Swing-Pay – One Card for all P2P Payments Using Biometric Authentication
Prelation of payment technologies is increasingly improving the quality of people’s life all across the globe. Emerging innovative payment solutions are creating not only opportunities, but also challenges for the future of the global financial system. Being a swift and convenient payment method, contactless payment technologies are gaining wide acceptance, especially amongst merchants for whom throughput is the most important concern. Nonetheless, contactless payment technologies are rather risky to issuers, given the fact that there is currently no robust customer verification method, which has fueled quests to create a reliable, organized, efficient and secure universal payment system which can promote smooth functioning of the financial markets via elimination of scratch in business.
Swing-Pay is a new module that can enable communication between two cards via the Near Field Communication (NFC) technology to transfer funds from the payer’s bank account to the payee’s bank account using digital methods. This new module omits the need for cash and also serves all needs for identity verification. Implementation of Swing-Pay plots the path for a cashless system that relies on card-to-card financial transactions. Swing-Pay utilizes GSM networks to establish communications between banks and biometric authentication is deployed to intensify the security of the module. The creators of Swing-Pay introduced the module via a paper that was just published and included a prototype of a digital card to be used with the module which can also be used as a virtual identity card that accumulates all the data of all identity cards including passport, driving license and voter ID.
Swing-Pay – The Proposed Device Module:
Swing-Pay is envisioned to adapt to almost all payment methods. As shown in the below figure, Swing-Pay is comprised of the following components:
2- NFC modules
3- Fingerprint scanner
4- E-ink display
5- GSM module
6- Capacitive buttons
7- Power supply module
An Arduino Due board was used, as it has a 32 bit Atmel SAM3X8E ARM Cortex-M3 CPU, extended SPI support, 4 hardware serial ports and 512 KB SRAM. An Elecrow NFC shield was used due to the fact that it supports peer-to-peer (P2P) communication along with Type A and Type B ISO14443 protocols. The Capacitive fingerprint Sensor (FPC-AM3) is used courtesy of Fingerprints Cards, Sweden. The Swing-Pay module is comprised of two parts; the FPC1011F3 Area Sensor and the FPC2020 processor. The FPC1011F3 represents a CMOS fingerprint sensor, that shoots images using 256 gray scale value for each pixel. The FPC562020 represents a power efficient ASIC that utilizes the Serial Peripheral Interface (SPI) bus to communicate with FPC1011F3. Fingerprint data is stored on an external flash memory card for verification purposes.
P2P Financial Transactions Via Swing-Pay:
According to Swing-Pay’s protocol, money is transferred directly from the payer’s bank account to the payee’s bank account. Swing-Pay’s protocol establishes connection amongst 3 system players; the hardware module, the bank and the cloud server. The hardware module interacts with the cloud server, which would then interact with the bank’s server to execute the transaction. When an individual uses Swing-Pay for the first time, he/she has to create an account on the cloud server and will be assigned a unique ID after completing registration. All of the user’s info including bank name, routing number, banks account…etc, will be encrypted, stored and associated to the registered account. During registration, a user’s info is validated via means of a One Time Password (OTP). SMS, rather than GPRS, can be used to establish communication with the cloud server to minimize the system’s power consumption.
NFC’s P2P functionality can be utilized to establish communication between two Swing-Pay modules. An Arduino targeted library, which relies on the NDEF, promotes communication between the NFC module and android smartphones via the LLCP and SNEP protocol. For the Swing-Pay prototype, presented in the paper, the library is modified so that communication can be established between two Arduino modules. The below figure illustrates Swing-Pay’s communication flow.
The payer will first activate his/her card via his/her finger print, which if authenticated, card activation will ensue. Then, the payer will select the “pay money” option and the destined payee will select “receive money” using Swing-Pay’s module. Afterwards, the payee will authenticate his/her identity via the finger print sensor and taps his/her card with the card of the payer. If the authentication process is successful, the transaction will be executed.