• At Kemp Little, we are known for our ability to serve the very particular needs of a large but diverse technology client base. Our hands-on industry know-how makes us a good fit with many of the world's biggest technology and digital media businesses, yet means we are equally relevant to companies with a technology bias, in sectors such as professional services, financial services, retail, travel and healthcare.
  • Kemp Little specialises in the technology and digital media sectors and provides a range of legal services that are crucial to fast-moving, innovative businesses.Our blend of sector awareness, technical excellence and responsiveness, means we are regularly ranked as a leading firm by directories such as Legal 500, Chambers and PLC Which Lawyer. Our practice areas cover a wide range of legal issues and advice.
  • Our Commercial Technology team has established itself as one of the strongest in the UK. We are ranked in Legal 500, Chambers & Partners and PLC Which Lawyer, with four of our partners recommended.
  • Our team provides practical and commercial advice founded on years of experience and technical know-how to technology and digital media companies that need to be alert to the rules and regulations of competition law.
  • Our Corporate Practice has a reputation for delivering sound legal advice, backed up with extensive industry experience and credentials, to get the best results from technology and digital media transactions.
  • In the fast-changing world of employment law our clients need practical, commercial and cost-effective advice. They get this from our team of employment law professionals.
  • Our team of leading IP advisors deliver cost-effective, strategic and commercial advice to ensure that your IP assets are protected and leveraged to add real value to your business.
  • Our litigation practice advises on all aspects of dispute resolution, with a particular focus on ownership, exploitation and infringement of intellectual property rights and commercial disputes in the technology sector.
  • We have an industry-leading reputation for our outsourcing expertise. Our professionals deliver credible legal advice to providers and acquirers of IT and business process outsourcing (BPO) services.
  • We work alongside companies, many with disruptive technologies, that seek funding, as well as with the venture capital firms, institutional investors and corporate ventures that want to invest in exciting business opportunities.
  • Our regulatory specialists work alongside Kemp Little’s corporate and commercial professionals to help meet their compliance obligations.
  • With a service that is commercial and responsive to our clients’ needs, you will find our tax advice easy to understand, cost-effective and geared towards maximising your tax benefits.
  • At Kemp Little, we advise clients in diverse sectors where technology is fundamental to the ongoing success of their businesses.They include companies that provide technology as a service and businesses where the use of technology is key to their business model, enabling them to bring their product or service to market.
  • We bring our commercial understanding of digital business models, our legal expertise and our reputation for delivering high quality, cost-effective services to this dynamic sector.
  • Acting for market leaders and market changers within the media industry, we combine in-depth knowledge of the structural technology that underpins content delivery and the impact of digitisation on the rights of producers and consumers.
  • We understand the risks facing this sector and work with our clients to conquer those challenges. Testimony to our success is the continued growth in our team of professionals and the clients we serve.
  • We advise at the forefront of the technological intersection between life sciences and healthcare. We advise leading technology and data analytics providers, healthcare institutions as well as manufacturers of medical devices, pharmaceuticals and biotechnological products.
  • For clients operating in the online sector, our teams are structured to meet their commercial, financing, M&A, competition and regulatory, employment and intellectual property legal needs.
  • Our focus on technology makes us especially well positioned to give advice on the legal aspects of digital marketing. We advise on high-profile, multi-channel, cross-border cases and on highly complex campaigns.
  • The mobile and telecoms sector is fast changing and hugely dependent on technology advances. We help mobile and wireless and fixed telecoms clients to tackle the legal challenges that this evolving sector presents.
  • Whether ERP, Linux or Windows; software or infrastructure as a service in the cloud, in a virtualised environment, or as a mobile or service-oriented architecture, we have the experience to resolve legal issues across the spectrum of commercial computer platforms.
  • Our clients trust us to apply our solutions and know-how to help them make the best use of technology in structuring deals, mitigating key risks to their businesses and in achieving their commercial objectives.
  • We have extensive experience of advising customers and suppliers in the retail sector on technology development, licensing and supply projects, and in advising on all aspects of procurement and online operations.
  • Our legal professionals work alongside social media providers and users in relation to the commercial, privacy, data, advertising, intellectual property, employment and corporate issues that arise in this dynamic sector.
  • Our years of working alongside diverse software clients have given us an in-depth understanding of the dynamics of the software marketplace, market practice and alternative negotiating strategies.
  • Working with direct providers of travel services, including aggregators, facilitators and suppliers of transport and technology, our team has developed a unique specialist knowledge of the sector
  • Your life as an entrepreneur is full of daily challenges as you seek to grow your business. One of the key strengths of our firm is that we understand these challenges.
  • Kemp Little is trusted by some of the world’s leading luxury brands and some of the most innovative e-commerce retailers changing the face of the industry.
  • HR Bytes is an exclusive, comprehensive, online service that will provide you with a wide range of practical, insightful and current employment law information. HR Bytes members get priority booking for events, key insight and a range of employment materials for free.
  • FlightDeck is our portal designed especially with start-up and emerging technology businesses in mind to help you get your business up and running in the right way. We provide a free pack of all the things no-one tells you and things they don’t give away to get you started.

Mobile Payments: Current and Emerging Regulatory and Contracting Issues

At the epicentre of mobile commerce, mobile payments are currently at an inflection point. Innovation in this area, where the four value chains of the payments, mobile, retail and technology industries intersect, is the object of significant investment by the smartphone industry; and new ecosystems of market participants – card schemes, mobile operators, retailers, device suppliers and service integrators – and new regulatory and contractual landscapes are fast developing

‘Zap, tap and go’, an analysis piece in the FT on 22 September, spoke of ‘the allure of the smartphone as a central part of business explaining why companies are backing mobile payments’.  Fundamental to this analysis is that whilst m-payments are at the centre of mobile commerce, m-commerce is much more than mobile e-commerce.  This is because m-commerce brings supply closer to the demand creation point through use of the mobile phone’s unique features – like LBS (location based services), voice control, camera, complete availability, constant Internet connectivity and QR (quick response).  E-commerce extended buying from the shop and mail order catalogue to the PC and laptop at home, enabling tickets and digital content to be fulfilled directly to the desk. M-commerce carries this evolution further still by making the smartphone the point where demand is created and supply fulfilled outside the home, workplace and shop.

The technology context

As ever in the technology space, there’s a bit of terminology to become familiarised with before looking at the legal aspects.  Here, the key terms are digital wallet, 2D barcode QR display apps, online wallet and mobile wallet.
The digital wallet consists of databases and software resident on the smartphone.  The databases typically reside on a secure part of the SIM (subscriber identification module) known as the SIM secure element as the store of the user’s shipping and billing addresses and identification, security and expiry date data for his or her credit cards and other payment methods.  The software, also on the SIM, connects the SIM secure element to the payment and related applications, of which three are the most important. 

First, 2D barcode (machine readable data representation) QR (quick response) display apps enable boarding cards, membership cards, tickets and coupons to be stored and read.  A good example of this application, which is not true m-payment, is Apple Passbook released with iOS 6 in September 2012.

Next is the online wallet, where the digital wallet is enabled for ‘remote m-payments’ - mobile internet transactions using the smartphone instead of the PC or laptop.  Here, the user accesses pages or apps downloaded to the smartphone to make payment where a credit or debit card is generally required (unless the user’s mobile account is debited directly). At the time of the first transaction, the user inputs the phone number to register; receives from the provider the PIN (personal identification number), typically by way of SMS (short message service); enters the PIN to authenticate; and then completes the entry of the remaining credit card, etc data.  With later payments, the user re-enters his or her PIN to authenticate and validate payment.

Thirdly, the mobile wallet is the digital wallet enabled for ‘proximity’ or ‘contactless’ payments through NFC (near field communication) technology, a sets of standards for radio communication between the smartphone and the reader module nearby where the user waves the smartphone at the reader to complete the purchase, typically for buying in-store or transportation services.

Understanding the ecosystem

The ecosystem is complex because m-payments is where four value chains – payments, mobile retail, and technology – collide and each is currently vying for pole position for the race that is under way.  Broadly, there are six sets of market participants to consider:

  • card schemes (banks issuing credit/debit cards and card associations like Visa and MasterCard);
  • mobile operators (whether as network – MNO – or virtual network – MVNO – operators);
  • retailers (the businesses accepting payments by credit and debit cards, etc);
  • device suppliers (smartphone and PoS (point of sale) device manufacturers) and SIM suppliers;
  • service providers (‘SPs’, whether M[V]NO- or bank-centric) delivering the m-payment and related solutions; and
  • a growing ‘overlay’ category of TSMs (trusted service managers) which manages the range of contractual and technical connections between the participants that is necessary to enable m-payments to happen.

Looking at the ecosystem gives a framework for analysing both how regulation applies to m-payments and also how to get to the right balance of benefits and obligations, risks and rewards in contract structuring, preparation and negotiations.  In any particular case, regulatory and contract structuring will depend on where and how each of the participants fits into the ecosystem.

The regulatory landscape

The good news is that m-payments do not have a specific set of regulations.  The not so good news is that regulation is pervasive and deeply layered, broadly according to the ‘payments – mobile – retail – technology’ set of intersecting value chains mentioned above.

Payments regulation: electronic money and payment services.  The main sources of law and guidance in the UK on e-money are the Electronic Money Regulations 2011 (the ‘EMRs’)[1], the FSA’s approach document[2] and the relevant perimeter guidance in the FSA Handbook at PERG 3A[3].

Broadly, e-money is defined subject to exceptions as monetary value represented by a claim on the issuer that is (i) electronically stored; (ii) issued on receipt of funds for the purpose of making payment transactions; and (iii) accepted as payment by someone other than the issuer.

Exceptions apply where the value is used for purchases only on the premises of the issuer, within a ‘limited network’ of providers or for a ‘limited range’ of items.  A further important exception in the mobile space applies where the operator adds value beyond acting only as the payment pipe, so:

“… electronic money does not include … monetary value that is used to make payment transactions executed by means of any telecommunication, digital or IT device, where the goods or services purchased are delivered to and are to be used through a telecommunication, digital or IT device, provided that the telecommunication, digital or IT operator does not act only as an intermediary between the payment service user and the supplier of the goods and services.”[4]

The EMRs prescribe an authorisation/registration regime for e-money issuers (‘EMIs’).  Banks and building societies authorised through Part 4 permission under FSMA and are not EMIs for the purposes of the EMRs.  Authorised EMIs (‘AEMIs’) are subject to the full EMR regulatory regime, with its compliance requirements on Conduct of Business, capital, safeguarding, financial crime, complaint handling, supervision, reporting and enforcement.  AEMIs benefit from passporting to other parts of the EEA, as do EMIs authorised elsewhere in the EEA as regards the UK. Small EMIs (‘SEMIs’) – broadly whose average outstanding e-money is less than £5m – have a lighter, registration based regime but do not benefit from passporting.

Currently 27 AEMIs are authorised and 3 SEMIs are registered.  Google Payments Limited (GPL) was authorised as an EMI on 19.05.11 for (i) payment account cash placement & withdrawal; (ii) executing credit, non-credit & IT/Network Operator enabled payment transactions; (iii) issuing e-money; (iv) money remittance; (v) issuing payment instruments; and (vi) acquiring payment transactions. GPL also has extensive passporting

The main sources of law and guidance in the UK on payment services are the Payment Services Regulations 2009 (the ‘PSRs’)[5], the FSA’s approach document[6] and the FSA’s perimeter guidance at PERG 15[7]. Payment services are defined broadly and PERG 15.1 provides that they include, among other things:

“services relating to the operation of payment accounts (for example, cash deposits and withdrawals from current accounts and flexible savings accounts), execution of payment transactions, card issuing, merchant acquiring, money remittance and certain mobile phone-based payment services.”

Paragraph 2.18 of the FSA’s approach document gives:

“mobile .. phone payments where the payment is made from the phone itself rather than the phone being used as an authentication tool to send a payment order to another payment services provider”

as an example of a covered payment service:

“execution of payment transactions where the consent of the payer to execute a payment transaction is given by means of any telecommunication, digital or IT device and the payment is made to the telecommunication, IT system or network operator, acting only as an intermediary between the payment service user and the supplier of the goods and services”.

Like the EMRs, the PSRs prescribe a compliance regime for Payment Institutions (‘PIs’), with Authorised PIs (‘APIs’) subject to the full weight of authorisation and Small PIs (‘SPIs’) subject to a lighter registration regime.  The following do not require requiring authorisation or registration under the PSRs:

  • banks and building societies permissioned under FSMA Part 4;
  • AEMIs authorised and SEMIs registered under the EMRs); and
  • PIs authorised elsewhere in the EEA who benefit from passporting (i.e. not SPIs).

In general terms in the m-payments space, the practical advice is to know what kind of digital wallet service is being provided (whether online or mobile using the above taxonomy); to ‘follow the money’ – i.e. understand the payment flows; and to seek informal guidance from the FSA at an early stage in assessing whether or not authorisation or registration under the EMRs or the PSRs is required.

Mobile regulation.   Again, m-payments are not currently specifically addressed by mobile regulation but Ofcom has intervened in relation to (voice) call termination charges and (voice and data) international roaming charges and will no doubt be watching this emerging space with interest. In the area of vanilla competition law, and as mentioned above, the European Commission unconditionally approved the Project Oscar m-commerce JV under the EU Merger Regulation on 5 September 2012[8].

Retail regulation: consumer protection and data privacy.  Here the usual patchwork of statute based law familiar to e-commerce lawyers applies so as to closely regulate and protects the end-consumer at the B2C level.  The most important sources of law in the UK are:

  • the Consumer Credit Act 1974[9];
  • the Unfair Terms in Consumer Contracts Regulations 1999[10];
  • the E-Commerce Regulations 2002[11];
  • the Financial Services (Distance Marketing) Regulations 2004[12]; and
  • the Consumer Protection from Unfair Trading Regulations 2008[13].

In addition, of particular and growing importance for m-payments is the data protection aspects – compliance with the Data Protection Act[14] at each level of the ecosystem will continue to exercise participants’ legal counsel, perhaps nowhere more so than in companies seeking to map their US e- and m- payment products to Europe.

Technology regulation – standards and interoperability.  The European Commission in its Green Paper of 11 January 2012 ‘towards an integrated European market for card, internet and mobile payments’[15] is actively encouraging common standards and interoperability to reduce fragmentation and enhance m-payments adoption.

The contractual landscape

Contract structures are currently at an early stage but already market practice at each level of the ecosystem (card schemes - MNOs/MVNOs – retailers- device/SIM suppliers – SPs/TSMs) is starting to evolve around commonly encountered issues of risk and reward. These issues are perhaps best articulated as a series of questions around four themes:

  • Structural – identify the deal:

–      Who are the parties involved?

–      Where and how does the contract fit into the ecosystem? 

–      What technology are you dealing with?

  • Payment flows:

–      Are you crossing the regulatory banking boundary?

–      How do you get paid?

 

  • IPR and data:

–      What is the IPR position?

–      How will customer data be used? 

  • Risk and liability:

–      What happens if the smartphone is stolen?

–      What happens if the consumer product offering is changed?

–      What happens if there are changes outside the parties’ control?

Although what market practice for all these issues will become is not yet visible, what is certain is that m-payments, m-commerce, the ecosystem and the regulatory and contractual landscape will all develop at a fast clip over the next couple of years or so.

 

[1] SI 2011 No. 99 - http://www.legislation.gov.uk/uksi/2011/99/made  - implementing the second EU Directive (Directive 2009/110/EC on the taking up, pursuit and prudential supervision of the business of electronic money institutions at http://eur-lex.europa.eu/. The Explanatory Memorandum to the EMRs is at   http://www.legislation.gov.uk/uksi/2011/99/pdfs/uksiem_20110099_en.pdf

[2] The FSA’s role under the Electronic Money Regulations 2011 (March 2011)

[4] Regulation 3(b)

[5] SI 2009 No. 99 http://www.legislation.gov.uk/uksi/2009/209/contents/made (as amended) - implementing Directive 2007/64/EC on payment services in the internal market at http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2007:319:0001:0036:EN:PDF.  The Explanatory Memorandum to the PSRs is at http://www.legislation.gov.uk/uksi/2009/209/pdfs/uksiem_20090209_en.pdf 

[6] The FSA’s role under the Payment Services Regulations (May 2010) at http://www.fsa.gov.uk/pubs/other/psd_approach.pdf