TPAC 2013 Web Payments Workshop Minutes for 2013-11-13

Thanks to Christian Fuhrhop for scribing today! The minutes for the
TPAC 2013 Web Payments Workshop are now available here:

https://payswarm.com/minutes/2013-11-13-workshop/

Full text of the discussion follows for archival purposes at the W3C.
No audio of the meeting is available.

--------------

TPAC 2013 Web Payments Workshop Minutes for 2013-11-13

Agenda:
   http://www.w3.org/wiki/TPAC2013/session-web-payments
Topics:
   1. Introduction
   2. Plan for Workshop
   3. Open Discussion / Debate
Chair:
   Manu Sporny
Scribe:
   Christian Fuhrhop
Present:
   Christian Fuhrhop, Manu Sporny, Virginie Galindo, Daniel Austin,
   Michael Hutchinson, Mountie Lee, Mete Balci, David Ezell
Audio:
   None

Christian Fuhrhop is scribing.
You can find out more about this session here:
   http://www.w3.org/wiki/TPAC2013/session-web-payments
The session start will be at 14:05 to make sure people can make
   it from the dining hall to here.
Manu asks for introductions of all participants while we're
   waiting.
Introductions done, 21 participants with a few more trickling in.
   There is a mix of electronics manufacturers (Toshiba, Samsung,
   LG, Nokia), payment processors (PayPal, PayGate, Positron),
   mobile operators (Telefonica, Orange),
   television/broadcasters/media companies (TBS, WOWOW), and
   security companies (Gemalto)
Outline for the break-out session is 15 minutes introduction, 45
   minutes planned for discussion

Topic: Introduction

Manu Sporny:  Here's the introductory slide deck:
   https://payswarm.com/slides/2013/w3ctpac-web-payments/
Manu Sporny:  Elevator pitch for Web Payments - payments should
   be in the core architecture of the Web.
Manu Sporny:  Aim is one click payment across every single web
   site,
Manu Sporny:  That's the high level, but that's a lot of
   handwaving involved, so we need to go into the tricky details as
   well.
Manu Sporny:  The Web Payments CG does lots of development around
   payments/security/identity.
Manu Sporny:  All needed for open payment standard on the web.
Manu Sporny:  In general, traditional financial architecture does
   not scale well to the web.
Manu Sporny:  Proprietary, slow, insecure, hostile to innovation.
Manu Sporny:  Most payment today built on 1970's technology -
   credit cards, bank transfer.
Manu Sporny:  Real problem - financial sector does not understand
   the web.
Manu Sporny:  Don't have the expertise to really address the
   problem, even though it is core business for them.
Manu Sporny:  All systems are still dependent on arcane
   underlying banking architecture.
Manu Sporny:  Goal: Browser native payments.
Manu Sporny:  With W3C principles - open, patent and royalty-free
Manu Sporny:  PaySwarm as example, not a destination, but a
   starting point for the work. The expectation is that everyone
   here will rip it apart and come up with something better. Let's
   take a look at the sorts of things we want out of a Web-based
   payment solution.
Manu Sporny:  Decentralized identity, cryptography-based, deep
   identity data, fraud-resistant
Manu Sporny:  Also things like age verification or proof of
   nationality.
Manu Sporny:  Close to 100 billion dollars 'worth' of fraud.
   Fraud-resistant is important.
Manu Sporny:  Payment information (item price, currency) should
   be handled
Manu Sporny:  Use of digitally signed receipts
Manu Sporny:  including product information
Manu Sporny:  Should be machine readable and portable
Manu Sporny:  payment processor agnostic
Manu Sporny:  Example implementation in PaySwarm and FirefoxOS
Manu Sporny:  Other companies have their own implementations as
   well that solve bits and pieces of these problems.
Manu Sporny:  We currently involve technology companies, finance,
   governments
Manu Sporny:  Government interested because of international
   purchases tax issues
Manu Sporny:  Workshop planned in Paris on 24th/25th of March
Manu Sporny:  Goal of the workshop is to identify basic problems.

Topic: Plan for Workshop

When will the Call for Papers be published?
Manu Sporny: Hopefully by the end of the month, it'll probably
   only be a call for position statements with those that want to
   present having papers.
Manu Sporny:  Creating a flexible architecture at the workshop
   would be a welcome bonus.
Manu Sporny:  But more likely will be shifted to a follow-up
   workshop three months later.
Slides on the web, linked from the web page - see earlier link in
   minutes.
manu presents list of suggested topics from here:
   http://www.w3.org/wiki/TPAC2013/session-web-payments
Virginie Galindo:  Difficult to comment as the presentation
   refered to known solution that many here do not know in detail.
Manu Sporny:  Trying to avoid the "Where do you start?" problem,
   what's presented is just a starting point.
Manu Sporny:  So there has been an initial  suggestion made by a
   fairly small group, we need all of you to refine it, tear it
   apart, replace it, etc.
Manu Sporny:  Lots of players who don't want to standardize need
   to be considered by the group.
Manu Sporny:  Need to do well defined areas of where proprietary
   solutions might be required,
Manu Sporny:  even though the approach is generally frowned upon
   by W3C.
Manu Sporny:  Also currently missing are issues like ripple and
   bitcoin topics, detailed identity solution, crowdfunding
   solutions, how this integrates w/ Secure Element API or NFC API,
   etc.
Manu Sporny:  Existing elements that can be used almost right out
   of the box: RDFa 1,1, JSON-LD, HTTP Signatures... they're already
   standards or are going to be standards very soon.
Manu Sporny:  Just core architecture, co-used with many other web
   aspects,

Topic: Open Discussion / Debate

Daniel Austin:  Hi, Daniel Austen from eBay / PayPal.
Daniel Austin:  I don't think Paypal is the problem.
Manu Sporny: To clarify, I didn't say they were the problem. I
   said that PayPal depends on problematic old and proprietary
   banking architecture and it harms their ability to innovate.
Daniel Austin:  I want to talk about things we would want and not
   want.
Daniel Austin:  We want a level playing field for everyone, an
   equal standard
Daniel Austin:  No discrimination by the browser vendors.
Daniel Austin:  Our web payment vision is much larger. Large
   intersection between payment and offline/retail payments.
Daniel Austin:  Payment on automobiles, vending machines,
   in-flight entertainment system, payments throughout commercial
   organization
Daniel Austin:  Scaling across device technologies needed.
Daniel Austin:  Scale with payment size. There are limits on
   smallness of payments due to fixed transaction fees.
Daniel Austin:  Also need to be able to handle large
   transactions, also across national boundaries... cross-border
   payments.
Daniel Austin:  Apple is a system of en proprietary system,
   anything that doesn't work with them is a non-starter. Similar
   for Samsung or LG.
Daniel Austin:  We want to use existing security and identity
   specs and initiatives. (example OAuth)
Daniel Austin:  Also FIDO Alliance for identification
Manu Sporny:  Most of the vision for Web Payments matches the
   vision you outlined. I don't see any large conflicts at this
   time, which is good.
Virginie Galindo:  How to provision special information to find
   the right processor/institution from the point of the user? How
   does the browser know which payment processor to contact?
Virginie Galindo:  Also what is the business model, who are the
   actors?
Manu Sporny:  Ultimately, there will be friction, as there will
   be browser involvement, but the hooks involved shouldn't give the
   browser vendors undue advantages.
Manu Sporny:  Ideally the browser would understand which payment
   processor you want to use.
Manu Sporny:  If we want to be able to smooth it out, the user
   presses the button and the payment standard figures the payment
   processor out based on user selection (which is cached)
Manu Sporny:  For now the solution is JavaScript and the Mozilla
   Persona Approach, based on local storage and centralized system
   that is designed to go decentralized ASAP.
Manu Sporny:  Currently it's a stop-gap approach, need to see in
   mid-range what else comes up.
Daniel Austin:  Contact between user and us is mediated by the
   browser. That is not acceptable to PayPal.
Daniel Austin:  Data from transaction is valuable and we would
   miss out of that.
Daniel Austin:  Mozilla could sell transaction data to MasterCard
   while we get charged extra as we can't pass the info on.
Manu Sporny:  That's not what I said. I was talking about
   selection box for payment processor - similar like user selection
   of search provider, but without a default. Let me re-iterate that
   we don't want to do something that gives undue advantage to any
   player in this environment. We are not disintermediating PayPal
   by giving the browser the ability to route around PayPal. It is
   the customer's decision on which payment provider they want to
   use.
Manu Sporny:  What do we need to make the process smooth without
   overstepping? That's a question that we need to constantly ask
   ourselves as we develop this technology.
Daniel Austin:  Unsecured POS system would probably not work for
   us.
Manu Sporny: To be clear, an unsecured POS-like system is
   typically how most of the credit card transactions are processed
   today, so it's unclear to me what we mean by "unsecured POS".
Michael Hutchinson:  Do you have a table where the gaps in the
   specs are?
Manu Sporny:  Unfortunately, nothing detailed. However, we have
   something very basic (on the wiki page listed above).
Michael Hutchinson:  If there are gaps, how do you have a full
   workable solution?
Manu Sporny:  Some open source implementations work or parts were
   written by us, but the specs trail the implementations in some
   areas.
Michael Hutchinson:  Which is not unusual (actually pretty
   standard) in W3C.
Mountie Lee: I'd like to talk a bit more about my proposal for an
   ecommerce interoperability standard:
   http://www.w3.org/wiki/Electronic_Commerce_Interoperability_Standard
Mountie Lee:  Needed for interoperation with(in?) micropayment
   groups.
Mountie Lee:  Many small providers have issues in initiating
   payment.
Mountie Lee:  Current service providers need standards for
   interoperation.
Mountie Lee:  Do not touch existing benefits of players.
Manu Sporny:  We don't have enough time to go through your
   document right now, but I did personally read it when you sent it
   out to the mailing list. There is lots of overlap with what the
   group wants and some of the technologies that we've already
   developed.
Manu Sporny:  So, you've come to the right place. The right place
   to discuss your proposal is here, in the Web Payments group.
Mete Balci:  Hard for me to understand what we are trying to work
   on, it seems like the problem space is too big.
Mete Balci:  Talking about standardizing service provider to
   payment processor, payment processor to bank, bank to bank, user
   interface
Mete Balci:  And bitcoin is in list. Are we talking of it as a
   different currency or a different money model?
Mete Balci:  We need clear boundaries to be able to go forward.
Mete Balci:  Regarding question about business model - not sure
   how much that needs to be integrated into spec.
Mete Balci:  Suggest something more related to Mounties request.
   Want to be able to add apple/telco/banks interfaces easily.
Mete Balci:  That is more practical to do now.
Manu Sporny:  Yes, you're absolutely right. We need to be careful
   about the scope - make sure not to overscope the group. We'll
   fail if we take too many things on. Part of the problem is that
   for payments to work well on the Web, lots of missing pieces need
   to be there.
Manu Sporny:  We need a very narrow scope in the beginning. Have
   to be careful on what to pick. That's the purpose of the upcoming
   workshops. We need to make sure to identify the problem areas and
   then identify which ones we're going to try to address.
Manu Sporny:  Task of the workshop - identify problems, narrow
   down the scope.
Manu Sporny:  We need to get buy-in from members on a scope that
   seems plausible.
Manu Sporny:  We won't know until the end of the workshop. But we
   will surely fail if we try everything as once.
David Ezell:  Hi, I'm from the National Association of
   Convenience Stores. Payment interchange is a big problem for us.
David Ezell:  Things to think about: Lot of interesting ideas
   killed by the banks already, as they make good money with current
   model. If you scare them, they'll crush this work through
   litigation.
David Ezell:  Steep slope we need to ascend.
David Ezell:  Get banking groups involved. How do we do the
   direct marketing to the consumer?
David Ezell:  Popular with consumers since merchants take up the
   bill, thus easy to sell to consumers.
David Ezell:  Traditionally there is a difference between
   personal device and using these to handle other people's money.
David Ezell:  Today changing one line of C-Code in payment app is
   a $4,000,000 bill in recertification effort.
Manu Sporny:  Great questions. We are actively talking with the
   banks and (in general) they see this as an opportunity. However,
   many of your other questions, we haven't raised that in the
   group, since retailers have hardly been involved to date.
Manu Sporny:  So, I'm glad you showed up because we need more
   input from the retail community. Ok, we're out of time.
Manu Sporny:  Thanks for the great discussion today, we look
   forward to seeing all 25 of you at the Web Payments workshop in
   Paris in late March 2014!

Received on Wednesday, 13 November 2013 18:53:46 UTC