Page 216 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 216
ITU-T Focus Group Digital Financial Services
Technology, Innovation and Competition
15 Java applets
15.1 Overview
Icon-based Java applications are being used in a number of DFS implementations around the world. As menus
236
are icon-based, this makes it easier for illiterate/semi-literate users to navigate DFS options presented in the UI.
Technically, small Java ‘applets’ are installed on compatible phones either via Bluetooth or OTA using WAP.
237
The Bluetooth loading method – called ‘sideloading – requires the consumer to have a phone that has
238
Bluetooth and to travel to a DFS agent, who would load the applet onto the phone through Bluetooth transfer.
In the alternative OTA method, the SP simply sends the user a WAP download link for the Java application via
a simple plaintext SMS. The small amount of data required for the OTA applet download to the handset can
be zero-cost rated to the customer by a MNO or SP just for this applet download.
239
Java-based DFS apps are generally more efficient and cheaper to operate than STK access to DFS, since multiple
SMSs for facilitating transactions are usually not required: usually only one MO-SMS and one MT-SMS is
required per transaction. And as Java applets mostly use bank-grade security using encryption up to and
exceeding Payment Card Industry Data Security Standard (PCI-DSS), each transaction and maintenance
240
SMS message is encrypted with a unique set of keys. Using Java applets, SPs are not reliant on an MNO for
241
access, since no special MNO gateways are required. However, there is limited mass-market discovery and
penetration because of the need to load the applet onto a phone.
15.2 Country examples
India
State Bank of India’s uses a secure Java-based DFS application on a feature phone.
Nigeria
GT Bank uses a secure Java-based DFS application on a feature phone. 242
236 Java is a programming language and computing platform first released by Sun Microsystems in 1995. It is the underlying technol-
ogy that powers state-of-the-art programs including utilities, games and business applications. See Java (2011) FAQ: Mobile Java,
available at http:// goo. gl/ Lo SFO.
237 This method is similar in principle to a smartphone app, but running on a less sophisticated type of handset operating system.
Many feature phones will have sufficient storage for this.
238 The process of transferring data between two local devices.
239 Zero-rating of the data cost of an application download and/or its use on a mobile network is an emerging trend worldwide. See
Fierce Wireless (2014) Report: 45% Of Operators Now Offer at Least One Zero-Rated App, available at https:// goo. gl/ jF0mw9. The
small data cost can be reverse-billed, such that the DFSP is charged by the MNO for the data required for the download to the
customer.
240 PCI DSS is a proprietary information security standard for organizations that handle branded credit cards from the major card
schemes including Visa, MasterCard, American Express, Discover, and JCB.
241 As the transaction server and Java application is supplied by one vendor, the entire system may be dependent on that vendor
however.
242 Available for download at https:// goo. gl/ kGmM82
192
