2013 Web Payments - Ecosystem

From W3C Wiki

This page is intended as a top level characterization of the ecosystem for payments as it relates to the requirements for realizing open standards for web payments. The assumption is that any standard defined by W3C would be layered on top of existing (or new) payment solutions and decoupled as far as practical from the details of each such solution.

Main types of payment

Proximity

For example, payments in a store through a point of sales terminal, or payment for a metro ticket at a station kiosk. NFC payments offer a convenient user experience for this, but an alternative is for the phone to display a QR Code that is scanned by the point of sales terminal, as is the case with the Starbucks mobile app for their card account holders. Users may want to select the exact means of payment according to their preferences. For example, imagine your phone supports a virtual wallet with a range of cards. On the London Underground you might prefer to use your Oyster card rather than your Barclaycard. Proximity payments should not require your device to be online as there are use cases where that would be impractical, e.g. paying for a taxi in a remote area with poor mobile coverage.

An online point of sales terminal (POS) may need to be online to perform a transaction, but even where this isn't needed, it can offer greater flexibility when it comes to dealing with larger payments, or payments that involve third parties as a means to bridge gaps, e.g. for a tourist visiting a store in a foreign country.

There is emerging interest in using Web technologies in point of sales terminals as a means to reduce costs. There are also opportunities for two screen solutions where information is presented on both the user's phone and on the point of sales terminal. This could relate to the use of prepaid vouchers or discount coupons. Does the user want to make use of these to reduce the net payment in the current transaction? Does the store want to inform the user that he or she is being given discount coupons for future use? A further possibility is to support paper coupons (e.g. with QR codes) that are scanned as part of the transaction.

Prepaid cards provide a convenient alternative to cash. These can be specific to a particular store e.g. Starbucks card or general purpose e.g. Virgin Money PAYG, which is backed by VISA. Such cards don't require a bank account or a strong credit rating, and as such can be used by the "unbanked", i.e. the majority of people in the developing world, or the poor in the developed world. Virgin Money state that this card can be used as you would a credit card wherever VISA is accepted, and provides an alternative to travellers' cheques when travelling abroad.

Remote

Examples include paying a bill online, topping up a prepaid mobile phone account, or transferring money to another person who isn't currently present. In the developing world, where many people don't have bank accounts, systems for remote payments have evolved around the use of general purpose prepaid cards and mobile payments. General purpose prepaid cards can be used for online payments is the same way as credit cards, and a current trend is for governments to use such cards as a means for making benefits payments to citizens. Mobile payments enable migrant workers living away from home to send remittances back to their families. One such system is M-Pesa which allows users with a national ID card or passport to deposit, withdraw, and transfer money easily with a mobile device, whilst avoiding the need for visiting a bank. According to wikipedia, the service enables its users to:

  • Deposit and withdraw money
  • Transfer money to other users and non-users
  • Pay bills
  • Purchase airtime
  • Transfer money between the service and a bank account (in some markets)

Peer to Peer

This includes person to person payments where both parties are physically present. In principle, it should be as simple a user experience as it is to hand someone some cash. This raises challenges to avoid double spending, and to ensure that the "money" transferred is directly usable by the recipient for further transactions without needing to be online. One approach to realizing this involves a secure element that acts as a local wallet for a specific payment system. This can be topped up and drawn down as needed. Such payment systems tend to be limited to specific contexts, but in principle, can be coupled to other payment systems when you are able to go online.

Another approach is a form of virtual cheque that has to be paid in before its value can be redeemed. A digital signature replaces the handwritten personal signature. This may necessitate additional mechanisms for authenticating the person "writing" the cheque, for example, the virtual cheque could be written by a secure element that checks that you are present via a biometric test such as a finger print scan, or by requiring you to input a PIN. The bank underwriting the cheques would issue account holders with a virtual chequebook. This would be invoked from the web payment API in the same way as other payment solutions.

Major Ecosystem Players

Please add and revise as appropriate:

National Governments

These define the statutes controlling payments within their jurisdictions. Some of the topics effected include taxation, cross border flows, and the prevention of money laundering.

National Banks

These underwrite the national currencies and set base rates, e.g. the Bank of England for Pound Sterling.

Banks

These provide account services for consumers and businesses.

Mobile Network Carriers

Network operators can use their billing services as a basis for supporting payments and funds transfers.

Inter-Bank Transfers

This is largely drawn from wikipedia and needs scrutiny!

Some examples of players include:

  • The Society for Worldwide Interbank Financial Telecommunications (SWIFT) provides support for secure messaging as a basis for interbank settlements.
  • Fedwire provides a real-time gross settlement funds transfer system operated by the United States Federal Reserve Banks.
  • The Clearing House Interbank Payments System (CHIPS) is the main privately held clearing house for large-value transactions in the United States
  • The Electronic Payments Network (EPN) is an electronic automated clearing house (ACH) that provides functions similar to those provided by Federal Reserve Banks. The Electronic Payments Network is the only private-sector ACH operator in the United States.

Credit Card Associations

e.g VISA and MasterCard

Online Payment Services

As an alternative to managing credit card payments themselves, websites may find it convenient to work with a third party that does this on their behalf. Users are redirected from the merchant's website to the payment provider's site where the user can enter credit card details etc. and confirm the payment. They are then redirected back to the merchant's site along with a proof of payment. One example is WorldPay. Another example is PayPal, which allows any business or individual with an email address to securely, conveniently and cost-effectively send and receive payments online.

Secure Hardware Vendors

These include companies like Gemalto and Giesecke & Devrient who provide secure hardware and software for embedded and end to end digital security solutions. This is applicable to implementing digital wallets, strong authentication and to securing payment protocols. A web payment API could indirectly invoke the services of secure elements via the browser or web run-time.