Cashless Banking Architecture

Cashless system architecture is quite similar in most developed countries. This is because of the
similarity in systems that make up the cashless society. It goes to show that the cashless architecture
in developing countries is present in developed countries, however some systems that make up the
cashless architecture in developed countries are lacking in developing countries. For instance, Ugwu
and Epiahe (2014) assert that the cashless architecture in Nigeria involves methods such as mobile
banking, used in various other countries, allowing the electronic transfer of cash and payment of
bills (Mckendrick 2012).

1.2 Cashless Banking Architecture in Developing Countries

According to Krogstie et al (2004) and Jenkins (2008), e-payment methods make up the cashless
structure in any society, by bringing about lower physical cash. Jenkins (2008) asserts that South
Africa, Kenya, the Philippines, and Japan, are dominated by mobile money systems for domestic and
international transactions such as bill payment, payroll deposit, purchases of goods and services
ranging from airtime to bus tickets to micro insurance.
Based on this, Vlad and Tirela (2012) conducted a comparative study using 3 banks in Romania on
methods of payment to banks. Grounded on this study, Vlad and Tirela (2012) assert that PoS (Point
of Sale terminals), ATM (automatic teller machine), mobile banking, personal computers, remote
terminal, Internet and internet banking make up the cashless architecture in Romania. Vlad and
Tirela (2012) reveal the e-banking site which is called "electronic clerk", is implemented by
international banks in Romania.
Similarly, Regi et al (2014) identify ATMs, Internet banking, and mobile banking as agents if the
cashless architecture in India. According to Regi et al (2014), India has achieved “anywhere banking”
through core banking systems, and anytime banking through. “Multiple options have been provided
for making payments, allowing the initiation of online payment through various modes such as Real
Time Gross Settlement (RTGS), and National Electronic Fund Transfer (NEFT).”

Mesfin (2013) studied the cashless architecture in Ethiopia, which apparently is no different from
Romania or India. According to Mesfin (2013), the advent of mobile communication infrastructure in
Ethiopia brought about the wide use of mobile banking, ecommerce, e-payments, and smart money,
thereby aiding the cashless society and the country’s economy at large.

1.3 Cashless Banking Architecture in Nigeria

Cashless banking concept lies on e-banking (Adewale and Afolabi 2013), which according to James
(2012) is globally popular. However, James (2012) further argues that e-banking is not popular in

1
developing countries, including Nigeria. Adewale and Afolabi (2013) disagree with James (2012) on
this argument, and are of the opinion that “technological advancement keeps broadening the
frontier of possibilities in all human endeavors and thus more e-banking services are being
developed and introduced.”
According to Adewale and Afolabi (2013), the cashless architecture in Nigeria is built on the use of
Mobile banking (M-banking), Video banking, Fund Transfers, e-payments, POS, ATMs, and Cards, all
of which are agents of e-banking. The difference in findings by Adewale and Afolabi (2013) and
James (2012) could be as a result of time difference due to the technology advancement
retrospectively to time. It is possible that e-banking became widely popular in Nigeria in 2013,
compared to 2012. Adewale and Afolabi (2013) further argue that ATM is however the most popular
e-banking service in Nigeria.
Obodoekwe et al (2014) traces the electronic revolution in Nigerian banking sector back to the
1990’s, with the introduction of ATMs by a commercial bank in the country. Nzoha (2004) has similar
opinions, tracing the e-payment system in Nigeria back to the introduction of ATM. However, Nzoha
(2004) acknowledges other facets of cashless society, such as Point of Sale (Pos) terminal, PC (home/
office) Banking, Mobile banking, Electronic currency, and Electronic commerce (e- commerce).

Oyewole et al (2013) and Oginni (2013) also disagree with James (2012). Similar to Adewale and
Afolabi (2013), Oyewole et al (2013) also conceptualizes the cashless architecture from e-payment
systems, viewing the cashless structure from functions such as mobile payment, e-banking, e-
money, online banking, internet banking, e-finance, e-broking, and the likes. Oginni (2013) includes
the use of credit cards, automated teller machines, debit cards, stored value cards, and mobile
wallets as well, like Snellman et al (2001)

Similar to Adewale and Afolabi (2013) and James (2012), Obodoeze et al (2012) is also of the opinion
that the structure of the cashless society is dependent on e-payment methods. Obodoeze et al
(2012) identify certain stakeholders involved in the Nigeria cashless and electronic payment system.
These stakeholders include:
 Consumer or customer;
 Switching Companies (E-payment processors such as Interswitch and ETransact);
 Card processing companies (such as ValuCard);
 Merchants or retailers;
 Mobile Money providers (Mobile Payment Providers);
 Commercial Banks, and;
 The financial regulatory agency (the Central Bank of Nigeria).

2
Adewale and Afolabi (2013) contributes to this, by identifying six licensed payment terminal service
providers (PTSPs) that support and maintain point-of-sale (POS) terminals in Nigeria. They include:
 ITEX;
 Value Card;
 ETOP;
 Paymaster;
 City Serve, and;
 Easy Fuel.
All terminals are equipped to accept payment for any type of card, including Verve, Genesis, Master
Card, and Visa (CBN, 2012).
The stakeholders identified by Obodoeze et al (2012) and Adewale and Afolabi (2013) directly or
indirectly impact the cashless architecture. However, Ayo and Ukpere (2010) opine the best
classification to be according to how the e-payment systems are used for business transactions. This
is by:
 Business-to-business (B2B), and;
 Business-to-Customer (B2C).
According to Ayo and Ukpere (2010), “business-to-business (B2B) transactions mostly involve Bank-
to-Bank electronic fund transfer (ETF) and Electronic Cheque Clearing System (ECCS) while Business-
to-Customer (B2C) transactions involves the use of payment terminals by consumers/customers
such as Point-of-Sale(PoS) terminals, Mobile payment terminals, Mobile/Internet Banking terminal,
Automated Teller Machine (ATM) terminal and Online Merchant portals/ecommerce shops.”

Obodoeze et al (2012) illustrates the cashless architecture in Nigeria using figure 1 below. According
to Obodoeze et al (2012), “E-payment switching is handled by the switching companies (e-payment
processors) such as Interswitch and ETransact while the Mobile payment providers, authorized by
CBN, handle electronic payment such as ePurse, eMoney, and Pocket Money provisioning using the
Telecommunication platforms (GSM) and electronic switching by the switching companies.”

3
Figure 1: The Current Cashless Architecture in Nigeria. Source: Obodoeze et al (2012)

Obodoeze et al (2012) further describes the cashless architecture, stating that the Nigerian
electronic payment structure is based on five major models of payment. Figure 2 to 6 below
illustrate these models and how they function. According to Obodoeze et al (2012), it is necessary to
understand these models in order to solve problems of security challenges and vulnerabilities
associated with electronic transactions and payments.
Obodoekwe et al (2014) described the cashless system using cards, by stating that “Users are issued
with a card. The electronic purse is topped up using revaluation terminals. A range of terminals are
now available including coin & note, credit card or payroll deduction terminal. Simply by inserting
the card into a revaluation terminal and following the instructions given, money is added onto the
electronic purse on the card. The card then replaces your wallet or purse when paying for goods at
both vending and catering facilities. Card readers are installed at all Points of Sale (e.g. vending
machines, restaurant tills, coffee bar till, staff shops). Instead of juggling with cash at the Point of
Sale, the card is inserted into the reader and the total sum of the purchase is quickly and accurately
deducted from the card.”

4
Figure 2: E-payment model using Point of Sale (POS) terminal. Source: Obodoeze et al (2012)

Figure 2 illustrates the E-payment process where a consumer pays the merchant using a Point of Sale
(PoS) terminal, using the debit or credit card issued by the bank

Figure 3: E-payment model using ATM terminal. Source: Obodoeze et al (2012)

Figure 3 shows the transaction process for making payment to a customer, using an ATM terminal
installed in banks’ premises, using a bank issued credit or debit card.

5
 Figure 4: E-payment model using card to pay at online ecommerce shop. Source Obodoeze et al (2012)

Figure 4 illustrates an online transaction process, where a customer uses a bank issued credit or
debit card to make payment to a merchant at an online ecommerce shop or portal, interconnecting
switching platform and bank server.

Figure 5: e-payment model of electronic fund transfer (EFT). Source: Obodoeze et al (2012)

Figure 5 illustrates the e-payment model involving bank to bank Electronic Fund Transfer (ETF) and
Electronic Cheque Clearing system(ECCS), for businesses or customers to pay each other, connecting
a switching platform and two bank servers. According to Ugwu and Epiahe (2014), “A bank’s core
banking system, the system that houses the customer’s account and related transaction
management and history, would require a means to translate banking instructions, received from
customers, through one of the bank channels such as ATMs or the internet, into a format that the

6
core banking system can process. Such translation can be performed by ETF channel switch which
switches transactions from the channel to the appropriate area within the core banking system.

Figure 6: .E-payment model using Mobile payment platform: Obodoeze et al (2012)

Figure 6 illustrates the E-payment model using mobile payment platform, allowing a consumer with
e-money with an e-money provider (third party), pay a business or businesses with e-cash converted
to funds in the bank using electronic switching to switch E-cash to cash in the bank. According to
Ugwu and Epiahe (2014) mobile banking is now widely implemented in Nigeria, following suite with
ATM and Internet banking. Kumar et al (2010) expatiates on this, stating that mobile banking
involves the use of mobile phones, Personal Digital Assistant (PDA), and non-bank retail agents.
Okoegwale (2012) explains that mobile banking is just an expansion of existing payment
infrastructure of a bank to mobile phone as a channel for the leveraging of the mobile network and
its reach, to deliver banking services.
Anyasi and Otugbu (2009) opine that mobile banking is made available in Nigeria to customers
through client-side applications (applications that reside on the consumer’s SIM or on the actual
mobile phone device) and server-side applications (applications developed on a server away from
the consumer mobile phone or SIM card). Client-side technologies include J2ME and SaT while
server side technologies include USSD2, IVR, SSMS and WAP.

7
1.4 Security Structure
According to Ganesan (2009), security is a big issue with the cashless system. It is a crucial
requirement of the system due to the fact that financial information is sensitive, and that these
systems transmit travel over untrusted networks where it is essentially fair game for anyone with
local or even remote access to any part of the path followed. The security is required for dual
purposes. They are:
i) to protect customers' privacy
ii) to protect against fraud.
According to Alfairuz and Renaud (2010), the threats posed to users by the cashless structure can
hardly be curbed by traditional methods. These threats include brute force password cracking,
phishing, sniffing, active man in the middle attacks, and session hijacking.
However, Alfairuz and Renaud (2010) opine that methods such as one-time-password and multi-
channel authentication work better than other methods in protecting users online accounts, but are
still prone to attack.
The security of cashless agents can be ensured with secrecy and authentication. Contrary to
Al-fairuz and Renaud (2010), Ganesan (2009) asserts that cashless security must ensure not only
authentication, but also confidentiality, integrity, and nonrepudiation, which means it, must ensure
that only qualified people can access an Internet banking account.
Yang and Shieh (1999) describe authentication as the process of confirming someone’s identity,
based on factors such as acts, characteristics, behaviors, or knowledge known both to the claimant
and the verifier.
Alfairuz and Renaud (2010) agrees with Yang and Shieh (1999) on the classification of these factors
into: knowledge based (KBA), token based (TBA), and biometrics based (BBA).
According to Jorsthard and Thanh (2007), knowledge based authentication is the most common
authentication approach, due to simplicity in implementation, and according to Piper et al (2005),
low cost to administer.
Token based authentication on the other hand is based on tokens possessed by the user. Unlike the
knowledge based authentication it does not depend on the customer’s memory, but on the owner’s
ability to prove ownership of the token.
According to Renaud (2004), Biometric authentication however, is based on psychological and
behavioural biometrics of the customer to authenticate users. According to Kent and Millet (2003),
“it relies on matching patterns of user characteristics or behaviours that are unique and
distinguishable, and assumes that similarities of these characteristics or behaviours cannot be found
in two or more users, beyond a reasonable threshold of doubt.”

8
Multichannel authentication is said to be the best way of ensuring cashless security. Multilevel
security is however different from multi-channel authentication. Multi-level authentication requires
an additional step to restrict applications within the system. Multichannel authentication however
involves the use of one or more security method such as passwords, passphrases, and PIN numbers
to authenticate users. The difference is illustrated in figure 1 below.

Figure 7: Multi level versus Multi channel authentication Source: Al-fairuz and Renaud 2010

Figure 1 demonstrates that in multilevel authentication, only one channel is used for different levels
of authentication. This means that if the channel is compromised, all exchanged tokens can be
compromised accordingly. Unlike single channel authentication, Multi-Channel Authentication
provides protection against most real-time attacks including MITM/B, RTP/P, and malware.

In theory, multi-channel authentication offers superior security over single channel authentication
approaches. That is, for an attacker to compromise user account, different independent channels
have to be compromised first before gaining full access to the user account. Nonetheless, improper
implementation of multi-channel authentication could lead an attacker to manipulate details/factors
exchanged by one channel to successfully take over the user’s account or authorize transactions on
behalf of the legitimate user.

Figure 2 depicts a general view of how the proposed multichannel authentication should be
implemented (especially in eBanking). However, there will be some variations between one
application and another, depending on the business needs and security level requirements as
discussed in the previous section.

9
Figure 8: Multi Channel authentication architecture. Source: Al-fairuz and Renaud 2010

The structure above suggests that multi-channel authentication should be implemented on a

multilevel structure. A user should be able to carry out basic functions throughout the web
application by logging in using traditional authentication mechanism (e.g., knowledge-based
authentication). At this stage, only read-access is granted

Ganesan (2009) is also of the opinion that in order to maintain privacy and to avoid any misuse of
transactions, it is necessary to follow a secured architecture model which ensures the privacy and
integrity of the transactions and provides confidence on internet banking is stable.

10
References
Adewale, A., and Afolabi, B. (2013) ‘The Cashless Payment System as A Panacea to the National
Security Challenges in Nigeria.’ SSRN Electronic Journal 1-64

Al-fairuz, M. and Renaud, K. (2010) ‘Multi-Channel, Multi-Level Authentication for More Secure
eBanking.’ ISSA

Anyasi, F.I., and Otugbu P.A. (2009) ‘Mobile Phone Technology in Banking System: Its Economic
Effect.’ Research Journal of Information Technology 1 (1), 1-5

Ayo, C. K., and Ukpere, W. I. (2010) ‘Design of a secure unified e-payment system in Nigeria: A Case
Study’, African Journal of Business Management, 4 (9) 1753-1760

Cenbank.org, (2012) Central Bank of Nigeria: The Cash-Less Nigeria Project [online] available from
<http://cenbank.org/cashless/> [15 December 2015]

Chen, Y., Dimitriou, T. D., and Zhou, J. (2009) Security and privacy in communication networks (1.
Aufl. ed.). Berlin, Heidelberg: Springer-Verlag. doi:10.1007/978-3-642-05284-2

Ganesan, R. and Vivekananda, K. (2010) ‘A Secured Hybrid Architecture Model for Internet Banking
(e-Banking).’ Journal of Internet Banking and Commerce 15 (1), 1–11.

James, A. O. (2012) E-Payment and its challenges. Daily Champion, pg., 13.

Jarrett, J. E. (2015) ‘On internet banking.’  The Journal of Internet Banking and Commerce,  20 (101)

Jenkins, B. (2008) ‘Developing mobile money ecosystems’ Washington, Dc: IFC and the Harvard
Kennedy School

Jorstad, I., and Thanh, D. V (2007) ‘The Mobile Phone as Authentication Token’ Telenor ASA

Mckendrick, T. (2012) Mobile phone creating entrepreneurial culture across Globe: Report. [online]
Available from: http://www.smartplanet.com/blog/businessbrains/mobile-phones-creating-
entrepreneurialculture-across-globle-reprot/25383 [15 December 2015]

Mesfin, W. (2012) ‘Mobile Information Systems Architecture for Everyday Money Practice.’
Proceedings of the International Conference on management of emergent digital ecosystems
205–212. [online] Available from
<http://staffs.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwA20DNkhOAU0XmSSngQ4
ztzRKs0wC1mwGqZaGwDhJBXcSPUwDAizdooyckEpzNyEGptQ8UQYpN9cQZw_dxOTc-
ALIkQvxRiamoCuWDMUYWIC94lRxBtY0YOwAaWCJKQ7ULc7AEWHp5WbgbGEI4QrBuHrF4N1Le
oUl4sACGhy5uqZ6BgDVzCWG> [15 December 2015]

Obodoekwe, C. N., Eyisi, A. S., Emengini, S. E., and Chukwubuzo, A. F. (2014) ‘A Critical Analysis of
Cashless Banking Policy in Nigeria.’ IOSR Journal of Business and Management 16 (5), 30–42

Regi, S. B., Anthony, R. G., and Eugine., C. F. (2014) ‘A Study On Impact of Information Technology
(IT) In Modern Banking Sector.’ Golden Research Thoughts 3 (9)

11
Kent, S. T, and Millett, L. I (2003) Who Goes There? Authentication Technologies Through the Lens of
Privacy: National Academies Press.

Krogstie, J., Lyytinen, K., Opdahl, A., Lothe, P. B., Siau K., and Smolander, K. (2004) ‘Research areas
and challenges for mobile information systems.’ Int. Journal of Mobile Communications 2(3)

Obodoeze, F. C., Okoye, F. A., Asogwa, S. C., Ozioko, F. E., and Mba, C. N. (2012) ‘Enhanced Modified
Security Framework for Nigeria Cashless E-Payment System.’ International Journal of Advanced
Computer Science & Applications 3, 189–196. [online] available from
http://ezproxy.idrc.ca/login?url=http://search.ebscohost.com/login.aspx?
direct=true&db=tnh&AN=88271671&site=ehost-live [15 December 2015]

Oginni, O. S., Gambo, J., Abba, M., and Onuh, M. E. (2013) ‘Electronic Payment System and Economic
Growth: A Review of Transition to Cashless Economy in Nigeria.’ International Journal of
Scientific Engineering and Technology 2 (9), 913–918

Okoegwale, E. (2012). ‘Is There Future for Mobile Money in Nigeria’ [online] Available at:
<http://mobilemoneyafrica.com/is-there-a-futurefor- mobile money-in-Nigeria/> [15
December 2015]

Piper, F. (2005) Identities and authentication. Cheltenham: Edward Elgar.

Renaud, K. (2004) ‘Quantifying the quality of web authentication mechanisms: a usability

perspective.’ Journal of Web Engineering 3, 95-123.

Rais, A. I., and Naik, A. A. (2014) ‘Golden Research Thoughts.’ Aygrt.Isrj.Net 3 (12). [online] available
from <http://aygrt.isrj.net/UploadedData/1896.pdf> [15 December 2015]

Snellman J. S., Vesala J., and Humphrey D.B., (2001). Substitution of Non-Cash Payment Instruments
for Cash in Europe, Journal of Financial Services Research, 19 (2/3) 131-145

Ugwu, C. I. (2014) An Exploration on Mobile Banking and Cashless Economy Imperatives in Nigeria . 7
(5)

Vlad, M. P., and Tirela, M. R. (2012). ‘Methods of payment to banks: E-banking. comparative study
on three banks.’  Risk in Contemporary Economy,  1, 285-288. [online] Retrieved
from <https://doaj.org/article/b04f1455e6514bd1a83d25093af451d0> [15 December 2015]

Yang, W. H., and Shieh, S. P. (1999) ‘Password authentication schemes with smart cards.’ Computers
& Security, 18, 727-733

12