Feeds

It's BANKS v TELCOs: Mobe payments systems go head-to-head

Two industry bodies, both fighting for your cash - and your identity

Internet Security Threat Report 2014

The GSMA's Mobile Connect mobile payments project is going head-to-head with the Payments council's rival Paym system after both systems launched this week.

The mobile operator creates a token which is then shared with vendors to verify who you are. Customers do not necessarily have to tie their actual mobile phone to the token - although that is the obvious choice – as they can elect to use their email address.

This is important because mobile phone numbers are not always transferable. Some countries don't offer it and even in those that do - like the UK - porting SMS capability is a gentleman's agreement rather than a mandated requirement.

There is no plan for the token to be migrated if you move networks; the GSMA wants to make your mobile phone account your ultimate measure of identification.

The project is an umbrella for a number of existing schemes such as Japanese operator KDDI's AUID and similar schemes.

David Pollington from the GSMA told The Register that he envisages a model where the customer logs into a website and there is a button on the screen which sends a text message to a mobile phone number for verification, there are however already a large number of schemes like this in place, but the GSMA is making a bid for a central platform.

The association sees the mobile phone number as a unique identifier for a person which can replace multiple usernames and passwords. The scheme is based on the OpenID protocol which is used for the Google+ sign-in among other applications and there are existing Android APIs.

Those signed up to the project include: Axiata; China Mobile; China Telecom; Etisalat; KDDI; Ooredoo; Orange; Tata Teleservices; Telefonica; Telenor; Telstra and VimpelCom, as well as digital service providers Dailymotion, Deezer, Gemalto, Giesecke & Devrient, Morpho, Oberthur and VALID.

You'll notice that these are all companies in the mobile space. It doesn't include anyone who makes a solid non-mobile product, or even any banks.

A different list is Bank of Scotland, Barclays, the Cumberland Building Society, Danske Bank, Halifax, HSBC, Lloyds Bank, Santander and TSB Bank. You'll notice no mobile phone companies here.

These are the lead providers for Paym - a mobile payments solution led by the Payments Council which is akin to the GSMA but for the UK banking world. You can tell that Paym is well ahead of Mobile Connect because the banks have announced that they have a logo their members can use. Mobile Connect has not yet sorted out its logo.

The service is a little like Barclays PingIt, in that it links your mobile phone number to your account number and sort code. The system is integrated into the existing apps from the participating banks, so to send money to someone you enter - or look up - their phone number, rather than enter the account number and sort code for the person you are sending it to.

The app then does an online database check, to show you the name of the person who has registered that phone number with their account, and the money is sent. This guards against phone numbers being recycled and money being sent to a new user. There are also safeguards to prevent the same phone number being used on multiple accounts.

The service is strictly opt-in and is targeted at peer to peer and sole traders. The banking industry is, after all, desperate to reduce our usage of cash.

Historically, mobile payments hasn't been used anything like as much as the banks would like, although someone did buy a house with Pingit.

The Payments Council expects the services to start rolling out in April, and while the organisation has no control over what its members might charge, it expects that, like the "faster payments" mechanism there will be no charge for using the service.

Of course what is really needed is a system where the connection, presence and billing information the mobile networks have is combined with the services the banks are offering - but that doesn't look like happening any time soon.

Business security measures using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.