Your Gateway to

mCommerce

MobiFin-A Mobile Commerce Evolution

MobiFin

An extra ten mobile phones

per 100 people in a typical
developing country leads to an
extra half percentage point of
GDP per person growth

Plastic money

Coins
Barter

. Leonard Waverman

MobiFin Overview

MobiFin is a unique
Mobile based
Transaction
Management System
that acts as a highly
versatile intermediate
platform. It enables
service provider to
diversify business by
provisioning core
services like Recharges,
Banking services, Sales
and Support to various
channels.

MobiFin empowers a
service provider with a
set of distinct features
that provides an
intuitive and convenient
way for managing
service channels with
various interfaces under
single roof

MobiFin solution has

got the edge over
existing solutions in this
domain because of its
economical and
ubiquitous, Flexible &
Scalable nature.

MobiFin solution from

Panamax helps service
provider to integrate
with various operators ,
banks,
wholesaler/retailer and
financial institutions for
core services which
mainly includes Mobile
recharges, banking,
financial services etc..
Service operator will be
able to extend this
service into various
channels like Reseller
Networks, POSA
Providers or Web Portal

MobiFin supports major

industry standards such
as ISO 8583, SOAP-XML,
XML RPC, WSDL 1.0 and
1.1 1.2 and custom
protocols.

MobiFin - Opportunities

Mobile Top-Up

Utility Payment

mTicketing

Mobile Money

Loyalty

Int. Remittance

Micro Finance

Mobile Banking

Single PIN Multi Top-Up

Lottery/Betting

Insurance

Services at a glance
Mobile Top Up & Bill Payment

Mobile Money/Wallet

Mobile Ticketing

Mobile Banking

Micro(Agent/Branchless) Banking

Domestic Mobile Top-up (Airtime

Credit)

P2P ( Person-to-Person)

Air Ticketing

Register

Open a limited features account at

local retail outlet

International Mobile Top-up

(Airtime Credit)

Aggregator for existing MMSP

(Super Distributor)

Bus Ticketing

Check Balance

Your mobile number is your

account ID

Utility Payments like

Electricity , Gas , Water, Digital TV ,
School Fees.

International Remittance

Toll Tickets

Get Statement (Mini Statement)

Deposit & Withdraw cash at local

retail outlet

PIN Base Top-up Vouchers

Network of Remittance Agents use

mobiles to Transfer money

Railway Tickets

Transfer Funds (BankWallet/Wallet Bank)

Transfer money & make other

service payments

Premium Collection ( Insurance,

Loans)

Senders remit money via cash

through Agents/Retailers or bank

Movie Tickets

Make Payments (Same Bank

Transfers)

Self Recharge

Recipients collect cash at local

Agent/Retailers

Ferry Tickets

Stop Cheque

Retailer Recharge & Bill Payment

Money Cards for Senders who

might not have mobile

Entertainment Tickets (Games,

Shows)

Request Cheque Book

Bulk API

Change Password

Balance Transfer ( for MNOs)

Top up Own Number /other

Number

Mobile Money/Wallet

Mobile Banking

Micro Banking

Voucher recharge is
expensive, fraud prone,
with logistics
challenges

Son works in city;

remits money to family
in village via informal
channels

Person is banked

Person is unbanked,
works & lives in urban
or rural area, earns &
spends cash

Voucher is unfriendly
and needs every MNOs
EVD SIM Card

Traditional rmittence
infrastructure not
available

Banking is
cumbersome due to
limited branches & ATM,
no computer & Internet
for online banking

Cash handling is a
security problem

Mobile phone is his

primary device

Unable to access
banking services & Has
Mobile Phone

Agents wish to deploy

low working capital,
more efficiently
Mobile Top Up

Mobile Money/Wallet

Mobile Banking

Micro Banking

Multi-channel PIN-less
top up

Agents use mobiles to

send & receive money,
via prepaid accounts held
with service provider

Enable full banking

services on any mobile,
with full security

Agent with mobile is

Human ATM

Device & network

independent

Provides doorstep
banking with minimal
infrastructure

Solution

Mobile Top Up

Problem

Why MobiFin ?

Solution Architecture

MobiFin System Interfaces

Short Messenging Service (SMS)

SMS Based Mobile Application

POS Handheld terminals

GPRS

POS Access
GPRS Mobile Application

WAP

Distributor Mobile App - Android, J2ME,

BlackBerry, iPhone
Reseller Mobile App - Android, J2ME,
BlackBerry, iPhone
CSR Mobile App - Android, J2ME,
BlackBerry, iPhone

Web

Admin Web Portal

CSR Web Portal
Reseller Web Portal
Corporate Web Portal
Distributor Web Portal
Bulk Distributor Log IN

Merchant Log IN
Unstructured Supplementary Service
Data (USSD)
USSD Menu
Interactive Voice Response (IVR)
POS Device Application

Dynamic IVR Management

Spectra, Visiontek, Ingenico and
Verifone

Kiosk Device Application

Standalone/Wall Mounted Kiosk

Foreign Language Support

Service Flow
Mobile
Account

Wallet (Bank)
Services

Top Up
Services

Remittances
Serices

Wallet Transfer

Mobile Top Up

Domestic
Remittances

Bank Transfer

Internet Top
Up

International
Remittances

Load Money
from bank
Account

DTH Top UP

Check Balance
/Statement

Merchant
Payment

Bill Pay

Settings

Electiricity

Change
Password

Tax Collection

Change
Transcation
Password

Loan Payments

School Fee
Payment

Mobile Top-Up

Utility Payment

Recharge Card Challenges

Channel Member
Challenges

Operator Challenges

Time to market
Cost of printing

Stock availability

Higher investment in
stocks

Dependence on the
channel members

Availability of the
preferred denomination

Transportation and
storage

Damage in transit, theft,

and fraud

Time lag in stock

arrival

Storage

Limited visibility on
distribution channel

Revenue realization
Geographic coverage

Customer Challenges

mTopUp Advantages

Issues with traditional mobile

recharge system
* Voucher recharge is expensive,
fraud prone, with logistics challenges
* Recharge cards are unfriendly
* Additional expense on paper,
printing, distribution and customer
care on these cards
* Agents wish to deploy low working
capital, more efficiently

mTopUp Advantages
Multi-channel PIN & PIN-less Top up
Multi Operator Single PIN & PIN-less Top up
Device & network independent
Self Recharge
Retailer Recharge
Bulk Recharge (API)
Balance Transfer (MNO)
Bill Payments (Utility)
Top up Via Banking Transaction

Services
Service Offered

Brief

Transaction Type

Electronic Voucher Distribution

e-PIN being electronically delivered to subscribers phone

at the point of sale

Mobile Handsets
Web Portal

Physical Voucher Recharge

Scratch Cards sold with predefined pins with Fix

denominations

Bill payments

Bill Payment for various utilities

SMS
IVR
Open API: XML, HTTPS

API based Bulk Recharge (3rd Party Recharge)

Direct self recharge by subscriber

Provides e-enabled distributors to connect their IT systems

to Button Pay e-Recharge system over our open API, to
enable them to sell any value top up via their retail points,
by opening one bulk account

Enables subscribers to recharge their own or another

account using their own handset or a web portal, and
making payment via credit / debit card, or, direct bank debit

ATM, Direct Bank Debit,

Credit & Debit cards
(requires integration)

Feature Requires
Banking Integration

MobiFin Apps
MobiFin provides Application for
Java
Symbian
Smart Phone (Android & IOS)
Blackberry

MobiFin Distribution Management

MobiFin provides a Flexible and easy way to make and manage distribution channels. MobiFin platform offers CSR(Customer Service Representative) and
Distributor Mobile Apps which allows to create and manage Agents/Retailers in real-time. Upon successful creation of Agent , Agent will receive E-mail and
SMS with the Credentials. CSR/Distributor can transfer E-Value to agents account and Agent can perform Transactions.

MobiFin platform support a Distribution channel up to 16 Levels. Also , allows to Create a Distributor. Distributors can have their
own Mobile Applications and Web portals through which they can Create and manage agent/Retailers under them. They can set
the desired Products and commissions to the agents and control their business. MobiFin also allows real-Time reports which
shows on going transactions and Commissions.

Channel Management Feature

Allows an Operator /Service Provider to Define N-level Distribution Hierarchies

Multiple domains

Multiple level channel hierarchy under a domain

Add/Modify/Delete Channel Users

Channel entity in a domain (configurable)

Distributor
Sub-Distributor
Sales Agent
Retailer

Channel Category grades for different commission and control profiles

Channel user association with Area/Sub-Area for reporting
Create/Delete channel members in bulk
Transfer Channel member with down-liners in the same domain

Channel Management Feature

Association Rules for

Channel Domain

Parent association of a channel entity

Commissions Management

Commission profile for:

Direct transfer from one channel

entity to another

Operator /Service providers to

Channel transfer

Allow/Deny channel bypass for

transfer

Channel to Channel transfer

Channel to subscriber transfer

Additional commission based on

the consumption of service

Value of transfer

Allow/Deny withdrawal of credit from

channel entities

Allow/Deny return to channel entities

Activate/Deactivate services (e.g.
Recharge, Bill Payment)

Retail chain tree policy management

Business Rule Manager

Transaction Rules

Daily/Weekly/Monthly
Transaction Control

Daily /Weekly/Monthly
Amount Control

Retail Rules

Sales Rules

Retailer Service Rules

Sales Service Rules

Retailer Amount Rules

Sales Amount Rules

Daily /Weekly/Monthly

Retailer Transaction

Service Rules

Rules

Sales Transaction Rules

Mobile Money

Int. Remittance

mTransfer
The Mobile Money concept has transformed many countries from Cash based market to Cash Less market.
Mobile Money allows banked

The Consumer and Agents

MobiFin system ensures

The Mobile Money

as well as unbanked people

needs to be registered on the

smooth Agent and User

ecosystem consist of Bank ,

the ease to Send and Receive

Platform and complete the

registration process with KYC

Agent and End Users. Banks

money without any hassle.

KYC process to start using the

status at mobile application

being the Financial institutes

Mobile Money Services.

and web portal levels, If the

provides all the Financial

KYC is in-complete , the

features. Agents and End

Agent or User will receive

Users can access the Services

alerts for defined time and

which Banks provides after

then the MobiFin system will

the Integration with MobiFin

automatically Block them

system

ensuring that no any

Transactions are done
without complete KYC.

Mobile Money for Agents (P2P)

The agents/retailers have mainly have two services for Mobile Money users.
Send Money
Receive Money

Using Send Money , the Agent can load money into the End Users Wallet. Basically , the End User providers physical cash to Agent and ask agent to
transfer eValue into his/her wallet. Below snapshots providers graphical view for the same
Receive Money allows the End User to convert their eValue in to physical
cash. In this case , The End User has to transfer the evalue in to Agents wallet
and get the physical cash on confirmation of the same. Receive money
request are generally initiated by the End Users from their mobile Devices.
They can initiate the Receive Money request either from USSD or SMS. Upon
successful Transaction , The user and the Agent gets notifications from
provider and user gets the physical cash from Agent.

Mobile Money for End User

The End Users can avail lot of benefits from the Mobile Money services. It allows them to Send and Receive money easily without using any banks
services. The user needs to register and perform KYC process to active Wallet on MobiFin system. Once the Wallet is Active , User can start
leveraging the various services provided by MobiFin system.
The End Users can access various services like Wallet to Wallet transfer , Bank to Wallet and Wallet to Bank transfer , Merchant Payment , Top-up ,
Utility Payment and Ticketing from single Wallet account. The Wallet consists of three main Money Services :
Bank to Wallet Transfer
Wallet to Bank Transfer

Wallet to Wallet Transfer

The below
snapshots
describers
the steps involved
in User
Application to
perform Transfer

Mobile Money for Merchants (M2M)

Mobile Money can play vital role for the Merchant when it comes for collecting cash from consumers.
In many cases , Merchants have distribution channels under them and collecting cash for the supplied Goods becomes
tedious job. The MobiFin platform allows Merchants an easy way to achieve the same. Merchant can register their own
distribution channel on MobiFin system and enable Cash less transactions through Wallet transfers.
FMCG Distribution, Bars, Restraunts, Shopkeepers , Malls , Super Markets Etc. can also facilitate their consumers to make
payment towards their purchase through Wallet.
Upon successful payment , Consumer and Merchant can get E-mail or SMS notifications.

mTransfer Advantages

Issues with traditional

Remittance process

mTranfer Advantages

Agents use mobiles to send & receive

money, via prepaid accounts held with service
provider

* Son works in city; remits

money to family in village
via informal channels

Network of Remittance Agents use

mobiles to Transfer money

Senders remit money via cash through

Agents/Retailers or bank

* Traditional rmittence
infrastructure not available

Recipients collect cash at local

Agent/Retailers

Money Cards for Senders who might

not have mobile

Dynamic Charging Management

Sr. No
1
2
3
4
5
6
7
8
9
10
11

Services
Wallet Transfer
Wallet Transfer
Withdrawal
Wallet Transfer
Load Cash
Load Cash
Check Balance
Top Up Services
Top Up Services
Remittances Services
Remittances Services
Bill Pay Services
Bill Pay Services
Tax Collection Services
Merchant payment Services
Ticketing Services
Ticketing Services
Change Password

Supported Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Transaction Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Flexi Amount Based Charges
Flexi Amount Based Charges
Fix Amount Based Charges
Flexi Amount Based Charges
Transaction Based Charges

Participants in Ecosystem
Participants

Brief

Mobile Money Service Provider (MMSP)-

Operates service, branding, marketing, system, cash handling

License & regulatory compliance for service

Banks / Financial Institutions Hosts Custodian Account holding real cash

flowing thru the service

Subscriber

Authorized Retailer: Agent

Usually un-banked; owns or has access to a mobile SIM

Gets m-wallet & limited set of Services based on product choice

Branded outlet for MMSP, where new subscribers open mwallets

Performs cash-in (deposit) and cash-out (withdrawals) for users

Agents Used by MMSP to create network of Agents

Super Agents

Mobile operator

Carries mobile transactions on their network through

3G,Edge,GPRS,USSD ,SMS
Provides SMS connectivity for their subscribers (short code)

Operational Flow

Operational Overview
Agents

Subscriber

Service Provider enrolls authorized retailers as Agent

Subscriber visits Agents to make transfers; gives name of

the recipient ,phone number and valid ID is required

Agent carries prominent Service Providers signage on outlet

Sender pays cash to Agents : Agents uses Handset Menu to

transfer corresponding amount from his M-Wallet into a
Holding Account

Service Provider creates m-wallet for each Agent, into which

the Agent deposits a prepaid balance (Working Capital)

Platform generates token code for each remittance received into

holding account and notifies agents, sender and recipient

Agent deposits & transacts either directly with Service

Provider or via Super Agent

Recipient visits local Agents, provides Token Code, Name,

Valid ID : Request Collection

Agents accesses service from user friendly menus on their

mobile handset through Mobile OS

Local Agent pulls inward remittance from Holding account into his
M Wallet via his handset and pays cash out to the recipient
Recipients can also choose to pull their inward remittance into
their bank accounts ( Banking Integration Recquiered)

Subscriber to Subscriber Transfer (P2P)

Register for the P2P service to transfer virtual amount.
Initiation of Transfer
The sender initiates the transfer through SMS/USSD/WAP application
The SMS/USSD/WAP application that contains the keyword, receivers mobile number and amount of transfer .
The sender confirms transaction with Mpin secured transaction pin for secured transaction

The sender shall also receive the transaction ID , amount and the mobile number of the person for the transaction done

Transfer Processing & Controls

Determination of service profile and checks for no bar status of both entities
On successful transfer, the sender and receiver would receive a confirmation message
The receiver would receive the senders Mobile number, amount transferred and the transaction id
The sender would receive the transaction confirmation with the receiver's name/ Mobile number , transfer amount
and transaction id on success
Debit sender's talk time account from the IN and Credit receivers account using charging system interface in case of
MNO lead model or shall be in the form of virtual wallet credit.

Mobile Banking

Changing Scenario of Banking

Changing customer needs together with major advancements in technology are transforming the banking landscape.
Customers now expect a broad portfolio of personalized offerings and convenient, multi-channel access to banking services
At the same time banks traditional dominance of the banking market is being challenged by new players, such as mobile operators, mobile device manufacturers,
online payment processors, and location based service providers - many of which are launching innovative financial products riding on digital technology
Banks must keep pace with changing consumer needs and increasing competition to remain relevant to their customer base and retain their leadership in the
market for Banking services
At the same time, banks must cultivate their top line and improve overall performance. To fast-track revenue growth banks need to increase product uptake
amongst their existing customers and extend service reach to unbanked segments
Many banks are looking to meet these challenges by adopting mobile banking as a means of delivering cost-effective, omnipresent banking services to a wider
audience - and as a route to providing convenient, secure, personalized mobile banking services.

Upholding profit margins necessitates an increased focus on driving productivity - reducing the overall cost to reach out the customers

mBanking for Banked Customers

MobiFin -mBanking solution enables banked customers to access banking services securely from their mobile handset, both to
seek account information & to perform financial transactions. The solution integrates seamlessly with existing banking &
telecommunication infrastructure

Bank customers are provisioned on the system to access their account and carry out transactions like Notifications and alerts,
Bill payment, transfers and transactions, Account and wealth management & Financing: credit, loan, insurance

Mobile phone used as

banking terminal
Menu driven application
Bank-grade security

Service provider lead Business model

Bank offers Mobile Banking to their customers Bank holds all Bank Accounts in their systems
Bank earns Transaction Fees, Commissions or subscription on service packages
Service Provider processes mBanking transactions on behalf of banks (integrate their system with bank)
Serves multiple banks & enrolls merchants
Provides back end technology, handset application & connectivity with all mobile operators
Service Provider manages e-Top Up for all Mobile Operators as their distributor & utilize existing relationships
with utilities for Bill Payments via mobile

Participating Bank/Financial Institute

A Bank would either

The bank is

If the bank, MBSP or

All transactions are

directly be the MBSP,

responsible for

the licensor so

then performed at the

or would have equity /

obtaining license for

requires, then the

bank host, and the

contractual

the service, regulatory

micro banking system

micro banking system

relationship with

compliance, facilitating

can be integrated with

serves as a proxy,

MBSP

inter bank transfers &

the banks IT systems

providing secure

settlements, forex

to create real bank

access via users

trading license (if cross

accounts behind each

mobile phone.

border remittances are

subscriber m-Wallet.

offered).

Mobile Banking Services

Account
Information
mWallet Services
Cash IN from Bank Account
Cash Out to Bank Account
mWallet Statement
Wallet Money Transfer

Banking Services
Mini Statement and checking of account history
Alerts on Account Activity or passing of set thresholds
Access to card statement
Cheque Book Request
Recent Transaction
Add / Remove Bank Account
Bank Fund Transfer
Locating nearest bank branch, ATMS
PIN Provisioning or Change of PIN

Payments, deposit,
withdrawals,
and transfer
Payment
Mobile TopUp
Utility Payment
Mobile Ticketing

Deposit / Withdrawals

Deposit at Banking Agent

Withdrawals at Banking Agent

Operational Overview

Create vendor (bank / mobile operator)

Create prefix per vendor

Create different service packs with different product mix per pack

Account ID mapped to
MSISDN & bank account

Create fees per pack or per product

No loss of profile if MSISDN changed

Begin selling to subscribers

Customer authentication required

before MSISDN change in profile

Allocate service pack to subscribers

Subscriber
number(s)

Customer profile stored against

unique Account ID
(internal parameter)

registration

Links

mobile

number

to

account

Create inactive account

Sends application to subscriber, with confirmation
Send MPIN
Customer changes MPIN, account becomes active

mBanking -Features

Account Balance Check / Query

System is accessed from user-friendly menus on the mobile handset

Cheque Book Requests

Subscriber password (MPIN) management via handset & web based self care

Stop Cheque & Card Payments

Choose basic or smart handset application

Funds Transfer between own / other

accounts

Payments to Merchant Accounts

Pre-paid top-up of own & other phones

Commissions & fees vary per entity & by transaction type

Bill Payments & Utility Services Payments

Configurable transaction limits: per transaction, transaction type of periodic

Salary Disbursements

Trigger based reports

Stock Quotes

Last 5 transactions

Payment for these transactions via direct

debit of bank account or credit card

Secure self care portal

Alerts & SMS push/pull messages

2-stage approval for configuration changes

Handset menus can be in local language

Capability to integrate multiple banks & mobile operators reliably and
efficiently
Configurable Business Rules; earn revenue via subscription or transaction
fees

Range of standard & customized reports

Full enrolment & provisioning module

Configurable notification, alerts templates

Built-in Reconciliation module

Mobile Banking Ecosystem

mBanking Advantages

IIssues with traditional banking

process

* Time and space specific access

to the banking service
* Banking is cumbersome due
to limited branches & ATM, no
computer & Internet for online
banking
* Mobile phone is his primary
device

mBanking Advantages
Enable full banking services on any mobile,
with full security with all following features on
a single click of a mobile
Register
Check Balance
Get Statement (Mini Statement)
Transfer Funds
Make Payments
Stop Cheque
Request Cheque Book
Change Password

Micro (Agent/Branchless) Banking

This system allows people to open

virtual bank accounts (mwallets) at
authorized retail outlets (Banking
Agents), move real money (not airtime
as a pseudo currency) between these
accounts, and make payments for goods
& services to merchants, using their
monies in this account.
A neat feature allows salaries to be
credited directly into these accounts by
employers.
This offers enormous potential to open
new markets and business opportunities
for service providers, banks, mobile
operators & merchants!

Micro Banking Advantages

Agent with mobile is Human ATM
Provides doorstep banking with minimal
infrastructure
Open a limited features account at local retail
outlet
Your mobile number is your account ID
Deposit & Withdraw cash at local retail outlet
Transfer money & make payments

Micro Banking Features

Makes banking available at retail outlets

Secure way for un-banked to save their money

Cash in & cash out (at ATM or retail outlet)

Person to Person money transfers o Registered / unregistered to registered / unregistered

Long Distance Remittances: domestic or foreign

Pre-paid mobile Top-Up: own or others phone

Person to Merchants payments for purchase of goods / services

Disbursement of salary by employer into micro banking account

Loan installment repayments using funds in micro banking account

Bill payments

Balance check

Check Last 5 Transactions (mini statement)

Change M-PIN

Salary credit into m-Wallet by employer

Additional functionalities can be added as per requirement of the Service Provider, regulatory requirements and availability of appropriate
API at the Bank host system.

How does it work - Security Standard

Firewall

Firewall
CryptographyAl
gorithm

Internet

HTTPS
SSL 3.0

CryptographyA
ES

HTTPS
SSL 3.0

MD5 and SHA1 check sum generation algoritham

HTTPS
SSL 3.0

CryptographyAl
gorithm

Security application components

IP Sec VPN

Database Cryptography
Digital Certificates - SSL
End to end transmission Cryptography
Two different authentication processes
Ethical Hacking Test (Vulnerability Assessment)
Self destruction in case of loss, theft or a password mistake.
User vs personal device (only a specific user ID can use a specific device)

ISO 8583
Bank
SMSC

Mobile Banking SMS Alert Notification

SMS Contact
Entry Points

Opt in
Customer Subscribers

Invitation
Bank Solicit Subscription

Queries
Customer Request
Information

Delivery
Path

SMS Modules

Customer Relationship
Management

Present
Offer
Customer
Notices

Alerts
Transaction Alerts
Cheque Bounce Alerts
Cheque Paid Alert
Clearing Cheque Alert
Standing Instruction
Bank Dispatch

Rewards

MobiFin

SMSC
Gateway

Carrier
Transmission

Utility
Information
Customer
Handset

Mobile Banking Consumer Registration

Consumer

Un bank
Consumer
Approaching
Authorized
Banking
Agent in their
area

BANK

Processed
Enrolled Data
Personalized
baking details Verification

Banking Agent Enrolled the

consumer Pre data
validation KYC FORM
Opening Bank A/C Fees and
will provide receipt.

Consumer

MobiFin System receive data

dedupe check and send
information to Bank.

Dispatch

Salary Disbursement to m-wallet

More secure vs. receiving cash salary
Enforce timely payment of salary
Reduces corruption in cash disbursements
Employee gets full amount automatically from central disbursement authority
Ideal disbursement mechanism for employees in remote areas
Subscriber Benefits

Bank Benefits

Target subscribers are daily / weekly wage earners :

Low wage, bottom of the pyramid

Attract unbanked customers new market segment

Extend bank reach via branded Banking Agents

Convenient, easy & quick way to save & transfer money

Gives banks large retail presence without opening expensive branches or ATMs
Visibility via signage at retail outlets

Can get salary credited into m-Wallet account

Subscriber handset becomes a virtual debit card

Requires minimal infrastructure: mobile phone & BA; no bank accounts &
branches / ATM

Subscribers of all mobile operators can use service, giving banks access to huge prospective customer base

Sufficiently secure & cheap

Cost effective way to significantly extend reach of remittance services

Subscribers of all mobile operators can use service

Subscribers of all mobile operators can use service

Architecture

Secure ANI
IVR

ISO 8583

Consumer

WEB

Firewall

Firewall

https
Provider

3DES / AES
ISO 8583
Mobile App

https
Bank
SMS / USSD
Consumer

Security

Scalability, Redundancy & Hardware Architecture

Scalability

Redundancy

The solution is an distributed

Redundancy can be provided at each

Specific preferences follow:

architecture that makes it highly

tier, in an active-active model, and

Hardware

scalable. Technically, there is no limit

as an active-passive model, with one

Application Server: Dual Quad Core

to the number of users the solution

node serving as a standby or backup.

Intel Xeon Processor 55XX

can support.

At the DB tier, SQL proxies

Database Server: Dual Quad Core

Handle peak traffic reliably and

(MySQL) live replication of

Intel Xeon Processor 55XX

efficiently.

MySQL DB supported.

Operating System RHEL 5.5 64 bit

Deliver high availability, and

Geographically DR site in order to

or Centos 5.5 64 bit

therefore, better customer service

avoid DR event with no affect to the

and reduce lost revenue

total operation.

Deploy as you grow

Hardware and Software

AML

Float Rule Manager

MobiFin has In built Business Rule Manager.

It Controls float transfer inout of MobiFIN platform

It can support various rules according to

business policy or regulatory requirements.
It can also be used to block fraud rant
transactions.

Transaction Rule Manager

It Controls transaction
control in-out of MobiFIN
Platform

Reconciliation

MobiFIN
Platform
Transaction
Data Files

Provider/Op
erator
Transaction
Data files

Difference File Generation in case

of mismatch of transactions.

Trace Files

MobiFin Platform

Application Logs :

Access Logs : Access

writes various type

Under lying System

Logs providing detail

of logs based on

Traces which are

logs of access made

access.

useful for application

to App Servers. Helps

debugging and

troubleshooting

troubleshooting at

access to platform

highest level.

from third party

applications.

Transaction Logs :
These logs are
maintained in the
reliable DB thus it is
available as Report
Formats. It also
contains vital
information such as
Request/Responses
in it. It helps to
troubleshoot
transaction related
queries.

User Access Logs :

Platform always logs
user access logs in
the DB .It contains
details like User
Access ,Configuration
Changes. It provides

auditing facility to
admin users.

Float Rule Manager

Transaction Rule Manager

Actual Site Deployment and Hardware Specs

Database Servers
Application Servers
Redundant servers
Storage
KVM
Routers
Switches
Power recq
Rack Space

Backup & Restore Policy

Scripts are configured for periodic hot backup (data files) and archive log backups
Able to perform period cold back-ups
Scheduled scripts copy the backup files to shared storage
Backup files are later moved into tapes
Two copies of archives logs are created
Archive log files of last two days are available on hard disk for recovery
Database recovery is done by commands using files from shared storage and tapes

Database Maintenance
Database space and cluster monitor
Database tuning
Database tuning (e.g. Identify database buffer and library caches hit ratios, sort in memory adjust as required)

Rebuild indexes with high number of deleted leaves.

Analyze objects
Purge Database Server Log Files

Data Purging - Monthly

Purging of data
Adding/Dropping of the partition

Application Maintenance
Server load checking
CPU utilization
Memory utilization

Disk space checking

Monitoring partitions with usage more than threshold set

Purging of old logs

Application server logs
Database server logs
Gateway server logs
Web server logs

Monitoring application cluster

OAM: Alarm Management

Constantly monitors the following
VPN Connections, HTTP Links
Links with any other external system e.g. USSD Gateway, SMS Gateway
In the event of any link failure, an SMS/Email is sent to pre-defined numbers

Alarm Scenarios

Application subsystem failure: A process level alarm when any of the module can be brought up
Congestion: A system or network component has reached its capacity or is approaching it.
Corrupt data: An error has caused data to be incorrect and data is therefore unreliable data passed by the application is
incorrect
File error: The format of a file (or set of files) is incorrect and cannot be used reliably in processing
I/O device error: An error has occurred on the I/O device cases in which the application is unable to read configuration
files
Resource at or nearing capacity: There is a congestion control mechanism to provide high availability of service
Response time excessive: The elapsed time between the end of an inquiry and beginning the answer to that inquiry is
outside acceptable limits

Security levels

Mobile App. Security

Web Application Security

Fraud Checking

Mobile Access Security

SMS encryption (3DES2)

Symmetric Encryption
and Decryption
Each SIM is assigned a
unique key
Transaction ID Generated
at SIM level
Mobile App. messages
are protected by
encryption
Mobile App. transaction
does not work unless
MSISDN is registered

Login ID and password

authentication
IP address authentication
Time of day and days of
week based login control
Role based
authentication
HTTPS for secure
transmission
Forced password change
every n days
Forced session idle
timeout

Automated barring on
failed attempts exceeding
threshold
System bars customers
after a defined number of
repeated unsuccessful topup attempts
Configurable block period
in between two successful
transactions.
The objective of setting a
time gap is to track and
identify abnormal
transaction requests
Upper limit on the
transaction amount
permissible in a day

Barring Users
Channel users
Subscribers for P2P
transactions
PIN based access
Forced changed of PIN on
1st request
Forced changed of PIN on
a periodic basis

Security Parameters
Security Features

3DES Security

Brief
Triple DES (3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher by using it three times. When it was found that
a 56-bit key of DES is not enough to guard against brute force attacks, 3DES was chosen as a simple way to enlarge the key space without
a need to switch to a new algorithm. The use of three steps is essential to prevent meet-in-the-middle attacks that are effective against
double DES encryption.
Requests coming into the e-Top Up platform via SMS are encrypted using 3DES, to ensure security during transmission from handset to eTop Up system

MD5 Hashing

MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value, as an Internet standard (RFC
1321). An MD5 hash is typically expressed as a 32 digit hexadecimal number. This is a one-way algorithm and is irreversible i.e., cannot be
decrypted.

AES

AES has been adopted by the U.S. government and is now used worldwide. It supersedes the Data Encryption Standard (DES),[5] which
was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting
and decrypting the data.

SHA1

Secured Hash Algorithm 1 -A 160-bit hash function which resembles the earlier MD5

Application Access Security

Given the functionality & nature of transactions supported on the Mobile Banking/Wallet platform, it is mandatory that the platform abides
by strict security guidelines as per industry standards for software platforms, Financial standards, Cyber / Information Security Standards etc.
SMS Security:

To make an transaction exchange using SMS, the bank or mobile operators connect to our central server over a secure channel using Industry standard Hypertext transfer
protocol Secure (HTTPS), the same protocol is used for online banking.
For additional Security we do deploy VPN (Virtual Private Network)
Mobile Transactions made through SMS can also apply Second Factor Authentication (2FA) using IVR (Interactive Voice Response) or WAP (Wireless Access protocol)
To further safeguard the SMS we store records of each Message. Storing a record of the message is regulatory requirements and we take one more security step by encrypting
each message, we use cryptography algorithm from security leader RSA. This encryption technology is based on Asymmetric Public Key Cryptography and has strength of 2048
bits.

Security for USSD:

To Make an transaction exchange using USSD , the banks or mobile operators Connect to our network of server system over a session based ( not store and
forward)Connection. USSD reduces risk and leaves no trace of transaction on handset.

Security over transaction

through WEB

Customers who want to transact over web are protected by Inactivity lockout.
When an account has no activity for a set time after customer logs in , the connection is dropped, locking the user out.
Currently all transactions over web are on secure channel using Industry standard Hypertext transfer protocol Secure (HTTPS)

Mobile Client Applications:

Mobile transactions can also be made using a downloadable client (Mobile App).
During these exchanges data send from the mobile devise is secured using HTTPS , as well as other security algorithms such as RSA(An American computer and network security
company. RSA was named after the initials of its co-founders Ron Rivest, Adi Shamir, and Len ), SHA 1 (Secured Hash Algorithm 1). Mobile devise they do not support SSL (Secure
Socket Layer) protocol are secured by protocols with similar strength.
The Mobile application also supports MPIN ( Mobile Personal Identification number ) /Transaction Pin using RSA and AES (Advance Encryption standards) .
Another layer of security can be applied with application Pin(A PIN), this pins is validated locally at the middleware or the application.
The APIN is used to unlock the application on the mobile phone before connecting to the server system.
The additional layer of security keeps Validation information from being stored on the mobile phone or the middleware.

Audit Trail:

Every transaction (whether successful, failed or error) passing through our System is logged.
The Admin Interface offers a full audit trail for every activity on the system; it tracks & logs all the activities being performed by each admin user on the Admin Interface.

Hardware Interfaces

MobiFin Architecture in HA Mode

MobiFin Architecture in Normal Mode