As 2011 ushers in the era of cloud-computing and mobile payment, financial institutions are increasingly concerned with how to secure payments over a wide range of mobile devices, platforms, telecom networks, and channels. At the same time, numerous industry consumer surveys indicate that for mobile payments to be widely adopted, payments must not only be secure, but also quick and convenient. A new mobile payment solution from the payment processor Luottokunta and the mobile transactions enabler BookIT was released this year at Sibos, and is the first on the market to clear three hurdles: 1) ease of use for the consumer 2) strong security 3) operator and device independence.
The key to this new mobile payment solution is BookIT’s dynamic, 2nd-factor authentication service, which is operated in the cloud and entirely device and operator agnostic. Luottokunta and BookIT have introduced a solution that seamlessly authenticates any device from the cloud through the use of a dynamic matrix that assigns unique fingerprints to each step of a payment transaction whether the transaction is through SMS, e-mail, web-browser, or WAP. Through Luottokunta eMobile service, customers are able to make purchases from their mobile phones safely and securely, which makes it applicable even for high-value transactions.
Heikki Kapanen, CEO of Luottokunta, explains “for the first time payments are both easy and secure whereas previously mobile payments have been able to achieve only one or the other, but not both simultaneously.”
Telecom operators for example, have provided premium rate SMS- payment solutions for ringtones and digital content where the value is very low but the security hasn’t been appropriate for high value transactions. The technical implementation is also very challenging, because there are dozens of different phone models and people change their phone frequently.
According to Mr Kapanen, “BookIT has created a highly secure system where each message sent by the merchant contains a unique secret fingerprint. It is very trivial to fake any sender number on SMS, but it is extremely difficult for a third party to obtain this secret fingerprint since it is dynamically generated by server, and it changes randomly for each transaction.”
Finnair was one of the first customers to use BookIT’s cloud-based authentication through their mobile check-in service. Luottokunta and BookIT jointly created a service where the airline passenger receives an upgrade offer from economy to business class and upon accepting the offer, automatically receives a boarding pass to his phone. This sort of proactive customer service is precisely the type of value add that merchants and customers look for from financial institutions.
President Jukka Salonen, BookIT Ltd, tel. +358 400 312 311
Thursday, Sep 22, 2011