Hey Britain, want to link your mobile to your BANK ACCOUNT?

OK, but what if it meant Visa and pals didn't get paid...


VocaLink, not content with processing 90 per cent of UK salaries and almost all of the DWP's benefits payments, has launched a payments platform to turn mobile phone numbers into bank account keys.

The company's Zapp system is targeted at merchants who want to take payments without having to muck about with cards, and banks who are bored of paying the Visa and Mastercard cut. Zapp also, critically, comes from a company already trusted by the significant players in the value chain.

Seventy per cent of household billing goes through VocaLink, the company tells us, and as VocaLink provides the infrastructure for BACS (direct debits and credits) that's suprisingly easy to believe.

VocaLink is also the technology behind the Mobile Payments Council - a national scheme to facilitate peer-to-peer payments between banks. That will launch in the UK early next year, allowing services like Barclays' PingIt to address any mobile number and linked current account - but Zapp is targeted at merchants instead.

To use Zapp, the punter clicks the icon on a retailer's site and provides a mobile number: a process which can be automated if the site is mobile. Zapp's servers notify the Zapp smartphone app (provided by the user's bank) which pops up on the punter's phone and asks for authorisation, with an optional PIN authentication stage.

Once authorised, the payment is deducted from the customer's current account and the merchant is notified either directly or, if necessary, using a notification number displayed on the phone's screen for submission to the site. Credit cards are avoided and security enhanced by the addition of a physical factor.

Secure systems generally rely on two factors - something one has, and something one knows. The Chip'n'PIN system is a prime example as it requires possession of a card and knowledge of the associated PIN.

The problem with internet transactions is that all one needs is knowledge of the card details, and even where a password is used it's too easily compromised; a mobile phone offers secure communications and a (mostly) malware-free platform.

Taking payments via mobile is far from original: more than a decade ago websites were offering access to content on production of a password obtained using premium SMS. Without the backing of significant brands, however, it’s always been a niche technology.

The most obvious competitor to Zapp is PayForIt, the operator-backed platform which adds payments to one's mobile-phone bill, or deducts from one's pre-paid balance. in a similar fashion. PayForIt has been criticised for having a clunky interface, but recently improved its usability and remains a leader in the UK field.

Linking a current account to a mobile phone number, just as PayPal links to an e-mail address, is a worthy idea, and will probably happen to the detriment of PayForIt and the mobile operators. The Mobile Payments Council, whose P2P system launches next year with international aspirations, will ensure a good deal of media attention comes to the subject. Zapp's slick presence (really, scroll down to see Web 2.0 in action) will drive more to consider the idea, if they haven't already.

The days of sort codes and account numbers are already ending, with mobile digits being the numbers worth knowing. ®

Similar topics

Broader topics


Other stories you might like

  • US won’t prosecute ‘good faith’ security researchers under CFAA
    Well, that clears things up? Maybe not.

    The US Justice Department has directed prosecutors not to charge "good-faith security researchers" with violating the Computer Fraud and Abuse Act (CFAA) if their reasons for hacking are ethical — things like bug hunting, responsible vulnerability disclosure, or above-board penetration testing.

    Good-faith, according to the policy [PDF], means using a computer "solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability."

    Additionally, this activity must be "carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services."

    Continue reading
  • Intel plans immersion lab to chill its power-hungry chips
    AI chips are sucking down 600W+ and the solution could be to drown them.

    Intel this week unveiled a $700 million sustainability initiative to try innovative liquid and immersion cooling technologies to the datacenter.

    The project will see Intel construct a 200,000-square-foot "mega lab" approximately 20 miles west of Portland at its Hillsboro campus, where the chipmaker will qualify, test, and demo its expansive — and power hungry — datacenter portfolio using a variety of cooling tech.

    Alongside the lab, the x86 giant unveiled an open reference design for immersion cooling systems for its chips that is being developed by Intel Taiwan. The chip giant is hoping to bring other Taiwanese manufacturers into the fold and it'll then be rolled out globally.

    Continue reading
  • US recovers a record $15m from the 3ve ad-fraud crew
    Swiss banks cough up around half of the proceeds of crime

    The US government has recovered over $15 million in proceeds from the 3ve digital advertising fraud operation that cost businesses more than $29 million for ads that were never viewed.

    "This forfeiture is the largest international cybercrime recovery in the history of the Eastern District of New York," US Attorney Breon Peace said in a statement

    The action, Peace added, "sends a powerful message to those involved in cyber fraud that there are no boundaries to prosecuting these bad actors and locating their ill-gotten assets wherever they are in the world."

    Continue reading

Biting the hand that feeds IT © 1998–2022