- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Tue, 22 Oct 2013 07:39:52 +0200
- To: Web Payments CG <public-webpayments@w3.org>, Mountie Lee <mountie@paygate.net>
Hi Mountie, May I continue providing some feedback on this topic? Firstly, I wouldn't call it an e-commerce standard because it only deals with payments. To me it looks as a web-based payment standard. Your proposal is similar to 3D Secure with one difference; in 3D secure the "Identity Provider" is actually a card issuer which does not vouch for your identity but that actually are the legitimate user (card holder) of the presented card. IMO, this is a very good concept because it permits all sort of [useful] tricks such as one-time PANs and anonymising the customer (from the merchant only NB). IMO, a new payment standard should: 1. Put us on a path where card numbers have no use unless augmented by a fresh card-related signature. That you can do purchases based on clear-text information on cards is a relic from the 70'ties. 2. Make it possible to do payments as convenient as in a shop but without using solutions (you know which...) where a "Password in the Cloud" is all it takes. 3. Offer some kind of query system so that merchant can "advertize" its payments options and the user can select (preferably locally) which compatible payment resource to use. Addressing the "NASCAR" phenomena. In the EU and probably in many other places as well, there are literally hundreds of local 3D-like schemes where you are directed to your bank during checkout and perform a direct payment operation. This is a way to keep transaction costs down since there is no third party involved. I consider my non-accepted proposal to WebCrypto as a realistic way of achieving these qualities. What I haven't done is specifying the exact protocols because that's indeed a payment standard. My suggestion has a much wider usage than that. I don't believe (FWIW) that the "Market" will bother with new payment standards until the web platforms become better. Well, for BitCoins maybe but that's IMO pretty far from mainstream. Could that be BitCoin's forte? Secure AND convenient payments, leaving the legacy payment world in the dust. Unfortunately, I believe the convenience with the "Password in the Cloud" will win which is why I concentrate on developing technology that can enhance the payment market by allowing a more distributed payment model while still keeping the precious core qualities intact! Something like SMS which wasn't designed for payments but since it was/is a good, generically useful technology it also became an important payment system. We can call it a bottom-up design :-) kr Anders Rundgren
Received on Tuesday, 22 October 2013 05:40:24 UTC