Editorial Archives | Feedback

Is Mobile Commerce for You?

by Paul O'Shea

The winds of change are carrying the vision of mobile commerce - again. The experts have been wrong before but maybe the emergence of mobile commerce is the one they will get right. Some are saying that the purchasing convenience afforded by wireless phones and personal digital assistants is likely to give rise to a new set of consumers who rely heavily on mobile commerce. Ovum technology experts expect online sales made from wireless phones alone to exceed $200 billion by 2005.

New technologies are being developed to meet the needs of this growing market. They will include mobile telephones and personal digital assistants in addition to set-top boxes for cable, satellite television systems, game consoles, and other emerging consumer devices.

Then there is the smart card, which uses an embedded microchip. Smart card chips are available as memory-only chips or with storage space for data, and built-in security. These microprocessor chips are controlled by a card operating system, can process data onboard, and carry small programs for local execution. The generic functions of these smart cards include transaction-based storage, storage of personal data, and storage of monetary value (electronic purse or wallet) for repeated use during the life of the card. But, for some reason these smart cards haven't gone over very well with consumers. These single-function, generic e-purse cards, issued by financial institutions in several countries, have resulted in technical success but commercial failure in terms of usage rate. The consumer imperative and retailer benefits necessary for success have been missing.

There have been some successes, including the payphone cards, and mass transit tokens. The tokens however are based on a different technology, one that doesn't use contacts strips but uses a radio frequency design. They have provided real convenience to consumers in European and Asian cities. Let's face it, this is an attractive business model for telephone or transportation companies because the consumer puts out the money up front - or, in another parlance - they are floating money to the purveyors of the cards.

Specifications have been developed by GSM (Global System for Mobile communications) and the large credit institutions in the EMV (Europay, MasterCard, Visa) consortium. Some countries are also establishing standards for national schemes for mobile commerce.

The smart card chips are the necessary operational part of smart cards. The chips implement Subscriber Identity Modules or SIMs and are incorporated in all GSM handsets. New versions will find these smart chips in PDAs and maybe even wrist watches.

Today's smart cards need electrical power from outside, plus a way for data to be transmitted to, and read from, the chip. The cards need a clock signal to synchronize data transmission and reception. Many microprocessor-based cards also use that timing signal to drive the microprocessor.

For many uses such as the banking, retail point of sale or as the GSM SIM card in a mobile phone, the smart card has a set of gold-plated electrical contacts embedded on one side of the plastic. This contact card technology is operated by inserting the card, in the correct orientation, into a slot in a card reader.

For use in a mass transit environment, or wherever the cardholder is in motion at the moment of the transaction, radio frequency technology is used to transmit power from the reader to the card, and data is similarly transmitted over an air-gap of up to 10cms. This contactless card technology uses an antenna laminated on the card, and allows communication even when the card is in your wallet or purse.

Recent developments offer cards with a contact and a contactless interface. These may incorporate two non-communicating chips - one for each interface - or they may have a single, dual-interface chip.

Unfortunately, different cards are usually not interchangeable. Memory cards usually have different interface characteristics from microprocessor cards: different data formats and/or electrical signals across the interface between card and terminal. Even among cards that appear similar, interchangeability is rare. This is probably one reason smart cards weren't used by many people - they were too difficult.

To be effective these smart cards need hundreds of thousands of card-reading terminals and many millions of smart cards. In other words, you and I have to buy into the concept. They also need to have compatibility over versions, across borders and operational technology. The rapid development of new technologies has a detrimental effect on compatibility because it reduces our confidence that the system will work across technologies and borders. Businesses and consumers must see the technology as a long-term endeavor not as a competition to see who has the most up-to-date design.

Security is another issue that prevented wide-spread acceptance of these cards. The most common method used for cardholder verification at present is to give the cardholder a Personal Identification Number (PIN), which you have to remember: During each transaction you have to enter the PIN. Some think there is too much risk of the card and PIN being stolen. It needs another level of security. One method of cardholder verification is the measurement of a physiological characteristic unique to an individual and incapable of fraudulent replication or abuse. It's called biometrics and it includes iris and retinal scans, face or hand geometry, and even the use of DNA. Currently, many think the fingerprint is the most likely and most acceptable biometric information.

Fingerprint recognition systems could use a fingerprint sensor in the terminal, and store the fingerprint profile data in the terminal or it could hold it in the chip on the card. A fingerprint sensor on the card surface is a possibility but presently fingerprint biometrics use optical or proximity readers.

The original hype surrounding these smart cards suggested you could use the smart card to contain your medical history including drug prescription needs. The thinking is it would make going to the doctor easier, or in an emergency enable EMT personnel ready access to your medical records. Some countries including Germany have started to use these medical smart cards.

Another option is infrared technology used to transmit financial data. The telephone carriers in Korea have started to roll out a plan to use either the infrared wavelength or RF signals to send credit card transactions between mobile handsets and retail terminals, vending machines, toll booths and other points of sale. These mobile payment services planned by Korea's telephone companies are designed to save customers from fumbling for credit cards and get them past the point of sale faster. However, they haven't been tested in the U. S. until now, to determine if you and I like the idea. The first test case in the U. S. for the infrared technology will take place this November (2002) on the campus of the University of Southern California (USC). Students will be able to purchase items on-campus at places that have the infrared ports and it will be automatically deducted from their accounts.

In Korea it is the telephone companies that are spearheading the drive to implement RF- and infrared-type mobile commerce. In the United States and Europe it is the banks, credit card houses and companies with a technology stake in the roll out, who are behind test cases. For example, in the test case at USC, it is Visa and Agilent who are coordinating efforts to test how well it works.

There is big money to be earned by whoever runs the operation because there is a fee for every transaction. In Korea, the telecom companies have the jump on the financial institutions and could end up getting a large chunk of the transaction fee that credit card companies have typically received. Banks everywhere will be watching what happens in Korea, especially if they plan to export the mobile commerce service and terminal design to other CDMA markets in China, Japan and the United States. However, the Korean telephone companies can't go it alone because they need the banks to buy-in to the program.

The Korean model uses handsets and stores the credit information in the handset memory. The cell phones also have an embedded contactless chip and antenna, which allows customers to pay bus and subway fares and have it billed to their credit accounts.

The two Korean telephone companies have signed up 120,000 customers as of August (2002), with 30,000 terminals equipped with infrared modules. The transaction data for these two projects is the same as that transmitted with a typical credit card sale using a magnetic-stripe card. Instead of having the card swiped, the customer enters a PIN and presses the pay button. Some critics of this model say that storing the information in the handset memory is not as secure as storing it in a smart card.

The infrared technology version sends the card number and other transaction data encrypted via an infrared beam to the countertop module connected to a terminal. The customer must be within 20 to 30 centimeters of the terminal with nothing blocking the path of the infrared beam. RFID technology requires the user be within a radius of 10 centimeters.

The Korean telephone companies chose infrared over other technologies such as Bluetooth because of reliability issues and chip costs to adapt handsets. Presently, it costs about $10 for the Bluetooth hardware and software; more than companies wanted to pay. However, Bluetooth comes with mandatory data encryption and authentication to the proper terminal. Bluetooth signals also radiate in all directions and for many meters, not just in a relatively narrow beam, as with infrared, or for 10 centimeters, as with RFID.

Another advantage of infrared is the in-place standard. All transaction data sent via infrared is encrypted under the IrFM (Infrared Financial Messaging) standard, which was developed by the Infrared Data Association (http://www.irda.org).

Who Pays Implementation Costs? Visa, is paying part of the cost of the 30,000 infrared modules that attach to POS terminals being rolled out this year for the Korean service. If the service catches on, Visa will promote the technology to members in other countries.

MasterCard is supporting applications using RFID technology more than infrared because about 20 million Korean commuters carry RFID chip cards. RFID has become popular for transit-fare collection and for other applications such as building access and inventory control.

Successful implementation of this handset model means that all the handsets used by consumers must come equipped with an infrared port and a built-in short-range RF antenna. That's in addition to the special slot in the handset for the smart card.

Unlike the GSM wireless networks common in Europe and parts of Asia, Korean handsets support CDMA network technology and don't come ready made with slots for subscriber identity module smart cards. The operators are expected to have several handset models equipped for mobile commerce on the market over the next several months.

Perhaps more expensive will be outfitting POS terminals for mobile payment. For infrared, they will have to come with attachments that give customers a clear target on sales counters at which to point and shoot their credit account details. These modules cost around $50 each. The Korean telecom companies are hedging their bets by equipping the infrared modules to also receive RF signals, adding another $5 to $10. It is two different technologies on the same phone.

These test beds in Asia and Europe aare helping pave the way for a smoother roll out for the U. S. Is mobile commerce for you? Probably, but let's get the kinks worked out before we jump headlong into it.

Further readings:

Infrared Financial Messaging: http://www.irda.org/FMPAY/FM_Webpage.html

Return to Poll

Analog Main | Product of the Week | Columns | Editorial | Tech Notes

		Click here to get your listing up.