Financial InclusionStandardization

1

Financial Exclusion

• There are several definitions for Financial Exclusion (perhaps we need a standard even for that)

• Financial Exclusion may be defined as – inability to access mainstream financial services

• Bank accounts• Low cost loans

– lack of reliable financial advice

2

Financial Needs

access to safe, easy and affordable credit and other financial services

foreconomic growth, reducing income disparities

and reducing poverty

3

Supportive Financial Services

Source : RBI

4

Progress in Financial Inclusion

• Accounts with Institutions (2007)(SCBs, RRBs, Primary Agri. Co-op Societies, Urban Co-op Banks, Self-help Groups)

– Savings Accounts 610.20 million (82/100 adults)– Credit accounts 187.10 million (25/100

adults)

• “No-Frills” accounts (Mar 2008)15.83 millions

5

Challenges!

• Enrollment of large numbers • Wide geographic spread• High maintenance costs for accounts• Small ticket size of transaction• Illiteracy and use of vernacular• Product & service pricing• Trust and acceptance• Lack of electricity • Poor telecommunications

6

Salient Features of our RFP

• Proven Technology• Scalable and interoperable system• Contact or Contactless smartcards• Fingerprint image acquisition as per RBI norms• End-to-end Solution (technology and banking

services)

7

Technical Specifications - RFP

• Smartcard– ISO 14443 / ISO 7816– Standard dimension PVC / Polycarbonate Card– DES/3DES (key length 1024/2048)– EMV Compliant– 32 K EEPROM memory– Hold User Certificates, Smartcard OS, Applications,

etc

8

Technical Specification - RFP

• Handheld devices– Integrated system or 2/3 components– ISO 14443 / ISO 7816 and ISO 18092 for read and write

operations– Built-in PKI support– EMV Compliant– Multilingual support– Online & Offline capability– Secured storage and communication– Long hours of battery support

9

Technical Specifications - RFP• Fingerprint Scanner

– Image acquisition at setting level 31 of ISO/IEC 19794-4– Contact area 1 x 1 sq.inch– Min. capture-size 13mm wide x 17 mm high– Pixel density 500 ppi with + 5 ppi– Pixel depth 8 bits– 200 grey levels (dynamic range of scanned image)– Sense live-scan plain finger impression– Strong anti-spoofing features– Protection from ambient light, residual images– Standard for Data-Interchange - ANSI-378– Encrypt fingerprint minutiae with 3 DES– Scanner surface to be resistant to dust, humidity, shocks, electronic discharge,

ambient light, extreme temperatures, etc

10

Responses to RFP

11

Pros and Cons of some Technologies- Source RBI

12

Pros and Cons of some Technologies- Source RBI

13

Smart Card

Smart Card

Reader

POS Terminal

Printer

Biometric scanner

Financial Switch

Backend Banking Server

ISO 7816-4 /

ISO 14443-4

ISO 19794

ISO 8583

GSM/GPRS/PSTN/ LEASED LINE/ INTERNET

FRONTEND SYSTEMS CONNECTIVITY BACKEND SYSTEMS

Architecture suggested by Govt. of AP

14

By introducing standardization in financial inclusion we aim to “Establish, maintain and pursue adoption of standards so as to enable an open and interoperable infrastructure for smart cards, devices and systems that simplifies development, deployment and management of applications across industries”

ObjectiveStandardization

15

Interoperability – flexibility and freedom of choice

• Ability of one application to communicate seamlessly with another

• Ability to mix and match various components from one vendor with those of another

• Ability to interact between one organisation and another

• Ability to transact between different users that do not use same technology

16

Standardization in Applications

Developing Generic Interface for Enrollment for use of Business Agent Customer Bank Officer

End-to-end Transaction handling Application on handheld smart device Application on Switching/Intermediate server Backend Banking software (business logic). Card Management Software Interfaces/integration with existing Core-Banking software.

Card Management Software Generic to any Smartcard Type Generic Card Personalization Lifecycle management of different card types

Standardization in Transaction

ISO 8583 Standard for transaction request and response between HHT and Intermediate server

Cardholder-originated transactions include withdrawal, deposit, refund, reversal, balance inquiry, payments and inter-account transfers. Reconciliation of transactions of BC account and customer account

Standards for checking the validity of the card in HHT and routing of transaction from Intermediate server to other bank server

Standardization in Security

Enrollment station Security of data stored on the system Secured mode of data transmission to server

Hand Held Terminal Authentication of business correspondent & Customer Standards for Fingerprint scanning / threshold of match for authentication of

customer Secure transfer of Data between HHT and smartcard Secure interaction between HHT and Intermediate Server

Intermediate server Security of data

Technology Standardization aspects of Smart cardTechnology Standardization aspects of Smart cardParameter Contact Contact-less

Interface Physical Electrical Contact RF (13.56MHz)

Standard ISO 7816 ISO 14443 A

Deployment (approx) 3 Bn (mature, single digit growth) 1.5 Bn growing at 25-30% CAGR

Applications GSM SIM, EMV Dual Interface cards Ticketing, Id cards, e-passports, loyalty & e-purse, VISA Wave, Master card Pay pass cards

Security Can support DES / 3 DES / AES / PKI Can support Dual Authentication / 3 pass authentication / DES / 3 DES / AES / PKI

External Authentication

Can support Biometrics Can Support Biometrics

Memory <144 KB

OS cards (16 / 32 / 72 / 144 KB)

<144 KB

Non OS (1KB / 4 KB / 4KB DESfire / 8 KB Desfire)

OS cards (16 KB / 32 KB / 72 KB / 144 KB)

OS Native or Java Native or Java

Inter-operabililty Inter operable only if OS is open conforming to JCOP 2.2 (java card 2.1 & Global platform 2.1.1) specifications

Advantages Incumbent card for banking applications globally

Chosen by global banks for credit/debit micro payment cards of the future (EMV Contact-less specs available)

Suitable for Dust, Humid environment, does not need physical contact with the reader, Need not be in the card form factor (e.g, wrist strap, pendent etc)

Future Proofing Will be replaced by contact-less except may be in SIM cards

Next Generation Mobile Transactions would be based on ISO 18092 standard which is a super set of ISO 14443 standard + security aspects

20

Standardization of Integrated Hand Held TerminalStandardization of Integrated Hand Held Terminal

LCD display Keypad Optical Biometric Finger print sensor

ISO/IEC 19794-4 Contactless Smart Card reader with Mifare, DESFire,

JACOP, SCOSTA Thermal printer Speaker Connectivity (GPRS/CDMA) Support Offline/Online transactions

Improved operational efficiency, reliability and better logistics.

Eliminates challenges in identification of defects in multiple devices.

21

Deployment channel -1Card Many Applications

The smart cards can be used for various purpose like Financial inclusion, Merchant Establishments, Government initiatives like Pension, NREGS disbursement, ATMs, Shopping Malls etc.

ATMs Financial Inclusion

Merchant Establishments

Pension Disbursement

Shopping Malls

NREGP Disbursement

22

Achieving Synergies - Integration

Technology Providers• Service Providers• Chip Manufacturers• Card Manufacturers• Device Manufacturers• Software companies• Application Developers• Systems Integrators

Banking Channels• Smart Phone• ATM• Point of Sale Termnial• Personal Computer• Telephone• Mobile phone• Set-top Boxes• Kiosks

23

Contact details:

N. BHARATH BHUSHAN REDDYDEPUTY GENERAL MANAGERDEPT. OF INFORMATION TECHNOLOGYANDHRA BANK, HEAD OFFICE,HYDERABAD

nbbharat@yahoo.comdgm-dit@andhrabank.co.in

24