Article Preview
TopIntroduction
The rapid growth in the technology has led to the development of many innovative services and applications in the field of payment systems. The transactions have turned from cashed to cashless. (Gupta & Quamara, 2018, 2019) discussed that to make the transactions cashless, smartcards were used as the credit/debit card, but they were prone to physical attacks, side channel attacks, and logical attacks. To make the cards more secure, different security algorithms that were combined with the smart cards and added biometric features for security and privacy (Nedjah et al., 2017, pp. 18-32). To reduce the time complexity and to provide ease to the user contactless smartcards were brought in use. Contactless smartcards were prone to sniffing attack and physical damage, and to overcome it mobile wallets and mobile contactless payment systems were used which are based on NFC (Near Field Communication) and MST (Magnetic Secure Transmission) (Andersson, 2016).
With the change in time, the methods to carry out the cashless transactions has also modified from smart cards to smart phones and internet banking. The current trends for e-cash payment includes the debit and credit cards, Samsung Pay, Google Pay, Apple Pay, Freecharge, Mobiwik, Jio money, SBI money, Paytm, Airtel money, pockets by ICICI, and many more mobile banking applications. These applications are provided by the bank, telecom industries and private industries. According to Wang et al. (2016), the key characteristics provided by the mobile wallets include the security, transferability, and anonymity. The mobile wallets are differentiated based on proximity payment technologies like NFC, MST, QR code, etc. There are certain threats to be considered against the basic mobile wallet components which are described in table 1.
NFC is a group of communication protocols which allows two electronic devices to establish communication by radio frequency, example- Apple Pay. NFC is a short-range half duplex communication protocol that creates communication between two devices at an operating frequency of 13.56 MHz. There are three modes of communication for NFC: reader/writer mode, peer to peer, and card emulation. MST is a technology for mobile payments which enables the smart phone to emit electromagnetic signals and mimic as the magnetic stripe on the credit/debit cards like Samsung Pay. MST sends the magnetic signals from user device to the card reader and emulates the swiping of a card. The transactions are made without upgrading the systems which is an advantage over the NFC. The NFC requires the card reader terminal to be upgraded in hardware and software aspect.
NXP semiconductors is a company that manufactures semiconductors and have splits the contactless possible application into four categories which depends upon the way the consumer will use the application:
- 1.
Touch and Go: Application allows the consumer to tap the card on POS and no wait to confirm the transaction.
- 2.
Touch and Connect: Link the two devices to exchange the data or money.
- 3.
Touch and Confirm: User must confirm the transaction by entering password or fingerprint.
- 4.
Touch and Explore: User is offered more than one features to make use.
Mobile contactless payment system stores the virtual debit and credit card information and allows the customer to use that information to securely pay for the purchases in store with those cards by tapping the smart phone in front of the radio frequency enabled readers (Andersson, 2016). The use of virtual card eliminates the threat to compromise of cardholder sensitive data. These systems working on the Near Field Technology (NFC) and Magnetic Secure Transmission (MST) technique provides notable advantages and is compliant to EMV standards. It provides multi-layer security and is convenient as it has eliminated the need to carry plastic cards. The popular applications which are in use nowadays are Apple Pay, Samsung Pay, Google Pay, and Pockets by ICICI bank (Bosamia, 2018). Other than the credit/debit cards loyalty cards can also be stored in these applications.