Feeds

It's BANKS v TELCOs: Mobe payments systems go head-to-head

Two industry bodies, both fighting for your cash - and your identity

Build a business case: developing custom apps

The GSMA's Mobile Connect mobile payments project is going head-to-head with the Payments council's rival Paym system after both systems launched this week.

The mobile operator creates a token which is then shared with vendors to verify who you are. Customers do not necessarily have to tie their actual mobile phone to the token - although that is the obvious choice – as they can elect to use their email address.

This is important because mobile phone numbers are not always transferable. Some countries don't offer it and even in those that do - like the UK - porting SMS capability is a gentleman's agreement rather than a mandated requirement.

There is no plan for the token to be migrated if you move networks; the GSMA wants to make your mobile phone account your ultimate measure of identification.

The project is an umbrella for a number of existing schemes such as Japanese operator KDDI's AUID and similar schemes.

David Pollington from the GSMA told The Register that he envisages a model where the customer logs into a website and there is a button on the screen which sends a text message to a mobile phone number for verification, there are however already a large number of schemes like this in place, but the GSMA is making a bid for a central platform.

The association sees the mobile phone number as a unique identifier for a person which can replace multiple usernames and passwords. The scheme is based on the OpenID protocol which is used for the Google+ sign-in among other applications and there are existing Android APIs.

Those signed up to the project include: Axiata; China Mobile; China Telecom; Etisalat; KDDI; Ooredoo; Orange; Tata Teleservices; Telefonica; Telenor; Telstra and VimpelCom, as well as digital service providers Dailymotion, Deezer, Gemalto, Giesecke & Devrient, Morpho, Oberthur and VALID.

You'll notice that these are all companies in the mobile space. It doesn't include anyone who makes a solid non-mobile product, or even any banks.

A different list is Bank of Scotland, Barclays, the Cumberland Building Society, Danske Bank, Halifax, HSBC, Lloyds Bank, Santander and TSB Bank. You'll notice no mobile phone companies here.

These are the lead providers for Paym - a mobile payments solution led by the Payments Council which is akin to the GSMA but for the UK banking world. You can tell that Paym is well ahead of Mobile Connect because the banks have announced that they have a logo their members can use. Mobile Connect has not yet sorted out its logo.

The service is a little like Barclays PingIt, in that it links your mobile phone number to your account number and sort code. The system is integrated into the existing apps from the participating banks, so to send money to someone you enter - or look up - their phone number, rather than enter the account number and sort code for the person you are sending it to.

The app then does an online database check, to show you the name of the person who has registered that phone number with their account, and the money is sent. This guards against phone numbers being recycled and money being sent to a new user. There are also safeguards to prevent the same phone number being used on multiple accounts.

The service is strictly opt-in and is targeted at peer to peer and sole traders. The banking industry is, after all, desperate to reduce our usage of cash.

Historically, mobile payments hasn't been used anything like as much as the banks would like, although someone did buy a house with Pingit.

The Payments Council expects the services to start rolling out in April, and while the organisation has no control over what its members might charge, it expects that, like the "faster payments" mechanism there will be no charge for using the service.

Of course what is really needed is a system where the connection, presence and billing information the mobile networks have is combined with the services the banks are offering - but that doesn't look like happening any time soon.

Secure remote control for conventional and virtual desktops

More from The Register

next story
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Canadian ISP Shaw falls over with 'routing' sickness
How sure are you of cloud computing now?
Don't call it throttling: Ericsson 'priority' tech gives users their own slice of spectrum
Actually it's a nifty trick - at least you'll pay for what you get
Three floats Jolla in Hong Kong: Says Sailfish is '3rd option'
Network throws hat into ring with Linux-powered handsets
Fifteen zero days found in hacker router comp romp
Four routers rooted in SOHOpelessly Broken challenge
New Sprint CEO says he will lower axe on staff – but prices come first
'Very disruptive' new rates to be revealed next week
PwC says US biz lagging in Internet of Things
Grass is greener in Asia, say the sensors
Ofcom sees RISE OF THE MACHINE-to-machine cell comms
Study spots 9% growth in IoT m2m mobile data connections
O2 vs Vodafone: Mobe firms grab for GCHQ, gov.uk security badge
No, the spooks love US best, say rival firms
Ancient pager tech SMS: It works, it's fab, but wow, get a load of that incoming SPAM
Networks' main issue: they don't know how it works, says expert
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.