The Canadian Bankers Association (CBA) has recently published a Guidance Document for developing mobile payment systems (MPS), systems designed to process payment using a mobile device at a point-of-sale-location as a substitute for a conventional payment card. The goal is to promote commerce by allowing merchants and consumers to process transactions more efficiently and with greater security.
The MPSs considered in the Guidance Document use Near-Field Communication (NFC), technology that allows mobile devices to communicate with each other at close proximity. MPSs using NFC permit a consumer to make a payment by simply bringing an activated mobile device within a few centimeters of a merchant’s reader device.
The Guidance Document provides a framework for implementing MPSs that aligns industry practices of key players facilitating payment transactions, including mobile service providers, financial institutions, payment card firms and merchants. The Guidance Document sets out the roles, responsibilities and types of information exchanged between all such key players.
The Guidance Document also proposes strategies for managing the risk of fraud and abuse of personal information over MPSs, including:
- enhancing security features for high-risk and high-value transactions, such as end user approval and end user pass code verification for such transactions;
- using secure communication protocols between key players; and
- restricting access to sensitive end user information among key players on an as-needed basis.