Epayment, eFinance and aggregator

1
E-payment, e-Finance and aggregator

• Brick-and-mortar banks have become
  click-and-mortar
• Internet-only banks lack the brand awareness and
  recognition of the click-and-mortar banks
• Internet banking services can reduce expenses
• Online payment decreases the float
• The time it takes for checks to clear after they
  have been sent for payment or deposited
• Time and efforts for clearing and settlement are
  significantly reduced.
• Frictionless economy?

2
SOURCE CHIPS
SOURCE BOB LYONS, HP
3
FinNetFinancial Network for Hong Kong
OPERATIONAL 2002
MPF Managers
Options Exchange
PvP
RTGS
FinNet
DvP
TvP
STP
Independent Mortgage Brokers
MPF MANDATORY PROVIDENT FUND STP
STRAIGHT-THROUGH PROCESSING TvP TRANSFER V.
PAYMENT
SOURCE HONG KONG EXCHANGES AND CLEARING LTD.,
FINNET
4
Smart Cards

• Magnetic stripe
• 140 bytes, cost 0.20-0.75
• Memory cards
• 1-4 KB memory, no processor, cost 1.00-2.50
• Optical memory cards
• 4 megabytes read-only (CD-like), cost 7.00-12.00
• Microprocessor cards
• Imbedded microprocessor
• (OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM
• Equivalent power to IBM XT PC, cost 7.00-15.00
• 32-bit processors now available
• Intelligent, active devices with defenses

5
Smart Card Applications

• Ticketless travel Seoul bus system
• 4M cards, 1B transactions since 1996
• Authentication, ID
• Medical records
• Ecash
• Store loyalty programs
• Personal profiles
• Government
• Licenses
• Mall parking
• . . .

6
Smart Card Structure
Contacts
Contacts (8)
SOURCE SMART CARD FORUM
7
Mondex

• Smart-card-based, stored-value card (SVC)
• Subsidiary of MasterCard
• NatWest (National Westminister Bank, UK) et al.
• Secret chip-to-chip transfer protocol
• Value is not in strings alone must be on Mondex
  card
• Loaded through ATM
• ATM does not know transfer protocol connects
  with secure device at bank
• Spending at merchants having a Mondex value
  transfer terminal

8
Mondex Overview
SOURCES OKI, MONDEX USA
9
Mondex Components (Hitachi)
Electronic Cash Register
Cashless ATM
PCMCIA Reader/Writer
Key Fob Balance Reader
Electronic Wallet
SOURCE HITACHI
10
Octopus
SONY RC-S833 CONTACTLESS SMART CARD
SONY READER/WRITER
I/O SPEED 211 Kbps
SOURCE SONY
11
Background
12
Background
Source Creative Star Ltd.
13
Facts
14
Revenue Model

• Revenue model - fee based
• For shareholders, fee is at cost basis
• For non-shareholders, fee based on Octopus
  card-related turnover
• Transaction fee 0.02 0.75
• Other investment - fund, bonds etc

15
Vending Machine With Octopus
Source Swire Coca-Cola HK Ltd.
16
Adding Values
Add values Terminal


CSL
Value
Card Holder Pays the Terminal
Terminal adds value into card
Terminal transfers money to CSL
17
Buying a Coke
Choose amount to be deducted
Value
Pay by Octopus
Payment completed
Choose item you want to buy
18
During Transaction (1)
))))))
((((((
() Transaction Record
(-) Value
Power induced in Octopus Card
Communicate by radio frequency
19
During Transaction (2)
Transactions
IR
Black Box
How much it paid
Black box interfaces with vending machine
Transaction records stored in the black box
20
Collect Transaction Records
Im Salesman!
Data
Data
Salesman visits vending machine by work order
Initialize the transceiver by special card
Open the door of vending machine to collect data
21
During Collection
Price Info.
((((((
))))))
Initialize
IR
Transaction Records
Black Box
))))))
((((((
A unique key (issued by CSL) for each WinCE
Get transaction records by CSL program in WinCE
Update black box to change item price
22
Transaction Record Consolidation and Transmission
Updated program and security stuff
CSL
Dial-up FTP
Transaction Records
WinCE is sent back to Coke company by salesman
Connect to CSL through dial-up
Unique key on WinCE plus transactions sent via
FTP
Work order data is uploaded to company server
through ActiveSync
23
Money Flow

CSL

Value
Value
Sum(Value)

Sum(Value)
Coke Company
24
Information Flow
CSL
Debit Info
Debit Info
Debit Info
Credit Info
Trans. Records
Settlement Report
Trans. Records Work Order Data
Trans. Records Work Order Data
Price Info.
Coke Company
25
Extra Cost of using Octopus

• Fixed Cost
• Black boxes and Octopus transceivers
• Windows CE and communication devices
• Installation cost
• Training cost for staffs
• Running Cost
• Transaction fee (0.02 0.75)
• Data collection cost
• Account Settlement cost
• Hardware maintenance cost
• Hardware device obsolescence

IR
Black Box
26
Benefits

• Improve company image
• Increase Sales
• More convenience to buy
• - Buy more
• Reduce cost of handling coins
• Fewer manpower to count and handle the collected
  coins

27
Business using Octopus

• Transportation
• MTR, KCRC, Bus, Mini-bus, Ferry
• Non-Transportation
• Vending machines and Pay Phones
• Parking
• Convenience shops (7-11)
• Fast food/Tuck shops (Maxim, Starbucks)
• Leisure facilities (Public swimming pools)

28
Properties of Payment under the design of Octopus

• Small Value transaction
• Due to the limitation of the pre-paid value
• High Volume transaction
• To cover the fixed cost
• Coin-based automatic transaction
• Octopus substitutes the inconvenient coins
  exchange
• Payment time is critical
• Shorten the payment time shorten the queuing
  time increase business

29
Online Banking Services

• Internet delivers payments faster than mail
• Frees up cash and decreases accounts receivable
• The expected amount of payments owed to a company
  for products and services sold to customers
• Benefits to customers
• Can avoid buying stamps
• Do not have to send bills out early
• Account information available 24-by-7
• Can view detailed account history at one time
  online instead of listening to individual
  transactions over the phone
• Risks
• Security breaches
• Police and government warned people that sites
  mimicking bank sites can scam them for account
  information

30
Hybrid Banks

• Hybrid bank model
• Brick-and-mortar banks offering online services
• Prominence of brick-and-mortar brand names
  increase customers comfort levels when banking
  online
• Customers can visit a physical branch
• Physical presence includes the large network of
  ATMs
• Some charge monthly fees to use online
  bill-paying services
• Important to the survival and growth of small
  local banks
• By going online, small banks can offer
  competitive services and attract national
  customers

31
Internet-Only Banks

• Internet-only banks
• Offer convenience and often lower fees and higher
  interest rates to their customers as compared to
  traditional banks
• Can lower costs of buildings and equipment and
  can decrease payroll as traditional employee
  roles are eliminated
• Must accept deposits by mail because lack of
  physical branches unless customer is making
  electronic deposits
• Little brand recognition compared to
  brick-and-click banks
• Insured by the FDIC
• Some Internet-only banks are attempting to
  establish a physical presence (e.g., ETRADE)

32
NetBank Feature

• NetBank is the largest Internet-only bank
• Customer Online Services
• Checking, savings and credit accounts
• Plan for retirement
• Conduct online trading
• Obtain mortgage, car and business loans
• Obtain a line of credit, free online bill payment
  and presentment, ATM card and Visa credit card
• Rates and calculators are available

33
Internet-Only Banks
34
Internet-Only Banks
35
Online Trading

• Full-service brokers
• Offer the speed and convenience of online trading
  together with the advice of a broker
• Discount-brokerage service
• Requires self-sufficiency, leaving the investor
  responsible for making and executing investment
  decisions
• Internet-only brokerages and hybrid brokerages
• Factors to consider when choosing to invest
  online
• Type of investments you wish to make
• Quality of site navigation tools and customer
  service
• Cost of transactional fees versus the number of
  trades per year

36
Online Trading

• Online companies usually charge a fee for every
  purchase or sale of securities made 
• The Internet serves as a valuable learning tool
  for new and seasoned investors
• The Motley Fool, MoneyCentral and Money.com
• Companies offering online services
• Have made investing in stocks and options
  accessible to a larger audience
• Provide real-time market information
•  

37
Online Trading
38
Online Trading

• Trading on margin
• When an investor buys stock and borrows money
  from the broker to invest in the stock
• Opening a margin account online requires a
  relatively low minimum balance, answering a
  questionnaire (which sometimes replaces a credit
  check) and being qualified electronically, with
  no assessment made by a human broker
• Potentially, a stocks value could fall to a
  price that, when sold at the market price, will
  not cover the loan
• The broker can issue a margin callthe broker
  requires the investor to invest more cash or
  securities or sell the stock to pay back the loan

39
Online Trading

• Day trading
• Making short-term trades in an attempt to profit
  off of market inefficiencies (e.g. news affecting
  the market, disproportionate risk to price value
  of a stock or arbitrage, wherein someone profits
  by converting money from one currency to another)
• Easier on Internet
• Transactions limited by modem speed and
  server-side transaction speed
• Fees can be expensive
• Day traders still bear the same risks as other
  traders
• CareerDayTrader.com, DayTradingOnline.com and
  OnlineTradingAcademy.com

40
Online Trading

• Federal Trade Commission, the Commodity Futures
  Trading Commission and the Securities and
  Exchange Commission warn traders about the
  exaggerations and counter factual claims made by
  some online trading firms
• Online trading does not reduce stock market risk
• Foreign-exchange banks have begun to move their
  services to the Internet to remain competitive
• Foreign exchange systems allow traders to find
  the best deals on foreign currency
• The Internet facilitates trading commodities
  globally
• EnronOnline

41
Merging Financial Services

• GlassSteagle Act
• Prohibited financial institutions from engaging
  in multiple financial operations (i.e.,one
  institution offering banking services and trading
  services)
• Since repeal, banks, brokerages and insurance
  companies are permitted to offer a wide range of
  financial services
• Most online financial services offer electronic
  bill presentment and payment (EBPP)
• It is crucial for financial institutions to offer
  a wide variety of services to remain competitive
• Prudential

42
Case Study - HSBC Who are the Vendors?

• Participating Vendors
• Oracle Corp. Internet Bill Pay (IBP)
• CyberCash Inc. CyberCash Interactive Billing and
  Payment (IBP)
• HSBC e-bills (part of online_at_hsbc)

43
What EBPP Provides to Billers?

• EBPP Advantages for Billers
• Cost savings
• Save printing, postage, paper and envelopes
• Improve cash flow
• Save costs in disputed bills resolution
• It costs billers from 2-5 to create and deliver
  a single paper-based invoice typically
• Improve Cash Flow
• Cash flow between billers and payers is painfully
  slow
• The average days sales outstanding (DSO) for a
  B2B transaction is 55 days
• Improved Customer Communication and Relationship
• Enhanced Marketing Opportunities

44
What EBPP Provides to Consumers?

• EBPP Advantages for Consumers
• Cost saving - Free of Charge
• Centralized payment processing - Efficient way to
  manage the bills and payments
• Scheduled payment
• Access anywhere, anytime
• EBPP Advantages for Business to Business (B2B)
• Save cost as compared to EDI

45
Market Background and Opportunity for EBPP

• Hot money influx to HK and Asia Pacific in 2Q
  1999 - many dotcoms and portal company bankrupt
  in late 2000
• People try to find concrete way to gain benefit
  from e-business
• HKMA released the restriction on new banking
  project in 2000 ? many banks (BEA, HSBC, Dao
  Heng, Citibank) launched Internet Banking
  services
• Over 2M domestic Internet accounts in HK
• China WTO implication, 1.2B population in China
  - tremendous business opportunity for e-comm

46
Why HSBC needs EBPP?

• 1. E-bill market is enormous
• 2. To lower the operation costs
• Trying to migrate most of the banking services to
  Internet
• 3. Payment services are important to banks
  revenue
• For each bill payment transaction, HSBC can earn
  transaction fee from Billers. Its part of banks
  revenue.
• Currently, large portals and content services
  provider are competing with banks to become
  consolidator as entry barrier of EBPP is not high

47
Why HSBC needs EBPP?

• 4. Meet its multi-channel strategy
• Many consumers are demanding multi-channel
  access to banks service, ie, access anytime, any
  place, anywhere, from any access device.
• The goal is to improve customer relationships and
  retain customers.
• Currently, paper bills are supported by both ATM
  and online banking. E-bill is supported by
  online banking.

48
HSBC positioning on EBPP

• 250,000 IB users for HSBC
• Most of the billers bank with HSBC
• First bank to provide EBPP

49
Target billers and customers

• Target billers
• Government
• Utilities
• Telecommunications
• Insurance
• Stockbrokers
• Online merchants
• Target customers
• Internet Banking users
• Young generation

50
HSBC EBPP Design Concept

• Incorporate with existing Internet Banking
  Service
• Business Model
• Thin consolidator adopted
• i.e. Bill summaries are stored at HSBC, bill
  details are stored at the merchants (payee).
• Bill Registration
• Both online and off-line registration is
  supported. It depends on Billers
  implementation.
• Batch mode summary update
• Bill summaries at HSBC are updated periodically
  (once or twice a week) using file transfer from
  Billers

51
HSBC EBPP Design Concept

• The following shows the simplified
  authentication procedure/concept of EBPP service,
  which is integrated with online_at_HSBC

52
HSBCs EBPP Model

• Direct billing
• Biller handle bill presentment and payment to
  customers directly (e.g. ecbills.com by PCCW)
• Work with aggregators
• Financial institution gather bills and statement
  for multiple billers
• Provide customers with one-stop web site for EBPP
• Thin consolidationProvide bill summaries for
  customers with link back to billers web site
• Thick consolidationProvide bill summaries and
  details for direct viewing in a centrally-managed
  web site

53
System Overview
? bill details
Biller A website
? bill summary
? payment status
? bills
? bills
? bill summary
? payments
? payments
Thin Consolidator
Biller B website
HSBC customer
Internet
? payment status
? bill summary
? bill details
Biller C website
54
System Architecture
55
System Architecture
Bill Registration and Presentment web content
Store bill sammaries and invoice details

• Pre-scheduled backend processes
• 1. Bill Summary Loading
• 2. Bill Registration and
• Unregistration Update (to Biller System)
• 3. Bill Payment Status Update
• from Internet Backend to Biller
• System
• 4. Biller Maintenance Update

56
System Functions

• Bill Registration
• Bill Presentment
• Bill Payment

57
Bill Registration(1)
58
Bill Registration in Batch Mode(2)
59
Bill Registration(2)
60
Bill Presentment(1)
61
Bill Presentment(2)
62
Bill Payment(1)
63
Bill Payment(2)
64
Security Controls

• Web Security
• Application Security
• System Security
• Physical Security

65
Web Security

• Prevention of information history logging
• Encryption Checking (e.g. Electronic Certificate)
• Secure Socket Layer (SSL) connection
• Single Sign-On and Off Protection
• Session Control in Thin Consolidator
• Replay Attack Prevention

66
Application Security

• Key Management by PKI
• Encryption algorithm used
• International Data Encryption Algorithm(IDEA)
• RSA
• Database Protection
• store all bill summaries and other critical EBPP
  data in the secure zone with hashed password.
• Logging for Audit Trail

67
System Security

• EBPP Servers are located in Banks secure zone
  (DMZ).
• Limited Port to prevent from outsides attacks.
• Virtual Private Network(VPN)

Physical Security

• All EBPP hardware equipment are located in Banks
  Data Centre with standard access control.

68
Financial Aggregation

• Definition an online service that allows
  customers to access multiple accounts from a
  single website of the aggregator.
• Single Logon
• Customer provides passwords and account numbers
  of all his/her accounts.
• Registration Process
• Aggregator accesses those accounts from the
  financial institution sites, consolidates the
  information on its own website.
• Screen Scraping and Permissive Aggregation

69
Financial Aggregation

• Accounts available for aggregation
• bank accounts
• credit card accounts
• online bill payment
• investments
• reward programs
• asset management
• tax assistance
• Examples of Financial Aggregators
• Yodlee Aggregator Platform
• Westpac Aggregator Client

70
Financial Aggregation Services

• Online aggregation services give users the option
  of keeping all their financial information in one
  location on the Internet
• Aggregation services use screen scraping
• A process whereby the aggregator visits the sites
  that have your financial information and services
  and uses your usernames and passwords to log in,
  download the information and store it in one
  place, where the user can access it
• Many banks do not authorize screen scraping,
  although the aggregators are not required to have
  authorization
• VerticalOne, ebalance, 1View Network, ezlogin and
  GainsKeeper

71
Financial Aggregation Services

• Financial Services Technology Consortium (FSTC)
• Trying to stop the screen-scraping process and
  implement another form of gathering information
  to create a standard
• Privacy and security concerns
• Not regulated by the federal government
• Aggregators are not required to compensate users
  if security is compromised by a hacker
• Pose a threat to traffic at online banking and
  investing sites
• Banks have reacted by implementing these services
  on their sites

72
Aggregation models
PIN password
PIN password
PIN password
73
Architecture
iSOCOs Aggregator Plugin - encapsulates
knowledge about the online site - how to log
into the service - what links to follow - where
the relevant data is Plugin engine - execute the
plugins - return data extracted by
plugins Aggregator - get data from plugin
engine - store data in a local database that
serves as a cache Cache - information from plugin
engine - user registration data - logins and
passwords on each aggregated sites
Aggregator
Plugin Engine
74
Aggregation as a Web Service Methods offered

• The online aggregator offers the following
  functionality
• user management (register, change personal data,
  unsubscribe)
• bank management (what banks a user has account
  on, plus the data needed to log into the bank)
• visualization of aggregated data (accounts and
  transactions)
• update aggregated data

75
Aggregation Process

• Registration
• Consumers give their account numbers and
  passwords for all online accounts
• Passwords and account numbers are securely stored
• Aggregator go online to websites and log on with
  the consumers information to retrieve their
  personal data
• Consumers can customize the summary displays of
  their data and incorporate other features such as
  news feeds and email connectivity

76
Aggregation Process

• Single SignOn
• users can logon a single page to access the
  accounts information of different banks
• only need one set of PIN and password.

77
Screen Scraping
Aggregator maps the HTML of the online site,
using subscribers' logins and passwords to access
their account data
Login Password From Bank A,B
Aggregated View of Accounts
Aggregation Service
Account info
Aggregator logs in masquerading as customer
Data downloaded, parsed and presented as a
consolidated view
Bank A
Bank B
Bank C
78
Screen Scraping

• Immediate Mode
• By users request to obtain latest update
• Still a lengthy process (in the order of a
  minute)
• Pre-fetch Mode
• Updates the data in batch mode in a nightly
  process
• Stores the data in a local database that serves
  as a cache

79
Permissive Aggregation (Direct Feed)

• A Partnership exists between Aggregation site and
  the financial organisation
• Raw financial data rather than data displayed on
  a web site
• Enabled by data exchange standards such as XML
  and OFX (Open financial Exchange)

80
Screen Scraping vs. Direct Feed

• Popular
• Cost effective
• Requires a less robust information-technology
  infrastructure to support

• More accurate and up-to-date
• More secure method
• Costs more to set up
• More contractually controlled, with an agency
  relationship between the financial institution
  established
• Ability to comprehensively track data.
• Ability to differentiate between a customer visit
  and a screen scraper visit.

81
Yodlee Feature

• Yodlee is a financial aggregator
• Allows transactions through partnerships with
  financial institutions and providers
• Offers aggregation of non-financial content such
  as travel reservations, e-mail, news, shopping
  accounts, frequent-flyer and reward programs,
  etc.
• Access Yodlees services from one of Yodlees
  partners, including AltaVista, AOL, Citibank,
  Chase Manhattan Bank and Morgan Stanley Dean
  Witter

82
Yodlee

• enables e-finance, personal services and
  transactions on the Web
• access real-time personal account information on
  web wireless mobile devices through the Yodlee
  SDK

83
Yodlee

• Yodlee Co-Brand Clients offer their customers to
  consolidate and manage their personal accounts
  with one click
• Yodlee Content Partners make their Web sites
  available via the Yodlee Platform

84
Yodlee Feature
Example of Yodlees service through Citibanks
myciti. (Courtesy of Yodlee, Inc.)
85
Yodlee Feature

• The companys personalized aggregation solution
  can be delivered over the Web, personal digital
  assistants (PDAs) and Web-enabled wireless phones
• Yodlee2Go allows users to access real-time
  personal account information, including
  investments, banking and e-mail, on their
  wireless phones and PDAs
• Provides customers with personalized alerts
• Can track and chart account activity

86
Yodlee Feature
Example of Yodlees charting capability.
(Courtesy of Yodlee, Inc.)
87
Yodlee e-Personalization platform

• Yodlee e- Personalization Engine obtains highly
  personal data (obtained in multiple formats) from
  thousands of sources and summarize it in
  meaningful ways for users
• Yodlee Dissemination Engine transmits personal
  information across multiple accounts, services,
  platforms, and devices

88
Yodlee e-Personalization platform

• family of e-Personalization Applications with
  value-added features
• Summarization, Auto-Login, Account Snapshot,
  Transaction-Level Detail, Password Manager,
  Bookmark Manager, Charting

89
Westpac Banking Corporation

• founded in Sydney in 1817
• provides a broad range of banking and financial
  services for personal, business and institutional
  customers

90
Westpac's Internet banking

• Viewing account details anytime
• Transferring funds
• Paying bills
• Amending scheduled payments
• Paying anyone in Australia
• Viewing non-Westpac accounts
• Sending money overseas
• Labeling your Westpac One accounts
• Updating your details
• Help

91
Wireless Banking and Trading

• Companies can use wireless technology to offer
  their customers a value-added service
• Wireless banking
• Allows users to pay bills from anywhere
• Transfer funds between accounts
• Check account activity
• TD Bank Financial Group and Netbank

92
Wireless Banking and Trading

• While the market may be adopting wireless banking
  slowly, wireless securities trading is growing
  rapidly
• Traders can receive important information and
  news about the market or their investments and
  make trades immediately
• Companies offering wireless trading services
• Ameritrade, DLJ Direct, SureTrade.com, Morgan
  Stanley Dean Witter Online, Fidelity Investments
  and Trade.com
• Wireless access to financial information may grow
  more slowly in the United States than in Europe
  and Asia, because the United States has more
  technical standards and wireless devices in use

93
Mobile Payment Players
Content Provider/ Merchant
Financial Institution
Network Operator
User
94
Mobile Payment Issues
Content Provider/ Merchant
Financial Institution
Network Operator
User

• Security
• Privacy
• Ease of Use
• Devices

• Open Standards
• Inter-operability
• Roaming

• Authentication
• Integrity
• Non-repudiation
• Fraud reduction

• Getting Paid
• User adoption
• Low Cost

Issues
SOURCE ARVANI GROUP
95
Current Business Models

• Card based (Visa, MC)
• Carrier based (DoCoMo)
• Third party (PayBox)

SOURCE ARVANI GROUP
96
Mobile Card Systems
97
Mobile EMV Chip Debit/Credit
Voice or IP Browsing Offer Request
Issuing Bank
Wallet forwards address details
WAP, i-Mode
Acquiring Bank
Merchant Offer
Acquiring Payment Engine
Gateway Wallet Server
Purchase Request
ShipmentConfirmation
SET or SSL/TLS
Authorisation Request / Response
M/CHIP transaction with ARQC and ARPC / ARC
data classed as Card Present Transaction
Option 2 Dual slot phone with full size EMV
SOURCE MAOSCO
98
Wireless Card Authorization
SOURCE SAMSUNG
99
Digital Wallets

• Files or devices containing payment information,
  possibly representations of money
• Used for seamless payments, without significant
  user intervention

SOURCE LAUDON TRAVER
100
Microsoft Wallet
101
How Microsoft Passport Works
SOURCE LAUDON TRAVER
102

• Questions and Answers