Introduction: With mobile technology, banks can offer a wide range of services to their customers such as doing funds

transfer while traveling, receiving online updates of stock price or even performing stock trading while being stuck in traffic. According to the German mobile operator Mobilcom, mobile banking will be the killer application for the next generation of mobile technology. Mobile devices, especially smartphones, are the most promising way to reach the masses and to create "stickiness" among current customers, due to their ability to provide services anytime, anywhere, high rate of penetration and potential to grow. According to Gartner, shipment of smartphones is growing fast, and should top 20 million units in 2006 alone.1 In the last 4 years, banks across the globe have invested billions of dollars to build sophisticated internet banking capabilities. As the trend is shifting to mobile banking, there is a challenge for CIOs and CTOs of these banks to decide on how to leverage their investment in internet banking and offer mobile banking, in the shortest possible time. Finally, we take a look at the need of financial institutions to understand the kind of mobile usage, in terms of technology, being practiced by their target customers so that they can decide on the best manner to 'mobilize' their services. Technologies Enabling Mobile Banking Technically speaking most of these services can be deployed using more than one channel. Presently, Mobile Banking is being deployed using mobile applications developed on one of the following four channels. 1. 2. 2. 4. IVR (Interactive Voice Response) SMS (Short Messaging Service) WAP (Wireless Access Protocol) Standalone Mobile Application Clients

1. Interactive Voice Response IVR or Interactive Voice Response service operates through pre-specified numbers that banks advertise to their customers. Customer's make a call at the IVR number and are usually greeted by a stored electronic message followed by a menu of different options. Customers can choose options by pressing the corresponding number in their keypads, and are then read out the corresponding information, mostly using a text to speech program. Mobile banking based on IVR has some major limitations that they can be used only for Enquiry based services. Also, IVR is more expensive as compared to other channels as it involves making a voice call which is generally more expensive than sending an SMS or making data transfer (as in WAP or Standalone clients). One way to enable IVR is by deploying a PBX system that can host IVR dial plans. 2. SMS (Short Messaging Service) SMS uses the popular text-messaging standard to enable mobile application based banking. The way this works is that the customer requests for information by sending an SMS containing a service command to a pre-specified number. The bank responds with a reply SMS containing the specific information.

For example, customers of the Bank can get their account balance details by sending the keyword 'BAL' and receive their balance information again by SMS. Most of the services rolled out by major banks using SMS have been limited to the Enquiry based ones. However there have been few instances where even transaction-based services have been made available to customer using SMS. One of the major reasons that transaction based services have not taken of on SMS is because of concerns about security and because SMS doesn't enable the banks to deliver a custom user interface to make it convenient for customers to access more complex services such as transactions. The main advantage of deploying mobile applications over SMS is that almost all mobile phones, including the low end, cheaper ones, which are most popular in countries like India and China are SMS enabled. An SMS based service is hosted on a SMS gateway that further connects to the Mobile service providers SMS Centre. There are a couple of hosted IP based SMS gateways available in the market. [ SMS Network Architecture ] 3. WAP (Wireless Access Protocol) WAP uses a concept similar to that used in Internet banking. Banks maintain WAP sites which customer's access using a WAP compatible browser on their mobile phones. WAP sites offer the familiar form based interface and can also implement security quite effectively. The banks customers can now have an anytime, anywhere access to a secure reliable service that allows them to access all enquiry and transaction based services and also more complex transaction like trade in securities through their phone. A WAP based service requires hosting a WAP gateway. Mobile Application users access the bank's site through the WAP gateway to carry out transactions, much like internet users access a web portal for accessing the banks services. The following figure demonstrates the framework for enabling mobile applications over WAP. The actually forms that go into a mobile application are stored on a WAP server, and served on demand. The WAP Gateway forms an access point to the internet from the mobile network. [ WAP Network Architecture for Mobile Applications ] 4. Standalone Mobile Application Standalone mobile applications are the ones that hold out the most promise, as they are most suitable to implement complex banking transactions like trading in securities. They can be easily customized according to the user interface complexity supported by the mobile. In addition, mobile applications enable the implementation of a very secure and reliable channel of communication. One requirement of mobile applications clients is that they require to be downloaded on the client device before they can be used, which further requires the mobile device to support one of the many development environments like J2ME or BREW. J2ME is fast becoming an industry standard to deploy mobile applications and requires the mobile phone to support Java. The major disadvantage of mobile application clients is that the applications needs to be customized to each mobile phone on which it might finally run. J2ME ties together the API for mobile phones which have the similar functionality in what it calls 'profiles'. However, the rapid proliferation of mobile phones which support different functionality has resulted in

a huge number of profiles, which are further significantly driving up development costs. This scale of this problem can be gauged by the fact that companies implementing mobile application clients might need to spend as much as 50% of their development time and resources on just customizing their applications to meet the needs of different mobile profiles. Classifying Services Simplest way to classify these services depending on the originator of a service session is the 'Push/Pull' nature. 'Push' is when the bank sends out information based upon an agreed set of rules, for example your banks sends out an alert when your account balance goes below a threshold level. 'Pull' is when the customer explicitly requests a service or information from the bank, so a request for your last five transactions statement is a Pull based offering. Second way to categorize the mobile banking services, by the nature of the service, gives us two kind of services Transaction based and Enquiry Based. So a request for your bank statement is an enquiry based service and a request for your fund's transfer to some other account is a transaction-based service. Transaction based services are also differentiated from enquiry based services in the sense that they require additional security across the channel from the mobile phone to the banks data servers. Based upon the above classifications, we arrive at the following taxonomy of the services listed before.
Push Based Pull Based * Fund Transfer * Bill Payment * Other financial services like share trading. * Credit/Debit Alerts. * Minimum Balance Alerts * Bill Payment Alerts * * * * * Account Balance Enquiry Account Statement Enquiry. Cheque Status Enquiry. Cheque Book Requests. Recent Transaction History.

Transaction Based Enquiry Based

Analysis In terms of the evolution of services being offered on mobile applications, South Korea is showing the way. The big push came when LG Telecom Ltd., the smallest of Korea's three mobile service providers teamed up with the Kookmin bank to launch the 'Bank on' service. Under this scheme mobile users were able to use smart chips embedded in cell phones for accessing all of the transaction and enquiry based services. The chip-based service automated the authentication of users when they accessed their bank's financial services to make the whole process much faster and convenient. The icing on the cake came with the ability of these chip enabled cell phones to be used simultaneously as cash cards. By October 2004 there were already about 100,000 infrared readers adapted to take payment directly from mobile phone handsets in Korea. Users can now use their cell phones to pay for everything, from restaurant bills, travel tickets, merchandise and even haircuts. Expected Evolution for wireless Services

The proliferation of the 3G (third generation of wireless) and widespread implementation expected for 2003-2007 will generate the development of more sophisticated services such as multimedia and links to M-commerce services. The diagram below shows the expected evolution for wireless services. It is interesting to notice that while complex transactions and value added services are easily available on the internet banking channel, limited services - such as information delivery (Stage 1) and Basic Transactions (Stage 2) are being offered on mobile banking channel. This leads to the interesting question of why there has been slow progress in banks offering mobile banking capabilities. The progress is restricted due to the following key reasons: 1. Rapidly changing mobile technology and protocols; enhancement in capabilities of the mobile device 2. Non-user friendly user interface or limited flexibility in user interface 3. Little reuse of existing investment made by banks for internet banking capabilities. As mobile technology matures, first two reasons may cease to have an impact. However, there will be one strategic issue for banks to resolve. Banks treat mobile banking applications as yet another application parallel to internet banking and branch banking applications. The lack of service oriented architecture principles while developing internet banking applications has created multiple silos, each offering nearly the same set of business functionality. Banks need to revisit their multi-channel delivery architecture and need to treat mobile (wireless) as another delivery channel having a different presentation layer than that of the internet banking or branch banking, but sharing same information and transaction functions. Challenges for a Mobile Banking Solution The challenges in developing a sophisticated mobile banking application are : 1. Interoperability 2. Security 3. Scalability & Reliability 4. Application distribution 5. Personalization 1. Interoperability There is a lack of common technology standards for mobile banking. Many protocols are being used for mobile banking HTML, WAP, SOAP, XML to name a few. It would be a wise idea for the vendor to develop a mobile banking application that can connect multiple banks. It would require either the application to support multiple protocols or use of a common and widely acceptable set of protocols for data exchange. There are a large number of different mobile phone devices and it is a big challenge for banks to offer mobile banking solution on any type of device. Some of these devices support J2ME and others support WAP browser or only SMS. 2. Security Security of financial transaction, being executed from some remote location and transmission of financial information over the air, are the most complicated challenges that need to be addressed jointly by mobile application developers, wireless network service providers and the bank's IT department.

The following aspects need to be addressed to offer a secure infrastructure for financial transaction over wireless network: * Physical security of the handheld device. If the bank is offering smart-card based security, the physical security of the device is more important. * Security of the thick-client application running on the device. In case the device is stolen, the hacker should require ID/Password to access the application. * Authentication of the device with service provider before initiating a transaction. This would ensure that unauthorized devices are not connected to perform financial transactions. * User ID / Password authentication of bank's customer. * Encryption of the data being transmitted over the air. * Encryption of the data that will be stored in device for later / off-line analysis by the customer. 3. Scalability & Reliability Another challenge for the CIOs and CTOs of the banks is to scale-up the mobile banking infrastructure to handle exponential growth of the customer base. With mobile banking, the customer may be sitting in any part of the world (a true anytime, anywhere banking) and hence banks need to ensure that the systems are up and running in a true 24 x 7 fashion. As customers will find mobile banking more and more useful, their expectations from the solution will increase. Banks unable to meet the performance and reliability expectations may lose customer confidence. 4. Application Distribution Due to the nature of the connectivity between bank and its customers, it would be impractical to expect customers to regularly visit banks or connect to a web site for regular upgrade of their mobile banking application. It will be expected that the mobile application itself check the upgrades and updates and download necessary patches. However, there could be many issues to implement this approach such as upgrade / synchronization of other dependent components. 5. Personalization It would be expected from the mobile application to support personalization such as: 1. Preferred Language 2. Date / Time format 3. Amount format 4. Default transactions 5. Standard Beneficiary list 6. Alerts Conclusions For service providers, Mobile banking offers the next surest way to achieve growth. Countries like Korea where mobile penetration is nearing saturation, mobile banking is helping service providers increase revenues from the now static subscriber base. Also service providers are increasingly using the complexity of their supported mobile banking services to attract new customers and retain old ones. For the fact is that one day, in most of the world emerging markets, more people will use mobile telephones than use fixed telephone lines. Businesses that are based on mobile financial serviced will thus be a natural

fit for these economies. What is more, there is no need to wait for the next generation mobile networks; these businesses can be built using today's technology. But to capture this significant opportunity, financial firms and telecommunications companies will have to forge partnerships with one another and, possibly, with merchants and retail chains as well.