Mobile-ATM: A Low Cost Mobile Payment System for Developing Countries Amila Karunanayake

Henry Duh

Interactive and Digital Media Institute Interactive and Digital Media Institute National University of Singapore National University of Singapore Singapore Singapore [email protected] [email protected]

alternative to traditional methods. Examples of such solutions are ATM services and credit card/debit card services.

ABSTRACT Mobile-Commerce is a new and popular concept of enabling the financial transactions on mobile phones. With the ever increasing use of mobile devices, especially in developing countries, we envision that smart and new generation mobile applications will change the life style in developing countries. Therefore we propose a new mobile payment system, which utilize the advantages of mobile-commerce application to enhance the life style of the people in developing countries. Mobile-ATM is one of such application, which enabling modern banking services on mobile phones. This application is very useful especially in rural areas, where accessing banking facilities is a critical issue due to distance barriers and poor literacy. Moreover the propose system is design to use real currency(coins and notes) as transaction medium, because electronic coins are not much available in developing countries. Moreover this paper discusses the social, economical and technical impact of the proposed system in context of developing countries. In addition to that it points out the essential security and value added services provide by the propose system, with respect to financial transactions.

Categories and Subject Descriptors

Mobile banking (M-banking) is one of the newest approaches to the provision of financial services through wireless network, which has been made possible by the widespread adoption of mobile phones even in developing countries [1]. It involves the use of a mobile phone or another mobile device to perform various financial transactions either directly with the recipient (micro-payments) or indirectly, via a client's bank account. On the other hand functional capabilities of mobile telephony have been rapid, and have extended usage well beyond the classical applications (telephone calls and short messaging). There is mounting evidence of positive financial, economic and social impact of those technologies all over the world [5]. Additionally mobile based solutions can achieve more coverage. On the other hand one of the most important concerns with such transactions is their security. The mobile networks are based on use of poorly secured wireless protocols [8]. Therefore these reasons make mobile financial applications even more vulnerable to fraud and illegal use than similar transactions performed over open networks. Therefore, one of the main prerequisites for successful, large scale and broad deployment of mobile financial services applications is their security [7]. In many developing countries only very few facilities exist to perform transactions using electronic financial materials [5]. Therefore M-Banking system for developing countries should be capable to use actual notes and coins as the transaction medium.

K.4.4 [Electronic Commerce]: Digital Cash, Security

General Terms Security

Keywords M-Commerce, Encryption, Authentication, Data Confidentiality, Non-reputability, Mobile transaction

Kasun De Zoysa School of Computing University of Colombo Sri Lanka [email protected]

Integrity,

1. INTRODUCTION As a result of industrial revolution and globalization, commercial transactions have rapidly increased. However people realized that exchanging a large amount of money is a risky task.[2] As a solution they started using banking facilities for doing money transactions. At present banks provide attractive facilities for more effective money transactions. However, many problems related to bank transactions are still remaining. In developing countries these problems have become worse [7]. During last two decades researchers have applied information and communication technology concepts to solve banking problems. They introduced E-Commerce and M-Commerce concepts as an

Hence, we propose a new money withdrawal/deposit system (ATM system), that would enable people to perform their ATM transactions based on mobile technologies with additional security features. The proposed Mobile ATM system will reduce some of the barriers of using ATM system and improve security related to ATM transactions.

2. THE ATM SYSTEM The traditional ATM system facilitates customers to access their bank accounts in order to make cash withdrawals or deposits and check their account balance. Although it inherits several weaknesses, at present there are thousands of ATMs scattered throughout the world. Such growth reveals that the ATM is a successful new technology that has been adopted by people. Even though ATM is a very popular electronic transaction system, it associates with several weaknesses. In developing

countries these issues become worse. Some of the major problems inherit with ATM transactions are mentioned below. ATM machines are not scattere all around the country. Therefore users have to travel a long distance to access ATM facilities. In rural areas the situation is worse. The initial cost of installing ATMs is very high. Also, ATMs typically connect to the ATM Transaction Processor securely, via either a dial-up modem over a public telephone line or directly via a leased line, which is expensive. In addition to that banking organizations need trained staff to maintain ATM devices. As a result maintenance cost of ATM machines is not economical. Security, as it relates to ATMs, has several dimensions. There are reports that ATMs have become targets for vandalism. Sometimes thieves are attempting to steal entire ATMs. Shoulder attack [6] is another famous security threat related to ATMs. Simply, the people live in developing regions face lot of difficulties of using ATM. The propose system is designed in such a way that it can solve most of these problems and enhance the security of the transaction.

3. MOBILE ATM SYSTEM Mobile-ATM is a simple M-Commerce application, which provides ATM services. The traditional ATM network can be replaced by the proposed M-ATM system. The key components of the anticipated system are Bank, Customer and the M-ATM agent. Both, M-ATM agent and the customer should have mobile phones, suitably modified to perform the functions of the MATM. The bank has M-ATM server as the front-end, connected to the bank's back-end transaction management system. Figure 1 illustrates the overall system architecture.

3.

At the same time the bank sends a payment authorization SMS to the mobile ATM agent (M-ATM) together with a transaction number (a random number is different from confirmation number).

4.

The customer declares the confirmation number to the mobile ATM agent (M-ATM).

5.

The mobile ATM agent (M-ATM) sends a confirmation SMS to the bank together with the transaction and the confirmation number.

6.

The bank transfers the amount from the customer's account to the mobile ATM agent's (M-ATM's) account and sends a transaction confirmation SMS to the mobile ATM agent.

7.

Bank also sends a transaction confirmation SMS to the customer.

8.

The mobile ATM agent hands over the money to the customer.

Two random numbers are used in a particular transaction to provide non reputability. Moreover it is a legally accepted evidence to confirm that, the transaction has happened completely.

3.1 System Deployment At the customer side there should be a special mobile application, suitable to operate the M-ATM functions. The application requires customer's PIN number for authentication purposes. In addition to that application requires M-ATM agent's mobile phone number and the amount of money to be withdrawn. Finally customer side application sends secure SMS message to the bank with the M-ATM mobile number, the amount of money to withdraw and the customer's account number. At the M-ATM agent's side there should be a mobile application, which is capable of receiving secured SMS messages from the bank. Further it should be capable of sending the transaction number, the confirmation number and the customer's mobile phone number to bank in a secure way. This application also requires agent's PIN number for authentication purposes.

Figure 1: System architecture Transactions take place the proposed M-ATM system is explained as below. 1.

Customer goes to a Mobile-ATM agent's place and sends a secure SMS to the bank (withdrawal request) with mobile ATM agent's (M-ATM) phone number, requested amount.

2.

The bank verifies customer's account and sends an authorization SMS message to the customer together with a confirmation number (a random number).

M-ATM server is providing registration and authentication services for the Mobile ATM. Furthermore the M-ATM servers are responsible for generating two random numbers (confirmation number and transaction number) for every transaction. There is an algorithmic relationship between the confirmation number and the transaction number. The random number generation program will not generate the same number for another transaction. After the 5th step, in section 3, M-ATM servers should be able to identify the two numbers, which belong to the same transaction.

3.2 Security Issues Since the transaction happens mainly through SMS, security issues related to SMS should be considered by the proposed application [7]. Normally in the GSM network, sender and receiver of a SMS is identified by its IMSI [4], which an attacker cannot forge without breaking the GSM/UTM security mechanisms [8]. Therefore, these SMS messages can be used for authentication (at least towards the network). However this protection is only available in GSM network and there is no end to end security. Therefore either the network operator or its

infrastructure must be trusted or the external authentication protocol must be deployed [3]. It is not convenient to trust the network operator and its infrastructure in the context of applications like M-ATM [6]. This factor motivates to design end to end security mechanism for the propose system instead of depending on GSM network security.

4. DISCUSSION There are several features of the Mobile ATM system that makes different from other Mobile banking systems. The most important feature is, Mobile-ATM supports real currency as its transaction medium. Simply customers can exchange real currency (coins and notes) using the system, rather than using electronic currency. In the context of developing countries or rural areas, there are no such facilities to accept or use electronic currency. In that context, this is a significant advantage of the propose system. Security features provide by propose system is another distinguish feature. Since SMS messages propagate though open GSM network, use as communication medium, Mobile-ATM system especially design to provide security features regards to financial transactions. The propose system use asymmetric cryptography factions to implement the security features. However implementing and using IT base solutions in developing countries is a big challenge due to poor communication and IT infrastructure. The solutions which require high end and newest infrastructure to deploy will fail in context of developing countries. Therefore we design the propose system to utilize the existing mobile communication infrastructure. The propose system use GSM network as communication medium, which is available in every country. Remarkable, GSM networks cover most of the geographical areas of the developing regions. Hence Mobile-ATM system is design such a way that utilize the existing infrastructure for its deployment.

5. CONCLUSION We believe that the propose system successfully addresses the issues of difficulties in accessing ATM services in the rural areas of developing countries. It enables more security regard to the ATM transaction. As well as proposed M-ATM system provides legally accepted evidence about the transactions. Without having any additional cost on the infrastructure, the existing mobile networks can be used to deploy this system. Since most of the people have the knowledge to use mobile phones, customers can familiarize with the system easily. The proposed Mobile-ATM system is being implemented in a rural bank in Sri Lanka. We are confident that this application would address a major service gap in developing countries that is critical to their social and economic development.

6. AUTHOR’S BACKGROUD Amila Karunanayake is a research assistant at the Mobile Interactive Media and Entertainment group at mixed reality lab at the National University of Singapore. His major fields of research are mobile computing and augmented reality. He has authored and co-authored over several papers published in international

and national conferences relates to technology for developing countries. Dr. Duh is the deputy director (research) of NUS-KEIO CUTE Center and a joint appointed faculty in the Department of Electrical and Computer Engineering at National University of Singapore, Singapore. He is the chairman of ACM Singapore Chapter, a Senior Member of both ACM and IEEE, the Singapore representative of IFIP Technical Committee 13 on HumanComputer Interaction and the Associate Editor of ACM Computer in Entertainment. His research interests are human-computer interaction, Mobile learning and virtual interface design. Dr. Zoysa is a senior lecture at University of Colombo, Sri Lanka and advisor for Sustainable Computing Research Group (SCORE Group). His main research interests are cryptography, computing for developing regions and digital forensic. He has hands on experience on computing for developing countries. He conducted several researches and user studies on this area and published number of papers on these researches.

7. REFERENCES [1] H. Amcar and R. Kansoy. A mobile telephone based, secure micro-payment technology using the existing ICT infrastructure. CHINACOM2007, 2007. [2] P. Garner, I. Mullins, R. Edwards, and P. Coulton. Mobile terminated sms billing exploits and security analysis. In Proceedings of the Third InternationalConference on Information Technology: New Generations, pages 294–299, Washington, DC, USA, [3] L.-S. He and N. Zhang. An asymmetric authentication protocol for m-commerce applications. In Proceedings ofthe Eighth IEEE International Symposium on Computers and Communications, ISCC ’03, pages 244–,Washington, DC, USA, 2003. IEEE Computer Society. [4]

K. P. Kumar, G. Shailaja, A. Kavitha, and A. Saxena. Mutual authentication and key agreement for gsm. In Proceedings of the International Conference on Mobile Business, pages 25–, Washington, DC, USA, 2006 IEEE Computer Society.

[5] X. Li and G. Autran. Implementing an mobile agent platform for m-commerce. In Computer Software and Applications Conference, 2009. COMPSAC '09. 33rd Annual IEEE International, volume 2, pages 40 –45, 2009. [6] Q. Min, D. Meng, and Q. Zhong. An empirical study ontrust in mobile commerce adoption. In Service Operations and Logistics, and Informatics, 2008.IEEE/SOLI 2008. IEEE International Conference on, volume 1, pages 659 –664, 2008. [7] C. B. of Democratic Socialist Republic of Sri Lanka. Annual report, volume 2. 2009. [8] D. V. Thanh. Security issues in mobile ecommerce. In Proceedings of the First International Conference on Electronic Commerce and Web Technologies, pages 467– 476, 2007

Mobile-ATM: A Low Cost Mobile Payment System for ...

Mobile-ATM: A Low Cost Mobile Payment System for. Developing Countries .... telephone line or directly via a leased line, which is expensive. In addition to that ...
Download PDF
51KB Sizes 1 Downloads 198 Views
Report

Recommend Documents

A Low-Cost and Noninvasive System for the Measurement and ...
There was a problem previewing this document. Retrying. ... A Low-Cost and Noninvasive System for the Measurement and Detection of Faulty Streetlights.pdf.
A 2D Barcode-Based Mobile Payment System
captured and decoded by mobile client software on mobile devices. Moreover, 2D barcodes .... necessary security data, such as PIN and session records. Figure 3 The 2D ... management, and user payment account management. The second .... Netbeans (Vers
Low Cost Multi Level Home Security System for ...
sensor, PIR motion detector sensors, GSM module and a surveillance web camera. The system is much less ...... heat, smoke, sound. A PIC microcontroller 16F76 controls the whole system. It collects information from the sensors and sends SMS to a corre
In-cabin occupant tracking using a low-cost infrared system
In-cabin occupant tracking using a low-cost infrared system. Abstract – Vehicles in future will be safer and more intelligent, able to make appropriate and ...
BILL-LEGS: Low Computation Emergent Gait System for Small Mobile ...
computation Emergent Gait System (BILL-LEGS) was developed as a solution to some of these issues. This method borrows heavily from Cruse's original design ...
A Proposition for Low Cost Preventive Cardiology for ...
A Proposition for Low Cost Preventive Cardiology for Rural Health. Care System. Sujay Deb1 ... 3: Dept. of Computer Science & Engineering. Indian Institute of ...
Medical benefits payment system
Jan 1, 2013 - A long-felt but unful?lled need in the art is a system to reduce the transactional .... 1 (prior art) is an illustration of the current state-of the-art. FIG.
A Low-cost Emulation System for Fast Co-verification ...
(called Infrastructure Microprocessor or IM) to implement different verification ... Section V describes the system implementation, whose automation is outlined in.
A Low-cost Head and Eye Tracking System for ...
In this paper we present a cheap hybrid real-time head and eye ... brought about, in part, by readily available and cheap data capture platforms such as the ...
Walking Programming for a Low-Cost Easy-Operation ...
the system can be recognized in successfully using a low- level PLC through ... For maintaining the stability of the robot, at least three legs must be in contact.
A Comparative Evaluation of Low-Cost IMUs for ...
For example, the accurate orientation data is needed for ... orientation, velocity, and position. The orientation measure- ment is especially important for missions requiring accurate navigation. However, the orientation is not directly measur- able
low-cost road roughness machine
vehicle maintenance, the extent of tyre damage and ... The second class of instrument is the dynamic profile .... the mark at its closest proximity to the road.
Low-cost haptic mouse implementations
Jun 18, 2004 - Actuator For Teleoperator Robot Control,” Bachelor of Sci ence Thesis, MIT, May ... lssues in Force Display,” Computer Science Dept. Univer-.
Low Cost Lexicon
Extraction. Features x. Acoustic Model k a t. R a n. Lexicon or. Pronunciation. Dictionary ... Subspace acoustic models (UBM's) need less data. • Text data for ...
Low-cost haptic mouse implementations
Jun 18, 2004 - facing a user with a host computer. ...... The host computer (console unit) provides com ..... such as used for the Internet and World Wide Web.
A System Architecture for Context-Aware Mobile ...
store user, device, and, for each geographic region, context information. In order to ...... tracking a co-worker you wish to talk to and tracking the office coffee cart in order to .... One such approach is to employ an “open” system composed of
a mobile mapping system for the survey community
The Leica DMC combines three micro-electromechanical (MEMs) based ...... “Mobile Multi-sensor Systems: The New Trend in Mapping and GIS Applications”. In.
A System Architecture for Context-Aware Mobile ...
formation needs of applications, (2) where applications get various pieces of information ..... me excited once again about computer science. As the ... me through this experience in one piece, and stood by me during all those years. vi ..... Environ
A System Architecture for Context-Aware Mobile ...
Users might access their computing applications from wireless portables, via stationary ... The advantages of meeting these challenges can be illustrate by some ...
Handover method for mobile radio system
Jan 11, 1999 - IEEE Transaction on Vehicular Technology, vol. VT—19, No. 4,955,082 A ... Nakajirna, A., Advanced Mobile Communication Network. 5,452,473 A. 9/1995 ... Wireless Communications Research Institute, Ulm (Ger many), pp.
External Localization System for Mobile Robotics - GitHub
... the most known external localization reference is GPS; however, it ... robots [8], [9], [10], [11]. .... segments, their area ratio, and a more complex circularity .... The user just places ..... localization,” in IEEE Workshop on Advanced Robo
Handover method for mobile radio system
Jan 11, 1999 - Nakajirna, A., Advanced Mobile Communication Network. 5,452,473 A .... is, inter alia, to enable the degree of coverage to be made greater Without the ...... ters BM and Bnb Which has the best radio transmission conditions ...
Low Cost Ground Station Design for Nanosatellite Missions - CiteSeerX
based on a GFSK modem and a single-board ARM computer running an open-source Linux kernel ... ground station TNC using TCP/IP and even permits scientists to remotely control their own experiments onboard ... built by a team of graduate students withi