Mobile payment

On the otherday i was referring about the Kevin's blog on paypal. I just thot i did not make my concept very clear. Its more like the microsoft's video on webservices and getting integrated with the mobile phone & smart card.
But to make it clear, the significant part where it differs and where i would want to concentrate is the Security aspect of it. Its a kind of fantasy i had it for long time. This has a story and i would like to tell you here.

I was infact writing code for the online & mobile banking system of Commerzbank AG (Frankfurt) as a consultant to Accenture. I thot why dont these guys do a money transfer if they can browse for their balances. I thot if customers can register their mobile no's for that to check their balances thro' SMS why cant they do it for shopping also. You know i am a lazy guy who wants to travel tension-free. If i lose my wallet and if i have 2 credit cards stored in the wallet, then i am screwed (ich bin screwen)..

So, whats the next thing instead of credit card but can act like a credit card is a smart card or something nearer to that. Then the thot came why not SIM Card ??

This is the story i had dreamt every now and then,

Step 1 : Customer buys a mobile from (now i am back to India, so i woud say a local service provider like RPG).
Step 2: The user can choose to register his SIM card with a bank (say my bank, Citibank).
Step 3: Whenever I call a number say 2484 (CITI), i get a msg saying please enter your passcode
Step 4: User types in his Passcode and gets validated. One sequence

Step 5 : Scene 2- User goes to shopping and buys worth of Garments ( i am a shirt maniac) for say 7000 (nice 4 louis phillippe shirts)..

Step 6: Customer calls 2484 and says shopping bill for amt : 7000
Step 7: Citi online asks for the phone number to transfer
Step 8: Customer types in the shopkeeper's phone number
Step 9: Citi online generates a public encryption number (say 87@#1340!**&23)
Step 10: Customer gives the number to the shopkeeper and the shopkeeper will call citi on his mobile
Stpe 11: Shopkeeper confirms his pending transaction with the number given by the customer
Step 12: Citi transfer the amount from customer to shopkeeper.

Ok...where the security catch??

The number generated by citi, and the number got by the customer and the number has to be given to the shopkeeper. So, when a wrong transaction happens if the customer types in a wrong phone number, the wrong person cannot enjoy the benefit becoz the transaction is not complete (the public encryption number is not known to the wrong person).

also, the customer does not lose money when either he does a mistake or the shopkeeper does a mistake.

But if either the shopkeeper or customers are from 2 diff banks. The synchronicity has to be maintained, there is a lack of depondency check and it has to be implemented by almost all the banks, but this was the scenario of teh first credit card right ??

Well...I shall write more on the dream and can write forever and i will be pleased to answer you if you have any questions / suggstion on my thought process. I am also looking out for a VC whoever will be interested to fund me for this technolgy to be put in place :).

Bye for now!!