securing mobile payments

Simon Cattlin

Securing Mobile Payments

IOCS, 2013 – Confidential

What’s the background

– UK economic need– UK/EU regulatory and legal requirements– Consumer behaviour– Technology adoption


The technology heritage

Silanis Docusign Adobe IOCS Bango Luup

eBay Paypal A cast of thousands…

Its not about phones – its about digital convergence and straight through processing.


The history

– IP has been “out there” since 1992– Millions of users– $ Billions transacted annually– Legally tested – Statute and directives in-place


Public Sector Adoption


Finance Sector Adoption


Retail Sector Adoption


Complexity

• CLIENT VALUE• Onerous ID process• Admin overhead• Delayed execution

• COST• Print • Postage• Admin• Errors• Scanning• Delivery • Storage

• COMPLIANCE• Sales processes not

captured• Paper agreements lost

• CARBON• Increased footprint


D A

Y S

P H Y S I C A L, S E M I – A U T O M A T E DE L E C T R O N I CF U L L Y – A U T O M A T E D

ROI = 90% reduction - cost / time / risk

Workflow


universal application

document generation

fraud checks

identity checks

electronic signature

vaulting / delivery

c o n t e n t m a n a g e m e n t

p r o c e s s o r c h e s t r a t i o n

m i / e v i d e n c e ma n a g e m e n t

e l e c t r o n i c a g r e e m e n t p r o c e s s i n g

The zone


eSign LawUK & EU

Consumer Credit LawTechnology

Get it wrong = PPI +++++

Who are the Specialists?

– Bird and Bird, Lorna Brazell, Partner: the UK’s leading expert on e-signature law and e-contract enforceability. Author: Electronic Signatures, and Identities © Bird & Bird, 2008;

– Benjamin Wright: lawyer, government advisor and leading US expert on e-signature and electronic evidence. Author: E-Signatures, Are We Building Sufficient Electronic Evidence? © B. Wright, 2007; The Law of Electronic Commerce, © Aspen Law & Business, 2006

– Locke Lord Bissel & Liddell: Specialist e-records management legal experts. Authors: From E-Discovery to E-Admissibility Lorraine v. Markel and What May Follow, © Lord Bissell & Brook, LLP 2007

– Judge Paul W. Grimm: Chief Magistrate Judge - the presiding judge in Lorraine v. Markel and author of the subsequent 101-page opinion on getting e-records into evidence

– Judge Christopher M. Klein: U.S. Bankruptcy Judge and Chief Judge of the Bankruptcy Appellate Panel of the Ninth Circuit – the presiding judge in American Express v. Vinhnee, 2005

– Professor Edward J. Imwinkelried: Professor of Law and Director of Trial Advocacy, Author: 11-Factor Foundation Process for Electronic Records, © Matthew Bender, 2008

– Tower Group, Karen Pauli, Senior Analyst. Author: Electronic Signature and Secure Forms in the Insurance Industry: Taking the P&C Pen to the Web, © Tower Group, 2007

– Gartner, Gregg Kreizman, Research Director, IT. Author: Electronic Signature Suites and Services: Preserving the Electronic Trail 10 Years From Now, © Gartner 2008


What do they say?


There are…

…principles of enforceability

6 Principles of Enforceability


full ID audit trail

1

true copy for customer

4

non-repudiable evidence:• integrity• unity

6

2

reproduce exactly what the customer saw

3

reproduce exactly what the customer did

5

persuasive evidence: • simple• non-technical

Example: IOCS-Systems approach: Law First


INDEPENDENT IOCS ENVIRONMENT


– Full ID audit trail– What the customer saw– What the customer did– True copies– Practical, persuasive evidence– Integrity / unity


ID Verification - Big Data


Compliance / Accreditation


IOCS has a significant advantage in terms of regulatory compliance and legal endorsement:

IOCS is the only service of its kind to have been approved for use by the UK’s leading law firms and QCs specialising in consumer credit, banking and electronic transactions:

VeriSign CertifiedCompliant with UK

government guidance on e-signature

DP Registered: Z2365706 OFT / CCA Compliant PCI Compliant Q413

UK and EU e-Signature Legislation Compliant

Fred PhilpottMalcolm Waters

IOCS platform will transact £2,000,000,000 in 2013

Some useful people to know

IOCS-Systems SSLPostExcipere

Thankyou - questions
