GSMA eyes credit card in mobiles

A user's credit card details should be stored on the smart card of the mobile phone, according to a senior executive of the GSM Association.
Written by Victoria Ho, Contributor

SINGAPORE--If the GSM Association succeeds in its efforts, consumers may one day be able to make credit card purchases using their mobile phones.

Speaking at the Near Field Communication (NFC) World Asia 2007 conference held here Thursday, Nav Bains, projects director of the GSMA, said that the association's vision was to integrate a credit or debit card application in the UICC (UMTS Integrated Circuit Card)--which is the smart card that runs the SIM (Subscriber Identity Module)--of an NFC-enabled mobile device.

NFC is a short-range wireless connectivity technology commonly deployed in a chip and embedded in handsets such as mobile phones. When tapped on a reader, the phone communicates with the user's credit card-issuing bank to complete the transaction.

This model, which the GSMA supports, creates a much more flexible and standardized model for NFC micropayments, compared to integrating the credit card details into the handset itself, said Bains.

Security is another benefit that comes with what GSMA is proposing. Rather than integrating the user's credit card information into the handset, keeping the data on the UICC allows the user to swap devices without losing transaction history or having to pair the card information with several devices, thus keeping the credit card details secure.

The UICC, being constantly connected to the mobile operator, also allows for quick termination of the active credit card, in the event of a loss, said Bains.

To promote this model, Bains said, Version Two of an NFC mobile technical white paper is in the works, which will be shown to banks before it goes public.

The vision of a working model for the commercialization of NFC micropayments will take the cooperation of several industries, said Bains. "The mobile phone and financial industry will have to be tightly integrated, so standards will have to be established," he added.

Bains said that a trusted service manager will first have to be proposed. He was referring to a central authority which coordinates requests from the user's credit card company and issuing bank, and the corresponding acquiring bank of the merchant's reader device.

The requests would then be routed through the trusted service manager to the user's mobile network, securing the transaction with the user's device.

Bains also said this model should be standardized for duplication throughout different countries. "You want your phone to be able to make transactions in different countries, just like your credit card," he said, adding that the GSMA is currently engaging banks, service providers and merchants to establish the right model.

Editorial standards