
These are smart cards that employ a radio frequency (RFID) between card and reader without physical insertion of the card. Instead the card is passed along the exterior of
the reader and read. They are also gaining popularity in retail stored value, since they can speed-up transactions and not lower transaction processing revenues.
11.5 Existing Smart card Payment Schemes
In traditional system user spends his own physical money and merchant receives direct physical money no third party come in between transaction but in electronic payment system variety of models are specified by different organization / researchers. These organizations have analyzed the issues and problems that could arise in electronic payments and had set up certain standard for catering these issues. More over these standards will help the inter operability between different payment schemes. The two major standards are EMV (Euro pay MasterCard Visa) and CEPS standards.
11.5.1 General retail
The ability of smart cards to support programs like Loyalty programs, electronic coupons, targeted advertising, partner marketing programs and customer profiles are stimulating the interest of retailer marketing groups. Smart cards provide significant benefits to both retailers and consumers by being able to securely store data so that no unauthorized entity can view it. Smart cards impose strict security requirements on data access, hiding information stored in one application from others. This ensures that consumer data is private and that retailers can securely access only data that is relevant to them. Some of the commercial implementation of the smartcard for retail purpose is listed below.
11.5.1.1 Speed pass:
It is introduced by Exxon Mobil in 1997. This is the first automated payment system for retail purchasing introduced with the RF technology. Motorist enrolled for the speed pass uses a key fob, watch or the transponder attached to the vehicle communicate securely with gas pump or Point Of Sale (POS) terminal .This is a kind of online transaction which took in two steps. First the small frequency radio frequency RFID is send and authorized by the bank and in the next step the transaction is charged to the customer.
11.5.1.2 Master Card Pay pass
Pay pass is launched in 2002 by the MasterCard This contact less smart card eliminate the need to swipe the card at the terminal. Customers tap the card at the card reader and transmit the payment details wirelessly. The Vendors like Chase, MBNA, and Citibank are the vendor banks who support Paypass. Theses banks are piloting this product in Orlando and Florida.
11.5.1.3 American Express: Express Pay
Express Pay is another Contac less payment scheme that is targeted for fast and small value transaction. This is being piloted in Phoenix , Arizona. Express Pay is an account based transaction . Once the customer enrolls for the transaction they need to specify a account that should be used for Express pay transaction. Customer has two options. The Express pay direct links, which have the daily spending limit of $150, links directly, links to an account or credit card for the payment. Express pay preloaded can preload up to $600 per month. The later one is a prepaid scheme
11.5.1.4 E-ZPass
E-ZPass uses ultra – high frequency RF transponder especially used for paying tolls in the Highways, bridges, airport parking lots etc. it uses account based payment scheme where in which the customer is authorized by the transponder. The amount is directly deducted from the customers account.
11.5.2 Transit Application
The transportation and transit market is already moving ahead with smart card technology. These systems use smart card-based electronic tokens for fare collection. Issuers can take advantage of these systems by offering a payment method tied to the transit cards at nearby retailers.
11.5.2.1 GO Mumbai
In 2004 A Little World pvt ltd has launched a transit ticketing system for one of the largest public transportation for Mumbai India. Card is easy to re-load by paying cash or by debiting your bank account. Hundreds of re-load points are being set up all over Mumbai. BEST, HPCL and ICICI Bank are program partners for GO Mumbai. The cards can be used for multiple other applications including payment at shops using debit/creditor stored value; recording service details of utility bills; HP Gas SV/TV vouchers; loyalty; confidential data storage; digital signatures; mediclaim and many other applications. Limited number of cards has been issued for the piloting.
11.5.2.2 Hong Kong Octopus card
In 1997 Octopus card is launched as a e purse for public transportation .Over 9 million card and 150,000 watcher have been issued and over 7 million transaction are recorded in 2 years. This contact less smart card ticketing includes 100 service providers. The use of card has shortened queues at ticket barriers. In addition to that the card can be used for payments at photo booth and pay phones. After 5 years of implementation 25 percent of card transactions are unrelated to transit. More than 160 merchant started accepting the card. This includes leading supermarket & care shapes, softdrink vending machine, payphones and other recreational centers.
Nokia has launched a mobile phone cover that includes an embedded Octopus chip. Twelve Honkong a bank are one credit card company support octopus card. According to the official report by Asian Pacific smart card association 95% of the “economicalluy active population” in Hong Kong was using octopus card.
11.5.2.3 Washington Metropolitan travel card
Washington Metropolitan travel authority launched contact less smartcard called smart trip in May 1999. Just over 4 years more than, 360000 travelers started using smartcard. Increasing acceptance of smart trip cards is used both Contac less transit payment card. Survey data gathered from cardholder indicates that the card holder have found very high level of acceptance and has let to 99% customer satisfaction index.
11.5.2.4 London Oysters Cards
In 2002 transys introduced smartcard payment for London commuters. In Nov 2002, 6000 buses and 255 tube stations were equipped to accept the smartcard payment. It is expected that 5 million cards will be issued in the greater London area. There are over 16,000 Oyester card enabled terminals spread through out London. The cards can reloaded via the online facilities and at ticket offices
11.5.2.5 San Francisco Bay Transit link
Metropolitan transport committee of San Francisco bay are has introduced smartcard for their transit system . Approximately 7000 contact less smartcard called translink cards have been distributed for phase-1 . Ultimately 26 transit operators could participate in the program. This card complies with ISO standard for smartcard and card has 4Kb of internal memory for data and application storage. The card has a dual interface. A central clearing house and service bureau operator can be reloaded with variety of means, including telephones, mail, and internet. The Translink card can then be used to pay at parking and tooling taxis and retail payments.
11.5.3 Campuses & Government
Both college and business campuses have begun to use smart cards. Major uses have been: asset tracking; meal plans; physical access to labs, dorms, and special events; network logons; and secure data storage, including personnel records, digital certificates and health data. The same card can also have a financial application, allowing purchases on campus and at nearby retail- ers via stored value or prepaid accounts. The power of the smart card for government health and entitlement programs lies in the card’s ability to hold both payment and non-payment applications.
Government can also use smart cards to control both physical and logical access to facilities and networks and can expand the number of programs and agencies that are using smart cards for identification.
11.6 Existing Mobile Payment Schemes
The mobile commerce market has seen high growth through-out the world. The SIM card in the mobile phones will allow issuers to provide an easier payment mechanism for mobile commerce. Other technologies, such as Bluetooth, are also being investigated to further mobile commerce. On-payment applications such as identity authentication and information provisioning will be the key to driving this market. Some of the commercial implementation of Mobile commerce is described below.
11.6.1 MasterCard: PayPass
MasterCard’s PayPass, which was announced in December 2002, eliminates the need for consumers to swipe their credit or debit cards through a reader. Consumers tap their payment cards on (or wave them at) a specially equipped merchant terminal, transmitting payment information wirelessly from the consumer to the merchant. In 2003, Nokia, AT&T Wireless, JP Morgan Chase, and MasterCard ran a pilot in Dallas, Texas, in which the PayPass RF chip was embedded in the back panel of a Nokia phone.
11.6.2 Cingular
Cingular was involved in other mobile payment pilots at the University of Southern California (USC) and Santa Clara University, in which infrared was used to communicate payment information between a phone/PDA and a physical POS terminal. The pilot users paid for products at on-campus locations using their campus debit card by beaming the card information to the POS terminal via IR technology.
11.6.3 Dexit
Dexit4 has introduced a contact less RF payment service in Toronto, Canada, that offers an alternative to cash for low-value, everyday purchases. Consumers who register for a Dexit customer account are issued RF-based payment tags in the form of key fobs or adhesive stickers that can be attached to mobile phones or other devices. To use the tag at a participating merchant, the customer pre-pays funds into a Dexit account and then replenishes the account for a fee, as needed. Dexit has partnered with Bell Canada, TD Canada Trust, National Bank of Canada and TELUS Mobility to offer the Dexit service. As of September 30, 2004, more than 300 merchant locations in and around downtown Toronto were accepting Dexit tag payments and more than 37,000 consumers were registered for the Dexit service
11.6.4 MobileLime
MobileLime, a mobile payment pilot that was launched in the Boston area in 2004, allows consumers to pay for retail goods and services using their mobile phones and a credit card or prepaid account. After registering, the consumer speed-dials a toll-free number, enters a location ID, listens to the purchase amount, and then enters a personal identification number (PIN) to approve the purchase. A text receipt is sent either to the phone or to an e-mail account that is established at the time of registration. Over 7,000 users and 40 merchants now accept MobileLime payment in the Boston area, including some Subway and Quizno’s sandwich stores, movie theaters, restaurants, and taxi services. In the first quarter of 2005 at the National Retail Forum, MobileLime was launched nationally.
11.6.5 I-mode FeliCa
Japan’s mobile phone operators have introduced mobile payment applications. NTT DoCoMo, the largest mobile phone operators in Japan (with over 60% of the market), has been piloting their i-mode FeliCa service for over a year and introduced the service to the public in August 2004. This service is a joint venture between Sony, NTT DoCoMo, and East Japan Railway Company (JR East). Currently there are over 20 i-Mode retail and banking partners Payments can be accepted in several environments, including cafeterias, vending machines, gaming venues, retail POS, airline ticketing, and concert/event ticketing. As of December 2004, four manufacturers offer the NTT DoCoMo smart phone with a built-in Sony FeliCa chip: Panasonic, Sony-Ericsson, Sharp, and Fujitsu. As of December 2004, 43 million NTT DoCoMo subscribers are using i-mode.11 Vodafone's local unit (formerly J-Phone) is testing similar technology, while KDDI, the country's second largest carrier, planned to launch a competing product early in 2005
11.6.6 Moneta Card
At the end of 2001, South Korea Telecom (SKT), in conjunction with five South Korean issuers, launched the Moneta Mobile Card. The Moneta card, a smart card based on Global Platform technology, supports several applications, including EMV credit, Visa Cash e-purse, SKT membership functions, and the SKT OK Cashbag loyalty application. all cardholders had a mobile phone incorporating a full-size smart card slot into which the cardholder inserted the Moneta card to complete transactions over SKT’s mobile network. As of March 2003, SKT redesigned the phone, so that the cardholder can insert the SIM-size Moneta chip on the back of the phone to complete transactions with offline (i.e., physical) merchants. SKT has installed 330,000 dongles and sold 520,000 handsets fitted with the payment chip since the service was launched.
11.6.7 MIFARE cards
In late 2004, the Proximity Mobile Transaction Service Alliance of Taiwan officially launched a new initiative that incorporates contactless Near Field Communication (NFC)
technology into mobile handsets so that commuters can pay with a wave of their phones instead of the contactless “Easy Cards” they currently use. Both Visa International and MasterCard International are part of the Taiwan alliance, along with such telecommunications companies as Chung-Hwa Telcom, Far EastTone Telecommunications, Taiwan Cellular Corp., and VIBO Telecom. Taipei Smart Card Company, which has issued 4 million contact less MIFARE cards used for Taiwan public transit, is responsible for deploying the contact less infrastructure for the alliance.
11.6.8 Simpay
In 2003, Orange, Telfonica Moviles, T-Mobile, and Vodafone announced Simpay, a mobile payment scheme that allows customers to make low-priced purchases through mobile operator-managed accounts. Recently, two additional operators have joined Simpay – Amena from Spain and Proximus from Belgium – which means the scheme now has members in 20 European countries with over 300 million mobile consumers across Europe Simpay will go into use in Spain in mid-2005, followed by launches in the United Kingdom and Belgium in the fourth quarter of 2005. Simpay is estimating that it will generate 1 billion euros (US$1.3 billion) in revenues through its system by 2007{
Wireless Week, op. cit.} The vendors involved in the design and implementation of the Simpay payment platform include Valista, Encorus (First Data), and QPass. Valista's payments software will be used by Orange and its partner France Telecom's w-HA when the carrier launches Simpay. A number of other service providers globally are using the payments software from Valista. Valista provides payments solutions to America Online and the large lottery operator, G-Technology, in the United States
11.6.9 MobileCredit
In South Africa, CreditPipe/MTN has introduced Mobilecredit, a mobile commerce solution enabling merchants to process credit card and check payments using a mobile phone instead of a POS terminal. To perform a transaction a merchant can telephone, using either the Mobile Credit option on the MTN menu on the SIM card (MTN subscribers only) or the MobileCredit line number. The merchant is prompted for the details of the transaction, and the transaction is processed using CreditPipe by the appropriate bank. The service can be used to authorize credit card transactions and guarantee checks, and in both cases a reference number is sent to the merchant’s phone as an SMS to confirm the transaction.
11.6.10 mCheque
In Nov 2005 A Little world in association with Airtel and other leading banks in India
have launched a mobile payment scheme. With mCheque it is possible to pay from one mobile device to another mobile device. This scheme uses encrypted sms for transferring the money equivalent message from one mobile to another. The credit/ debit card information is saved inside the sim card. An application in SIM card enable the transaction.Your mobile can hold up to 16 credit/debit cards from different banks. It uses a single PIN to secure all your cards. MCheque brings the ultimate convenience to pay all utility bills, insurance premiums, credit card bills, EMIs, school fees – register once for each biller – and bills are sent to your mobile to be paid in seconds through your mobile. This payment schemes even enable to pay even through internet.