Embed Size (px)
Citation preview
Your Gateway tomCommerce
Your Gateway tomCommerce
MobiFin-A Mobile Commerce Evolution
Barter
Coins
Plastic money
MobiFin
An extra ten mobile phones per 100 people in a typical developing country leads to an extra half percentage point of GDP per person growth…
…. Leonard Waverman
MobiFin Overview
MobiFin supports major industry standards such as ISO 8583, SOAP-XML, XML RPC, WSDL 1.0 and 1.1 1.2 and custom protocols.
MobiFin solution from Panamax helps service provider to integrate with various operators , banks, wholesaler/retailer and financial institutions for core services which mainly includes Mobile recharges, banking, financial services etc.. Service operator will be able to extend this service into various channels like Reseller Networks, POSA Providers or Web Portal
MobiFin solution has got the edge over existing solutions in this domain because of it’s economical and ubiquitous, Flexible & Scalable nature.
MobiFin empowers a service provider with a set of distinct features that provides an intuitive and convenient way for managing service channels with various interfaces under single roof
MobiFin is a unique Mobile based Transaction Management System that acts as a highly versatile intermediate platform. It enables service provider to diversify business by provisioning core services like Recharges, Banking services, Sales and Support to various channels.
MobiFin - Opportunities
Lottery/BettingMobile MoneyMobile Top-Up
Insurance
Int. Remittance
Loyalty
Mobile BankingUtility Payment
Single PIN Multi Top-UpMicro FinancemTicketing
Service’s at a glance
Mobile Top Up & Bill Payment Mobile Money/Wallet Mobile Ticketing Mobile Banking Micro(Agent/Branchless) Banking
Domestic Mobile Top-up (Airtime Credit)
P2P ( Person-to-Person) Air Ticketing Register Open a limited features account at local retail outlet
International Mobile Top-up (Airtime Credit)
Aggregator for existing MMSP(Super Distributor)
Bus Ticketing Check Balance Your mobile number is your account ID
Utility Payments like Electricity , Gas , Water, Digital TV , School Fees.
International Remittance Toll Tickets Get Statement (Mini Statement) Deposit & Withdraw cash at local retail outlet
PIN Base Top-up Vouchers Network of Remittance Agents use mobiles to Transfer money
Railway Tickets Transfer Funds (Bank-Wallet/Wallet –Bank)
Transfer money & make other service payments
Premium Collection ( Insurance, Loans)
Senders remit money via cash through Agents/Retailers or bank
Movie Tickets Make Payments (Same Bank Transfers)
Self Recharge Recipients collect cash at local Agent/Retailers
Ferry Tickets Stop Cheque
Retailer Recharge & Bill Payment Money Cards for Senders who might not have mobile
Entertainment Tickets (Games, Shows)
Request Cheque Book
Bulk API Change Password
Balance Transfer ( for MNOs) Top up Own Number /other Number
Why MobiFin ?
Prob
lem
Mobile Top Up Mobile Money/Wallet Mobile Banking Micro Banking
Voucher recharge is expensive, fraud prone, with logistics challenges
Son works in city; remits money to family in village via informal channels
Person is banked Person is unbanked, works & lives in urban or rural area, earns & spends cash
Voucher is unfriendly and needs every MNO’s EVD SIM Card
Traditional rémittence infrastructure not available
Banking is cumbersome due to limited branches & ATM, no computer & Internet for online banking
Cash handling is a security problem
Agents wish to deploy low working capital, more efficiently
Mobile phone is his primary device
Unable to access banking services & Has Mobile Phone
Mobile Top Up Mobile Money/Wallet Mobile Banking Micro Banking
Multi-channel PIN-less top up
Agents use mobiles to send & receive money, via prepaid accounts held with service provider
Enable full banking services on any mobile, with full security
Agent with mobile is Human ATM
Device & network independent
Provides doorstep banking with minimal infrastructure
Solution Architecture
MobiFin – System Interfaces
Short Messenging Service (SMS) SMS Based Mobile Application
POS Handheld terminals
GPRS POS Access
GPRS Mobile Application
WAPDistributor Mobile App - Android, J2ME, BlackBerry, iPhone
Reseller Mobile App - Android, J2ME, BlackBerry, iPhone
CSR Mobile App - Android, J2ME, BlackBerry, iPhone
Web Admin Web Portal
Foreign Language Support
CSR Web Portal
Reseller Web Portal
Corporate Web Portal
Distributor Web Portal
Bulk Distributor Log IN
Merchant Log INUnstructured Supplementary Service Data (USSD) USSD Menu
Interactive Voice Response (IVR) Dynamic IVR Management
POS Device ApplicationSpectra, Visiontek, Ingenico and Verifone
Kiosk Device Application Standalone/Wall Mounted Kiosk
Service Flow
Mobile Account
Wallet Transfer
Bank Transfer
Load Money from bank Account
Load Money from bank Account
Check Balance
/Statement
Wallet (Bank) Services
Merchant Payment
Merchant Payment
Mobile Top UpMobile Top Up
Internet Top Up
DTH Top UP
Domestic Remittances
Domestic Remittances
Top Up ServicesTop Up Services
International Remittances
Electiricity
Tax Collection
Remittances Serices
Remittances Serices
Loan Payments
School Fee Payment
Bill Pay
Change PasswordChange
Password
Change Transcation Password
Change Transcation Password
Settings
Mobile Top-Up Utility Payment
Recharge Card Challenges
• Time to market
• Cost of printing
• Transportation and storage
• Damage in transit, theft, and fraud
• Limited visibility on distribution channel
• Revenue realization
• Geographic coverage
• Stock availability
• Higher investment in stocks
• Time lag in stock arrival
• Storage
• Dependence on the channel members
• Availability of the preferred denomination
Operator ChallengesOperator Challenges Channel Member Challenges
Channel Member Challenges Customer ChallengesCustomer Challenges
mTopUp Advantages
• mTopUp Advantages
• Multi-channel PIN & PIN-less Top up• Multi Operator Single PIN & PIN-less Top
up• Device & network independent• Self Recharge• Retailer Recharge• Bulk Recharge (API)• Balance Transfer (MNO)• Bill Payments (Utility)• Top up Via Banking Transaction
Issues with traditional mobile recharge system
* Voucher recharge is expensive, fraud prone, with logistics challenges
* Recharge cards are unfriendly
* Additional expense on paper, printing, distribution and customer care on these cards
* Agents wish to deploy low working capital, more efficiently
Services
Service Offered Brief
Electronic Voucher Distribution e-PIN being electronically delivered to subscriber’s phone at the point of sale
Physical Voucher Recharge Scratch Cards sold with predefined pins with Fix denominations
Bill payments Bill Payment for various utilities
API based Bulk Recharge (3rd Party Recharge) Provides e-enabled distributors to connect their IT systems to Button Pay e-Recharge system over our open API, to enable them to sell any value top up via their retail points, by opening one bulk account
Direct self recharge by subscriber
Enables subscribers to recharge their own or another account using their own handset or a web portal, and making payment via credit / debit card, or, direct bank debit
Transaction Type
Mobile Handsets
Web Portal
SMS
IVR
Open API: XML, HTTPS
ATM, Direct Bank Debit, Credit & Debit cards
(requires integration)
Feature RequiresBanking IntegrationFeature Requires
Banking Integration
MobiFin Apps
• MobiFin provides Application for • Java • Symbian• Smart Phone (Android & IOS)• Blackberry
MobiFin – Distribution Management
MobiFin provides a Flexible and easy way to make and manage distribution channels. MobiFin platform offers CSR(Customer Service Representative) and Distributor Mobile Apps which allows to create and manage Agents/Retailers in real-time. Upon successful creation of Agent , Agent will receive E-mail and SMS with the Credentials. CSR/Distributor can transfer E-Value to agents account and Agent can perform Transactions.
MobiFin platform support a Distribution channel up to 16 Levels. Also , allows to Create a Distributor. Distributors can have their own Mobile Applications and Web portals through which they can Create and manage agent/Retailers under them. They can set the desired Products and commissions to the agents and control their business. MobiFin also allows real-Time reports which shows on going transactions and Commissions.
Channel Management Feature
• Multiple domains
• Multiple level channel hierarchy under a domain
• Channel entity in a domain (configurable)
•Distributor
•Sub-Distributor
•Sales Agent
•Retailer
• Channel Category grades for different commission and control profiles
• Channel user association with Area/Sub-Area for reporting
• Create/Delete channel members in bulk
• Transfer Channel member with down-liners in the same domain
Allows an Operator /Service Provider to Define N-level Distribution HierarchiesAllows an Operator /Service Provider to Define N-level Distribution Hierarchies
Add/Modify/Delete Channel UsersAdd/Modify/Delete Channel Users
Channel Management Feature
• Parent association of a channel entity
• Direct transfer from one channel
entity to another
• Allow/Deny channel bypass for
transfer
• Allow/Deny withdrawal of credit from
channel entities
• Allow/Deny return to channel entities
• Activate/Deactivate services (e.g.
Recharge, Bill Payment)
• Commission profile for:
• Operator /Service providers to
Channel transfer
• Channel to Channel transfer
• Channel to subscriber transfer
• Additional commission based on
the consumption of service
• Value of transfer
Association Rules forChannel Domain
Association Rules forChannel Domain Commissions ManagementCommissions Management
Retail chain tree policy management
Business Rule Manager
Transaction Rules
Daily/Weekly/Monthly
Transaction Control
Daily/Weekly/Monthly
Transaction Control
Daily /Weekly/Monthly
Amount Control
Daily /Weekly/Monthly
Amount Control
Daily /Weekly/Monthly
Service Rules
Daily /Weekly/Monthly
Service Rules
Retail Rules
Retailer Service RulesRetailer Service Rules
Retailer Amount RulesRetailer Amount Rules
Retailer Transaction
Rules
Retailer Transaction
Rules
Sales Rules
Sales Service RulesSales Service Rules
Sales Amount RulesSales Amount Rules
Sales Transaction RulesSales Transaction Rules
Mobile Money Int. Remittance
mTransfer
The Mobile Money
ecosystem consist of Bank ,
Agent and End Users. Banks
being the Financial institutes
provides all the Financial
features. Agents and End
Users can access the Services
which Banks provides after
the Integration with MobiFin
system
MobiFin system ensures
smooth Agent and User
registration process with KYC
status at mobile application
and web portal levels, If the
KYC is in-complete , the
Agent or User will receive
alerts for defined time and
then the MobiFin system will
automatically Block them
ensuring that no any
Transactions are done
without complete KYC.
The Consumer and Agents
needs to be registered on the
Platform and complete the
KYC process to start using the
Mobile Money Services.
Mobile Money allows banked
as well as unbanked people
the ease to Send and Receive
money without any hassle.
The Mobile Money concept has transformed many countries from Cash based market to Cash Less market.
Mobile Money for Agents (P2P)
• The agents/retailers have mainly have two services for Mobile Money users. Send Money Receive Money
• Using Send Money , the Agent can load money into the End User’s Wallet. Basically , the End User providers physical cash to Agent and ask agent to transfer eValue into his/her wallet. Below snapshots providers graphical view for the same
Receive Money allows the End User to convert their eValue in to physical cash. In this case , The End User has to transfer the evalue in to Agent’s wallet and get the physical cash on confirmation of the same. Receive money request are generally initiated by the End Users from their mobile Devices. They can initiate the Receive Money request either from USSD or SMS. Upon successful Transaction , The user and the Agent gets notifications from provider and user gets the physical cash from Agent.
Mobile Money for End User
The End Users can avail lot of benefits from the Mobile Money services. It allows them to Send and Receive money easily without using any banks services. The user needs to register and perform KYC process to active Wallet on MobiFin system. Once the Wallet is Active , User can start leveraging the various services provided by MobiFin system.
The End Users can access various services like Wallet to Wallet transfer , Bank to Wallet and Wallet to Bank transfer , Merchant Payment , Top-up , Utility Payment and Ticketing from single Wallet account. The Wallet consists of three main Money Services :
• Bank to Wallet Transfer
• Wallet to Bank Transfer
• Wallet to Wallet Transfer
The below snapshots describersthe steps involved in UserApplication to perform Transfer
Mobile Money for Merchants (M2M)
• Mobile Money can play vital role for the Merchant when it comes for collecting cash from consumers.
• In many cases , Merchants have distribution channels under them and collecting cash for the supplied Goods becomes tedious job. The MobiFin platform allows Merchants an easy way to achieve the same. Merchant can register their own distribution channel on MobiFin system and enable Cash less transactions through Wallet transfers.
• FMCG Distribution, Bars, Restraunt’s, Shopkeepers , Malls , Super Markets Etc. can also facilitate their consumers to make payment towards their purchase through Wallet.
• Upon successful payment , Consumer and Merchant can get E-mail or SMS notifications.
mTransfer Advantages
• mTranfer Advantages
• Agents use mobiles to send & receive money, via prepaid accounts held with service provider
• Network of Remittance Agents use mobiles to Transfer money
• Senders remit money via cash through Agents/Retailers or bank
• Recipients collect cash at local Agent/Retailers
• Money Cards for Senders who might not have mobile
Issues with traditional Remittance process
* Son works in city; remits money to family in village via informal channels
* Traditional rémittence infrastructure not available
Dynamic Charging Management
Sr. No Services Supported Charges1 Wallet Transfer Fix Amount Based Charges Wallet Transfer Flexi Amount Based Charges2 Withdrawal Fix Amount Based Charges Wallet Transfer Flexi Amount Based Charges3 Load Cash Fix Amount Based Charges Load Cash Flexi Amount Based Charges4 Check Balance Transaction Based Charges5 Top Up Services Fix Amount Based Charges Top Up Services Flexi Amount Based Charges6 Remittances Services Fix Amount Based Charges Remittances Services Flexi Amount Based Charges7 Bill Pay Services Fix Amount Based Charges Bill Pay Services Flexi Amount Based Charges8 Tax Collection Services Flexi Amount Based Charges9 Merchant payment Services Flexi Amount Based Charges10 Ticketing Services Fix Amount Based Charges Ticketing Services Flexi Amount Based Charges11 Change Password Transaction Based Charges
Participants in Ecosystem
Participants Brief
Mobile Money Service Provider (MMSP)- Operates service, branding, marketing, system, cash handling
License & regulatory compliance for service Banks / Financial Institutions Hosts ‘Custodian Account’ holding real cash flowing thru the service
Subscriber Usually un-banked; owns or has access to a mobile SIM Gets m-wallet & limited set of Services based on product choice
Authorized Retailer: Agent Branded outlet for MMSP, where new subscribers open m-wallets
Performs cash-in (deposit) and cash-out (withdrawals) for users
Super Agents Agents Used by MMSP to create network of Agents
Mobile operator Carries mobile transactions on their network through 3G,Edge,GPRS,USSD ,SMS
Provides SMS connectivity for their subscribers (short code)
Operational Flow
Operational Overview
Agents Subscriber
Service Provider enrolls authorized retailers as Agent Subscriber visits Agents to make transfers; gives – name of the recipient ,phone number and valid ID is required
Agent carries prominent Service Providers signage on outlet Sender pays cash to Agents : Agents uses Handset Menu to transfer corresponding amount from his M-Wallet into a Holding Account
Service Provider creates m-wallet for each Agent, into which the Agent deposits a prepaid balance (Working Capital)
Platform generates token code for each remittance received into holding account and notifies agents, sender and recipient
Agent deposits & transacts either directly with Service Provider or via Super Agent
Recipient visits local Agents, provides Token Code, Name, Valid ID : Request Collection
Agents accesses service from user friendly menus on their mobile handset through Mobile OS
Local Agent pulls inward remittance from Holding account into his M Wallet via his handset and pays cash out to the recipient
Recipients can also choose to pull their inward remittance into their bank accounts ( Banking Integration Recquiered)
Subscriber to Subscriber Transfer (P2P)
Register for the P2P service to transfer virtual amount.
The sender initiates the transfer through SMS/USSD/WAP applicationThe SMS/USSD/WAP application that contains the keyword, receiver’s mobile number and amount of transfer .The sender confirms transaction with Mpin secured transaction pin for secured transactionThe sender shall also receive the transaction ID , amount and the mobile number of the person for the transaction done
Transfer Processing & ControlsDetermination of service profile and checks for ‘no bar’ status of both entitiesOn successful transfer, the sender and receiver would receive a confirmation messageThe receiver would receive the sender’s Mobile number, amount transferred and the transaction idThe sender would receive the transaction confirmation with the receiver's name/ Mobile number , transfer amount
and transaction id on successDebit sender's talk time account from the IN and Credit receiver’s account using charging system interface in case of
MNO lead model or shall be in the form of virtual wallet credit.
Initiation of Transfer
Mobile Banking
Changing Scenario of Banking
Changing customer needs together with major advancements in technology are transforming the banking landscape.
Customers now expect a broad portfolio of personalized offerings and convenient, multi-channel access to banking services
At the same time banks’ traditional dominance of the banking market is being challenged by new players, such as mobile operators, mobile device manufacturers, online payment processors, and location based service providers - many of which are launching innovative financial products riding on digital technology
Banks must keep pace with changing consumer needs and increasing competition to remain relevant to their customer base and retain their leadership in the market for Banking services
At the same time, banks must cultivate their top line and improve overall performance. To fast-track revenue growth banks need to increase product uptake amongst their existing customers and extend service reach to unbanked segments
Many banks are looking to meet these challenges by adopting mobile banking as a means of delivering cost-effective, omnipresent banking services to a wider audience - and as a route to providing convenient, secure, personalized mobile banking services.
Upholding profit margins necessitates an increased focus on driving productivity - reducing the overall cost to reach out the customers
mBanking for Banked Customers
• MobiFin -mBanking solution enables banked customers to access banking services securely from their mobile handset, both to seek account information & to perform financial transactions. The solution integrates seamlessly with existing banking & telecommunication infrastructure
• Bank customers are provisioned on the system to access their account and carry out transactions like Notifications and alerts , Bill payment, transfers and transactions, Account and wealth management & Financing: credit, loan, insurance
• Mobile phone used as banking terminal
• Menu driven application• Bank-grade security
• Mobile phone used as banking terminal
• Menu driven application• Bank-grade security
Service provider lead Business model
Bank offers Mobile Banking to their customers Bank holds all Bank Accounts in their systems
Serves multiple banks & enrolls merchants Provides back end technology, handset application & connectivity with all mobile operators
Bank earns Transaction Fees, Commissions or subscription on service packages
Service Provider processes mBanking transactions on behalf of banks (integrate their system with bank)
Service Provider manages e-Top Up for all Mobile Operators as their distributor & utilize existing relationships
with utilities for Bill Payments via mobile
Participating Bank/Financial Institute
All transactions are
then performed at the
bank host, and the
micro banking system
serves as a proxy,
providing secure
access via user’s
mobile phone.
If the bank, MBSP or
the licensor so
requires, then the
micro banking system
can be integrated with
the bank’s IT systems
to create ‘real’ bank
accounts behind each
subscriber m-Wallet.
The bank is
responsible for
obtaining license for
the service, regulatory
compliance, facilitating
inter bank transfers &
settlements, forex
trading license (if cross
border remittances are
offered).
A Bank would either
directly be the MBSP,
or would have equity /
contractual
relationship with
MBSP
Mobile Banking Services
mWallet Services•Cash IN from Bank Account •Cash Out to Bank Account •mWallet Statement •Wallet Money Transfer
Banking Services•Mini Statement and checking of account history •Alerts on Account Activity or passing of set thresholds•Access to card statement•Cheque Book Request •Recent Transaction •Add / Remove Bank Account •Bank Fund Transfer •Locating nearest bank branch, ATMS•PIN Provisioning or Change of PIN
Payment •Mobile TopUp •Utility Payment •Mobile Ticketing
Deposit / Withdrawals • Deposit at Banking Agent • Withdrawals at Banking
Agent
AccountInformation
AccountInformation
Payments, deposit,withdrawals,and transfer
Payments, deposit,withdrawals,and transfer
Operational Overview
• Create vendor (bank / mobile operator)
• Create prefix per vendor
• Create different service packs with different product mix per pack
• Create fees per pack or per product
• Begin selling to subscribers
• Allocate service pack to subscribers
• Subscriber registration Links mobile number to account number(s)
Create inactive account Sends application to subscriber, with confirmation Send MPIN Customer changes MPIN, account becomes active
Customer profile stored againstunique Account ID
(internal parameter)
Account ID mapped toMSISDN & bank account
No loss of profile if MSISDN changed
Customer authentication requiredbefore MSISDN change in profile
Customer profile stored againstunique Account ID
(internal parameter)
Account ID mapped toMSISDN & bank account
No loss of profile if MSISDN changed
Customer authentication requiredbefore MSISDN change in profile
mBanking -Features
System is accessed from user-friendly menus on the mobile handset
Subscriber password (MPIN) management via handset & web based self care
Choose basic or smart handset application
Handset menus can be in local language
Capability to integrate multiple banks & mobile operators reliably and efficiently
Configurable Business Rules; earn revenue via subscription or transaction fees
Commissions & fees vary per entity & by transaction type
Configurable transaction limits: per transaction, transaction type of periodic
Trigger based reports
Range of standard & customized reports
Full enrolment & provisioning module
Configurable notification, alerts templates
Secure self care portal
2-stage approval for configuration changes
Built-in Reconciliation module
Account Balance Check / Query
Cheque Book Requests
Stop Cheque & Card Payments
Funds Transfer between own / other accounts
Payments to Merchant Accounts Pre-paid top-up of own & other phones
Bill Payments & Utility Services Payments
Salary Disbursements
Stock Quotes
Last 5 transactions
Payment for these transactions via direct debit of bank account or credit card
Alerts & SMS push/pull messages
Mobile Banking Ecosystem
mBanking Advantages
• mBanking Advantages
Enable full banking services on any mobile, with full security with all following features on a single click of a mobile
Register Check Balance Get Statement (Mini Statement) Transfer Funds Make Payments Stop Cheque Request Cheque Book Change Password
IIssues with traditional banking process
* Time and space specific access to the banking service
* Banking is cumbersome due to limited branches & ATM, no computer & Internet for online banking
* Mobile phone is his primary device
Micro (Agent/Branchless) Banking
Micro Banking Advantages
Agent with mobile is Human ATM
Provides doorstep banking with minimal infrastructure
Open a limited features account at local retail outlet
Your mobile number is your account ID
Deposit & Withdraw cash at local retail outlet
Transfer money & make payments
This system allows people to open virtual bank accounts (mwallets) at authorized retail outlets (Banking Agents), move real money (not airtime as a pseudo currency) between these accounts, and make payments for goods & services to merchants, using their monies in this account.
A neat feature allows salaries to be credited directly into these accounts by employers.
This offers enormous potential to open new markets and business opportunities for service providers, banks, mobile operators & merchants!
Micro Banking Features
Makes banking available at retail outlets Secure way for un-banked to save their money Cash in & cash out (at ATM or retail outlet) Person to Person money transfers o Registered / unregistered to registered / unregistered Long Distance Remittances: domestic or foreign Pre-paid mobile Top-Up: own or other’s phone Person to Merchants payments for purchase of goods / services Disbursement of salary by employer into micro banking account Loan installment repayments using funds in micro banking account Bill payments Balance check Check Last 5 Transactions (mini statement) Change M-PIN Salary credit into m-Wallet by employer Additional functionalities can be added as per requirement of the Service Provider, regulatory requirements and availability of appropriate
API at the Bank host system.
How does it work - Security Standard
Internet
CryptographyAlgorithm
HTTPS SSL 3.0
Firewall Firewall
HTTPS SSL 3.0
CryptographyAlgorithm
CryptographyAES
Security application components
Database Cryptography Digital Certificates - SSL End to end transmission Cryptography Two different authentication processes Ethical Hacking Test (Vulnerability Assessment) Self destruction in case of loss, theft or a password mistake. User vs personal device (only a specific user ID can use a specific device)
Bank
MD5 and SHA1 check sum generation algoritham
IP Sec VPN
ISO 8583
HTTPS SSL 3.0
SMSC
Mobile Banking SMS Alert Notification
Opt in Customer Subscribers
Invitation Bank Solicit Subscription
Queries Customer Request
Information
Customer Relationship Management
Present Offer
AlertsTransaction Alerts Cheque Bounce Alerts Cheque Paid Alert Clearing Cheque Alert Standing Instruction Bank Dispatch
Customer Notices
RewardsUtility
Information
SMS Contact Entry Points SMS Modules Delivery
Path
SMSC Gateway
Carrier Transmission
MobiFin
Customer Handset
Mobile Banking Consumer Registration
Un bankConsumer
Approaching Authorized
Banking Agent in their
area
Banking Agent Enrolled the consumer – Pre data validation – KYC FORM – Opening Bank A/C Fees and will provide receipt.
MobiFin System receive data – dedupe check and send
information to Bank.
BANK
Processed Enrolled Data –
Personalized baking details -
Verification
DispatchConsumer
Consumer
Salary Disbursement to m-wallet
Subscriber Benefits Bank Benefits
Target subscribers are daily / weekly wage earners :Low wage, bottom of the pyramid
Attract unbanked customers –new market segment
Convenient, easy & quick way to save & transfer moneyExtend bank reach via branded “Banking Agents”
Gives banks large ‘retail presence’ without opening expensive branches or ATM’s Visibility via signage at retail outlets
Can get salary credited into m-Wallet account Subscriber handset becomes a virtual debit card
Requires minimal infrastructure: mobile phone & BA; no bank accounts & branches / ATM
Subscribers of all mobile operators can use service, giving banks access to huge prospective customer base
Sufficiently secure & cheap Cost effective way to significantly extend reach of remittance services
Subscribers of all mobile operators can use service Subscribers of all mobile operators can use service
More secure vs. receiving cash salary Enforce timely payment of salary Reduces corruption in cash disbursements Employee gets full amount automatically from central disbursement authority Ideal disbursement mechanism for employees in remote areas
Architecture
Provider
Bank
WEB
IVR
SMS / USSD
Mobile App
Fir
ewal
l
Fir
ewal
l
Secure ANI
https
3DES / AES
https
ISO 8583
ISO 8583
Consumer
Consumer
Security
Scalability, Redundancy & Hardware Architecture
Scalability Redundancy Hardware and Software
The solution is an distributed
architecture that makes it highly
scalable. Technically, there is no
limit to the number of users the
solution can support.
Handle peak traffic reliably and
efficiently.
Deliver high availability, and
therefore, better customer service
and reduce lost revenue
Deploy as you grow
Redundancy can be provided at
each tier, in an active-active model,
and as an active-passive model, with
one node serving as a standby or
backup.
At the DB tier, SQL proxies
(MySQL™) – live replication of
MySQL DB supported.
Geographically DR site – in order to
avoid DR event with no affect to the
total operation.
Specific preferences follow:
Hardware
Application Server: Dual Quad Core
Intel Xeon Processor 55XX
Database Server: Dual Quad Core
Intel Xeon Processor 55XX
Operating System – RHEL 5.5 – 64 bit
or Centos 5.5 – 64 bit
AML
• MobiFin has In built Business Rule Manager.
• It can support various rules according to business policy or regulatory requirements.
• It can also be used to block fraud rant transactions.
Float Rule ManagerIt Controls float transfer in-
out of MobiFIN platform
Transaction Rule ManagerIt Controls transaction
control in-out of MobiFIN Platform
Reconciliation
Difference File Generation in case of mismatch of transactions.
Provider/Operator Transaction Data files
MobiFIN Platform Transaction Data Files
Trace Files
User Access Logs :
Platform always logs
user access logs in
the DB .It contains
details like User
Access ,Configuration
Changes. It provides
auditing facility to
admin users.
Transaction Logs : These logs are maintained in the reliable DB thus it is available as Report Formats. It also contains vital information such as Request/Responses in it. It helps to troubleshoot transaction related queries.
Access Logs : Access
Logs providing detail
logs of access made
to App Servers. Helps
troubleshooting
access to platform
from third party
applications.
Application Logs :
Under lying System
Traces which are
useful for application
debugging and
troubleshooting at
highest level.
MobiFin Platform
writes various type of
logs based on access.
Float Rule Manager
Transaction Rule Manager
Actual Site Deployment and Hardware Specs
• Database Servers
• Application Servers
• Redundant servers
• Storage
• KVM
• Routers
• Switches
• Power recq
• Rack Space
Backup & Restore Policy
• Scripts are configured for periodic hot backup (data files) and archive log backups
• Able to perform period cold back-ups
• Scheduled scripts copy the backup files to shared storage
• Backup files are later moved into tapes
• Two copies of archives logs are created
• Archive log files of last two days are available on hard disk for recovery
• Database recovery is done by commands using files from shared storage and tapes
Database Maintenance
• Database space and cluster monitor
• Database tuning
• Database tuning (e.g. Identify database buffer and library caches hit ratios, sort in memory – adjust as required)
• Rebuild indexes with high number of deleted leaves.
• Analyze objects
• Purge Database Server Log Files
• Data Purging - Monthly
• Purging of data
• Adding/Dropping of the partition
Application Maintenance
Server load checking
CPU utilization
Memory utilization
Disk space checking
Monitoring partitions with usage more than threshold set
Purging of old logs
Application server logs
Database server logs
Gateway server logs
Web server logs
Monitoring application cluster
OAM: Alarm Management
• Application subsystem failure: A process level alarm when any of the module can be brought up
• Congestion: A system or network component has reached its capacity or is approaching it.
• Corrupt data: An error has caused data to be incorrect and data is therefore unreliable data passed by the application is incorrect
• File error: The format of a file (or set of files) is incorrect and cannot be used reliably in processing
• I/O device error: An error has occurred on the I/O device cases in which the application is unable to read configuration files
• Resource at or nearing capacity: There is a congestion control mechanism to provide high availability of service
• Response time excessive: The elapsed time between the end of an inquiry and beginning the answer to that inquiry is outside acceptable limits
• VPN Connections, HTTP Links• Links with any other external system e.g. USSD Gateway, SMS Gateway• In the event of any link failure, an SMS/Email is sent to pre-defined numbers
Constantly monitors the followingConstantly monitors the following
Alarm ScenariosAlarm Scenarios
Security level’s
Mobile App. SecurityMobile App. Security
SMS encryption (3DES2)Symmetric Encryption and DecryptionEach SIM is assigned a unique keyTransaction ID Generated at SIM levelMobile App. messages are protected by encryptionMobile App. transaction does not work unless MSISDN is registered
Web Application SecurityWeb Application Security
Login ID and password authenticationIP address authenticationTime of day and days of week based login controlRole based authenticationHTTPS for secure transmissionForced password change every ‘n’ daysForced session idle timeout
Fraud Checking Fraud Checking
Automated barring on failed attempts exceeding thresholdSystem bars customers after a defined number of repeated unsuccessful top-up attempts Configurable block period in between two successful transactions.The objective of setting a time gap is to track and identify abnormal transaction requests Upper limit on the transaction amount permissible in a day
Mobile Access SecurityMobile Access Security
Barring UsersChannel usersSubscribers for P2P transactionsPIN based accessForced changed of PIN on 1st requestForced changed of PIN on a periodic basis
Security Parameters
Security Features Brief
3DES Security Triple DES (3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times. When it was found that a 56-bit key of DES is not enough to guard against brute force attacks, 3DES was chosen as a simple way to enlarge the key space without a need to switch to a new algorithm. The use of three steps is essential to prevent meet-in-the-middle attacks that are effective against double DES encryption. Requests coming into the e-Top Up platform via SMS are encrypted using 3DES, to ensure security during transmission from handset to e-Top Up system
MD5 HashingMD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value, as an Internet standard (RFC 1321). An MD5 hash is typically expressed as a 32 digit hexadecimal number. This is a one-way algorithm and is irreversible i.e., cannot be decrypted.
AESAES has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES),[5] which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data.
SHA1 Secured Hash Algorithm 1 -A 160-bit hash function which resembles the earlier MD5
Application Access Security
Given the functionality & nature of transactions supported on the Mobile Banking/Wallet platform, it is mandatory that the platform abides by strict security guidelines as per industry standards for software platforms, Financial standards, Cyber / Information Security Standards etc.
SMS Security: To make an transaction exchange using SMS, the bank or mobile operators connect to our central server over a secure channel using Industry standard Hypertext transfer protocol Secure (HTTPS), the same protocol is used for online banking.For additional Security we do deploy VPN (Virtual Private Network) Mobile Transactions made through SMS can also apply Second Factor Authentication (2FA) using IVR (Interactive Voice Response) or WAP (Wireless Access protocol)To further safeguard the SMS we store records of each Message. Storing a record of the message is regulatory requirements and we take one more security step by encrypting each message, we use cryptography algorithm from security leader RSA. This encryption technology is based on Asymmetric Public Key Cryptography and has strength of 2048 bits.
Security for USSD: To Make an transaction exchange using USSD , the banks or mobile operators Connect to our network of server system over a session based ( not store –and – forward)Connection. USSD reduces risk and leaves no trace of transaction on handset.
Security over transaction through WEB
Customers who want to transact over web are protected by Inactivity lockout.When an account has no activity for a set time after customer logs in , the connection is dropped, locking the user out.Currently all transactions over web are on secure channel using Industry standard Hypertext transfer protocol Secure (HTTPS)
Mobile Client Applications: Mobile transactions can also be made using a downloadable client (Mobile App).During these exchanges data send from the mobile devise is secured using HTTPS , as well as other security algorithms such as RSA(An American computer and network security company. RSA was named after the initials of its co-founders Ron Rivest, Adi Shamir, and Len ), SHA 1 (Secured Hash Algorithm 1). Mobile devise they do not support SSL (Secure Socket Layer) protocol are secured by protocols with similar strength.The Mobile application also supports MPIN ( Mobile Personal Identification number ) /Transaction Pin using RSA and AES (Advance Encryption standards) .Another layer of security can be applied with application Pin(A PIN), this pins is validated locally at the middleware or the application.The APIN is used to unlock the application on the mobile phone before connecting to the server system.The additional layer of security keeps Validation information from being stored on the mobile phone or the middleware.
Audit Trail: Every transaction (whether successful, failed or error) passing through our System is logged. The Admin Interface offers a full audit trail for every activity on the system; it tracks & logs all the activities being performed by each admin user on the Admin Interface.
Hardware Interfaces
MobiFin Architecture in HA Mode
MobiFin Architecture in Normal Mode
