George K. Lalopoulos
Hellenic Telecommunications Organization S.A. (OTE), Greece
Ioannis P. Chochliouros
Hellenic Telecommunications Organization S.A. (OTE), Greece
Anastasia S. Spiliopoulou-Chochliourou
Hellenic Telecommunications Organization S.A. (OTE), Greece
IntroductIon
The tremendous growth in mobile communica-tions has affected our lives significantly. The mo-bile phone is now pervasive and used in virtually every sector of human activity—private, business, and government. Its usage is not restricted to making basic phone calls; instead, digital content, products, and services are offered. Among them, mobile commerce (m-commerce) holds a very important and promising position.
M-commerce can be defined as: using mobile technology to access the Internet through a wire-less device such as a cell phone or a PDA (Personal Digital Assistant), in order to sell or buy items (products or services), conduct a transaction, and
perform supply-chain or demand-chain functions (Adams, 2001).
Within the context of the present study, we shall examine widespread used and emerging m-commerce services, from early ones (i.e., SMS [Short Message Service]) to innovative (i.e., mobile banking and specific products offered by known suppliers). We shall also investigate some important factors for the development of m-commerce, as well as some existing risks.
Particular emphasis is given to the issue of col-laboration among the key-players for developing standardization, interoperability, and security, and for obtaining market penetration.
m-commerce serVIces and commercIal Products
M-commerce products and services involve a range of main players, including Telcos (telecom-munications service providers), mobile operators, mobile handset manufacturers, financial institu-tions, suppliers, payment service providers, and customers. Each party has its own interests (e.g., Telcos and mobile operators are interested not only in selling network airtime, but also in becoming value-added services providers offering additional functionality; banks consider the adaptation of their financial services to mobile distribution channels). However, successful cooperation of the involved parties is the key to the development of m-commerce.
Today’s most profitable m-commerce appli-cations concern entertainment (e.g., SMS, EMS [Enhanced Message Service], MMS [Multimedia Message Service], ring tones, games, wallpaper, voting, gambling, etc.). However, new interactive applications such as mobile shopping, reservations and bookings, ticket purchases via mobile phones (for train and bus travel, cinemas and theaters, car parking, etc.), m-cash micro purchases (for vending machines, tollbooths, etc.), mobile gen-eration, assignment and tracking of orders, mo-bile banking, brokering, insurance, and business applications (e.g., accessing corporate data) have emerged and are expected to evolve and achieve significant market penetration in the future. In addition, future m-commerce users are likely to view certain goods and services not only as m-commerce products, but also in terms of situations such as being lost or having a car break down, where they will be willing to pay more for specific services (e.g., location awareness, etc.).
Mobile banking (m-banking) is the implemen-tation of banking and trading transactions using an Internet-enabled wireless device (e.g., mobile phones, PDAs, handheld computers, etc.) without physical presentation at a bank branch. It includes
services such as balance inquiry, bill payment, transfer of funds, statement request, and so forth.
However, there are some problems regarding fu-ture development and evolution of mobile banking services. Many consumers consider those services difficult to use and are not convinced about their safety, while financial institutions are probably waiting for a payoff from their earlier efforts to get people to bank using their personal comput-ers and Internet connections (Charny, 2001). As a consequence, the growth of mobile banking has been relatively slow since the launch of the first m-banking products by European players in 1999 and 2000. Currently, the main objective of mobile banking is to be an additional channel with a marginal role in a broader multi-channel strategy. Nevertheless, these strategic purposes are expected to change with the development of new applications of the wireless communication market, especially in the financial sector.
Now we will examine some characteristic m-commerce products. Japan’s NTT DoCoMo was the first mobile telephone service provider to offer m-commerce services by launching the i-mode service in 1999 (NTT DoCoMo, 2004, Ryan, 2000). Key i-mode features include always-on packet calways-onnectialways-ons, NTT’s billing users for microcharges on behalf of content providers, and user’s open access to independent content sites.
T-Mobile has developed a suite of applica-tions called Mobile Wallet and Ticketing in the City Guide (T-Mobile, 2003). The first is a mobile payment system designed for secure and comfortable shopping. T-Mobile customers in Germany already use this system via WAP (Wire-less Application Protocol). The highlight of the service is that customers do not have to provide any sensitive data like payment or credit card information when they make mobile purchases.
Instead, after logging-in using personal data such as name, address, and credit card or bank details, they receive a personal identification number (PIN). By entering this PIN, a user can make a purchase from participating retailers.
With the Ticketing in the City Guide appli-cation, T-Mobile demonstrates a special future mobile commerce scenario. Here, entrance tickets for events such as concerts or sporting events can be ordered using a UMTS (Universal Mobile Telecommunications System) handset and paid for via Mobile Wallet. The tickets are sent to the mobile telephone by SMS in the form of barcodes.
The barcodes can be read using a scanner at the venue of the event and checked to confirm their validity; subsequently, a paper ticket can be printed using a connected printer.
Nokia offers mobile commerce solutions such as the Nokia Payment Solution and the Wallet applications (Nokia Press Releases, 2001). The first one networks consumers, merchants, finan-cial institutions, content/service providers, and various clearing channels in order to enable the exchange of funds among these parties and to allow users to make online payments for digital content, goods, and services via the Internet, WAP, or SMS. It collects, manages, and clears payments initiated from mobile phones and other Web-enabled terminals through various payment methods like credit and debit cards, operator’s pre-paid or post-paid systems, and a virtual purse, which is an integrated pre-paid account of Nokia’s Payment Solution that can be used with specific applications (e.g., mobile games). The solution enables remote payments from mobile terminals (e.g., electronic bill payment and shopping, mobile games, ticketing, auctioning, music downloading, etc.) and local payments (e.g., vending machines, parking fees, etc.).
Wallet is a password-protected area in the phone where users can store personal informa-tion such as payment card details, user names, and passwords, and easily retrieve it to automati-cally fill in required fields while browsing on a mobile site.
Factors and rIsks
The development of advanced m-commerce ap-plications, in combination with the evolution of key infrastructure components such as always-on high-speed wireless data networks (e.g., 2.5G, 3G, etc.) and mobile phones with multi-functional-ity (e.g., built-in-camera, music player, etc.) is stimulating the growth of m-commerce. Other key drivers of m-commerce are ease-of-use, convenience, and anytime-anywhere availability.
On the other hand, a customer’s fear of fraud is a major barrier. The nature of m-commerce re-quires a degree of trust and cooperation among member nodes in networks that can be exploited by malicious entities to deny service, as well as collect confidential information and disseminate false information. Another obvious risk is loss or theft of mobile devices. Security, therefore, is absolutely necessary for the spreading of m-com-merce transactions with two main enablers:
• A payment authentication to verify that the authorized user is making the transaction;
and
• Wireless payment-processing systems that make it possible to use wireless phones as point-of-sale terminals.
These elements of security are fundamental in order to gain consumer trust.
Mobile phones can implement payment authen-tication through different solutions: single chip (authentication functionality and communication functionality integrated in one chip—SIM [Sub-scriber Identification Module]); dual chip (separate chips for authentication and communication);
and dual slot (authentication function is built in a carrier card separate from the mobile device, and an external or internal card reader intermediates the communication of the card and the mobile device) (Zika, 2004).
0
Furthermore, several industry standards have been developed: WAP, WTLS (Wireless Trans-port Layer Security), WIM (Wireless Identity Module), and so forth. In particular, as far as authentication is concerned, many security com-panies have increased their development efforts in wireless security solutions such as Public Key Infrastructure (PKI), security software (Mobile PKI), digital signatures, digital certificates, and smart-card technology (Centeno, 2002). PKI works the same way in a wireless environment as it does in the wireline world, with more efficient usage of available resources (especially bandwidth and processing power) due to existing limitations of wireless technology. Smart-card technology allows network administrators to identify users positively and confirm a user’s network access and privileges. Today, mobile consumers are us-ing smart cards for a variety of activities rangus-ing from buying groceries to purchasing movie tickets.
These cards have made it easier for consumers to store information securely, and they are now being used in mobile banking, health care, tele-commuting, and corporate network security. An example of a security mechanism is the Mobile 3-D Secure Specification developed by Visa In-ternational (Cellular Online, Visa Mobile, 2004;
Visa International, 2003).
New advanced mobile devices have tracking abilities that can be used to deliver location-spe-cific targeted advertisements or advanced services (e.g., directions for traveling, information about location of the nearest store, etc.). This additional convenience, however, has its risks due to its intrusive nature, since tracking technology may be seen as an invasion of privacy and a hindrance to an individual’s ability to move freely (the “Big Brother” syndrome).
The existence of many different solutions for m-commerce leads to a need for standardization, which can result from market-based competition, voluntary cooperation, and coercive regulation.
Voluntary cooperation
Some significant forums for the development of m-commerce are the following:
• Mobile Payment Forum (http://www.
mobilepaymentforum.org/): A global, cross-industry organization aiming to develop a framework for secure, standard-ized, and authenticated mobile payment that encompasses remote and proximity transactions, as well as micro-payments. It also is taking a comprehensive approach to the mobile payments process and creating standards and best practice for every phase of a payment transaction, including the setup and configuration of the mobile payment devices, payment initiation, authentication, and completion of a transaction. Members include American Express, Master Card, Visa, Japan Card Bureau, Nokia, TIM, and so forth.
• MeT—Mobile Electronic Transaction (http://www.mobiletransaction.org/):
It was founded to establish a common technology framework for secure mobile transactions, ensuring a consistent user ex-perience independent of device, service, and networks, and building on existing industry security standards such as evolving WAP, WTLS, and local connectivity standards such as Bluetooth. Members include Erics-son, Motorola, Nokia, Siemens, Sony, Wells Fargo Bank, Verisign, Telia, and so forth.
• Mobey Forum (http://www.mobeyforum.
org/): A financial industry-driven forum, whose mission is to encourage the use of mobile technology in financial services.
Activities include consolidation of business and security requirements, evaluation of potential business models, technical solu-tions, and recommendations to key-players in order to speed up the implementation of
solutions. Members include ABN AMRO Bank, Deutsche Bank, Ericsson, Nokia, Siemens, Accenture, NCR, and so forth.
• Open Mobile Alliance (OMA) (http://
www.openmobilealliance.org/): The mis-sion of OMA is to deliver high-quality, open technical specifications based upon market requirements that drive modularity, exten-sibility, and consistency among enablers, in order to guide industry implementation efforts and provide interoperability across different devices, geographies, service pro-viders, operators, and networks. Members include Bell Canada, British Telecommu-nications, Cisco Systems, NTT DoCoMo, Orange, Lucent Technologies, Microsoft Corporation, Nokia, and so forth.
• Simpay (http://www.simpay.com/): In order to facilitate mobile payments and deal with the lack of a single technical standard open to all carriers, four incumbent carri-ers (Orange, Telefonica Moviles, T-Mobile, and Vodafone) founded a consortium called Simpay (formerly known as Mobile Services Payment Association [MPSA]). Simpay was created to drive m-commerce through the development of an open and interoperable
mobile payment solution, providing clear-ance and settlement services and a payment scheme that allow customers to make pur-chases through mobile-operator-managed accounts (see Figure 1).
The mobile merchant acquirer (MA), after signing an agreement with Simpay, aggregates merchants (e-commerce sites that sell goods or services to the customer [in Figure1, retailers/con-tent providers]) by signing them up and integrating them with the scheme. Any industry player (i.e., mobile operators, financial institutions, portals, etc.) can become an MA, provided that they have passed the certification and agree on the terms and conditions contractually defined by Simpay.
Membership in Simpay includes mobile op-erators and other issuers of SIM cards such as service providers and Mobile Virtual Network Operators (MVNOs).
When the customer clicks the option to pay with Simpay, the mobile operator provides details of the transaction to the customer’s mobile phone screen. The customer clicks to send confirma-tion. Simpay then routes the payment details (the payment request and the authorization) between the mobile operator (a Simpay member) and the Figure 1. Simpay’s mobile payment solution
merchant acquirer who, in turn, interacts with the merchant. Purchases will be charged to the customer’s mobile phone bill or to a pre-paid ac-count with the customer’s particular operator.
The technical launch for Simpay was expected at the end of 2004 and the commercial one early in 2005 (Cellular Online, Simpay Mobile, 2004).
At launch, Simpay would focus on micropay-ments of under 10 euros for digital content (e.g., java games, ringtones, logos, video clips, and MP3 files). Higher-priced items such as flights and cinema tickets with billing to credit or debit cards will follow.
• Wireless Advertising Association (http://
www.waaglobal.org/): An independent body that evaluates and recommends stan-dards for mobile marketing and advertising, documents advertising effectiveness, and educates the industry on effective and re-sponsible methods. Members include AT&T Wireless, Terra Lycos, Nokia, AOL Mobile, and so forth.
regulation
Directives from the authorities can boost con-sumer trust in m-commerce. This is the case in Japan, where regulators have set up standards for operators who wish to offer m-payment facilities to their users. The system also requires companies who allow for mobile payments to be registered with government regulations, so that consumers know they can get a refund if a service is not delivered as promised (Clark, 2003).
eu directives
The European Commission has proposed some directives in an effort to harmonize regulatory practices of member countries. In September 2000, two directives on e-money were adopted:
the ELMI Directive (Directive 46/EC, 2000) of the European Parliament and the Council of 18
September 2000 on the taking up, pursuit of, and prudential supervision of the business of electronic money institutions; and Directive 28/EC, 2000 of the European Parliament and the Council of 18 September 2000, amending Directive 12/EC, 2000 relating to the taking up and pursuit of the business of credit institutions.
The e-money Directives introduced a set of harmonized prudential rules that should be adopted by national regulators. By implement-ing these requirements, the national regulators would be allowed to authorize and supervise e-money issuers that could enter the whole market of the EU without the necessity of authorization in other countries (Zika, 2004). This strategy, however, might create some problems due to the wide disparity in implementation from country to country in the EU (e.g., e-money issuers in Italy have strict regulatory demands compared to the relatively laissez-faire attitude toward regulation of mobile transactions in Finland). Consequently, some EU members’ mobile payments and related content services infrastructure could develop much more quickly than others, based solely on a country’s legislative approach to implementation of supposedly standard Europe-wide legislation.
Therefore, a balanced approach is needed in order to facilitate competition and to develop mobile business throughout Europe, toward smooth-ing the existsmooth-ing differences between different countries in the EU (EU Information Society Portal, 2003).
Moreover, under the umbrella of the e-Europe 2005 Action Plan, which is part of the strategy set out at the Lisbon European Council to modernize the European economy and to build a knowledge-based economy in Europe, a blueprint on mobile payments is under development (working docu-ment). This blueprint aims at providing a broadly supported approach that could give new momen-tum to industry-led initiatives and accelerate the large-scale deployment of sustainable mobile payment services, including pre-paid, post-paid, and online services, as well as payments at the point-of-sale (e-Europe Smart Card, 2003).
The EU Blueprint formally supports two ob-jectives of the Action Plan eEurope 2005, which sets the scene for a coordinated European policy approach on information society issues:
• Interoperability
• Reduce barriers to broadband deployment (including 3G communications)
Issues like security and risk management, technical infrastructure, regulation and oversight of payment services provision, stimulation and protection of investments, and independence of mobile services providers from mobile networks are examined within the scope of the blueprint, which is expected to be endorsed by the main stakeholders (i.e., critical mass of market actors in both the financial and telecommunications sectors, as well as the relevant public authorities) by the end of 2005.
regulation in the u.s.
The U.S. approach, in contrast to that of the EU, is based on a more relaxed view of e-money.
From the beginning, the Federal Reserve (Fed) pointed out that early regulation might suppress innovation. This does not imply, however, that the regulatory interventions in the U.S. are minimal compared to the EU. In fact, besides the great number of regulatory and supervisory agencies applying a broad range of very confined rules, there also are many regulators at the state and federal level. Among them, the Uniform Money Services Act (UMSA) aims at creating a uniform legal framework in order to give non-banks the opportunity to comply with the various state laws when conducting business on a nationwide level. UMSA covers a wide range of financial (payment) services, not just e-money activities (Zika, 2004).
conclusIon
Mobile commerce (m-commerce) is seen as a means to facilitate certain human activities (i.e., entertainment, messaging, advertising, market-ing, shoppmarket-ing, information acquisition, ticket purchasing, mobile banking, etc.), while offering new revenue opportunities to involved parties in the related supply chain (i.e., mobile operators, merchants/retailers, service providers, mobile handset manufacturers, financial institutions, etc.).
However, there are some barriers preventing m-commerce from taking off. They include lack of user trust in m-commerce technology, doubts about m-commerce security, and lack of widely accepted standards. As a consequence, the main income source for today’s m-commerce services is the entertainment sector with low-price ap-plications such as ringtones, wallpapers, games, lottery, horoscopes, and so forth.
With the advent of high-speed wireless net-works (e.g., 2.5G, 3G, etc.) and the development of advanced applications such as mobile shopping, mobile ticketing, mobile banking, and so forth, m-commerce is expected to take off within the next three to five years.
The worldwide acceptance and use of stan-dards such as Japan’s i-mode and Europe’s WAP, in combination with the work performed by market-based competition, collaboration of key-players, and regulations imposed by regulation authorities, are expected to boost consumer trust
The worldwide acceptance and use of stan-dards such as Japan’s i-mode and Europe’s WAP, in combination with the work performed by market-based competition, collaboration of key-players, and regulations imposed by regulation authorities, are expected to boost consumer trust