In Sharjah ௵(+971)558539980 *_௵abortion pills now available.
IIMK - Backwaters (Battle for IT Event) Active_Y
1. Battle For IT
Mobile banking project
Presented By:
Team: Active Y
Rakesh Sahu(rksahu.83@gmail.com)
Shanu Singh(shanuchaudhery@gmail.com)
NITIE, Mumbai
2. Content
Introduction to Mobile Telephony in India
Market Opportunity
Technology and Channel Analysis
Challenges
Security
Services Offered
Development Roadmap
Governance Model For Unity Bank
Appendix
3. Mobile Data Channel Base and Future
Current Mobile Growth
Mobile Subscriber
Total mobile subscriber touched 670 million.
700
Mobile telephone Density ~ 56% (metro ~110%)
600
Growth has been tremendous in recent past with monthly
growth of over 2% . 500
400
Future Mobile Growth Prediction (2014) 300
Subscriber
Gartner states that the mobile subscriber base of India is 200
expected to reach 993 million 100
Mobile telephone Density is expected to be 97% 0
Mobile Internet Usage (IMRB Int. 2009 report) QE QE QE QE QE QE QE
Mar-04Mar-05Mar-06Mar-07Mar-08Mar-09Mar-10
As per Dec 2009, there were 471 mobile subscriber.
27% or approx 127 million mobile users have internet-ready
mobile devices.
9.4% or 12 million of these users have accessed the internet at
least once in last one year. With 2m active users
Tele-density
Future Mobile Internet Growth (IMRB) 150
25 million mobile Internet users by 2012, and 50 million users
100
by 2014 50
Reasons For Growth 0 Tele-density
Sharp fall in the call charges Rural Urban
3G spectrum auctioning and reduction in the prices of 3G/GPRS
enabled handsets India India
Growing mobile penetration into all segments of markets
Source: Gartner, IMRB International & I-Cube 2009 report
4. Target Consumer Behavior
• Mobile banking is most used by
subscribers falling in Rs. 1 to Rs. 2.99 Lakh
income bracket followed by less than Rs 1
Lakh income bracket.
• Finding: Mobile banking is more popular
among low income group of mobile users
than higher income group of mobile users.
Request a cheque… • Mobile banking report: “Most popular
19.11
services and income profile” (Two month
Payment Reminders 20.92 ended March 2009, Urban Indian Mobile
Status of cheques Phone Users).
21.06
View Last Three… 28.15 • Market Positioning: ICICI bank continues to
Check Account… 39.97 maintain its leadership extending in mobile
space, 42% of all mobile banking users bank
with ICICI, followed by HDFC (25.3%) and
0 20 40 60 SBI.
Percentage Breakup
Source: Vital Analytics , August 2009 report , telecomindiaonline
5. Market Opportunity For MobiTechInc
Banks In India
40% 28%
• More than 50% banks • Around 50% bank use Public Sector
still need to implement highly unsecure SMS
mobile banking setup channel for mobile O Private Sector
banking
• Opportunity to propose P Foreign Bank
up-gradation to more P 32%
secure channel
Security Up-
O
New Setup R
gradation
T
U
• We propose a N
collaborative model
with one time payment I 44% Banks Already offer mobile banking service
cost followed by per
transaction revenue T
Mobile Banking Service (39 bank offer mobile
model Y service)
Build & 26%
Operate Model SMS
46% USSD
HTTPS
12%
J2ME
16%
Primary Research
6. Available Technology Analysis
Function SMS USSD HTTPS IVR J2ME
(Preferred (Preferred
technology) technology)
Ease of use
Support All GSM All GSM GPRS/3G All GPS Java,
Enabled with GPRS/3G
browser Enabled
Cost to user
Cost to bank
Encrypted path from handset to server Only Wireless Only Browser to Only Browser to
portion Wireless Bank Wireless Bank
Ubiquity
Biggest Benefit Ubiquity Ubiquity Most Secure Familiarity Mobile Appl.
DB
Skills/Training Required Text None Browsing None Application
Formatting know-how
Handset side provisioning None None GPRS, None GPRS,
Browser Application
Drawback Prone to Less Secure GPRS Slow Appl.
Security connection Download
Scalability No USSD 2 Yes Limited Yes, need
Scope reinstallation
7. Preferred Channel Analysis
USSD(Unstructured Supplementary Service Data)
Steps is it?
What (Balance enquiry & top-up)
Capability built into GSM the service
1. A mobile user initiates phones, much like the Short
Message ServiceUSSD string defined
by dialing the
It sends text between a mobile and an application program in
by the service provider; for
the network*#123#.
example,
Service is integrated even in legacy GSM stack (GSM 02.90
2. The USSD application receives the
and GSM 03.90.) from the user and
service request
responds by sending the user a
How is itof options. from SMS
menu different
3. The user responds by selecting a
USSD transactions occur SMS, messages can be sent
“current balance” option.
during the session only. to a mobile phone and
4. The USSD application sends back
Allows two-way exchange stored
details of the mobile user’s current
of a sequence of data No sequence or session is
account balance and also gives the
maintained
option to top up the balance.
5. The user selects to top up his/her
Challenge
account.
6.Development of USSD application
The application responds by asking
how much creditinterface between application and network
Development of to add?
7.nodesmobile user responds with the
The (gateway)
amount to add. core banking system
Interfacing with
8. The USSD application responds by
Service opportunity
sending an updated
balance and ends the session.
• USSD service is available with all major gsm service provider
in India
• It can be accessed while roaming without extra charges.
• USSD can be leveraged to reach the mass since 90% MS in
India are USSD enabled
8. Preferred Channel Analysis
Mobile web Access (web browser application)
What is it?
Capability built into GPRS/EDGE/3G enabled phones
It sends secured data packet between a mobile and an
application program in the network
Service is integrated in 2G and above compatible stack
How is it different from USSD
HTTPS is used to create the USSD transactions occur
secure session. during the session only.
Allows multi-way exchange Allows two-way exchange
Architecture
of data (by scaling it up for of a sequence of data
m-commerce)
Challenge
M-commerce
Scalable futuristic architectural design
Development of mobile friendly application
Interfacing of application with core banking system Core Banking
Opportunity
Mobilr Banking
• This platform is highly scalable since it uses client-server Server
model with standard browser client.
• Online streaming of data with end-to-end encryption
• Cater to multiple needs of higher income group sophisticated
mobile users Mobile Handset
User
Hierarchical Model
9. Challenges – Mobile Network Operator Side
Integration of USSD Application with mobile operator network
1. Operator hosted secure communication
platform
2. Operator hosted USSD mobile platform
3. Co-branded mobile banking USSD platform
serviced via the mobile operator’s network
4. Mobile network operator as the issuer of
the accounts
5. Bank as the mobile virtual network operator
(MVNO)
6. Third party(MobiTechInc) hosted mobile
banking platform with mobile operator
interoperability
7. MobiTechInc hosted mobile banking
platform with bank interoperability
8. MobiTechInc hosted USSD mobile banking
platform with bank and operator
interoperability.
10. Challenges - Core Banking Side
Integration of USSD & HTTPS Application with core banking system
SOA Architectured Core Banking System
•Reusable discrete component design in SOA
helps significantly in integration to deliver
agility and flexibility
•Data Abstraction layer can be used to modify
the middleware we propose to provide
interfacing to the USSD and HTTPS application
Legacy Core Banking System
•Middleware is designed to provide the interfacing
between our application and the database of the
Core banking system
•Middleware is a S/W application which on run-time
converts the request from application into query
format /variable of the core database
11. Security – Risk Analysis For USSD
Lost or Stolen mobile Station
Since no trace of transaction stored on mobile therefore no
risk of loss of critical information
Air Interface
Guaranteed message delivery
Wireless signal is encrypted as per the MNO
Application Physical Server Safeguard
USSD gateway and application will be on secure system
(password protected) therefore no body can access the
data at server level
User Safeguard
Threat Transaction limit as per RBI norm with single transaction less then
INR 1000
There is no encryption of information so the channel from Introduce cumulative and account balance limits
the network to the bank is open to monitoring, replay,
modification and impersonation. Physical Safeguard
Data center such as core banking DB need to be physically guarded
Threats- Solution through 24X7 security officer and video surveillance
Use secured link (VPN or SSL) to connect operator network Network Protection
and core banking system
Implement firewall policy
Install antivirus on network systems.
12. Security – Risk Analysis For Mobile Web App(HTTPS)
Lost or Stolen mobile Station
Since no trace of transaction stored on mobile therefore no
risk of loss of critical information
Air Interface
Guaranteed message delivery
Wireless signal is encrypted as per the SSL
Application Physical Server Safeguard
HTTPS application will be on secure system (password
protected) therefore no body can access the data at server
level
User Safeguard
Threat Transaction limit as per RBI norm with single transaction less then
INR 50000
Mobile device could be infected with virus since HTPPS- Introduce cumulative and account balance limits
browser capability is generally present on smart phones.
Physical Safeguard
Data center such as core banking DB need to be physically guarded
Threats- Solution through 24X7 security officer and video surveillance
Installation of anti-virus software of the mobile station Network Protection
device
Implement firewall policy
Install antivirus on network systems.
13. Services offered Over USSD
Account Inquiry
• Balance enquiry
• Mini Statement
Funds Transfer
• With in the Bank
• Max Limit is 1000 Rs.
Mobile Recharge
• Top up for own mobile
• Top up for other mobiles
Requests
• Requests for cheque book
• Request for m-statement
14. Services offered Over HTTPS
Account Inquiry
• Balance enquiry
• Mini Statement
Funds Transfer
• With in the Bank
• Outside the Bank
• Max Limit is XXXXX Rs.
Mobile Recharge
• Top up for own mobile
• Top up for other mobiles
Requests
• Requests for cheque book
• Request for m-statement
Demat Enquiry Service
• Portfolio value
• Value of holdings
• Transaction status etc
M – Commerce
• Insurance Premium
• Merchant payment etc
15. Development Roadmap – lifecycle
Methodology -
Overlapped waterfall model
Product To Be Developed -
USSD Application
USSD Gateway
Web Based Mobile Application (HTTPS)
Middleware
Product Development & Testing Environment-
Simulated environment for USSD testing (we propose to buy it)
Simulated environment to test integration with known core banking solution
• Requirement
• Design
Project Plan • Implementation
• Testing
• Human Resource Requirements
• Hardware Requirements
Resource Plan • Software Requirements
16. Governance Model For Unity Bank
• Mobile Banking development and operation are handled by the IT Department of the Organization.
• Organization structure is proposed in a way such that IT department can work closely with Legal, Security and Finance
department for the smooth running of project