What is UEPS?

 

 

The Universal Electronic Payment System (UEPS)

The first payment system developed using the Funds Transfer System (FTS) Patents is the proprietary Universal Electronic Payment System (UEPS) - it is the first global commercial electronic purse ever launched.

UEPS is a fully integrated method of transacting electronically, with all the benefits of using cash but none of the attendant risks. It can replace all current financial delivery systems such as paper money, coins, credit and debit cards, checks and passbooks.

Utilizing this patented technology, Net1 has developed and implemented a variety of unique systems that open the door for un-banked, under-banked and banked markets in emerging economies worldwide. The UEPS system has been designed to eliminate previous deficiencies encountered in electronic fund payment systems and to improve the lifestyles of its users. The system is user friendly and compatible with all international banking systems.

Whilst fundamental in terms of its social and environmental impact on the population of many of the world’s undeveloped economies, the UEPS technology can make just as powerful an impression on the business models and profitability of first world financial and commercial enterprises.

------------------------------------------------------------------------------------------------------------------------------------------------------------------


The Benefits

Imagine a secure national payment system:

  • With universal reach that represents a utility unhindered by formal telecommunications infrastructures.
  • That manages the flow of funds between consumers, merchants and financial service providers. 
  • That uses cutting edge international technology, protected by global patents.

Imagine convenient, secure cashless transactions:

  • Requiring no online communication infrastructure or authorization procedures. 
  • Protected to eliminate unauthorized abuse. 
  • Incorporating a clear audit trail for tracking, reconciliation and loss tolerance. 
  • Representing the trading power of millions of consumers.

Imagine the impact of endlessly versatile information management systems:

  • Providing a powerful, seamless collection of critical trading data. 
  • Protected and managed by secure technology and easily interfaced with resident systems. 
  • With a user base of millions possessing massive and active spending power.

The UEPS provides all these benefits!

------------------------------------------------------------------------------------------------------------------------------------------------------------------

The Key Features

The UEPS technology includes functionality that allows the following:

  • 10 Digit Offline Loading
  • Multiple Audit Trails
  • Hot Card Files
  • Transparent & Automatic Recovery
  • Continuous Debit
  • 3rd Party System Host Deduction
  • Automatic Credit
  • Online Settlement
  • Offline Settlement – Milking
    (POS & Merchant Card)
  • Interest Calculations

------------------------------------------------------------------------------------------------------------------------------------------------------------------

The UEPS Security System

The Net1 security protocol was designed to prevent opportunistic fraud and enforce the correct transaction flow. The symmetric triple data encryption standard, or DES, is used extensively in association with a native random number generator that ensures that all transactions are performed by using a random session key pair. The DES encryption algorithm can be easily modified to use alternative symmetric or asymmetric encryption algorithms such as the Rivest, Shamir and Adleman or elliptic curves. Each message exchanged during a transaction names both transacting parties, includes unique information to guarantee freshness and depends explicitly on all messages that occur before it.

The security of the system does not rely on the terminal hardware or the communications network that is used to transfer the resulting information. This methodology distinguishes the UEPS technology from all its competitors.

The solution proposed is based on security standards developed by international organizations such as VISA & Master Card which;

  • Focus on the integration of magnetic stripe with smart card technology at the point of sale.
  • Implement security standards which rely mainly on online infrastructures and expensive point of sale terminals which incorporate high speed security modules capable of supporting very cumbersome and resource extensive algorithms such as PKC (Public Key Cryptography) in the form of RSA, DSS etc.

The Net1 solution makes use of a hierarchy of smart cards which fulfill a specific function as in client card, merchant card, agent card, teller card, employer card, a combination of the above, but all of which incorporate a critical portion of the overall security of the system.

Each card in the system has the ability to communicate securely with the card of the next highest level. This is achieved through the following end to end procedure. The end to end procedure can be performed offline - that is between two cards inserted into one single POS device or online when two cards communicate with each other across one or many network types such as public, private, GSM, wireless, satellite, or a combination thereof.

Mutual Authentication
This protocol allows the two cards to create a random session key based on a native random number generator (not pseudo).

This session key will vary for every single transaction in the system and as no clear data is made available to a potential eaves dropper, the protocol cannot be attacked by any form of crypto analysis except for a “brute force attack”. This attack is prevented by limiting the total number of transactions that can be performed by any one card during its entire life cycle e.g. 100,000 card ISO commands.

This number can be divided by two to the power of 56 to determine the potential success rate of an attack on any specific session key. In addition because two 64 bit random numbers are exchanged during this process, the triple DES algorithm can be employed thus increasing the brute force attack sample two to the power of 112. Once the session key has been established it will be modified with every subsequent input or output function to either of the cards. The authentication is thus performed by each card as an intrinsic part of every element of a financial transaction.

Mutual authentication enables automatic recovery to occur in the event of a transaction failing due to hardware problems or the premature removal of either of the client or merchant card. Automatic recovery is a “must have” recovery procedure when offline debit transactions are present in a system. The same mechanism is applied to cater for transaction cancellation, transaction reversal and secure refunds. Key versions can be pre-set within client cards if key changes are deemed to be necessary when compared with the average lifetime of the card and the number of attempts that would be required to break each diversified key set. Each client card contains a loading key, session initiation key and switching and issuer certificate key sets.

These are managed in the same way as described above. The system therefore provides a full encrypted trail for the issuer, acquirer and switching entity. Those certificates are all mutually exclusive and thus no single entity can defraud another by chance or intent. There is no need for any control to secure a UEPS transaction via a public telecommunications network. This is due to the end-to-end protocol as described, which ensures that attacks cannot be performed by monitoring, replaying or modifying any elements of UEPS transactions.

It must be re-iterated that the overall security of the system is controlled through the cards and not the back-end or front-end software. All changes to system security files are logged and reported. Please note that any changes to keys can only be performed through the intervention of at least three parties, one of which normally includes an external auditor. These types of changes are not normally made as they only occur at system inception.

------------------------------------------------------------------------------------------------------------------------------------------------------------------

The UEPS vs. Its Competitors

The UEPS is distinguished from competitor solutions providing cash, check payments, credit and debit card transactions and other smart card based payment services, in the following ways:

  • Little or no technology, and specifically no security is required on the terminal itself thus reducing costs and allowing the effective proliferation of merchant service points.
  • The terminal network can operate with or without the use of any communications infrastructure.
  • The security encryption protocols enable cardholders to receive fund loading instructions from a third party through any insecure communication channel, such as word-of-mouth, telephonically, newspaper or any analogue or digital network.

“Net1’s commitment to ongoing technological innovation and product development will ensure that it remains a world leader in smart card related technologies.”

------------------------------------------------------------------------------------------------------------------------------------------------------------------

Industries

Net1 is the leading provider of secure and affordable transaction channels between formal business and un-banked and under-banked individuals. Through the supply of chip card technologies and systems such as its Universal Electronic Payment System (UEPS), Net1 provides alternative payment solutions for populations in developing economies that have no or limited access to traditional banking facilities.

Net1's technology is widely used throughout South Africa today, with over 3.8 million clients in five provinces receiving social welfare grants on Net1 smart cards. Increasingly, these customers are using their smart cards at participating merchants to receive and spend their grants and perform a range of financial transactions.

Net1's technology incorporates software, smart cards, payment terminals, back-end infrastructure and transaction security. These technologies are coupled with years of experience in developing, integrating and upgrading transaction systems.
 
The unique manner in which Net1 deploys its solutions for individuals and business is set to drive a fundamental change to the very manner in which transacting occurs. Through the patented UEPS technology and infrastructure deployed at the lower end of the market, coupled with the retail payment infrastructure already established at the high end of the market, a powerful impression on the business models and profitability at both spectrums of commercial retail business can be achieved.

Within industry, Net1's technologies are applied to electronic commerce transactions  to provide solutions in the the fields of salary & wage distribution, affordable banking, payment of social grant members, medical stock control and patient identification, medical management, national health insurance fund, money transfers, voting and national identification system and food parcel distribution. Market sectors include Government & NGOs, Healthcare, Telecoms, Financial Institutions, Retailers, Petroleum and Utilities.