Re: Payment Tokenization Standards from Joseph Potvin on 2014-01-17 (public-webpayments@w3.org from January 2014)

From: Joseph Potvin <jpotvin@opman.ca>
Date: Fri, 17 Jan 2014 05:11:35 -0500
To: Web Payments CG <public-webpayments@w3.org>
Message-ID: <CAKcXiSqt6U+LrG8JYwcf1e4yBfaAnh4Zocus_NGYRziqFMRRTw@mail.gmail.com>

This follows from an Oct 2013 announcement. Here is the original Media
Release:
https://newsroom.mastercard.com/press-releases/mastercard-visa-and-american-express-propose-new-global-standard-to-make-online-and-mobile-shopping-simpler-and-safer/
http://about.americanexpress.com/news/pr/2013/mc-visa-amex-propose-new-global-standard.aspx

It states: "Over the coming weeks, the framework will also be presented to
other partners and independent industry bodies, such as The Clearing House,
PCI Security Standards Council and EMVCo, to align and further advance the
standard."

The link you provided is that the EMVCo Consortium
https://en.wikipedia.org/wiki/EMV has formally taken up the Oct request,
which will add "Payment Tokenization" to its list of standards:
https://en.wikipedia.org/wiki/EMV#List_of_EMV_documents_and_standards

Additional context:
http://www.mobilecommercedaily.com/visa-mastercard-amex-mobile-payments-power-play-faces-significant-challenges

Token standardization is news, even though tokenization is not:
http://en.wikipedia.org/wiki/Tokenization_%28data_security%29
But is it "open standardization"?

I have three thoughts for discussion:

1. Shouldn't "The Clearing House" and "PCI Security Standards Council" and
"EMVCo" be listed in the "Dependencies or Liaisons" section of our Charter?
http://www.mobilepaymentstoday.com/article/215665/The-Clearing-House-to-pilot-new-digital-payment-standard
https://en.wikipedia.org/wiki/Clearing_House_Interbank_Payments_System
https://www.pcisecuritystandards.org/organization_info/index.php
https://en.wikipedia.org/wiki/Payment_card_industry

2. Are BTC and XRP most correctly referred to as "payment tokens"?  If not,
in what aspect(s) are they different?

3. RE: "Tokens can be restricted in how they are used with a specific
merchant, device, transaction or category of transactions."  In addition to
providing transaction risk management, does this also effectively mean that
DRM will be applied to the tokens
https://en.wikipedia.org/wiki/Digital_rights_management  so that they
cannot be processes on independent systems (such as Payswarm)?

joseph potvin

On Fri, Jan 17, 2014 at 3:31 AM, Anders Rundgren <
anders.rundgren.net@gmail.com> wrote:

>
> http://www.paymentsnews.com/2014/01/emvco-to-work-on-payment-tokenization-standards.html
>
> A bit late IMO, but why not?
>
> Cheers,
> Anders
>
>

-- 
Joseph Potvin
Operations Manager | Gestionnaire des opérations
The Opman Company | La compagnie Opman
http://www.projectmanagementhotel.com/projects/opman-portfolio
jpotvin@opman.ca
Mobile: 819-593-5983
LinkedIn (Google short URL): http://goo.gl/Ssp56

Received on Friday, 17 January 2014 10:12:23 UTC