Federated Telco Billing: The Next Wave in E ... - Liberty Alliance

W W W . P R O J E C T L I B E R T Y. O R GCase Study:Federated Telco Billing: The Next Wave in E-CommerceThe CompanyeBIZ.mobility was established in 2003 to provide a uniquedigital content payment processing solution for telcos,Internet service providers, and digital content providers thatis suited to the “open garden” model of consumer Internetbrowsing. The company’s mission is to enable mobile andlandline network operators, Internet service providers, andcontent providers to profit from payment processing bygiving them the capabilities to offer their own customers asecure and convenient way to buy digital content online--from anywhere--via any electronic medium.ApplicationBusiness-to-Consumer, Consumer-to-ConsumerChallengeWith the proliferation of mobile devices and the potentialof anytime-anywhere commerce there has been a steadyrise in interest among retailers, banks, vendors, paymentnetworks and mobile network operators in participatingin the digital content payment market. But there has beenno interoperator standard for handling online digitalcontent transactions in a secure and cost-effective mannerfor computers and mobile phones.“The federated identity standard providesa template for protecting user informationand thereby encouraging online usageand commerce. In order for the multipleplayers in the mobile value chain to reachtheir revenue potential around micropayments,low cost digital content has tobe monetized and identity informationprotected. For this reason, eBIZ.mobilitychose to model its innovative onlinepayment solution on the Liberty Alliancespecifications.”Jeremy KaganCEO, eBIZ.mobilityThe SolutioneBIZ.mobility has developed a federated payment processing solution where purchases made over PCs or cellulartelephones are charged directly to telecom or ISP invoices. Their product, OneTouch On-line Purchasing, is builtto support micro-payments (even purchases less than $1) for digital media and content, like coupons, games,dating, ring tones, music and video downloads. Their solution was developed based on proven technology using theLiberty Alliance/SAML federated identity standard.“The federated identity standard provides a template for protecting user information and thereby encouragingonline usage and commerce,” said Jeremy Kagan, eBIZ CEO. “In order for the mulitiple players in the mobile valuechain to reach their revenue potential around micropayments, low cost digital content has to be monetized andidentity information protected. For this reason, eBIZ.mobility chose to model its innovative online payment solutionon the Liberty Alliance specifications.”OneTouch is similar to PayPal except that with OneTouch, purchasers do not need to open another account withanyone: Purchasers only register once with their preferred online provider with whom they already have a service/billing relationship and do not have to enter credit card details with multiple online retailers. With OneTouch,only the service provider or phone company is aware of the purchaser’s identity, thus creating a more secureenvironment. Content providers and online retailers also benefit by offering the convenience of OneTouch paymentto the rapidly expanding base of subscribers to service providers.“We see OneTouch filling a void and as a way to kick-start the mobile commerce industry,” said Gershon Kagan,eBIZ.mobility’s CTO. “It represents a real-time bridge between different entities that do the billing for the customerand can also handle payments to the merchants.”

W W W . P R O J E C T L I B E R T Y. O R GIn this model, the Liberty Alliance specifications provide a clear, intuitive, and universal approach to satisfyingthe industry need to maintain a consumer’s privacy while not impinging on the consumer’s ability to transactbusiness in the expanding “open garden” markets of the Web. And this is why eBIZ.mobility modeled its FederatedPayment System, which is the technology behind OneTouch, on the Liberty Alliance specifications.Building Validated Sources of Revenue for Mobile and VOIP ProvidersMost phone service providers’ primary revenue source is through their monthly subscription model: they chargetheir customers an XYZ fee a month and that’s it. Some garner additional revenue for long distance. But they oftenfind themselves stuck when it comes to creating new sources of revenue.OneTouch opens up a new revenue source because it enables subscribers to charge small items to their phone bill,privately and securely. Voice Over IP (VOIP) companies, for example, have been among the early adopters of thisservice because it provides them a way to get into both the ring tones business and online payments business,both of which are huge.The Tower Group predicts that by 2009, digital content is going to generate more than $11 billion a year. “If youlook at credit card processing as a gauge, most credit card processors usually charge a 3 percent processing feeplus a minimum fee. What’s 3 percent of 11 or 12 billion dollars?” asked Gershon Kagan.The Walled Gardens are Coming DownAccording to Vodafone UK and Orange UK, in June 2005, 70percent of the content that customers consumed throughtheir networks was not bought through them--meaningcustomers were going out to other sites and to third parties,buying content and then downloading it to their mobilephones. The mobile network operator is quickly followingin the footsteps of landline telcos in becoming merely aconsumer’s access pipe to the WorldWide Web.This trend is going to continue to grow for two key reasons:1) The disintegration of SIMPAY, sparked by T-Mobile’s mid-2005 decision to embrace the Open Internet with afully unrestricted browser available on their handsets. TheSimpay Alliance was established in 2003 specificallyto solve this problem. Its collapse less than 18 months laterin mid-2005 created a vacuum in a hot space thatis now wide open. Banks don’t seem to want to play andoperators seemingly can’t get it together.2) Regulatory pressure on network operators to remove anyblocking of or restrictions on consumers’ accessto browsing the Web, as seen in the latest US TelecomRegulation working its way through Congress. This meansthat network operators or service providers cannot forcetheir customers to remain a captive audience to theirportals. Consumers increasingly demand full browsingaccess, and they will use service providers that give themwhat they want.“I remember researching the Liberty Allianceway back before Radicchio joined in andI’d always felt positive about the LibertyAlliance. I think it’s the right idea. Theability to have different Circles of Trust,and to use that in an effective way, is justgoing to continue to become more andmore popular.”Gershon KaganCTO, eBIZ.mobility

RequestDownloadW W W . P R O J E C T L I B E R T Y. O R GOn-line DigitalContent ProviderRingtonesGamesVideo ClipsMusicWalled Garden PortalsDigital Content Available PortalsRequestBrowse, Purchaseand Bill to AccountPurchaseOn-line DigitalContent ProviderWorld Wide Web Digital ContentWithout OneTouch, consumers can either buy the subset of online contentthat is available through their portal, or expose their credit cards onlineDefinition of TermsCircle of Trust (n) 1. a trusted groupof identity and service providerswho share linked identities and havepertinent agreements in place2. where an individual or a businessinputs a password once and minimalnecessary credentials are sharedamong the Circle of Trust’s members3. a step strongly linked to federation,where multiple entities are involved,and there are business, policy andtechnical relationships in place 4. alsoknown as “trust circle”On-line DigitalContent ProviderPortalsBrowse, Purchaseand Bill to AccountOneTouchPayement ProcessingFederation (n) 1. an associationcomprising of any number of serviceproviders or organizations 2. amodel based upon trust in whichuser identities and security areindividually managed and distributedby the service providers or memberorganizations 3. where the individualorganization is responsible forvouching for the identity of its ownusers and the users are able totransparently interact with othertrusted partners based on this firstauthentication 4. resembles the creditcard model in that vendors accept anindividual’s ability to pay and thenthat ability is authenticated/verifiedthrough a single locationPurchaseOn-line DigitalContent ProviderWorld Wide Web Digital ContentWith OneTouch, payments are simpler as consumers have complete freedomExploding Digital Content Market Requires New PaymentProcessing MethodsCurrent payment methods (mostly credit cards) are inadequate for micropayments.The under-18 crowd, comprising the majority of content buyers, do not have creditcards, and the over-18 consumers are still reluctant to use their credit cards topurchase digital content from unknown merchants for fear of identity theft andother fraud. Industry reports confirm the fact that: “They look but they don’t buy!””Content providers despise traditional payment methods due to the high servicefees charged by credit card companies and service providers for processingmicropayments,” explained Jeremy Kagan. “They also suffer from significantID-DAP (n) 1. a well known protocolfor looking up information. ID-DAPenables an entirely new businessmodel wherein an application canaccess information about a principalknown only by their federationpseudonymIdentity (n) 1. the most basicelement in a high value relationship 2.the individual characteristics by whicha person, business, business partner,government agency or other entity isrecognized or knownIdentity Provider (IdP) (n) 1. aservice that authenticates identity;often a trusted party such as a bank,mobile operator, or an Internet ServiceProvider (ISP)

W W W . P R O J E C T L I B E R T Y. O R G‘revenue leakage,’ meaning lost revenues due to one-sided accounting by serviceproviders, and it is hard to dispute absent objective transaction tracking by anindependent entity.”The Kagan Brothers note that telcos and mobile operators are losing alucrative revenue stream with the collapse of their artificial restrictions on theirsubscribers’ ability to purchase content anywhere on the Web through their“Walled Garden” portals. Their only hope to continue receiving some revenuefrom digital content purchases is to use their existing billing infrastructure toprovide reasonably priced payment processing services irrespective of the sourceof the content.“They’ve told us that they want to be able to sell Web content and to make aprofit from payment and processing from customers going to places like NationalGeographic.com or Barbie.com,” explained Gershon Kagan. “That’s whereour fully interoperable bridge comes in. It bridges between any billing providerlike a VOIP or mobile operator and the world of content, the world of theonline merchant.”Verification and AccessOneTouch provides an age verification capability as well. How it works is simple:Customer information is held by the billing entity--so that when someone signsup for telephone service, the billing entity--the telco--gets his/her address, bankaccount and often social security information.The age verification feature allows parents to exercise effective parental controlassuring that their kids are downloading only “age-appropriate” content,and to set and enforce spending limits for kids. It does not change the kids’downloading experience. Its presence is completely transparent, and does notadd any extra steps to the purchasing process for allowed content. Once set,the age verification controls are enforced automatically in real time on everytransaction.“We can provide the age verification information to the merchant in real timewithout knowing anything about the customer,” said Gershon Kagan. “Via anapplication in Liberty federated identity, the telephone operators aren’t liablefor problems associated with minors getting into trouble, because we’ve alreadyaccounted for the age of the consumer in our private, secure system.”Definition of TermsID-MM7 (n) 1. MM7 is a specificationthat has been long used by operatorsfor relaying MMS and SMS traffic.ID-MM7 enables an entirely newbusiness model wherein the contentproviders know their subscribers onlypseudonymously – thus providingunprecedented ability to thwart spam,identity theft and fraudMM7 (n) 1. a protocol standardizedby the 3GPP to allow the delivery andsubmission of messages betweenvalued-added Service Providers andmobile operatorsMobile Web Services (n). 1. whereWeb Services technologies exposeand integrate the value it holds inthe mobile domain 2. an opportunityto lower integration costs betweenoperators and content partnersService Provider (SP) (n) 1. afederation partner that providesservices to an end user; serviceproviders typically do not authenticateusers but instead requestauthentication decisions from anidentity providerSingle Sign-on (n) 1. having thecapability of accessing an onlinesystem once and having thatauthentication honored by othersystem entities, often serviceproviders 2. sometimes called SSOBuilding a Circle of TrustBy deploying a federated identity model or Circle of Trust, OneTouch eliminates the possibility of identity theft. Inthis model, no identity information is being transmitted in order to affect a transaction.A consumer who wants to buy a set of ring tones on a OneTouch enabled merchant, simply types in their OneTouchpassword. The order--without any identity information--is routed to the telco or billing entity, and the transactionis done.“As a consumer you are setting up a Circle of Trust with the telco as your identity provider,” explained GershonKagan. “Your billing provider is whom you trust. That merchant isn’t necessarily someone you trust and you neverhave to provide them with any identity or credit information. You pick who you want to deal with and then you cantransact with them securely.”According to the Kagan brothers, telcos make ideal billing partners because customers trust them and becausetelcos have a long history of deploying systems that are in the business of charging people for small increments liketen cents. “This is very different from credit cards, which traditionally have trouble billing for items below a certainamount,” said Jeremy. “Micropayments represent a win-win for telecom billng. They have the systems in place. Themarket is there and it’s cost effective for them and not for a credit card company.”

W W W . P R O J E C T L I B E R T Y. O R GServiceProvider BServiceProvider AServiceProvider CServiceProvider GServiceProvider DServiceProvider FServiceProvider EThe Potential for Federating Other ApplicationsMicropayments represent just the beginning. Person-to-person money transfers, bill payments, and other kinds offinancial transactions via the phone may be available in the not-so-distant future.“Federated identity is used as the underlying concept for the OneTouch application,” said Gershon Kagan. “The sameinfrastructure can serve as a platform for a variety of future identity-management-based applications in banking,private network access, and others.”Consumer Benefits• Single sign-on to multiple merchants using the same login/password• Uniform single button purchasing from any electronic medium (PC, Mobile, etc.) anywhere in the world• No need to provide credit information to multiple unknown merchants, so increased security• No need to subscribe to any additional payment service (such as PayPal)• Privacy ensured through use of an anonymous alias to buy content• Safety from identity theftTelco and Service Provider Benefits• Additional revenue generated through existing infrastructure• Increased customer loyalty and reduced churn• Profit opportunities with off-portal content providers• Robust Age Verification that gives service providers the ability to enforce age limitation regulations on digitalcontent in real timeMerchant (Content Provider) Benefits• Significantly expanded customer base• Higher revenue share• Increased sales

W W W . P R O J E C T L I B E R T Y. O R GAbout the Liberty AllianceThe Liberty Alliance Project (www.projectliberty.org) is a global allianceof companies, nonprofit and government organizations developing openstandards and business, policy, and privacy guidelines for federatednetwork identity. Federated identity offers businesses, governments,employees and consumers a more convenient and secure way to controlidentity information, and is a key component in driving the use of e-commerce, personalized data services and identity-based Web services.Liberty specifications are deployed worldwide by organizations that includeAmerican Express, AOL, BIPAC, General Motors, Fidelity Investments,France Telecom, Nokia, NTT, and Sun Microsystems. Membership is opento all commercial and noncommercial organizations. A full list of LibertyAlliance members, as well as information about how to become a member,is available at www.projectliberty.org.Email: info@projectliberty.orgTelephone: +1 (732) 465-6475 (8:30am-5:00pm EST )Facsimile: +1 (443) 647-0099