Re: Limitations of "Push" payment schemes

Only if there is multiple factors of Authentication, Authorization, and
Identification.


Practice: But in practice push is rarely used. low adoption, so of
course there is less fraud.


Good quote about this: "In theory, practice and theory are the same.  In
practice, they are not."

Erik Anderson
Bloomberg

On Fri, Aug 26, 2016, at 01:15 AM, Anders Rundgren wrote:
> Dear All,
> 
> When I first begin looking into payments I (without really thinking too
> much about it), came up with a "Push" payment system. Push indeed has
> certain undeniable qualities like not exposing customer data to merchants
> as well as supporting bank-specific authentication methods.
> 
> However, if the goal is supporting a wider range of payment scenarios,
> "Push" doesn't seem to be the optimal approach.  So far I have identified
> the following disadvantages:
> 
> - Considerably more complex "Wallets" which have to deal with two
> independent but cooperating channels and unspecified user-authentication
> will most likely lead to each bank rolling their own
> 
> - Incompatible with automated gas stations, subscriptions, bookings etc.
> which all depend on some kind of "pull" method
> 
> - Adds dependency on Internet connectivity also for local payments
> 
> It is also worth keeping in mind that "pull" payments is the de-facto
> standard for local card-payments so it obviously works.
> 
> Anders Rundgren
> Principal, WebPKI.org
> 
> 

Received on Friday, 26 August 2016 19:32:19 UTC