Geneva, 9(pm)-10 February 2009

InternationalTelecommunicationUnion

Secure Mobile Banking as Telecommunication Operator Service

Igor MilashevskiyChairman of the Board

Intervale, RussiaE-mail: intervale@intervale.ru

ITU-T Workshop on“New challenges for Telecommunication

Security Standardizations"

Geneva, 9(pm)-10 February 2009

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 2

Mobile commerce

Remote paymentsInternet (Brows)Adopted for mobile terminalSecurity

Payment accountPayments from Bank accountPayments from Mobile Operator account

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 3

Purpose

To provide mobile subscriber with flexible and secure feature, allowing to have remote access to his bank account and to make payments for any goods or services, when the mobile terminal serves as a payment or banking terminal and the wireless network is used as a transport system to carry transaction flow.

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 4

Convenient service

At any time and any placeWhile travelingSimple and structured interfaceAbility to personalize the menuHigh speed transactions in real timeFew payment tools in one handset

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 5

Security

Confidentiality (encoded messages between Bank and Client)Integrity of dataImpossibility of refusal and attributing of authorship of transactionAuthentication (establishment of authority of the payer)

Knows somethingOwns something

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 6

Tools

Payments infrastructureApplet – Java application on SIM-card (STK application)Midlet –Java application on handsetAny mobile-based transport (SMS;USSD; GPRS/EDGE/UMTS)

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 7

Intervale

Established in 1999 (Moscow)Mobile Bank system

The only live solution in CIS implementing VBV remote paymentsCIS leader in technology and live implementations

Remote payment projects (ATMs, POSs, Internet, cash-points)

Utilizes flexibility of Mobile Bank platform for supplementary revenue

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 8

Architecture of secure decision

iMAP aMAP

MSP

Start payment

Payment result

IssuerBank

System

AcquirerBank

System

Payment Network

MerchantIssuer Domain

Issuer Domain Acquire DomainInteroperability Domain

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 9

Components

Issuer Mobile Access Point (iMAP)Supports the interface with MSPCarries out authentication of the client by means of dynamic passwords through a mobile phone

Acquirer Mobile Access Point (aMAP)Supports the interface with MSPGives the interface for interaction with shop (Merchant)

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 10

Components (cont.)

Mobile Service Provider (MSP)Provides interaction between the application on a SIM-card of the client and the Emittent. Carries out routing of inquiries to the corresponding Bank-Emittent

Merchant Recipient of payment

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 11

19.04.23 11

000000000000000000000000000000000000000000000

0000

BANK A

1 PAYMENTS

2 INFO on demand

3 Orders

4 Services

5 Refresh

Exit Ok

Triple click payment

Remote personalization Add/Remove cards or recipients of payment at any time

Balance status always available

Payment from any registered card

Applet

PAYMENTS

1 TOP-UP

2 Bills

3 Digital TV

4 Refresh

Exit Ok

TOP-UP

1 Visa 00000 ON

2 VE 11111 ON

3 ECMC 22222 ON

4 Maestro 33333 ON

5 Refresh

Exit Ok

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 12

Features of realisation

Existing payment infrastructure is usedProvides possibility of initiation of financial transaction, both by the client, and the seller (shop)Corresponds to requirements of the international payment systems to carrying out of remote financial transactions

Geneva, 9(pm)-10 February 2009InternationalTelecommunicationUnion 13

Thank You !