INDEX

Topic Content Page .No

 Introduction
1  Software details 1-5
 Market study

Detailed report on
2 economic and business 6-7
models

 Security threats
 Preventive
3 8-12
measures
INTRODUCTION:
Google Pay (stylized as G Pay; formerly Pay with Google and Android Pay) is
a digital wallet platform and online payment system developed by Google to power
in-app and tap-to-pay purchases on mobile devices, enabling users to make payments
with Android phones, tablets or watches.
As of January 8, 2018, the old Android Pay and Google Wallet have unified into a
single pay system called Google Pay. Android Pay was rebranded and renamed as
Google Pay. It also took over the branding of Google Chrome's auto fill. Google Pay
adopts the features of both Android Pay and Google Wallet through its in-store, peer-
to-peer, and online payments services.
The rebranded service provided a new API that allows merchants to add the payment
service to websites, apps, Stripe, Braintree, and Google Assistant. The service allows
users to use the payment cards they have on file with Google Play.
The Google Pay app also added support for boarding passes and event tickets in May
2018.
Google Pay uses Near Field Communication (NFC) to transmit card information
facilitating funds transfer to the retailer. It replaces the credit or debit card chip and
PIN or magnetic stripe transaction at point-of-sale terminals by allowing the user to
upload these in the Google Pay wallet. It is similar to contactless payments already
used in many countries, with the addition of two-factor authentication. The service
lets Android devices wirelessly communicate with point of sale systems using a near
field communication (NFC) antenna, host-based card emulation (HCE), and Android's
security.
Google Pay takes advantage of physical authentications such as fingerprint ID where
available. On devices without fingerprint ID, Google Pay is activated with a pass
code. When the user makes a payment to a merchant, Google Pay does not send the
credit or debit card number with the payment. Instead it generates a virtual account
number representing the user's account information. This service keeps customer
payment information private, sending a one-time security code instead of the card or
user details.[9]
Google Pay requires that a screen lock be set on the phone. It has no card limit.
Users can add payment cards to the service by taking a photo of the card, or by
entering the card information manually. To pay at points of sale, users hold their
authenticated device to the point of sale system. The service has smart-authentication,
allowing the system to detect when the device is considered secure (for instance if
unlocked in the last five minutes) and challenge if necessary for unlock
information. Spring CEO Alan Tisch said Google Pay improves mobile shopping
business by supporting a "buy button" powered by Google Pay integrated within
vendor's creative design.

Google has introduced a new payment app in India called Tez (the Hindi word for
“fast”). Tez features a technology called audio QR that allows users to transfer money
using sounds to pair two devices. Called the “cash mode option,” phones negotiate a
connection using audio to identify the payer and payee. (The sounds should be
inaudible to human ears though because they’re sent using ultrasonic
frequencies, according to the financial times) The feature is therefore similar to cash
transactions which don’t require the exchange of personal details like bank accounts
and phone numbers. Cash Mode works with any phone with a mic and speaker and
Tez app installed, and doesn’t require an NFC chip. Google’s Audio QR technology is
similar to Chirp, which also sends data encoded in ultrasonic audio.

There are 300 million Smartphone users in India, and phones with NFC are still
relatively rare and expensive, with many users instead favoring entry-level and mid-
tier devices. Tez is a step beyond Android Pay, because it allows users to link
payment apps from Indian banks — it works with all of the country’s 55 banks on
India’s Unified Payments Interface (UPI). UPI is a system that allows numerous bank
accounts to be linked into one mobile app, and enables secure peer-to-peer
payment. According to Bloomberg digital transactions have surged after the Indian
Government banned high-value cash notes late last year.
SOFTWARE USED BY THE GOOGLE PAY:
Audio QR:
Much more similar to your Bluetooth and NFC, it allows you to make the transactions
over the connected devices. With Audio QR, two devices placed, within the suitable
diameter range may interconnect. Using the ultrasonic sound system, it identifies the
other user through the sound and permits you to transfer the data, without sharing any
sensitive information.

The Ultrasonic Frequencies:

Ultrasound is the sound range or frequencies used by electronic devices in
communication. Practically, these are the sound vibrations above 20,000Hz. Since it
consumes high bandwidth, the data transfer remains very slow. However, this
technology can be used to transfer small files or large files in small parts.

It works in a simple way – the speaker at one end throws ultrasound frequencies in
form of pulses. The receiver at the other end captures the pulses and converts the
frequencies back in the original data.

Audio QR can be currently said as one of the most astute mechanisms for making the
digital payments. It works as a great substitute for both NFC and QR code scanner,
thus motivating the Mobile App developers to use it as a great tool for meeting the
vast crowd of the digital economy.
The communication based on the ultrasonic waves is not a new concept and has been
used with the some of the earlier devices. Going back in the previous days, ultrasonic
waves were used for transferring the data in chrome cast to connect the devices.
Brands such as Liner, Chirp have also used it for data transfer.

Recently, Google launched its payment app in India named Google Tez. This is for
the first time when these waves are being used for making the payments in a safe and
secure form.

The reason ultrasonic waves are used in Audio QR is the frequency range of these
waves are very compatible with Smartphone’s mike and speakers. Hence the voice in
the form of waves can be easily transferred to the other person that has audio QR
functionality activated on any of the Mobile Apps.
MARKET STUDY:
According to the current proposition, there is almost no technology that cannot be
integrated into mobile app. IoT, AR, VR, Beacon, NFC etc. all are exploiting the
mobile apps for making the execution of activities seamless.
Security mobile apps
Audio QR can be said as a crucial beneficiary to the security mobile apps. In the
organizations, in case of occurrence of any suspicious activity, you can activate the
Mobile App, and with the help of QR the signal can be transmitted to the alarms, thus
helping for bringing the instant rescue.

Social Networking apps

With the help of Audio QR, you can actually make new friends, how? Well, if you are
checking-in for some party alone, you can switch your Audio QR based mobile app,
to search for the partner. You can simply tap the name, fetch details and can make an
easy entry.

Identity recognition solutions

Audio QR helps to verify the individual’s identity, in a much simplified way. You are
assigned a QR code for making an attendance, or for entering at the airports, or while
attending a private business meeting. Simply click on the app, for getting identified,
and easily embark with your presence.

Payment Wallet Apps

You can transfer the amount very easily through Audio QR, simply identify the
person. Thus, tap and pay without sharing personal information. In the industrial
domains such as Bit coin.21 app development, financial app development, it can help
you make the money transfer very easily. The steps are indeed simple and hence there
are ample of apps out there that are using Audio QR for making their payments
automated.

One such app that is using Audio QR is the Google Tez App- The most popular
digital wallet app.
Google Tez App is embedded with the Audio QR technology and allows you to
transfers the amount using the UPI (Unified Payment Integration). With its
collaboration with a number of nationalized banks, the app opens new doors of
opportunities for peer-to-peer money transfer.
ECONOMIC AND BUSINESS MODELS:
A business model plays a fundamental role to any organization (Amit and Zott, 2001;
Magretta, 2002; Hedman and Kalling, 2003; Shafer et al., 2005; Zott et al., 2011).
Most of it is due to the facilitating power that the business model provides. It allows
the business and technology stakeholders to understand, communicate, analyze, and
manage strategicorientated decisions among each other (Osterwalder and Pigneur,
2002; Osterwalder and Pigneur, 2013; Pateli and Giaglis, 2004), along with changing
the business logic of the firm (Osterwalder et al., 2005). In addition, Chesborough and
Rosenbloom (2002) argue that a business model provides a holistic perspective of the
business, which helps it to understand internal functions and structures, as well as its
interconnectivity and interaction dynamics with the external world.

There are many business model frameworks (Hedman and Kalling, 2003; Shafer et
al., 2005; Al-Debei and Avison, 2010), and they differ in their rigor and depth, as well
as their complexity in which definitions, elements, and their relations are included and
analyzed. More recent approaches aimed to develop a common understanding of
business models and have synthesized large quantities of past research. AlDebei
(2010) provides an analysis of business model frameworks. The findings suggest two
things. First, although the number and names of dimensions and elements included
vary between frameworks, most of these business model elements correspond to
distinct themes, including offering or value proposition, customer, network, and
finance. Second, the majority of frameworks stem from a strategy or eBusiness
context (Hedman and Kalling 2002), and only a limited number of frameworks
originate from the mobile or payments area (Carton et al., 2012). Third, most
frameworks take an inside-out approach that focuses on the business logic of
individual enterprises rather than on the dynamic interaction within value networks
(Solaimani and Bouwman, 2012), thereby missing external threatsand the
characteristics of the particular industry. External marketplace dynamics are in
Bouwman et al. (2008). As such, they argue that businesses do not operate in a
vacuum, but rather are influenced and dependent on the environment. Their business
model takes a network-centric view (Stabell and Fjeldstad 1998; Zott et al. 2011) of
the organization; firms are part of a value network or value web (Bouwman et al.,
2006) in which organizations exchange resources and capabilities in a parallel and
simultaneous manner.
Building upon the specifics and dynamics of the mobile payment context and the
literature review on existing business model frameworks, we propose a Business
Model for Mobile Payments. It includes five main dimensions: value service, value
network, value architecture, value finance, and threats. Figure 1 depicts a summary of
the framework. Each of the dimensions is further decomposed into 15 sub-
dimensions, which provide the second layer of analysis
SECURITY THREATS:
New users of near field communication, especially for payment purposes such as
storing credit card information, are understandably concerned at first about the
security and safety of their private information. Possible security attacks include
eavesdropping, data corruption or modification, interception attacks, and physical
thefts. Below we cover the risks and how NFC technology works to prevent such
security breaches from occurring.

Eavesdropping

Eavesdropping is when a criminal “listens in” on an NFC transaction. The criminal

does not need to pick up every single signal to gather private information. Two
methods can prevent eavesdropping. First there is the range of NFC itself. Since the
devices must be fairly close to send signals, the criminal has a limited range to work
in for intercepting signals. Then there are secure channels. When a secure channel is
established, the information is encrypted and only an authorized device can decode it.
NFC users should ensure the companies they do business with use secure channels.

Data Corruption and Manipulation

Data corruption and manipulation occur when a criminal manipulates the data being
sent to a reader or interferes with the data being sent so it is corrupted and useless
when it arrives. To prevent this, secure channels should be used for communication.
Some NFC devices “listen” for data corruption attacks and prevent them before they
have a chance to get up and running.

Interception Attacks

Similar to data manipulation, interception attacks take this type of digital crime one
step further. A person acts as a middleman between two NFC devices and receives
and alters the information as it passes between them. This type of attack is difficult
and less common. To prevent it, devices should be in an active-passive pairing. This
means one device receives info and the other sends it instead of both devices receiving
and passing information.

Theft

No amount of encryption can protect a consumer from a stolen phone. If a

Smartphone is stolen, the thief could theoretically wave the phone over a card reader
at a store to make a purchase. To avoid this, Smartphone owners should be diligent
about keeping tight security on their phones. By installing a password or other type of
lock that appears when the Smartphone screen is turned on, a thief may not be able to
figure out the password and thus cannot access sensitive information on the phone.

While it may seem like NFC would open up a world of new security risks, it may
actually be safer than a credit card. If a user loses her credit card, a criminal can read
the card and find out the owner’s information. If that same person loses her
Smartphone and has it password protected the criminal cannot access any private info.
Through data encryption and secure channels, NFC technology can help consumers
make purchases quickly while keeping their information safe at the safe time.
PREVENTIVE MEASURES AND SUMMARY:
NFC is a short-range wireless communication technology and distance is around 4
inches. NFC technology operates in the range of 13.56 MHz frequency band and at a
speed of 106Kbps to 424Kbps . Combination of NFC with smart devices has led to
development and range of NFC that includes data exchanges, service discovery,
connections, epayment, and ticketing,also replace credit cards in electronic payment.
NFC is a set of standard for smartphones and similar devices to establish radio
communication with each other by touching them together or bringing them into close
proximity, usually not more than a few inches. Communication is also possible
between a NFC device and an unpowered NFC chip, called a “tag”. NFC standard
cover communications protocols and data exchange formatsbased on existing Radio-
Frequency Identification (RFID) standards including ISO/IEC 14443 and Felica.

NFC offers a low-speed connection with simple setup, and used to bootstrap more
capable wireless connections. NFC builds upon RFID systems by allowing two-way
communication between endpoints. Earlier systems such as contactless smart cards
were one-way only. The communication range of NFC is limited to a few centimeters;
NFC alone does not ensure secure communications. NFC offers no protection against
eaves dropping, data modification, and vulnerable to relay attack. Applications may
use higher-layer cryptographic protocols to establish a secure channel.Noticeably, a
considerable amount of increase in the number of research papers and activities
concerning NFC technology.The current status of NFC research area is necessary to
maintain the advancement of knowledge in NFC research and to identify the progress
of NFC research .In fact, this intermediate level is introduced as NFC technology
which is examined in terms of three major aspects; “Network and Communication”
issuesuch as data aspect, new communication protocols, OTA transactions and the
hardware issue dealing with “Tags, Antennae, Reader and Chip”, “Privacy and
Security” issuesuch as authentication, vulnerability, availability,
confidentiality,authorization, integrity, non-repudiationwhich focus on developing
design artifact rather than behavioral issue. This is positioned with pre-defined
business related with to existing ecosystem, technology infrastructure, and ap
 Electronic payments can be done using contactless transactions by making use
of NFC enabled devices.
 E-bills can be generated and stored in the initiating NFC enabled phone, thus
making paper less
 Increased portability of carrying single device for various transactions.
 Three pass Authentication Sequence
 The RWD (Read Write Device) specifies the sector to be accessed and chooses
key A or B.
 The card reads the secret key and the access conditions from the sector trailer.
Then the card sends a random number as the challenge to the RWD (pass one).
 The RWD calculates the response using the secret key and additional input.
The response, together with a random challenge from the RWD, is then
transmitted to the card (pass two).
 The card verifies the response of the RWD by comparing it with its own
challenge and then it calculates the response to the challenge and transmits it
(pass three).
 The RWD verifies the response of the card by comparing it to its own
challenge.