GALLEGA

Th anks to the self-regulation carried out under the umbrella of the EPC, two preliminary results have been achieved: fi rstly, a defi nition of m- payments was established, and secondly, three main m-payment business models were outlined, and this helps give an overview of the m- payment ecosystem’s stakeholders and m-payment chain.

According to the SEPA guidelines, the concept of m-payment includes any transfer of funds initiated through a mobile device. It is essential to establish a defi nition of m-payment, because there is no legislative defi nition within the European framework and, in turn, the economic literature tends to swing between more fl exible and stricter defi nitions.

As for the business models, the 2010, 2012 and 2014 White Papers pointed to proximity or contactless m-payments, remote m-payments and mobile wallets blending contactless and remote systems. ⁶

Th ey share the following features:

– Th ey have no value ceiling;

– Th ey represent new forms for entering the payment system but are based on traditional means of payment: card payments, credit trans-fers and, sometimes, direct debit;

– Th ey state that the m-payment user must have already downloaded an application to make his or her mobile device suitable for m- payments and have already made a contract with a payment ser-vice provider to enable him or her to transfer funds through mobile devices.

However, according to the SEPA general principles, not every means of payment is suitable for every kind of m-payment business model and for every party to a payment transaction.

6 See Chap. 2 for further information on contactless and remote payments as well as on m-wallets.

Indeed, mobile contactless business models are mainly consumer-to- business transactions and are traditionally card based. ⁷

In 2012, the second EPC White Paper envisaged mobile card ments to provide business-to-business and business-to-consumer pay-ment transfers, but such labels are to some extent deceptive. ⁸ Indeed, as the 2012 White Paper emphasizes, most of the business-to-consumer payment transactions are refunds initiated by the consumer to send the payment account identifi er to the merchant, while in business-to- business m-payment transactions the payer is actually acting as a consumer but the White Paper gives no further explanation.

In addition, the 2012 EPC White Paper expressly excluded mobile direct debit contactless payments because this means of payment is ini-tiated by the payee, while contactless credit transfer payments are con-templated, applying a hybrid technological model. For example, when a transport ticket is renewed, the payment is initiated as a contactless m-payment, swiping a mobile device at a point of sale, but the funds order is authorized remotely.

Turning now to remote m-payments, ⁹ the SEPA principles are based on card payments and credit transfers, even though direct debit m-payments are not expressly excluded. Th e basic schemes cover business-to-business, consumer-to-business and consumer-to-consumer payment transactions.

Apart from the means of payment used and the status of payer and payee, remote m-payments mostly follow the same set pattern ¹⁰ and this, above all, implies that the benefi ciaries ask for some form of instant or near- instant confi rmation of payment or payment execution certainty. ¹¹

7 In fact, when a purchase agreement is made (or the service agreement is made), the trader will enter the transaction amount on the POS (namely, point of sale) terminal and the payment transac-tion is confi rmed by tapping the mobile device on the terminal: the payment transactransac-tion is per-formed through the default payment card. Th is type of m-payment may also require a double-tap and the use of a personal code to confi rm the payment order. Moreover, the 2012 EPC White Paper outlined a more ambitious plan: setting out consumer-to-consumer card-based m-payments.

8 Consumer-to-consumer SEPA contactless m-payment transactions are not being applied as yet.

Th ey are based on the participation of the payment card scheme.

9 See Chap. 2 .

10 Compare: EPC, White Paper. Mobile Payments, 18 October 2012, p. 30 ff .

11 See EPC, White Paper. Mobile Payments, 18 October 2012, p. 44 ff .

78 G. Gimigliano

Finally, the 2014 EPC White Paper on Mobile Wallet Payments set out the idea of a digital wallet that allows the holder to “access, man-age and use mobile payment services, possibly alongside non-payment applications”, such as information relating to identity cards or digital signatures and certifi cates. ¹²

Apart from the distinction between horizontal and vertical mobile wallets as well as m-wallets hosted by the wallet holder on a commer-cial website or on a secure server, what sounds more interesting is that customers should be allowed to make their payments throughout the European Union by means of their mobile wallet according to the prin-ciple of irrelevance of the country of origin of the fund transfer orders and mobile wallet issuance.

In the end, the analysis of SEPA-based mobile business models shows that:

– Th e “ecosystem” of m-payments is made up of various natural and legal entities and most of them do not belong to the fi nancial sys-tem. In fact, the players involved are not only the payee (consumers or merchants), the payment service providers and the clearing and settlement bodies, but also some others such as the secure element (SE) issuer, the mobile network operator (MNO) responsible for securely routing messages, operating the mobile network, issuing and recycling mobile phone numbers, and the payment gateway provider, namely a trusted third party acting on behalf of the SE issuer and/or the m-payment service issuers to facilitate an open system. Th is list is far from being closed. Such an “ecosystem” natu-rally raises the issue of regulatory consistency between the sources of law applied. In legal terms, the critical point is how to allocate responsibility among them for the execution of the payment trans-action. Th is issue is all the more critical when the MNO enters into an agency or outsourcing agreement with the payment service provider;

– Th e above-mentioned m-payment transactions are based upon a transaction account or, in other words, a contract has been made

12 EPC, White Paper. Mobile Wallet Payments, January 2014, p. 16.

between a user and a fi nancial institution, either by credit, payment or electronic institutions. Th is means that telcos and MNOs per-form only the task of data carrier and, therefore, the institutional framework for payment service providers will be regularly applied.

Reference is mainly, but not exclusively, made to the PSD, PSD2 and e-money directives;

– Alternatively, telcos and MNOs could enter the relevant market as a payment service provider and, accordingly, apply for authoriza-tion as a credit instituauthoriza-tion, payment instituauthoriza-tion or e-money institu-tion, or indirectly by establishing a fi nancial subsidiary within the EU;

– SEPA business models are based entirely upon traditional means of payment. Th is implies that, (i) SEPA rule books on credit transfers and direct debit, as well as SEPA standards on card-based payments are applied, and (ii) PSD (and PSD2) provisions on the rights and liabilities of the contracting parties, in particular on the authoriza-tion and the execuauthoriza-tion of payment transacauthoriza-tions, are applied as well.

Finally, SEPA principles leave any m-payments based entirely on MNOs outside the scope of self-regulatory activity. Th is is the case for telcos and MNOs that do not simply perform the task of data transporting, but allow their customer to use pre-paid balances for third-party payments too. Th erefore, the “banks would be no longer involved in the consumer-to-merchant or in the consumer-to- consumer side of the payment.” ¹³ One wonders whether telcos and MNOs should be authorized as credit institutions, payment institu-tions or e-money instituinstitu-tions. In addition, it should be established whether the Community-based institutional framework for pay-ment services is to be applied to the paypay-ment services they provide.

In the following paragraph, the chapter investigates the European insti-tutional framework for payment services, paying close attention both to

13 Malte Krueger, “Th e Future of M-payments: Business Options and Policy Issues.” Electronic Payment Systems Observatory, Institute for Prospective Technological Studies, Joint Research Center, European Commission, Report EUR 19934 EN, August 2001, 18. To download from epso.jrc.es/Docs/Backgrnd-2.pdf.

80 G. Gimigliano

PSD and PSD2 being prepared for publication in the Offi cial Journal of the European Communities. Th e goal is to ascertain whether m-payments may be subsumed under the concept of payment service and e-money when telcos and MNOs behave either as mere carriers or providers of third-party payments. Indeed, within the European institutional frame-work, the concepts of payment services and e-money are based upon rules and regulations aiming to protect customers’ funds, the soundness of payment service providers and the proper functioning of the payment system.

The Institutional Framework