Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?. Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash *_______________________________________________________________ its ok child, He's heard you *
if this is possible I'd also like to know how... On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
*______*
this would be a bit simple with Java-card 3 but am not sure. the security surrounding SIM toolkit applications is crazy this is kind of M2M (machine to machine) interaction but then again, this is an area where you need a sacrifice of a goat to get the information you need On Wed, Nov 10, 2010 at 3:42 PM, kennedy kariuki <kkairu@gmail.com> wrote:
if this is possible I'd also like to know how...
On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
______
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
They should just make our work easy by coming up with a secure API to let developers integrate there Systems with the M-Pesa servers, and all this issue of SIM card programing will be behind us. On Wed, Nov 10, 2010 at 4:12 PM, gisho <gichuhie@gmail.com> wrote:
this would be a bit simple with Java-card 3 but am not sure. the security surrounding SIM toolkit applications is crazy
this is kind of M2M (machine to machine) interaction but then again, this is an area where you need a sacrifice of a goat to get the information you need
On Wed, Nov 10, 2010 at 3:42 PM, kennedy kariuki <kkairu@gmail.com> wrote:
if this is possible I'd also like to know how...
On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole
MPESA
transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
______
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, Zack K. Githinji Technical Officer, Cell:+254 722 649199 E-mail:zachgithinji@gmail.com <E-mail%3Azachgithinji@gmail.com> "God grant me the serenity to accept the things I cannot change, the courage to change the things I can, and the wisdom to know the difference."
I hear it is possible to get a modem access the STK menu and therefore walk through the process just like a user would do... no? http://www.mobitek.com.my/SIMToolKit/STK.html
@jaginta, Thanks am way into the pdf, hope this will shed the much light av been craving for @Gisho I might be changing my mind and work through it this (weekend) @Haggai, Thanks a million, perl is a good friend and i've already contacted a CPAN for the module. I'll work hard though it might be hard luck to stumble upon a siemens quickly. I'll communicate my truimps and :( here Rgds to all *_______________________________________________________________ its ok child, He's heard you * On Wed, Nov 10, 2010 at 5:21 PM, Jangita <jangita@jangita.com> wrote:
I hear it is possible to get a modem access the STK menu and therefore walk through the process just like a user would do... no? http://www.mobitek.com.my/SIMToolKit/STK.html
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@gisho, If i get you well, securities kado, it possible for me via the kit to get to the mpesa menu and drop some figures on the inputs? *_______________________________________________________________ its ok child, He's heard you * On Wed, Nov 10, 2010 at 8:12 AM, gisho <gichuhie@gmail.com> wrote:
this would be a bit simple with Java-card 3 but am not sure. the security surrounding SIM toolkit applications is crazy
this is kind of M2M (machine to machine) interaction but then again, this is an area where you need a sacrifice of a goat to get the information you need
On Wed, Nov 10, 2010 at 3:42 PM, kennedy kariuki <kkairu@gmail.com> wrote:
if this is possible I'd also like to know how...
On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole
MPESA
transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
______
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@joe, i have a EZmini PC/SC smart card reader. i haven't played with real GSM sim cards yet but if you have some xtra time i could pass it to you to try out your automagics and luck Regards, Erastus Gichuhi +254733725373 @gisho Nairobi Kenya On Wed, Nov 10, 2010 at 4:23 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
@gisho, If i get you well, securities kado, it possible for me via the kit to get to the mpesa menu and drop some figures on the inputs? _______________________________________________________________ its ok child, He's heard you
On Wed, Nov 10, 2010 at 8:12 AM, gisho <gichuhie@gmail.com> wrote:
this would be a bit simple with Java-card 3 but am not sure. the security surrounding SIM toolkit applications is crazy
this is kind of M2M (machine to machine) interaction but then again, this is an area where you need a sacrifice of a goat to get the information you need
On Wed, Nov 10, 2010 at 3:42 PM, kennedy kariuki <kkairu@gmail.com> wrote:
if this is possible I'd also like to know how...
On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
______
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@gisho, I would love to burn some midnight oils on the same, soonest i get some project off my back in 2 weeks. Will get in touch Rgds *_______________________________________________________________ its ok child, He's heard you * On Wed, Nov 10, 2010 at 5:12 PM, gisho <gichuhie@gmail.com> wrote:
@joe, i have a EZmini PC/SC smart card reader. i haven't played with real GSM sim cards yet but if you have some xtra time i could pass it to you to try out your automagics and luck
Regards,
Erastus Gichuhi +254733725373 @gisho Nairobi Kenya
On Wed, Nov 10, 2010 at 4:23 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
@gisho, If i get you well, securities kado, it possible for me via the kit to get to the mpesa menu and drop some figures on the inputs? _______________________________________________________________ its ok child, He's heard you
On Wed, Nov 10, 2010 at 8:12 AM, gisho <gichuhie@gmail.com> wrote:
this would be a bit simple with Java-card 3 but am not sure. the security surrounding SIM toolkit applications is crazy
this is kind of M2M (machine to machine) interaction but then again, this is an area where you need a sacrifice of a goat to get the information you need
On Wed, Nov 10, 2010 at 3:42 PM, kennedy kariuki <kkairu@gmail.com>
wrote:
if this is possible I'd also like to know how...
On Wed, Nov 10, 2010 at 2:44 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on
these
commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
______
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@joe: You need to know perl and use the Device::Modem package to send AT commands. Well, that's not the only way but it's the way I'd go. Then you need a gsm modem that can talk to your (linux) box bila shida. I have had my eyes on the Siemens TC35i terminal (asked about it on the list sometime back) and eventually found it here<http://www.warburtech.com/gsm/tc35i.terminal/>. Nobody has it locally to my knowledge - even the local Siemens guys had no info on it when I called them. In the meantime I have fooled around with minicom on phones, (Nokia 1680, 1200, N95 and N97) on connecting to the STK but I could not get any concrete info on Nokia STK commands for them. However I believe there are some older siemens phones (circa 2005) which can do the job...though I have not tried them. It supports the STK AT command set well, the Siemens documentation is online (even on the link above), just google kidogo and you'll get it all. IMO many modems support AT commands but their coverage on STK in particular is sketchy. The other GSM modem I know of is the Wavecom brand, might be hard to get hold of locally - I hear their chipset is used in Psitek modems (south african) - but I'm not sure. There's an asian site I stumbled upon a while back that claims to have safaricom as one of their clients who purchased the programming API from them (for .NET platform if I'm not wrong). Shida is I've been busy on an in-house coding project (that's me procrastinating, lol), but I guess I'll just paypal them tomorrow and tinker for myself when it arrives. As I have read you can control the STK menu via AT commands with the Siemens and Wavecom modems, provide inputs to prompts and get replies. I believe this is what you're looking for. Once you can talk to it with perl the rest is simple to figure out - making db connections and a web frontend. Methinks with this you can automate payments for all gsm operators on a small scale without having to break into their code on the sim and have an army of lawyers after your backside. My silent prayer is that safcom increases their mpesa transaction limits, esp with Orange Money's recent entry and terms. @zack: People have prayed, cried, ranted and raved about safaricom releasing an API but I do not see it happening anytime soon. Not when they consider data and financial transactions to be their most-sought-after revenue stream over voice.
Interesting: http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html <http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html> List of SIM Cards [image: SIM card]*MOBITEK*TM* STK API* had been successfully tested with the following SIM cards or SIM applications:- GSM Network Operator Country SIM Application Maxis <http://www.mobitek.com.my/SIMToolKit/Multimedia/Maxis%20eLoad.jpg> Malaysia E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Maxis.html> Digi Malaysia Flexi E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Digi.html> SMART Philippines eLoad Grameenphone Bangladesh ERS <http://www.mobitek.com.my/SIMToolKit/ERS.html> *Safaricom* *Kenya* *m-Pesa* TataDOCOMO India BSNL India Airtel India Mobilnil Egypt Viettel Vietnam -- Thanks and Regards, Erick Njenga Nyachwaya, M: +254-725-008-790 <http://www.facebook.com/ErickNjenga> <http://www.twitter.com/ErickNjenga>
@kennedy we have no biz asking more Q's it time to get hands pretty dirty Thanks again all *_______________________________________________________________ its ok child, He's heard you * On Wed, Nov 10, 2010 at 5:29 PM, Erick Njenga <eriknjenga@gmail.com> wrote:
Interesting: http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html <http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html> List of SIM Cards
[image: SIM card]*MOBITEK*TM* STK API* had been successfully tested with the following SIM cards or SIM applications:-
GSM Network Operator
Country
SIM Application
Maxis <http://www.mobitek.com.my/SIMToolKit/Multimedia/Maxis%20eLoad.jpg>
Malaysia
E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Maxis.html>
Digi
Malaysia
Flexi E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Digi.html>
SMART
Philippines
eLoad
Grameenphone
Bangladesh
ERS <http://www.mobitek.com.my/SIMToolKit/ERS.html>
*Safaricom*
*Kenya*
*m-Pesa*
TataDOCOMO
India
BSNL
India
Airtel
India
Mobilnil
Egypt
Viettel
Vietnam
--
Thanks and Regards, Erick Njenga Nyachwaya, M: +254-725-008-790
<http://www.facebook.com/ErickNjenga><http://www.twitter.com/ErickNjenga>
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
am on it. cheers On Wed, Nov 10, 2010 at 5:34 PM, joe mwirigi <joemwirigi@gmail.com> wrote:
@kennedy we have no biz asking more Q's it time to get hands pretty dirty
Thanks again all
*_______________________________________________________________ its ok child, He's heard you *
On Wed, Nov 10, 2010 at 5:29 PM, Erick Njenga <eriknjenga@gmail.com>wrote:
Interesting: http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html <http://www.mobitek.com.my/SIMToolKit/SIM_Cards.html> List of SIM Cards
[image: SIM card]*MOBITEK*TM* STK API* had been successfully tested with the following SIM cards or SIM applications:-
GSM Network Operator
Country
SIM Application
Maxis <http://www.mobitek.com.my/SIMToolKit/Multimedia/Maxis%20eLoad.jpg>
Malaysia
E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Maxis.html>
Digi
Malaysia
Flexi E-Load <http://www.mobitek.com.my/SIMToolKit/STK_Digi.html>
SMART
Philippines
eLoad
Grameenphone
Bangladesh
ERS <http://www.mobitek.com.my/SIMToolKit/ERS.html>
*Safaricom*
*Kenya*
*m-Pesa*
TataDOCOMO
India
BSNL
India
Airtel
India
Mobilnil
Egypt
Viettel
Vietnam
--
Thanks and Regards, Erick Njenga Nyachwaya, M: +254-725-008-790
<http://www.facebook.com/ErickNjenga><http://www.twitter.com/ErickNjenga>
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Joe... something good you have going on there - Let me know if you need any help with Perl.
Call Cellulant, they are already doing it. Site= www.cellulant.com On 11/10/10, Patrick Kariuki <patrick.kariuki@gmail.com> wrote:
Joe... something good you have going on there - Let me know if you need any help with Perl. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosigmer@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/
... 2 cents .. Useful idea but it poses some security hazards. MPESA uses a double-factor authentication ie. the combination of ... something that you have which is the unique SIM card and something that you know .. the PIN. Removal of one of these factors drastically increases its vulnerability. I think the banking act will not allow it. One could argue that technically MPESA does not fall under the Banking act .. but if they have to maintain their intergrity and the trust/faith of the users that MPESA is equivalent to legal tender then they have to somehow conform to the authentication methods prescribed by banks and other money handling institutions. The day there will be a nation-wide panic that your MPESA balance / account is no longer safe .. or that the funds are about to disappaer .. everyone will rush to withdraw whatever they have ... that will be the day Safaricom will close shop .. like Trade Bank.. ============================================================================================= On 10 November 2010 14:44, joe mwirigi <joemwirigi@gmail.com> wrote:
Any one aware of a way to automate (maybe via AT commands) the whole MPESA transacting process. such that, i send sms "send 1200 to murume" and kannel picks that passes on to php which interprests that and passes on these commands (via a script perhaps) to my sim card and sends 1200 to murume who is in my db?.
Nb: I dont want to use the phone to manually go to Safaricom => Send Money => Phone Number => Amount => Enter Pin =>Verify => loose the cash
*___*
participants (10)
-
Erick Njenga -
Gichuki John Chuksjonia -
gisho -
Haggai Nyang -
Jangita -
joe mwirigi -
kennedy kariuki -
Patrick Kariuki -
Thomas Kibui -
Zack Githinji