- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Tue, 28 Oct 2014 15:25:28 +0100
- To: Adrian Hope-Bailie <adrian@hopebailie.com>
- CC: Web Payments CG <public-webpayments@w3.org>, "public-webpayments-comments@w3.org" <public-webpayments-comments@w3.org>
On 2014-10-28 12:32, Adrian Hope-Bailie wrote: > As far as I understand the distinction: > Credit push involves the account holder instructing their FI to push funds to the receiver. > Debit pull (cards) is the receiver requesting the FI to debit the funds from the payer's account and pulling them into their own. I see. > > In terms of using the merchant as the transport for a push message; I guess it would qualify as push if the merchant has no way of adjusting the message sent by the payer to their FI. The PaymentToken (together with the other data) in step #8 represents a promise (I Owe You). The actual transaction may in some cases be lower than the request like for unmanned gas station payments where you need to pre-authorize a certain amount to start the pump. The authorization is push(y) but the transaction would still be pull. > > The biggest challenge with push is dealing with offline transactions where the payer needs to somehow pass a token or similar to the merchant that is: > a) single-use/can't be spent twice > b) can be verified by the payee > > Allowing the merchant/payee to act as a transport means you can transact when the payer is offline but not the payee so solves half the problem. Well, my "only" ambition was creating a web-based counter-part to chip-card payments in brick-and-mortar shops. I believe the ability to deal with hundreds of thousands banks is one of the core issues. The WebPayment CG have (IMO) underestimated the difficulties here. Anders > > On 28 October 2014 11:34, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote: > > Adrian, > Isn't the WebCrypto++ Payment Demo actually a push-payment system? > > That it pushes *through* the merchant is because this is technically > sounder solution than using the client as "networker". > > http://webpki.org/papers/PKI/EMV-Tokenization-SET-3DSecure-WebCryptoPlusPlus-combo.pdf#page=4 > > Anders > >
Received on Tuesday, 28 October 2014 14:26:12 UTC