Literature review SECURING MOBILE MONEY TRANSFER SERVICES

GERALD MUNDERU MIGWI

KCA/05/14640

KCA UNIVERSITY

MSC. DATA COMMUNICATIONS

LITERATURE REVIEW

SECURING MOBILE MONEY TRANSFER SERVICES

INTRODUCTION

Definition:

Mobile Money: Electronic money – being essentially digital – has attributes related to mobility and portability. It can be differentiated from other means of electronic payment (such as credit cards, debit cards, smart cards, etc.) because of its ability to replicate the essential attributes of traditional money, such as: liquidity, acceptability and anonymity. Mobile money may be related to mobile wallet, which refers to a digital repository of electronic money developed and implemented on mobile devices, allowing peer-to-peer transactions (P2P) between mobile devices (M2M) from users of the same service. It is similar to a normal physical wallet and is able to store money and credit and debit cards (Eduardo 2011).

Mobile money transfer services are expected to become one of the most important applications in mobile commerce (Varshney & Vetter 2002). Since companies are not going to invest in the development of innovative mobile applications or services unless they can be charged for appropriately, the existence of standardized and widely accepted mobile payment (MP) procedures is crucial for the development of mobile commerce (Pousttchi & Selk & Turowski 2002, Dahlberg & Mallat & Öörni 2003).

Whereas in electronic commerce we still see an important role of traditional payment systems (Krueger & Leibold & Smasal 2006), a payment system for mobile commerce will be typically not adequate until it shares fundamental characteristics of the mobile offer it is to bill for, in particular its ubiquity (Pousttchi & Selk & Turowski 2002, Coursaris & Hassanein 2002, Mallat 2004). As a result a Mobile money transfer service is crucial for, but not limited to the mobile commerce scenario. Pousttchi and Wiedemann (2005) show how customers benefit from Mobile money transfer services procedure: The most important relative advantages over conventional payment systems are ubiquity (the accessibility of a procedure and the reachability of payees at any time from any location), the ability to handle micropayments (smaller than 10 EUR /USD), the avoidance of cash at vending machines, and faster conduction of payments.

Mobile phones should have firm establishments as payment terminals in the most diverse fields. However, whereas merchants and Mobile Payment Service Providers (MPSP) made a multitude of attempts to offer respective services, absence of wide customer acceptance of the offered procedures prevented a market breakthrough in most markets up to now. In addition to the lack of standardization and universality of the procedures, security concerns of customers are one of the main inhibitors (Pousttchi 2005, Ketterer & Stroborn 2002, Ehrhardt 2002, Zieschang 2002).

Definitions of related terms:

Mobile Transactions: This refers to transactions carried out through mobile technologies and devices. In addition to mobile payments, it includes every kind of mobile transaction offered by technology, whether it involves financial values or not.

Mobile payments : Mobile payments include payments made or enabled through digital mobility technologies, via handheld devices, with or without the use of mobile telecommunications networks. These payments are digital financial transactions, although not necessarily linked to financial institutions or banks. There are several models of mobile payments that are currently employed worldwide.

Mobile banking: Mobile banking can be understood as a set of mobile banking services, involving the use of portable devices connected to telecommunications networks that provide users with access to mobile payments, transactions and other banking and financial services linked to customer accounts, with or without the direct participation of traditional banking institutions. This concept can also be regarded as the banking channel through which the digital mobile services are provided by the institutions to their clients, i.e. by integrating the concepts of service and channel.

Analysis Of Securing Mobile Money Transfer Services

Although the issue of security has emerged as a major inhibitor of mobile payment acceptance especially from the viewpoint of customers.

Improving positive security and privacy perceptions are most important for sustained activity in Mobile money transfer services. Security issues in electronic payment procedure have already had a significant amount of discussion in the literature (e.g. Ketterer & Stroborn 2002, Strube 2002, Zieschang 2002). In order to evaluate possible risks related with electronic payment procedures, Reichenbach (2001) uses criteria of multilateral security (Rannenberg 1989) and refines them. Also Jakubowicz, Hanssens and Henriksen (2003) develop a framework for analyzing the risks involved in electronic payments. They include the scenarios in which there may be a loss of money or privacy, the probability of these scenarios and the major possible negative consequences. Both approaches are based on the individual and therefore subjective viewpoints of the researchers. This entails the risk that relevant issues are not included and might lead to a loss of information, or that irrelevant issues are taken into account without any information gain.

Chari et al (2000) argue that mobile commerce solutions differ from electronic commerce solutions because the underlying technology has basic differences which create a range of new security exposures. For instance, the portability of mobile devices makes theft, loss, and damage of client devices much more likely. Therefore they assume that also the perception of security in mobile commerce may differ from that one in electronic commerce.

Examining barriers to adoption of MP, Khodawandi, Pousttchi and Wiedemann (2003) indicate that the lack of perceived security (later defined as subjective security) is the most frequently called reason for a refusal. Rogger and Celia (2004) found similar results.

Finally, Users are usually asked to provide their personal information to a third party service provider in order for them to be able to register and get the service. Therefore they are asked to place immediate trust of their money and personal data on a previously unknown party (Stamatis et al 2004).

Technologies supporting mobile payment transfers

There are two primary technical protocols for conducting mobile money transfers, including short messaging service (SMS) and wireless application protocol (WAP), a basic form of Internet web-browsing similar to PC-based online banking. Recently, new downloadable applications for smart phones have been introduced for mobile (Person to person) P2P transfers, which may leverage SMS or WAP technologies, to facilitate consumer payments. While both protocols have been used in various pilots, SMS is emerging as the most common method for small-value P2P transfers because of its simplicity and compatibility for usage in a variety of mobile phones, including low-end handsets (Cynthia 2010).

Existing approaches in mobile payment procedures have done little to fully address these three requirements. Most MP procedures today use SMS or IVR (interactive voice response) as a method to verify user’s identity, methods that have been proven to be insecure (Stamatis et al 2004).

While the use of SMS is on the rise, it may not be widely adopted for retail payments (Crowe et al. 2010) because of security limitations due to the fact that messages travel and are stored on the handset in plain text without encryption (Mahmoud et al. 2009).

The device manufacturers continue to bring on the market mobile phone models that have advanced capabilities (we are heading towards smartphone domination) and host their own execution environment. It is a matter of time for cryptographic services to be integrated in the devices that will make possible secure communication on voice and data. Furthermore the privacy is at high risk, since interception of data can be done from distance and without physical access (Stamatis et al 2004).

BACKGROUND

Mobile Money Transfer Services

Mobile Money transfer services have differentiated two basic functions of: payments inside and outside mobile commerce (Pousttchi 2005). Inside mobile commerce Mobile money transfer services is used for payments of mobile offers and is ideally system inherent. In the area of charging mobile services we distinguish two basic terms: mobile billing and mobile payment. We refer to mobile billing as billing of telecommunication services by a mobile network operator or a mobile virtual network operator within an existing billing relationship (Turowski & Pousttchi 2004). We define mobile payment as that type of payment transaction processing in the course of which – within an electronic procedure – (at least) the payer employs mobile communication techniques in conjunction with mobile devices for initiation, authorization or realization of a payment (Pousttchi 2003). Outside mobile commerce, Mobile money transfer services procedure can be understood as a mobile commerce application to complete payments in different situations.

Mobile money risk environment

Money Laundering

All activities to disguise or conceal the nature, source of, or entitlement to money or property, or rights to either, when the money or property or rights are acquired from serious crime, as well as all activities to disguise or conceal money or property that is intended to be used in committing or facilitating the commission of serious crime (George 2003).

Challenges in combating Money laundering:

As telecom firms engage in financial services across shared networks in cross-border jurisdictions, the benefits of mobile payments, ubiquity, and rapid settlement may also increase the risk of money laundering in mobile transfer services (Cynthia 2010).

With potential gaps in regulatory oversight, rogue actors may find it possible to evade detection by dividing a large transfer of funds into small ones using multiple mobile phones and accounts. This new landscape may require a service-based risk analysis by regulators to determine new approaches to the oversight of money laundering risk (Chatain, Hernandez, Borowik, and Zerzan 2008).

Since mobile technology-enabled payments do not require the face-to-face interaction that takes place with traditional banking, a more opaque and anonymous experience is created that may permit the opportunity for criminal activity. This is increasingly important as mobile retail payments can occur rapidly and in cross-border environments (Cynthia 2010).

In some countries, anti-money laundering efforts have focused traditionally on high-value transfers, but in this brave new world, criminals may use mobile technology to evade detection by sending multiple small transfers, using multiple phones and accounts (GSMA 2009).

The use of cellular phones makes it possible for the proceeds of crime or terrorist financing to be transmitted over airwaves (INL 2008). These opaque mobile transfers may move rapidly around the world in a digital format, immune to traditional regulatory oversight. Since there is limited expertise in identifying electronic payments crime in the communication systems, the potential for abuse should be considered.

Solution:

Money-laundering and terrorism-financing mitigation programs require service providers to institute a meaningful KYC process that is trusted by all parties to the mobile payment transaction.

Reporting of suspicious transaction through risk controls.

Another issue is the implementation of money laundering risk controls and suspicious transaction reporting for telecom firms. Compliance with these anti-crime laws is a challenging proposition for telecoms because it represents unfamiliar territory to the telecom industry (GSMA 2008c). Similarly, because telecom regulatory oversight has not included financial services, knowledge of suspicious activity reporting may be limited. Compliance can be complicated further by the fact that in many countries nonbanks may not conduct customer due diligence and “know your customer” procedures because of regulatory restrictions (GSMA 2008d). In the United States, many mobile payment service providers are classified as money transmitters or money service businesses, requiring registration in

individual states where they do business, as well as with the Financial Crimes Enforcement Network (FinCEN);

Privacy and security

The concerns for securing the mobile channel mirror the risks seen in the online environment, including authenticating the consumer’s identity and protecting transmission of data from interception enabled by viruses, malware, and phishing attacks. Anecdotally, the mobile environment to date has been relatively secure compared to the online channel where privacy and security of personal and business data is frequently compromised through the use of malicious computer viruses, identity theft, and phishing schemes (Cynthia 2010).

The diversity of platforms and wide range of operating systems make mobile phones less vulnerable to attack than personal computers (GSMA 2010).

Challenges:

The recent surge in smart phone applications may introduce vulnerabilities to malware attacks, which may increase payments risk going forward as bad actors gain access to personal information stored in the handset or accessed through a phone application (Linck et al. 2006).

The growing use of SMS as a common technology for sending a payments message may demand further examination of the need to strengthen data encryption technology (Pousttchi 2005).

Solution:

Creating transparency is a key consideration in addressing security issues—when consumers have the ready ability to view transaction histories on their handsets, the risk of account fraud and other risks can be avoided or mitigated (Cynthia 2010).

Consumer protections

Telecom-specific consumer protections in most countries,were not created with the need for financial services regulation in mind.

Challenge:

The limitations of traditional financial regulation for emerging mobile commerce may result in gaps in legal governance and ambiguity with respect to the responsibilities and liability among parties involved in the payment service.

The mobile commerce environment will demand that financial regulations be adapted to provide oversight for the proliferation of new services, business models, and nonbank service providers.

New regulatory policy will require a comprehensive understanding of the new risks that mobile transactions introduce to consumers, including lost payments through faulty transmissions, fraudulent transactions, identity theft, or criminal activity on the part of the mobile operator, agent, or other payment service provider. In the United States, for example, the applicability of payment law to mobile payments is unclear since MNOs may not be required to provide consumer protections equivalent to those of the banking industry.

For example, Regulation E governing electronic fund transfers includes any entity that holds consumer accounts or issues a payment access device and provides electronic fund transfer services. While mobile money service providers in the United States typically comply voluntarily with Regulation E and other consumer protection laws, actual enforcement authority is fragmented, according to the state authorities where they are licensed. In the absence of Regulation E protections, it is unclear who will assume responsibility or liability for dispute resolution for billing errors, misdirected payment messages, fraudulent charges stemming from identity theft, or compromised mobile accounts resulting from lost handsets when authentication controls are intercepted. Some of these issues may fall within the scope of the Federal Communications Commission’s Truth in Billing Requirements, but enforcement at this nascent stage will lag product and service deployment.

The GSMA provides general guidance for establishing regulatory environments for MMT that underscores the need to coordinate the consumer protection efforts of both the telecom and financial services industry. The cellular telecommunications trade association has also published best practices for telecoms in financial services as a proactive measure, in order to guide the offering of safe and trusted mobile payments and maintain public confidence.

Roaming fraud

Recent successes in global-standards setting to promote interoperability among carriers have simplified the ability for mobile users to roam across geographic markets. The roaming agreements used by international operators to facilitate voice transfers can now be used to send data in the form of cross-border payments. However, wireless data transmissions may be vulnerable to access by unauthorized parties who identify some means to intercept the communication between mobile devices. The growth in wireless telecom services has led to an increasing number of roaming agreements between telecommunications companies in different countries, enabling the transmission of international remittances via mobile phones. Roaming fraud represents a potential threat to the security of cross-border mobile payments. GSMA has recommended that near-real-time roaming data exchange technology be implemented for all GSMA members in order to reduce the occurrence of roaming fraud. The technology involves faster roaming-activity reporting and requires operators to send roaming data to partners within a prescribed time limit. The data includes key call information that can be analyzed if it is received quickly, in sufficient time to detect and mitigate roaming fraud.

Credit risk

Credit risk may emerge in a postpaid scheme whereby the transaction is applied to the user’s phone bill to be paid later. Possibly because of their lack of experience in managing credit risk associated with financial services, telecoms in global markets have largely focused on providing prepaid services in order to manage liquidity and mitigate risk, particularly in telecom-led models that do not rely on a bank partnership. In most countries, nonbank payment service providers are prohibited from accepting consumer deposits or using funds in financing payment activities, which serves to protect the consumer and limits financial system risk (GSMA 2009). For example, Safaricom’s M-PESA mitigates credit risk by collecting prepaid funds from agents. Safaricom deposits into a trust account managed by a leading Kenyan commercial bank, which provides the legal protection for consumers.

In the United States, new P2P services typically involve an established payment vehicle such as a depository account at a financial institution or a credit card to fund the mobile payment. Programs in which the carrier posts charges to the consumer’s phone bill to be postpaid have been largely limited to micropayments for charitable donations, as in the Haiti relief effort discussed earlier, and for small purchases for ring tones and virtual goods in online games. There is no current evidence to suggest that carriers have an appetite for managing credit risk in MMT.

Mitigating risk in mobile money transfer systems

The risk of anonymity in mobile payments may require new authentication technologies such as voice recognition and fingerprinting to verify identification and to employ appropriate know-your-customer programs, particularly at vulnerable points of a transaction when cash withdrawals may be conducted. The use of more sophisticated control systems to flag unusual account activity, based on a customer’s user profile, will be needed to detect increasingly complex money laundering schemes (Cynthia2010).

Since mobile financial transactions occur rapidly, with funds being sent and received in fractions of a second, payment service providers may not detect suspicious activity in time to suspend a transaction (Pousttchi 2005).

The diversity of platforms and wide range of operating systems make mobile phones less vulnerable to attack than personal computers. The recent surge in smart phone applications may introduce vulnerabilities to malware attacks, which may increase payments risk going forward as bad actors gain access to personal information stored in the handset or accessed through a phone application. Finally, the growing use of SMS as a common technology for sending a payments message may demand further examination of the need to strengthen data encryption technology (Cynthia 2010).

Since the success of any payment system is predicated on ubiquity, convenience, and trust, it is necessary to address emerging risk issues in order to maintain public confidence in mobile money. The risk of anonymity in mobile payments may require new authentication technologies such as voice recognition and fingerprinting to verify identification and to employ appropriate know-your-customer programs, particularly at vulnerable points of a transaction when cash withdrawals may be conducted. The use of more sophisticated control systems to flag unusual account activity, based on a customer’s user profile, will be needed to detect increasingly complex money laundering schemes. Since mobile financial transactions occur rapidly, with funds being sent and received in fractions of a second, payment service providers may not detect suspicious activity in time to suspend a transaction. As mobile commerce advances, it will be necessary for mobile payment service providers to establish integrated systems of internal controls that respond quickly to suspicious activity.

The risk of inadequate regulatory oversight stemming from a lack of understanding about the risk exposure inherent in new mobile payment innovations- results in payment system vulnerabilities. Education and collaboration across organizational jurisdictions and the telecom and financial services industries will be necessary to detect and mitigate criminal activity, fraud, and other payment system risks.

Certain aspects of mobile handset technology may be leveraged to provide more secure transactions—by using identification tools to authenticate the user, for example, thereby reducing the risk associated with anonymous transactions. Digital wallets contained in the mobile handset that are provisioned with a secure element and empowered with multifactor authentication may also provide a more secure payment environment in the future. Location-based services available in smart phone applications may also help payment service providers to authenticate the credentials of mobile users engaging in payments transactions. Finally, transaction limits imposed by carriers and financial institutions based on the customer profile and historical usage can mitigate the risk of unauthorized payments.

23

The security issues in m-payments are confidentiality, authentication, integrity, authorization, and

non-repudiation.

• Confidentiality: In m-payments no-one-else should find out what was purchased and how it was paid.

• Authentication: Merchants and mobile customers must be able to trust the identity claimed.

• Integrity: the value of transactions should not be modified by others, knowingly or unknowingly.

• Authorization: parties involved must be able to verify if everyone involved in a transactions is allowed to make payments.

• Non-repudiation: No one should be able to claim that the financial transaction on his/her behalf was made without their knowledge.

Other, non-security issues include accessibility, convenience, speed, ease-of-use, and standardization.

In addition to security and privacy risks, new vulnerabilities arise in mobile financial applications

because wireless devices are used. These transactions may involve multiple wireless networks

with different levels of security. These networks could lead to possible change/deletion of

information, and denial of service. In such an environment, tracing hackers is a difficult job as

devices move in and out of multiple wireless networks and many United States wireless networks

do not authenticate a particular user to a particular device.

Some support for security is provided by mobile middleware. For example, WAP provides security

using Wireless Transport Security Layer (WTSL), but it does not result in the end-to-end security

(only between device and the WAP gateway). The translation between Secure Sockets Layer

(SSL) and WTSL occurs at the WAP gateway. These gateways are vulnerable to Denial of

Service (DoS) attacks because malicious WML Script may run on a device, thereby making other

existing security techniques (signing, authentication and encryption) less effective. Several United

States-based financial companies and associated vendors in the Financial Services Technology

Corporation (FSTC)2 are working on implementing end-to-end transaction support for financial

applications involving mobile devices, wireless networks, and financial institutions. One of the

major hurdles at present is that end-to-end encryption that is not widely available; however, such

encryption will become possible with widespread deployment and use of WAP 2.0.

It is possible to add some security features for financial services. GSM supports both user (PIN)

and device authentication (SSL). Finnish wireless provider Sonera is offering PKI on a SIM card.

Another possibility is wireless PKI, a system to manage keys and certificates and requires the

user to enter 2 PINs (authentication and digital signature). The WPKI is used in WTSL to support

2-way authentication (anonymous: class 1, server: class 2, user: class 3).

Financial services are supported in I-appli service for iMode phones using a version of Java

designed for small devices. I-appli service provided by DoCoMO in Japan using iMode phones

supports few financial services. To provide security for these services, Secure Socket Layer

(SSL) protocol is used at either 40 or 128 bit versions.

Security will dominate any discussions of m-payments, especially, macro payments. Certainly

more work is needed in addressing specific security requirements of m-payments and new ways

to support m-payment security. It is also possible to introduce location as a constraint in deciding

the limit on the monetary value of m-payments, in addition to other traditional constraints such as

type of user, past history of payments, and credit availability. The wireless network that is

currently being used to make m-payment could also be a factor in limiting the amount of money

that can be transferred by its permanently registered users and roaming users.

2 The Financial Services Technology Consortium (FSTC) is a consortium of North American-based financial

institutions, technology vendors, independent research organizations, and government agencies. Its aim is

to bring forward interoperable, open-standard technologies that provide critical infrastructures for the

financial services industry.

Sub security Definition Enabling Concept/technique

Confidentiality

Property that ensures that transaction

information cannot be viewed by

unauthorized persons. Encryption

Authentication

Property that the transaction information actually originates from the presumed transaction partner. Possession (e.g. of a mobile phone),

knowledge (e.g. of a PIN) und property

(e.g. biometric property)

Integrity

Property that the transaction Information remains intact during transmission and cannot be altered. Digital signatures

Authorization

Property that parties involved must be able to verify if everyone involved in a

transaction is allowed to make the transaction. Digital certificates

Non-repudiation

Property that no one should be able to claim that the transaction on his/her behalf was made without their knowledge.

Digital signatures

Table 1. Sub-goals of objective security according to Merz (2002)

ADDIN ZOTERO_BIBL {“custom”:[]} CSL_BIBLIOGRAPHY

ADDIN ZOTERO_BIBL {“custom”:[]} CSL_BIBLIOGRAPHY