Re: 答复: need reason description for exclusion of UseCase v1 from Joseph Potvin on 2015-06-25 (public-webpayments-ig@w3.org from June 2015)

From: Joseph Potvin <jpotvin@opman.ca>
Date: Thu, 25 Jun 2015 11:40:51 -0400
To: Web Payments IG <public-webpayments-ig@w3.org>
Message-ID: <CAKcXiSrMHi+uOUsthjJMSZ8ei_u9MVvWAGQ5NGoJ_+ECZxm5Lg@mail.gmail.com>
RE: "C: the specification incorporates the flexibility that the 3rd party
platform would present the set of acceptable payment instrument choices to
either party."

This issue was central to my written submission to the April 2014 W3C
meeting on web payments. This paper was entitled: "Restricted vs Free
Market Pricing in Web Payments"
http://www.w3.org/2013/10/payments/papers/webpayments2014_submission_24.pdf

In my presentation deck at the meeting, I illustrated that how a "3rd party
platform would present the set of acceptable payment instrument choices",
using screenshots from my own PayPal purchase of the buffet ticket for that
W3C meeting.
http://www.w3.org/2013/10/payments/slides/session4_potvin.pdf

My paper opened up the issue as follows:



*"From its inception a W3C specification on web payments may adopt one the
following positions with regard to the roles of buyers, sellers and payment
intermediaries (systems or roles): (a) The specification may explicitly or
implicitly leave out-of-scope the issue of whether or not payment
intermediaries may constrain access to knowledge and choice amongst buyers
and sellers...; (b) The specification may explicitly identify the criteria,
methods and processes by which payment intermediaries may legitimately
constrain access to knowledge and choice amongst buyers and sellers...; or,
(c) The specification may explicitly identify the general and inalienable
right of buyers and sellers to unencumbered knowledge and choice..."*

At this point, I suggest to table this set of options again, with the
clarification that every legal juridiction may of couse set its own rules
for what sellers, buyers and financial intermediaries each may and may not
have the authority to determine in the course of transactions that come
within that jurisdiction's scope of governance.

It seems to me that a W3C specification is not the place to presuppose the
rules of any particular jurisdiction about what the relative prerogatives
of sellers, buyers and financial intermediaries to determine payment
attributes.

In general, seeking to ensure that the W3C spec on web payment is premised
upon a global legal context for web payments, I've been recommending that
sources such as UNCITRAL Model Laws, BIS Principles and UNIDROIT Principles
be used as the core sources for guidance. Such sources function like
Rosetta Stones for these matters across all jurisdictions (and I should
add, can accommodate the new generation of payment instruments).

Joseph Potvin
On behalf of DataKinetics http://www.dkl.com/
Operations Manager | Gestionnaire des opérations
The Opman Company | La compagnie Opman
jpotvin@opman.ca
Mobile: 819-593-5983

On Wed, Jun 24, 2015 at 11:47 PM, 茱滴 <hongru.zhr@alibaba-inc.com> wrote:

> 1.       As for “
>
> Let me suggest a general framing of the issue as involving the following
> two approaches:
>
> A: The specification incorporates an assumption that the Payee role would
> present a set of acceptable payment instrument choices to the Payer;
>
> B: The specification incorporates the flexibilty that either the Payee or
> the Payer role would present a set of acceptable payment instrument choices
> to the other party.
>
>
>
> Actually it should add another \
>
>
>
> * C: the specification incorporates the flexibility that the 3rd party
> platform would present the set of acceptable payment instrument choices to
> either party. “ *
>
>
>
> Since like my colleague said, Alibaba model, this kind of user case
> actually is the platform deciding the payment scheme, not payee( the
> merchant) nor the payee.
>
>
>
> 2.     And also then whater A, B, C, then it should be firstly decided by
> great market, of course, the payee or the platform 3 rd party will comply
> with the market to choose the popular tools on payment, or else, nobody to
> buy. So +1 to the guys which think great market power
>
> 3.  Also +1,  we don’t think payer should present the choices, since for
> the privacy problem.  As for the “It’s more about automatic discovery and
> disclosure of payment methods. The payer’s available payment instruments
> should never be automatically disclosed to the payee without the explicit
> consent of the payer. To do so would be a substantial privacy issue. “
>
> 4.     + 1 also for “The standard should be focused on the interactions
> and the process flow – with the ability for specifics like this to adjust
> how the standard is implemented”
>
> We should standardize the process and flow
>
> 5.     But as for what payement schemes should be used is risky to be
> standardized, since it has many regularly and user cases, and sales models
> factors to impact.  But in the flow, we need to give space for the fields
> for the payee to choose.
>
> 6.     In summary, we also think A and C are needed to go. For B is not
> considered.
>
> 7.     And also standard should define the general and common stuff, not
> too much details of the specific payment scheme, like which bank etc.
>
>
>
> Judy
>
>
>
>
>
> *发件人:* Nick Shearer [mailto:nshearer@apple.com]
> *发送时间:* 2015年6月25日 11:07
> *收件人:* 段超(泰麒)
> *抄送:* Joseph Potvin; Web Payments IG; 茱滴
> *主题:* Re: need reason description for exclusion of UseCase v1
>
>
>
>
>
> On Jun 24, 2015, at 8:01 PM, 段超(泰麒) <zephyr.dc@alibaba-inc.com> wrote:
>
>
>
> Hi, Joseph:
>
>
>
> In these two scenarios, maybe the decider for which payment instruments
> could be selected will be the company with greater market. Because it
> involves different countries’ payment mode. In China, there has been a lot
> of escrows to implement payment process. As an escrow, it has to think
> about many stuffs about usability, security, risk management, etc. These
> stuffs will take many human cost and time cost. But payee usually just
> focus on the products or services it could supply. So payee will settle
> payment process with a platform which is provided by escrow.
>
>
>
> In China, if a company A wants to buy a device from company B, via B’s
> retail sales website, the website will only present the device. When A need
> to pay for the device, website will jump to a escrow’s website to handle
> the payment. It’s similar to the other scenario.
>
>
>
> However, in different countries there may be different payment mode. So we
> may have to make the use cases be an universal set which includes the
> payment mode with escrow and without escrow, and some other modes.
>
>
>
>
>
> 段超 *(**泰麒**)*
>
> *Zephyr Tuan*
>
> *集团安全部*_标准化与安全新技术
>
> *Corporation security*_standardization and new security research
>
>
>
> *发件人:* Joseph Potvin [mailto:jpotvin@opman.ca <jpotvin@opman.ca>]
> *发送时间:* 2015年6月24日 20:27
> *收件人:* Web Payments IG
> *抄送:* 茱滴
> *主题:* Re: 答复: need reason description for exclusion of UseCase v1
>
>
>
> Consider these two scenarios:
>
> 1. Digital Bazaar buys a device from Alibaba's, via Alibaba's retail sales
> website.
>
> 2. Digital Bazaar sells system design services to Alibaba, via Alibaba's
> corporate procurement website.
>
> In both cases, will it not be the company with greater market power which
> first determines which payment instruments are presented for selection?
>
> While B2P is going to almost always involve the B (payee) selecting the
> set of available instruments, this is not a reliable assumption in B2B,
> G2B, B2G or G2G scenaros.
>
> Nor is it clear why it would be necessary or advantageous to "hard code"
> into a generic specification such an assumption about which party, the
> payee or payer, would initiate the selection of acceptable payment
> instruments.
>
>
>
> It’s more about automatic discovery and disclosure of payment methods. The
> payer’s available payment instruments should never be automatically
> disclosed to the payee without the explicit consent of the payer. To do so
> would be a substantial privacy issue.
>
>
>
>
> Joseph Potvin
> On behalf of DataKinetics http://www.dkl.com
> Operations Manager | Gestionnaire des opérations
> The Opman Company | La compagnie Opman
> jpotvin@opman.ca
> Mobile: 819-593-5983
>
>
>
> On Wed, Jun 24, 2015 at 4:25 AM, 段超(泰麒) <zephyr.dc@alibaba-inc.com> wrote:
>
> Hi,
>
> The ubiquitous web payment scenario in China is:
>
> 1.       payee(supplying products or services, and collecting money at
> last) which we called merchant gets the payer’s payment request(maybe
> includes products’ or services’ name, id, price, count, etc.), and then
> transmit the request to escrow. In this process, payee only pass the
> information of the products or services which payer wants to buy to escrow.
>
> 2.       Then payee’s web or app will jump to escrow’s page or app.
> Escrow gets these information , and show payer which schemes and
> instruments are available.
>
> 3.       Payer chooses scheme and instrument which escrow offered, and
> then pay the money to escrow.
>
> 4.       Payee and escrow will consult with a settlement time at
> first(maybe every day’s 24:00). At that time, escrow will transfer the
> money to payee which payer has paid.
>
> During the process, payee don’t know any privacy information of the payer.
> What payee has to care about is only stuffs about products or services
> which they supplied.
>
> Moreover, escrow was the one dealt with payer’s privacy information and
> transfer money between payee and payer. So we have to make escrow
> compliance. Because of this, The People’s Bank of China has worked out
> several standards to normalize numerous escrows.
>
>
>
> About the issue of “wallets”, we usually call it virtual account. Because
> there are some app products named with “… wallet”, to avoid of  confusion
> we don’t use “wallet” as a terminology. However, we use “e-wallet”  as a
> payment scheme which is using in near field payment with IC card.
>
>
>
> Above is the current situation in China, I hope these will be a little
> help  to you.  : )
>
>
>
>
>
> 段超 *(**泰麒**)*
>
> *Zephyr Tuan*
>
> *集团安全部*_标准化与安全新技术
>
> *Corporation security*_standardization and new security research
>
>
>
> *发件人:* Mountie Lee [mailto:mountie@paygate.net]
> *发送时间:* 2015年6月24日 7:50
> *收件人:* Adrian Hope-Bailie
> *抄送:* Manu Sporny; public-webpayments-ig@w3.org
> *主题:* Re: need reason description for exclusion of UseCase v1
>
>
>
> Hi.
>
>
>
> the first image for "Discovery" was
>
> wallet (or payment agent) will discover the available schemes and
> instruments.
>
> but in the definition of Discovery of User Cases (
> http://www.w3.org/TR/2015/WD-web-payments-use-cases-20150416/#selection-of-payment-instruments
> )
>
> describing discovery across the multiple digital wallets (on mobile phone,
> in the cloud and on smart watch).
>
>
>
> with this understanding,
>
> the wallet will discover available schemes and instruments across the
> multiple digital wallets.
>
>
>
> but it is not possible with current web technologies.
>
>
>
> that is the reason I asked "who discover".
>
>
>
> regards
>
> mountie.
>
>
>
>
>
> On Tue, Jun 23, 2015 at 6:29 PM, Adrian Hope-Bailie <adrian@hopebailie.com>
> wrote:
>
> Hi Mountie,
>
> This is the same "confusion" Dave highlighted regarding the word discover.
>
> There are 4 steps that must be completed before we have a final selection
> of payment scheme and instrument to begin processing a payment.
>
> 1. Registration: The user (over time) will register one or more payment
> schemes and instruments that they have and wish to use to make payments.
> They will configure how these must be used and set default parameters for
> their use. My understanding is that the current proposal is for this
> process to be IN SCOPE but not necessarily REQUIRED by the browsers
> themselves. i.e. The most likely scenario is that the browser allows the
> configuration of a "wallet" and the wallet itself is responsible for
> managing the various schemes and instruments.
>
> 2. Request for Payment: The web application (of the payee/merchant) makes
> a request to a browser API to perform a payment. In this request the payee
> provides a list of payment schemes and instruments that they will accept
> for payment (and possibly even different payment terms for each such as a
> different amount and currency).
>
> 3. Discovery: This step is the one causing the confusion because I think
> it is not clear who does the discovery. My understanding from the F2F is
> that this will be done by the "wallet". The browser will pass the payment
> request to the "wallet" and the wallet will use an algorithm to match the
> supported schemes and instruments from the payee with the registered
> schemes and instruments from the payer.
>
> 4. Selection: After discovery there should be a list of at least one
> payment scheme and instrument that is both supported by the payee and
> registered by the payer. If there are more than 1 then the user must be
> prompted to select the one they wish to use or the user may have configured
> the wallet to auto-select the one that will cost the least and then order
> by preference.
>
> Following these 4 steps we can now prompt the user to confirm the
> transaction and then proceed.
>
> Adrian
>
>
>
> On 23 June 2015 at 08:18, Mountie Lee <mountie@paygate.net> wrote:
>
> Hi.
>
> I have a question for usecase v1
>
>
>
> Discovery at Selection of Payment Instruments (
> http://www.w3.org/TR/2015/WD-web-payments-use-cases-20150416/#selection-of-payment-instruments
> )
>
>
>
> I'm not sure who discover
>
> maybe user will select payment instrument across the multiple wallets.
>
> but who discover the wallets?
>
> by mercahnt(payee)?
>
>
>
> regards
>
> mountie
>
>
>
>
>
> On Mon, Jun 22, 2015 at 11:28 AM, Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
> On 06/21/2015 12:08 PM, Mountie Lee wrote:
> > I found it at
> > https://www.w3.org/Payments/IG/wiki/Payment_Architecture_Priorities
>
> That link above was mostly an attempt at organizing the existing use
> cases into versions. I wouldn't suggest that anyone take it as anything
> more than an educated guess on how each use case we have today could be
> organized into versions.
>
> This is the final list of use cases for version 1:
>
>
> https://www.w3.org/Payments/IG/wiki/Main_Page/FTF_June2015/UseCasesForVersion1
>
> The only use case that was dropped from version 1 was the Credentials
> use case, primarily because there wasn't a belief that it was critical
> path for version 1.
>
> That said, the breakout session on use cases found that while
> Credentials wasn't critical path for version 1, that a Credentials WG
> should be created in parallel primarily due to  demand for a better way
> of doing KYC/AML across the financial industry. I think the feedback
> from the roundtable underscored this desire.
>
> The rest of the feedback will be integrated into the use case
> descriptions this week. For each use case, the roadmap will clarify if
> only a subset of a use case for version 1 is expected to be implemented
> (electronic receipts, for example, is only supposed to have very minimal
> support in version 1).
>
> Mountie, are you asking that we document /every/ use case that wasn't
> selected for version 1, or just the use cases that were considered and
> then removed for version 1?
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: Web Payments: The Architect, the Sage, and the Moral Voice
> https://manu.sporny.org/2015/payments-collaboration/
>
>
>
>
>
> --
>
> Mountie Lee
>
> PayGate
>
> CTO, CISSP
> Tel : +82 2 2140 2700
> E-Mail : mountie@paygate.net
>
>
>
>
>
>
>
> --
>
> Mountie Lee
>
> PayGate
>
> CTO, CISSP
> Tel : +82 2 2140 2700
> E-Mail : mountie@paygate.net
>
>
>
Received on Thursday, 25 June 2015 15:41:41 UTC