08:06:07 RRSAgent has joined #w3cpayment 08:06:07 logging to http://www.w3.org/2014/03/24-w3cpayment-irc 08:06:12 Zakim has joined #w3cpayment 08:06:25 Meeting: Web Payments Workshop 08:06:25 wonsuk has joined #W3CPAYMENT 08:06:29 chaals has joined #w3cpayment 08:06:35 Date: 24 March, 2014 08:06:50 rrsagent, draft minutes 08:06:50 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html chaals 08:07:04 NeilMJ has joined #W3Cpayment 08:07:14 rrsagent, make log public 08:07:15 lesellier has joined #w3cpayment 08:07:27 kumar has joined #w3cpayment 08:07:31 Welcomes from Stephane Boyera, Virgine Galindo (Gemalto) and @@, Ingenico 08:07:40 m4nu has joined #W3Cpayment 08:07:43 skddc has joined #W3Cpayment 08:07:49 HannesTschofenig has joined #W3CPAYMENT 08:07:52 Chair: DKA 08:07:56 mauro has joined #w3cpayment 08:08:06 Bmathis has joined #W3Cpayment 08:08:07 more glazou https://pbs.twimg.com/media/Bjek-PyIEAAiwzr.jpg:large 08:08:14 Topic: Introduction by Jeff Jaffe at W3C 08:08:15 Present+ chaals 08:08:18 scribe: m4nu 08:08:20 Torlus has joined #w3cpayment 08:08:37 Jeff: The W3C was founded by the invetor of the WWW, Tim Berners-Lee. 08:08:39 Present+ Manu, StephB 08:08:54 Jeff: Earlier this month, we celebrated the 20th anniversary of the WWW. 08:08:54 Present+ Wonsuk, Jungkee 08:09:05 gmandyam has joined #W3Cpayment 08:09:05 s/20th/25th/ 08:09:11 Jeff: We have a very simple, mission statement - lead the web to it's full potential. 08:09:17 Present+ Mauro 08:09:33 Present+ EvgenyVinogradov 08:09:33 hi everybody 08:09:39 Jeff: We have a pretty good track record of that. We're a member-based organization. We have govts, startups, technology companies, non profits, close to 400 members. 08:09:51 s/hi everybody// 08:09:54 dsr has joined #W3CPAYMENT 08:10:07 hi all 08:10:07 Jeff: Large commercial companies. The community that we have are the entire users of the WWW, we're shooting for entire planet. 08:10:19 s/hi all// 08:10:28 ? 08:10:34 s/?// 08:10:43 Jeff: For technical standards, we're larger than most technical standards - 70 people spread around the world, we want architectural coherance for the Web. 08:10:48 hehe, ok 08:10:55 Jeff: Outputs we produce are available to everyone. 08:10:59 s/hehe, ok// 08:11:03 chaals: why? is that for auto note taking? 08:11:23 Jeff: UbiWeb - ubiquitous Web, We work on Web accessibility. 08:11:36 kodonog has joined #w3cpayment 08:11:39 s/chaals: why? is that for auto note taking?// 08:11:39 Jeff: No one from disabilities should be prevented from using the Web. 08:11:42 mdadas has joined #w3cpayment 08:11:48 Jeff: Information and Knowledge focuses on data. 08:11:56 jameslei has joined #W3Cpayment 08:12:10 Jeff: Each piece of technology gets created in a WG. Most of the work is done by engineers from member organizations, sometimes we have invited experts from outside. 08:12:24 rrsagent, draft minutes 08:12:24 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html chaals 08:12:31 Jeff: We work w/ Internet Engineering Task Force, we interface w/ who we need to. 08:12:48 bryan has joined #W3Cpayment 08:13:12 Jeff: We have a royalty-free patent policy. When Tim invented the Web, he made it available to the world. If you have an invention that belongs in the core of the Web, and you have a patent, that should be available on a royalty-free basis. 08:13:34 Jeff: Some of you may be familiar w/ de-jure standards. We have a fast-path track for DeJure international standards. 08:13:58 Jeff: As the Web has become more important, large companies have been joining. 08:14:29 Jeff: We also have been trying to get smaller companies in. There is a new track of work - once community decides that something needs to be a Web Standard, we did a good job. 08:14:39 Jeff: However, we didn't do well in pre-standardization work. 08:15:23 Jeff: So, innovators would get together to do pre-standardization work. So, we created a new track called Community Groups. It made pre-standardization work easier. Sometimes CGs are discussion groups. 08:15:36 Jeff: We have around 170 CGs, close to 4,000 engineers working in these groups. 08:15:42 jrml has joined #w3cpayment 08:16:18 Jeff: We are working on the "Open Web Platform", lots of people doing work, but at the end of the day it all has to come together. We use "open web platform" to differentiate the open web from the web of 25 years ago. 08:16:49 Jeff: In 25 years, the Web has become much more. Increasingly, the Web is not the end result, it's a platform for other applications to build on top of it. 08:16:56 prakash has joined #w3cpayment 08:17:15 glazou: close to the number of prrson in the amphi 08:17:41 Jeff: The platform for building distributed applications - it's very interactive. It's characterized by Rich Interactive Media. The content was exciting, but it was fairly static. Now web pages are exciting (lots of great fonts, media, images, etc.) 08:17:58 Jeff: We're working on HTML5 and CSS3 now, two hallmarks of W3C standardization work. 08:18:04 s/glazou: close to the number of prrson in the amphi// 08:18:23 Jeff: The span of devices implementing the Web has been expanding. In last 10 years, we've successfuly moved the Web to the smartphone, it's a design point for the Web. 08:18:42 Jeff: Web and automotive is new work we're doing. So is mobile. 08:18:47 present+ prakash, VirginieG, JeffJaffe, WendySeltzer 08:18:50 Jeff: Web technology runs most everywhere, 08:19:03 Jeff: Secure Web Platform - it's important that we keep innovating. 08:19:17 s/ invetor/inventor/ 08:19:54 Jeff: New industries that are affected - mobile, entertainment, gaming, healthcare, digital publishing, all are increasingly getting affected. 08:19:57 dka has joined #w3cpayment 08:20:21 virginie has joined #w3cpayment 08:20:23 Jeff: Digital publishing is interesting, we've been publishing for a while now. Mass distribution on a global scale, everyone is an author. Very different from highly selective publishing houses. 08:20:57 Jeff: Web lacked quality of publishing for a long time. Font selection, styling, you couldn't do any of that. However, today we're in a situation we know how to achieve all of that technically. 08:21:15 prakash has joined #W3Cpayment 08:21:28 Jeff: As publishing was changed after Web, so do other industries. 08:21:47 Jeff: With the Web Payments workshop, we're launching what could be a more fundamental transformation. It'll be impactful, now sure how it'll turn out. 08:22:00 Jeff: Lots of stuff is bought on the Web :) 08:22:14 Jeff: Payments for mobile devices are increasing, searching for new ways of providing payments on the Web. 08:22:40 Jeff: If the Open Web Platform has been successful, to be the reference standard for what gets done in those industries, let's explore how the Web affects payments. 08:22:54 Jeff: We wouldn't be exploring this if payments were simple. 08:23:10 Jeff: For most people, it's bewildering to do payments on the Web (to pay for things). 08:23:22 Jeff: To set something up the first time, it's difficult. 08:23:45 phariramani has joined #W3Cpayment 08:23:47 Jeff: We have cryptocurrencies coming up, it's part of the whole picture. The complexity of the ecosystem is something we're going to be focusing on. 08:23:48 ThomasPicard_ALU has joined #W3CPayment 08:24:11 Jeff: merchants are a part of the picture. When you want to set yourself up on the Web, you have to figure out how you're going to get payments accessible to your customers. 08:24:27 jeff: With Web Applications, the number of people that are trying to monetize things on the Web is growing exponentially. 08:24:33 With web applications, number of people who are trying to navigate the web has increased substantially 08:24:37 Axel has joined #w3cpayment 08:24:42 Jeff: I want to do a one-off purchase, it's not easy. 08:25:17 Jeff: A regular Amazon user has no problem, but we want a frictionless approach where anyone can buy from anyone in an easy fashion. The user experience should be simple. Not tons of passwords for each site that I frequent. 08:25:33 Jeff: High levels of fraud, the overall security of the system - it's not great. We all worry that one day it's going to get worse. 08:25:35 Lack of standardization = Poor and variable user experience across sites and across payment systems 08:25:44 Jeff: Is it really secure enough? 08:25:48 Jeff: payments should be easy 08:26:22 jeff: People should be able to pay how they want to. If I have a smartphone, or tablet - I'd like a single "wallet" and do things consistently among devices. 08:26:31 Jeff: Transparency is important -transaction fees should be clear. 08:26:54 jeff: How does this get done technically? Unsure, that's why we're having this workshop. 08:27:05 we need link for current presentation of Jeffe 08:27:07 Tim has joined #W3CPayment 08:27:11 Jeff: We're going to figure out where to do standardization. Maybe this happens at W3C, maybe somewhere else. 08:27:25 s/we need link for current presentation of Jeffe// 08:27:26 Jeff: What to standardize is a very delicate choice. 08:28:03 Jeff: We have the open web platform, having a clean way of getting a request for payments, proof of payments is standardization candidate. 08:28:18 Jeff: having a standard interface between browser/wallet is a good standardization candidate. 08:28:36 Jeff: Interfacing w/ external payment providers is important. 08:28:44 Present+ thisNatasha 08:29:01 Present+ BryanSullivan 08:29:07 Jeff: Being abe to select payment mechanism is important... we need tomanaage this complexity. 08:29:22 rrsagent, draft minutes 08:29:22 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html chaals 08:29:43 Jeff: Users should have greater choices, more choices, more consistency. There is enough automation/verification that merchants should be able to trust customers. 08:30:18 Present+ JorgHeuer, MarieClaire 08:30:46 Jeff: W3C is a consensus organization, we bring stakeholders together. We bring them together to try and figure out the best way to address some of these issues. 08:30:54 s/abe/able/ 08:31:03 Jeff: The Web is a global mechanism, we need things to work across borders. We want an open and level playing field. 08:31:27 Jeff: When we start to look at a complex problem, we fail if we try to solve the entire problem at once. 08:31:33 Jeff: So, what's the lowest hanging fruit. 08:31:43 s/tomanaage/to manage/ 08:31:46 Jeff: What makes a workshop successful - enter it w/ a spirit of openness. 08:32:15 Jeff: There are many things related to technology and payments - we're focused on technology issues and enablement. Standards are a human activity. 08:32:16 s/ theinventor/ the inventor/ 08:32:31 Jeff: Let's start talking and seeking consensus. 08:32:46 i/Date/-> http://www.w3.org/2013/10/payments/agenda Agenda 08:33:42 Topic: Introduction from Worldline 08:33:56 Alexander Gee takes the stage. 08:34:04 -> http://wendy.seltzer.org/media/webpay.jpg Piggy bank 08:34:08 vsointu has joined #w3cpayment 08:34:11 Alexander: I've been doing payments since 2008. 08:34:45 Alexander: We welcome what's being done here. Anything that makes payment on the Web better, we'd welcome anything that would expect the single market from the EU. 08:34:45 andym has joined #w3cpayment 08:34:56 s/Introduction from Worldline/EU Work on Payments: DG Competition 08:35:01 Alexander: What I'd like to do now is simply go through - explain what we're doing. 08:35:21 Alexander: My slides are detailed, so I'll skip through slides relatively quickly. 08:35:41 rrsagent, draft minutes 08:35:41 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html wseltzer 08:35:58 Alexander: Payments in EU - epayments are largely card based. As far as Eu is concerned, payments is 1% of GDP 08:36:06 jeff has joined #w3cpayment 08:36:06 Alexander: It's 25% of bank revenues. 08:36:44 Alexander: card transactions have grown from 7.4% to 17.4% - price for accepting card payments is not reflecting scale and increased efficiency. 08:37:05 Alexander: DG Competition has focused on interchange fees. This is one of the biggest barriers to competition in payments market. 08:37:56 Alexander: We have been embroiled in a legal debate for years. MasterCard has said they'd move interchange fees down 0.2% to 0.3%. They're around 1% right now. 08:38:10 Alexander: Visa says they'll match Mastercard's fees. 08:38:37 Alexander: Lower fees - markets segmented between national markets. 08:38:38 curtis has joined #w3cpayment 08:38:44 dezell has joined #w3cpayment 08:38:59 Alexander: We are now continuing w/ cases against MasterCard and Visa - regarding international payments. 08:39:49 Alexander: with interchange fees at this level, merchant is indifferent on getting paid w/ cash vs. card. We don't have enough info on what a good comparator is for epayments. 08:40:17 Alexander: Direct debits of credit transfers would be good. Offline figures would be good. 08:40:33 Angie has joined #w3cpayment 08:40:46 Alexander: We've carried out a detailed study - 0.2% or 0.3% seems reasonable. 08:41:44 Alexander: Normal standardization is pro-competitive, but we've found that major players have banded together to create an exclusionary effect on non-bank epayment mechanisms. 08:42:20 Alexander: In Netherlands, more internet-based payments are made than card-based ones. 08:42:51 Alexander: Non-bank players were excluded - the way standardization was being done - it was exclusionary. 08:43:16 Present+ darobin 08:43:20 Alexander: We tried to work w/ European Payments Council . 08:43:39 damdam41 has joined #w3cpayment 08:44:08 Alexander: Interchange fees are a way to pass fees onto customers in a way that they can't see them. 08:45:01 Anaethelion has joined #W3Cpayment 08:45:20 Alexander: New entrants to innovation - atms / internet banking, paypal, payfair, monnet, ideal and Mybank, sofort. 08:45:49 Alexander: Paypal is more expensive than card payments 08:45:52 Alexander: From our point of view, Paypal is expensive - more expensive than card payments. It's a closed system. You have to establish a new account w them. 08:46:26 payfair : http://www.payfair.eu/ 08:46:43 Alexander: Monnet replaced national schemes, but it failed, they were willing to offer 0.2%-0.3%, they wanted to match fees elsehewre in EU (not in France) 08:46:57 present+ tobie 08:46:59 Alexander: If they didn't do these higher fees, they were taking much more risk. 08:47:26 Alexander: Systems in Italy - click directly on bank via credit transfer. 08:48:26 Alexander: Recently proposed regulation - we want to create a level playing field - it can't be done by competition enforcement. 08:48:39 Alexander: it cannot act very fast - mastercard case took 7 years. 08:48:49 Alexander: competition enforcement cannot act fast//last mover advantage 08:48:52 Alexander: So, we want to create a legal base for non-banks - third party providers. 08:49:21 Alexander: So, here's the proposal: 08:49:31 Alexander: Promote consumer welfare - reduce excessive fees. 08:49:34 Alexander: Increase choice 08:49:49 Alexander: Promote competition, efficiences should be passed on to consumers. 08:50:09 Alexander: We want to reduce barriers for competition and increase transparency, reduce barriers to entry. 08:50:37 Alexander: Reducing interchange fees - Monnet and PayFair - they cannot enter the market because banks are expecting a similar revenue. 08:51:00 Alexander: Banks are keen to have more expensive card payments schemes, so we need to work on that. 08:51:24 Alexander: the commission proposes - regulate the fees of "Must take" cards - 4 party schemes, consumer visa/mastercard card. 08:51:36 Alexander: National schemes are ??? 08:51:50 Alexander: Immediately cap the fees for cross-border transactions. 08:52:08 Alexander: Promote the idea of a single market - 2 years delay on national/domestic transactions. 08:52:35 Alexander: More effectively functioning cards market - 08:52:45 Alexander: What we can do: 08:52:58 Aleander: Allow merchants to refuse cards, ... (missed) 08:53:38 Alexander: Provide a legal base for 3rd party providers - supervise licensing, make sure their presence in the market is secure - supervised/licensed, identify themselves, limit access to minimum necessary. 08:53:51 scribe missed slide 13 08:54:19 Alexander: No strong confidential data, need strong authentication. 08:54:28 State of play regarding proposal. 08:54:55 Alexander: EU Parliment voted in 20 Feb 2014. MIF caps after 1 year, 7 cent max debit fee 08:55:05 Alexander: Caps should also cover commercial cards. 08:55:20 Alexander: Cross-border acquiring at rate of aqurers country. 08:55:53 s/aqurers/acquirer's/ 08:55:53 Alexander: Ongoing work on Greek Presidency, undder Italian presidency in Italy. 08:56:37 Eric (from ING): Considerign that fees were identified are also being used online - does that mean it's a basis for services like MyBank to consider? 08:56:52 Ven has joined #W3CPAYMENT 08:57:13 Alexander: No, under competition rules, we have the obligatin to say that there is a problem. They can always come forward w/ efficiency arguments. They'll find it difficult to do. 08:57:31 Alexander: So, I don't see what efficiency arguments they could bring forward. 08:57:36 s/Considerign/Considering/ 08:57:56 Present+ DaveBirch 08:58:05 Dave_Birch: I don't see what the principle of the regulation is? 08:58:23 s/obligatin/obligation/ 08:58:24 Dave_Birch: Since the DG Competition has been doing this for a decade - and there is no new competition. I don't get what you're doing? 08:58:35 present+ Bryan_Sullivan 08:58:43 Alexander: I don't think it's fair to say nothing "new" has happened, there have been new things. 08:59:01 Dave_Birch: you can't use it in the netherlands 08:59:42 Alexander: There is so much money floating around in this system, banks have not wanted to comply w/ competition law. Mastercard has made no attempt to do anthing other than bare necessary changes. 09:00:11 Alexander: Visa has always made changes at very last section. We haven't seen lowering of interchange fees. It takes a very long time to force people to do it. 09:00:31 Alexander: Regulatory approach is necessary. If we enforce lower interchange fees, we might be able to do something about it. 09:01:13 s/you can't use it in the netherlands/ you can only use it in the Netherlands/ 09:01:16 darobin has joined #W3Cpayment 09:01:25 present+ HannesTchofenig 09:01:37 Hannes: In Jeff's takl - he said we should have more user choice. Been working on identity - there's an interesting pattern. Little choice w/ identity providers on internet. 09:01:45 s/takl/talk/ 09:02:09 te has joined #W3Cpayment 09:02:18 Hannes: Identity providers layering payment on top. How do we provide more user choice? To prevent us from using 3 payment providers that are going to be US companies. 09:02:25 Alexander: Regulators have a hard time leading the market. 09:02:36 Some side discussion going on here kicked off my my comment on http 402 status code and also link rel=payment (see http://relpayment.com) : https://twitter.com/torgo/status/448016153869574145 09:02:49 Alexander: Danish market - banks operating through banking association - NETSID - ID system used by danish banks - used for online gaming. 09:02:59 Alexander: Way of verifying that people are over 18. 09:03:31 Alexander: This is the only recognized system - banks have used this power to kick out new entrants. This is a difficult area for regulators to get involved in. 09:04:23 Chaals: Two questions - in 3rd party providers - they're not allowed to store confidential data? What kind and why? Isn't there a risk that if you silo off EU as a limited income space, won't they just jack up the prices for the rest of the world? Isn't that what they do? 09:05:03 Alexander: Second question first, this is an argument that we often hear from the banks / card schemes. What we see is that we're moving away from hidden fees to fees people can see. 09:05:38 Alexander: System of transparent pricing - see what happened in US - Durbin amendment - banks said that they want to increase card payment fees, found that they couldn't do it - people didn't want it. 09:06:02 Alexander: Banks would like to say - we want to raise fees - they will be constrained by market opportunities. If they could raise them, they'd have already done it. 09:06:09 NBREDS has joined #W3CPayment 09:06:20 Chaals: There is a difference between transparency and caps on pricing. 09:06:31 tobie__ has joined #w3cpayment 09:06:35 Alexander: In this case, we're capping the part that customers can't see 09:06:52 andym has joined #w3cpayment 09:06:54 Chaals: TPP's and why they can't hold data? 09:07:10 Alexander: The concern is that payment providers can hold your data and get back into your bank account. 09:07:28 Alexander: That should not be possible, there should be a transactional business model. You leave no trace w/ the TPP. 09:07:49 Alexander: Minimize risks - they need to keep basic info on transaction. 09:08:36 rrsagent, make minutes 09:08:36 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html wseltzer 09:28:13 andym has joined #w3cpayment 09:31:12 Shinji has joined #W3Cpayment 09:32:40 dka has joined #w3cpayment 09:33:17 phariramani has joined #w3cpayment 09:33:52 Tor has joined #W3Cpayment 09:34:08 Topic: Format of Sessions 09:34:28 Stephane: We're trying to keep presentations short - less than 1 hour. Chaals w/ be moderator for this session 09:34:34 jeff has joined #w3cpayment 09:34:57 bryan has joined #W3Cpayment 09:35:02 Topic: Overview of Current and Future Payment Ecosystems 09:35:09 mountie has joined #W3Cpayment 09:35:19 virginie has joined #w3cpayment 09:35:29 Stan: Hello, I work for Hub Culture - one of the first social networks. We operate a digital currency, It's been moving into financial markets 09:35:43 Stan: I want to talk about the idea of reserves, social contract, and identity. 09:36:15 Stan: These are core to payments. The size of where we see digital currency - by 2017 2.5 billion unbanked coming online - low incomes, not profitable to find banking solutions for them. 09:36:28 NBREDS has joined #W3CPayment 09:36:35 Stan: 2018 bots doing around $1T in transactions - humans now playing day to day in transaction. 09:36:43 darobin has joined #W3Cpayment 09:36:45 Stan: 2020 - 50 billion connected devices 09:37:41 Parslow has joined #W3Cpayment 09:37:45 Stan: Social connections are important, virtual currency allows us to create/maintain accounts relative to connections. 09:38:22 Stan: A few things in Ven that are valuable - Ven is 100% asset backed - wide variety of currencies - it's stable... 50% less volatile than other currencies. 09:38:41 Any guidance on use case capturing for the minutes? otherwise i'll just preface notes in irc with "usecase: " 09:38:42 Stan: It's global, it's secure - you don't use credit card / banking system to move it around. zero transaction cost. 09:39:38 Stan: We introduced "carbon" into asset - so actual money backing currency builds in natural protection for nature. This is our answer to "social contract" concept. 09:39:39 usecase: autobots that execute financial operations on behalf of users 09:39:52 dezell has joined #w3cpayment 09:39:54 Stan: Even though Ven isn't fiat - it is a ledger of value and recorder of value. 09:39:54 Angie has joined #w3cpayment 09:40:03 mdadas has joined #w3cpayment 09:40:18 Stan: These currencies can have positive benefit to society. 09:40:43 Stan: We think we'll do $1B in transactions this year - it's traded in the global markets. 09:41:13 Stan: Social network that runs Ven is an open source set of APIs. Apps on core platform are moving towards open source so that others can innovate/build around it. 09:41:31 s/Any guidance on use case capturing for the minutes? otherwise i'll just preface notes in irc with "usecase: "// 09:41:31 Stan shows Hubs that show Ven. 09:41:50 Stan: We're working w/ partners - authorities that can issue/redeem Ven. 09:42:22 Stan: We're working on identity - HubID - KYC and AML solution for digital currency on the Internet - can be used by anyone. 09:42:23 phobeo has joined #w3cpayment 09:42:24 kyc? aml? 09:42:33 KYC == Know Your Customer 09:42:38 AML == Anti-Money Laundering 09:42:40 AML = Anti Money Laundering 09:43:07 HannesTschofenig has joined #W3CPayment 09:43:09 Stan: We're creating open source crypto vaults that are issuing identity to individual uses on the Web. You own this ID - self soverignty on the Web. 09:43:32 Stan: We don't sell the data that's connected to underlying users - we work off of a transaction model. Data is safe and not being looked at. 09:44:17 Stan: In return for this, we can give you a unique profile/badge - more data you put into that vault, it generates an "aura" on the Web. They only have to look at your HubID to know how authenticated you are. 09:44:24 usecase: personal vault can host information/assets and issue ids useful for various things (e.g. payments?) 09:44:41 Stan: Size of your network, bank number - you own this stuff yourself. No one can access this data w/o your knowledge. 09:44:57 Stan: In this way, you have much more information, much more granular control. 09:45:09 s/soverignty/sovereignty/ 09:45:25 HubID : http://developers.hubculture.com/info/hubid 09:45:30 Loud ringing drives Stan off of the stage. 09:45:43 usecase: managed access to personal identity/attributes as economically valuable assets in a payment system 09:46:09 Ken Isaacson from US Federal Reserve takes the stage. 09:46:25 Ken: I lead Future Payment team - national US Fed effort. Improves the payment system in the US. 09:47:09 Ken: Fed has multiple responsibilities - provide financial services to depository institutions - that's where this intiative is being led. 09:47:26 Ken: Supervisors - we don't represent the monetary policy or regulatory side. 09:47:58 Ken: One of the things we do is every 5 years, we update our strategic direction - essence of refresh is to improve safety-speed of the system, from end to end. 09:48:09 Ken: Renewed focus on speed - make payments faster. 09:48:31 Ken: End-to-end - Fed has focused more on inter-bank - now we're focused on end users. 09:48:59 s/safety-speed/safety-speed-efficiency/ 09:49:03 Ken: We put out a public consultation to have the Fed put some ideas out there on the problem in the US - what we can improve - desired outcomes. 09:49:56 -> http://fedpaymentsimprovement.org/wp-content/uploads/2013/09/Payment_System_Improvement-Public_Consultation_Paper.pdf Fed's Payment System Improvement Public Consultation Paper 09:50:06 Ken: Desired outcomes - strategic industry engagement, ubiquitous real-time payment capability, improved efficiency, cross-border payment improvements, enhanced payments safety and security. 09:50:34 kodonog has joined #w3cpayment 09:50:44 Ken: Multiple work streams feeding into the Fed - three other work streams. 09:51:19 Ken: Fed's retail payment study - important to figure out where we are. 09:51:37 Ken: Data of 2012 released publicly in 2013 - 122B total 09:51:47 ACH == Automated Clearing House (bank-based payments) 09:52:19 Ken: Breakdown - less checks, about the same ACH, more credit card, much more debit card, pre-paid card... 09:52:42 Ken: Highest areas of growth are Debit Cards / Prepaid. 09:53:04 yiminghe has joined #W3Cpayment 09:53:26 Ken: Public consultation paper - asked anyone to give input on how we could improve. 09:53:39 marie has joined #w3cpayment 09:53:50 Ken: 200 responses - bottom line - agreed on gaps/opportunities that US Fed put out there. 09:54:53 Ken: Fed should become more active, non-banks want to get involved, desire for faster payments, unfairness in risk management. 09:54:59 present+ KenIsaacson, OlivierMaas, StanStalnaker, HarishNatarajan, ErikAnderson 09:55:14 skddc has joined #W3Cpayment 09:55:21 ThomasPicard has joined #W3CPayment 09:55:23 present+ JeremyKing 09:55:27 Ken: End-user research - 1,200 consumers - resuls are here 09:55:52 Ken: 69%-75% prefer instant or one-hour payment systems. 09:56:25 Chaals: Next speaker is Yvgeny from Yandex. 09:57:33 s/Yvgeny/Evgeny/ 09:57:42 Yvgeny: Yandex Money is the payment system provider for Yandex - huge search engine/shopping company in Russia. 09:58:09 s/Yvgeny/Evgeny/ 09:58:21 Yvgeny: This is a payment service provider perspective. We need a standard? 09:58:29 s/Yvgeny/Evgeny/g 09:58:30 s/Yvgeny/Evgeny/ 09:59:08 Evgeny: We want to decrease the friction for user payment, we want to improve security, the standard could help both of these things. 09:59:49 Evgeny: We want to provide interoperability - let's talk about markup. 10:00:16 Evgeny: One parameter, lots of parameters - markup can help user. Browser - start email app. 10:00:30 usecase: invoke payment service via uri scheme 10:01:21 sounds like the earlier vision for web intents, in which "pay" was one of the actions I recommended be on the roadmap 10:01:29 Evgeny: We want to have a standard like mailto: but in the payments area. We want to help someone that wants to pay via this link markup - payto:mybankcom/payto.xml?item=BigBook&sum=10$account=28394728&someotherparams=foo 10:01:38 Evgeny: Who can process the payment? 10:02:27 Evgeny: The benfits is this is just a simple link 10:02:45 Evgeny: Stuff like this is the sort of stuff we can expect from a standard. 10:02:56 Evgeny: Once you click the link, the payment process begins. 10:03:12 s/benfits/benefits/ 10:03:14 usecase: simple URI system => simple payment markup that developers get right 10:03:17 Evgeny: Once we initiate the transaction, we need to know where the money comes from. 10:03:17 ernesto, really a solution, but hard to distinguish from use case at this point 10:03:38 circ-user-G0J0V has joined #w3cpayment 10:03:38 usecase: allow selection of payment processor 10:04:02 i welcome though ideas on what the higher-level use case(s) for this might be 10:04:11 Evgeny: The source of money can be different, changed during the payment process, this can be complicated infrastructure for banks/payment processors. 10:04:22 s/i welcome though ideas on what the higher-level use case(s) for this might be// 10:04:45 i/sounds like/[/ 10:05:02 Evgeny: We also need to be concerned about the confirmation mechanism (how does buy er say they hve money, seller has the goods) 10:05:05 usecase: switching payment method in the middle of transactions 10:05:48 Joerg: Would you be able to incorporate user loyalty cards / coupons in your solution? 10:06:05 Evgeny: We don't wan tto restrict for loyalty cards - maybe not for first version. 10:06:35 s/tto/to/ 10:06:38 Ricardo: This is more a suggestion of an intent-based payment mechanism? Was this a proposal? 10:06:47 Evgeny: This is an idea, it's supposed to make it easier. 10:07:02 Chaals next up is Harish. 10:07:46 Zakim has left #W3Cpayment 10:07:55 re invoking payment via a URI, is a well-known resource essentially equivalent to a uri scheme in this case / for this purpose? that's something to be considered at qa technical level I guess 10:09:00 Harish: I'm from the world bank, payment system deliveries group. Let's focus on public policy perspectives - safety and efficiency is a goal. 10:09:00 usecase: allow loyalty cards, coupons, etc as a payment mechanism 10:09:03 Gray has joined #w3cpayment 10:09:18 Harish: We care about affordability - 2.5B who don't have access to payment services can't afford costs. 10:09:38 Harish: We want access - goal should be to expand access. 10:10:04 Harish: Moving to electronic is not necessarily an objective - there are costs there - things like credit cards may not be ideal. 10:10:41 Zakim has joined #w3cpayment 10:10:59 Harish: There have been studies done on what a good electronic payment mechanisms can do for a country... Brazil did a study that showed that they could save a almost 0.7% of GDP, huge savings. 10:11:11 Harish: Cost of cash is about $70B to businesses - that's in US. 10:11:37 q? 10:11:39 Harish: Government payments - small amount of cash distribution to families in Brazil could be reduced by 80% if moved to electronic. 10:11:55 q+ Olivier to give his presentation 10:12:05 Harish: cost of international remittances is ba - 11% of transaction cost - we want to move to 5% by 2018. From the slide, there's a significant gap 10:12:06 q+ Erik to give his presentation 10:12:23 usecase: national incentives for using web-based payments due to beneficial effects upon economy 10:12:25 Harish: Moving towards electronic payments - wide disparity 10:12:58 Harish: Number of cashless transactions (missed slide 6) 10:13:21 dka has joined #w3cpayment 10:13:40 Harish: Here are the factors that matter: infrastructure is bad, competition and cost is bad, government and corporate payments are not being addressed, risk management mechanisms are not adequate. 10:13:58 bgidon has joined #w3cpayment 10:14:10 Harish: This is a chart that shows percentage of populatio that has access to payment network (slide 8) 10:14:20 Harish: 2010 - we looked at diff payment instruments being used. 10:14:28 Harish: Top payment instrument by volume. 10:14:32 usecase: access to payment systems by non-traditional channels, where barriers exist for traditional channels 10:14:53 Harish: check usage is substantial in low-income countries. Direct debit are lower in those countries as well. 10:15:10 Harish: This shows that traditional payment instruments are not reaching the global population. 10:15:26 Harish: Here are a few trends - technology and new payment needs are key drivers for innovation. 10:15:33 present+ LarsErik 10:15:40 rrsagent, draft minutes 10:15:40 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html chaals 10:16:05 Harish: There is a greater involvement from non-banks in retail payments - these are not banks. 10:16:30 Harish: Pre-paid products are also on the rise - lots of different types of emoney - this is at an early stange. 10:16:53 Harish: Business model, card payments - greater usage of authentiation mechanisms - biometric, 2 factor, etc. 10:17:12 Harish: Broad shift toward near-realtime in traditional payment systems - examples in Mexico, India, etc. 10:17:37 Harish: The objective - universal financial access by 2020. 10:17:55 Harish: Access could be possible by 2020. 10:17:57 tim has joined #W3CPayment 10:18:16 Chaals: Olivier is next from Worldline. 10:19:45 Olivier: Where do you draw the line between Web Payment and non-Web payment? We've talked about cash and non-cash payment mechanisms. What is current, what is past? It's not clear. 10:20:18 Olivier: Basics of payment is a buyer and a seller. Let's say buyer has a smartphone and seller has a POS (Point of Sale) 10:20:46 Olivier: Let's say they want to do an EMV payment. 10:21:06 emv = https://www.emvco.com/ 10:21:32 andym has joined #w3cpayment 10:21:35 Olivier: So, EMV offline payment is done - POS terminal won't go online to query about issuer/account - this is an account present transaction 10:21:54 EMV = Europay Mastercard Visa 10:21:58 Olivier: What does this have to do w/ Web Payment? It's not even online, it's offline. 10:22:52 usecase: secure element based offline payment 10:23:38 Olivier: These are secure elements, the cloud is involved - let's go one step further. 10:23:42 Actually he is talking about non secure element based payment where payment credentials are in the cloud 10:23:51 Olivier: On the POS terminal, there was no PIN input - that was done on the buyer's side. 10:24:01 Axel_Nennker has joined #w3cpayment 10:24:23 Olivier: There is an app on the tablet for the seller. Let's go one step further, let's get rid of the tablet - let's say everything happens in the web browser of the buyer - wallet app. 10:24:59 Olivier: So, there is a SE in the browser on their mobile phone - the idea was to give you some thoughts about where we draw the line. 10:25:22 Olivier: In both cases, we're doing EMV card not present transaction. So, cloud -> phone -> cloud? 10:25:22 Mark_E has joined #W3Cpayment 10:25:30 ack oli 10:25:30 Olivier, you wanted to give his presentation 10:25:54 andym_ has joined #w3cpayment 10:25:59 Olivier: EMV is well suited - but where are we going. 10:26:21 XYZ: Do card schemes agree w/ this card not present mechanism? 10:26:40 Olivier: They said they'll support this architecture - they're going to publish a SE transaction spec soon. 10:27:00 Olivier: Offline EMV authentication - this has been around for 10 years - nobody uses it - what's the barrier? 10:27:23 Olivier: It's been adopted by some banks during the pilot, not on the wide scale - total cost of ownership is too expensive. 10:27:25 bryan_ has joined #W3Cpayment 10:28:08 Dave_Birch: Costs are pushed onto merchant - surely these are cheaper if that weren't the case? 10:28:12 CAP = Chip_Authentication_Program http://en.wikipedia.org/wiki/Chip_Authentication_Program 10:28:17 Olivier: There are many reasons this solution hasn't been adopted widely. 10:28:41 Joerg: I don' tthink big difference is offline - we don't expect everhything to be online, always. 10:28:53 voxpelli has joined #w3cpayment 10:28:55 Angie has joined #w3cpayment 10:29:07 s/tthink/think/ 10:29:08 Olivier: Technically, EMV is "offline", but you need to be "online" to perform it. 10:29:21 usecase: browser-mediated offline transactions 10:29:29 Chaals next up is Erik Anderson from Bloomberg. 10:30:03 Keir has joined #w3cpayment 10:30:08 Erik: I'd like to talk a bit about remittances - $1.1B live below $1.25/day 10:30:24 Erik: There are a lot of people in different parts of the world that don't have access to financial networks/services. 10:30:35 e.g. Mastercard does not care (much) about the channel how their applet is reached. Can be over the web. 10:31:13 Erik: Remittances are growing - $400B today - these are people trying to send money back to their family. How are you going to get $20 to your mom in Brazil when it costs $30 for the wire transfer? 10:31:25 usecase: sending money to family internationally via low-cost methods 10:31:32 Erik: The countries where you need the money the worst are the most expensive to send it to. 10:31:54 Erik: South Africa -> Malawi - 23% to send the money - people provind gthe services get that money. 10:32:13 Erik shows complex slide showing how money flows. 10:32:26 This is just for US -> Mexico. 10:32:48 Erik: Every one of these steps, someone takes a percentage of this money. 10:32:59 Erik: Let's just go from the person -> US Feds -> Person. 10:33:14 Erik: We should also look at Cryptocurrencies. 10:33:32 Erik: Out of all 7 stages that your money goes through, each one of these people makes money. 10:33:50 Erik: Saving 5% per year is 15B extra to those familities. 10:34:12 Erik: Many places in African have bypassed traditional telephone lines, they have mobile phones - computers in their pocket. 10:34:30 Erik: FinCEN needs to come up w/ creative solutions to handle currencies. 10:34:32 ack erik 10:34:32 Erik, you wanted to give his presentation 10:34:46 s/African/Africa/ 10:34:47 q+ DaveBirch 10:34:53 Erik: Everyone that sends value must be licensed - etc - high cost of compliance. They have thousands of compliance officers to meet regulator. 10:35:07 q+ to say amonymous != evil 10:35:14 Erik: Anonymity is Evil (stay with me) 10:35:23 wow talk about your value judgements! 10:35:24 Erik: We should put the regulations in the protocols. 10:36:07 Erik: Underground economy that people are trying to send this stuff to - these folks live on $1.25/day 10:36:12 usecase: enable financial regulation (e.g. reporting above a certain value) to be implemented directly in payment protocols 10:36:20 dezell has joined #w3cpayment 10:36:29 andym has joined #w3cpayment 10:36:42 present+ davidEzell 10:36:45 Erik: System D - people were classified into standard money users - kid selling koolaid and someone else running drugs categorized into same area. 10:36:53 usecase: zero-trust transactions 10:37:20 Dave_Birch: Anyone read FATF recommendations? Those recommendations say to target higher value transactions. 10:37:33 reference to FAFT http://tomorrowstransactions.com/2011/06/the-fatf-report-on-new-payment-methods-has-very-sensible-conclusions/ 10:37:49 Dave_Birch: So, we should reduce these costs - any oppotunities to remove these? 10:38:16 Erik: What gets reported when - $10K in the US, China - it's probably $100. We need to put financial regulations into the code - don't focus on compliance officers. 10:38:27 Erik: Put the regulatory call-outs in the technology - that's a use case. 10:38:46 Erik: So, let governments know what they need to know while keeping out of their business. 10:39:11 Joseph: Put code is law - is that Lawrence Lessig's work? 10:39:27 Erik: Yes, that idea has been floated around the cryptocurrency world - so yeah. 10:40:01 Chaals thanks panelists. 10:40:13 Code is law -> http://codev2.cc/ 10:40:33 andym_ has joined #w3cpayment 10:40:42 Dave_Birch: Banks thought that things were fine, everyone else didn't. 10:41:07 Dave_Birch: How is the US Fed going to weight those comments? In the EU, the government had to step in and mandate it. 10:41:24 StephanSteglich has joined #W3CPAYMENT 10:42:10 Ken: our perspective is an end-to-end perspective. So, we have our high-level objectives. If there's something in the public interest, we want to support that. 10:42:28 Ken: Many people said that the only way this is going to happen is to do a mandate - that may be where we're headed. 10:42:33 q? 10:42:42 Ken: So, regulators are watching, but we're operating w/in the constraints of the law. 10:42:44 q- 10:42:47 ack DaveBirch 10:43:01 q? 10:43:23 q+ to ask how transferwire is addressing the international remittence problem? 10:43:42 WendySeltzer: Anonymous == Evil - we should think about customer/end-user interests. We should look of ways of aggregating ways - maybe diaggregatingn when we need to do it. 10:44:33 Erik: Depending on what government you need to go into will shape the regulation. 10:44:42 ack hannes 10:44:43 s/==/!=/ 10:45:15 usecase: leveraging variable degrees of identity/anonymity per requirements of the payment transaction 10:45:31 Hannes: Does this new system need to work w/ legacy infrastructure - payment systems in Africa don't necessarily. These countries may catch up - they jump an entire generation of technology. 10:45:45 Hannes: I'm not quite sure I get the message. 10:46:01 Erik: We want a bridge - we can't replace everything in a day - Ripple will talk about it during panel 3. 10:46:03 s/look of ways of aggregating ways - maybe diaggregatingn/look at which attributes of identity are necessary where; users' interests may differ from regulators'. Focus on / 10:46:23 ack dka 10:46:23 dka, you wanted to ask how transferwire is addressing the international remittence problem? 10:47:08 Dan: I want to get back to International Remittances - it's an area that we ran into a lot of trouble when integrating into BlueVia - if you want an end user to pay from Brazil to Estonia - then that's a huge issue. 10:47:28 Dan: There are startups coming into the space that are doing better... 10:47:47 prakash has joined #w3cpayment 10:48:19 Erik: The problem w/ startups is that they're not top-down. Lots of financial institutions, govt. needs to be involved. W3C standards are a better solution. There are a lot of big players in this room that are going to be a part of it. 10:48:35 Erik: Then again, startups are paving their way too - they're not taking a passive stance. 10:48:55 s/they're not/while others are/ 10:48:57 Sergio_Aquero has joined #w3cpayment 10:49:15 Harish: Broadly, what we're seeing is Visa/mastercard for international payments - aside from SWIFT, there is no such infrastructure. Earthport does some of this, so does Western Union. 10:49:32 Harish: US Federal Reserve - international payment framework. 10:50:10 q+ ricardoVarela 10:50:35 Hannes: Role of standards may be different here - you can always add more roles as people do - we may want to start fairly simplistic w/ very few standards. 10:50:48 Hannes: Maybe we don't need so much standardization. 10:51:21 -> http://datauthority.org organisation to track new transfer systems 10:51:23 Bryan: DAT Authority is important - reguator industry organization - related to cutting edge technologies - crypto, digital, digital asset transfer systems - Washington later this month. Look at it. 10:51:32 s/Bryan/Stan/ 10:51:38 ack ri 10:51:44 Stan: That could be a good link to what's happening here. 10:51:55 AndroUser has joined #W3CPayment 10:52:11 Ricardo: It's nice to think that standards are going to solve that stuff - but W3C can standardize protocols, it's the financial operators that need to implement this stuff. 10:53:02 Ricardo: At BlueVia, we were thinking of doing these transfers w/in ourselves. But when we do that, law comes into play - if Visa/Mastercard have effectively a monopoly, why can't business entities play the role of money transmitter? 10:53:05 bryan_ has joined #W3Cpayment 10:53:21 Roy has joined #W3cpayment 10:53:33 Ricardo: If you have a facebook coupon, and transfer to facebook in spain - no banks, no western union, now multiply that by several million transactions. 10:54:05 Adrian: Adrian from SWIFT - payment, 20022 - a lot of what you're trying to do is already done by SWIFT in some cases. 10:54:18 Adrian: We could start w/ ISO standards and see where that takes us. 10:55:26 ad76 has joined #w3cpayment 10:55:28 Joerg: My assumption is that people want to know the money is there - US Fed - need more info (missed) 10:55:53 Ken: How fast you received the money is not as important as convenience. When asked all other things equal, most everyone said "Yes". 10:56:20 Ken: Consumers - speed of debiting is more important than crediting. With corporations - they care more about getting the money faster. 10:56:27 Ken: But that's not always the most important factor. 10:56:53 Harish: What's the expectation of the consumer. P2P transfer - they expect it to be near real-time. For a business, they want confirmation of payment. 10:57:00 rrsagent, make minutes 10:57:00 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html dsr 10:57:03 s/why can't business entities play/how can business entities play/ 10:58:02 usecase: realtime purchases involving prerequisite reception of funds from international sources (e.g. family) 10:58:10 Chaals: Fast transactions - remittances Australia -> Spain - market case of buying something. 10:58:57 Chaals: Different use case - I want to mix the sources of payment, don't have anything big enough to cover. Nearly all of that money should get to who I'm trying to pay. How easy/hard is that today - is it important? 10:59:02 usecase: mixed sources of payment for a single transaction, using multiple payments with minimal transaction overhead 10:59:28 darobin has joined #W3Cpayment 10:59:29 Joerg: I'm wondering if we're misled about the topics - Credit Cards are great, I can choose to pay much later. 10:59:45 Joerg: People taking money out is a good thing. 10:59:52 usecase: selection of payment method based upon desired payment delay 11:00:25 Joerg: There is innovation there, we need to encourage that - we shouldn't say one way or another. We need a wide variety of things around payment. 11:01:13 q? 11:01:23 Evgeny: Let's talk about small payments - payments should "look" fast. It should seem fast, even if the money moves more slowly. Backend speed doesn't need to increase, front-end speed should only be necessary. 11:02:18 XYZ: We did some studies (somewhere) - You can't compete against credit card - test groups, active online buyers - speedy debiting was an advantage. Overspending on credit card was a bad thing wrt. customer thoughts. 11:03:09 YYT: Single transaction would be nice, efficiencies to be driven there. 11:03:10 Alexander Gee 11:03:31 s/yyt/Alexander/ 11:04:04 Connie: On the merchant side - different point that we've heard - merchants need feedback - many retailers have business cycle where they're taking in revenues on weekend. They'll use credit/debit - but they have huge swings in liquidity - big credit facilities to help offset these swings. 11:04:22 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html mauro 11:04:24 Connie: So big input on Thu-Sun, but they don't get money until Tues. 11:04:50 Emil: Are the merchants willing to pay for earlier servie. 11:05:00 mnot has joined #w3cpayment 11:05:04 Connie: 1/3rd of consumers say faster payments would be okay if it costs more. 11:05:24 usecase: option to get faster payment 11:05:34 Connie: 75% of businesses said they'd like that. 11:05:52 Ken: it varies by use case - sometimes ome of the antiquated systems - ACH - doesn't have any of those requirements. 11:05:53 Ox2Oh has joined #w3cpayment 11:06:04 s/those requirements/those features/ 11:06:11 s/YYT/Alexander/ 11:06:23 Ken: So, you need to look at each use case to determine if there is a gap or not. 11:06:55 Chaals: So, people want a wide variety of options, but asking people what they want doesn't mean that they'll tell you what they need. 11:07:09 Chaals: What are people already spending their money on in an array of services. 11:07:38 Jeff: Jeff, W3C - we've heard a number of different comments on what people would like to see. Some done by companies, some by regulators, innovators. 11:07:56 Jeff: What's the role for Web standards - what do panelists want to see in web standards. 11:08:40 AndroUser has joined #W3CPayment 11:08:58 Olivier: The trend is to mix payment, shopping experience, first payment provider - Alipay - escrow type of payment - it's cultural. In China, people don't trust seller. Every culture has its own way of making payments. 11:09:22 Olivier: We need to create a basic mechanism that enables all of these use cases happen. We shouldn't focus on commerce use case. 11:09:35 usecase: selection of payment service based upon ability to handle escrow for untrusted merchants 11:09:44 Olivier: If we try to support all shopping use cases, it won't work. 11:10:06 Harish: From a data standards perspective - I think payment systems community is working on it. There are existing standards. 11:10:16 Harish: The intent to pay and how to pay is a good area to focus. 11:10:40 Harish: The interactions between new payment mechanisms - how do you exchange new payment info. 11:11:17 AngelicoXYZ: Payment is about trust, security, convenience - Web technology should focus on bringing trust/convenience. 11:11:40 AngelicoXYZ: People need to be comfortable w/ payment online. Complexity of payment online - fragmentation of market. 11:12:11 AngelicoXYZ: We want technologies to ease integration of payment w/ nice user experience. 11:12:13 +1 to focus on trust / convenience 11:12:29 AngelicoXYZ: Web technology is right technology. 11:12:44 sAngelicoXYZ/IngenicoXYZ/g 11:12:52 AngelicoXYZ: Payments/business integration - payment is separate from everything else business related. 11:13:07 s/AngelicoXYZ/IngenicoXYZ/g 11:13:12 IngenicoXYZ: We want payment to be integrated w/ business application. 11:13:45 Evgeny: The important thing that a standard can bring to us is a good user experience. 11:14:03 Evgeny: Why do they want my phone number to any service that asks for it? 11:14:16 evan_schwartz has joined #w3cpayment 11:14:35 Evgeny: The security mechanics - everyone should be able to implement it. 11:15:17 Joseph: These standards need to be explicit about rights/responsibilities - what rights do they have? How can one impose stuff on other merchants. 11:15:36 Joseph: Many merchants complain that many things are imposed on them by credit card companies. 11:16:37 Ken: In Australia - they mapped out payments use cases - then made a determinination on whether it should be in cooperative space. One potential approach could be to do that. Where is the boundary between cooperative/competitive. 11:17:15 Stan: On the Internet, the things that we now have, like blogs - are along side the media players - we have this whole forest of new things that have appeared. 2005-2015 is happening in finance. 11:17:24 s/determinination/determination/ 11:17:28 Stan: it's important that we take an open approach to standards. 11:18:38 Louise: Louise Bennet, BCS - follow up on rights/responsibilities. It's vital from business/consumer perspective - where is the liability. Some of the panel were talking about regulators, when is the regulator going to impose of something on the standard. At what point is a regulator going to say that KYC is required? 11:19:03 Louise: Do we know what the regulator is going to impose? 11:19:39 usecase: rights & responsibilities of a transaction being associated with the context of the transaction, and conveyed to parties in the transaction 11:20:08 Erik: KYC is going to be hard to give up - it's going to have to happen - they're going to have to happen. I built a lot of the systems that people in this room works, but before I start building something, I need to know the standards before I do that, though. 11:20:31 Erik: One person in XRP, another in Bitcoin, how are they going to interchange? Without those standards, we can't build anything on top of them. 11:20:51 Ernesto: I see this as where we draw the line wrt. what we can standardize. 11:21:39 Ernesto: I'm interested in payments, not necessarily in cryptocurrencies. This is very much aligned w/ Yandex - This is like supporting existing technologies for money - more convenient. 11:22:06 Dave_Birch: Anonymity is Evil - so I'm going to agree on that - US printed $22B in non small bills. 11:22:53 Dave_Birch: Number of US currency in circulation is very large. If you kick down the door of a mexican drug dealer, you don't find Bitcoin, you find USD. 11:23:13 anonymity is evil = cash is evil? both are suspect concepts IMO, and their equation is suspect squared 11:23:36 q+ 11:23:45 Chaals: I think we need to be aware of the case where I order sushi to my house - it works on a very high-trust system. I fill in a form, sends a form to someone 2km from my house, they bring it to my door, and then they expect me to hand over some cash. 11:24:35 lesellier has joined #w3cpayment 11:24:37 Chaals: Building systems that ignore that would be bad. Let's not restrict things people are doing. I'd like standards that take a layered approach, there are some basic things we do, and there are some basic things we need (like security) that should be in there from the beginning. 11:25:20 Chaals: The bottom layer of the standards need to be solid. We want future standards to bild on top of the base layer. We don'tn want to prevent further standardization. We want competition/innovation to give us more. 11:25:41 Bryan: This might be cash being an aspect of anonymity - we're trying to collect use cases. 11:26:11 Bryan: is zero-trust transactions on the table? 11:26:12 q- 11:26:24 Ricardo: 20% of electronic transactions are done by a printed system - you pay in a bank/shop - 20% of digital transactions are anonymous. 11:26:26 Chaals: yes it is definitely on the table. 11:27:07 Joerg: It's always possible to grant anonymity - we should have that. 11:27:25 s/20% of electronic transactions/20% of electronic transactions in Brazil/ 11:28:04 Chaals: Building regulation into code - we should think about whether we want to deanonymize all transactions immediately - we will create a digital underground mechanism. 11:28:12 trying to clarify the sentiment here, it seemed that people are equating anonymity with zero trust, which perhaqps is not necessary, but the role identity/anonymity of zero-trust transactions is a key question, if that type of transaction is to be on the table as a use case (which I think it should, at least from the perspective of some participants in a transaction, if not all) 11:28:51 Chaals: Who is tracking my transaction? Can I influence that? 11:29:22 Chaals: An identity at global scale is a big identity scheme to roll out. 11:29:33 s/role identity/role of identity/g 11:29:50 US printed $27 billion in non-$100 bills, lowest since 1981 11:29:57 Hannes: When some of you use privacy - and it appears there is a black/white - that's a bad characterization. We need to figure out which player sees what in the transaction. 11:30:30 So the US is printing record amounts of $100 bills, which are used primarily for criminal purposes 11:31:13 personally I like $100 bills... 11:31:26 ergo the US is in favour of anonymity for criminal transactions but not for legitimate transactions - seems a crazy policy to me 11:31:26 Stan: A couple of quick points - founding ethos of Web - anyone can contribute. With payments in particular, with identity - it has to be in a careful way so that founding principles can be held in place. We could accidentally put us on the road to totalitarianism, there needs to be constant churn in power structures. We don't want to lock in power strutures that are detrimental. 11:31:41 though getting change for them is sometimes problematic 11:32:02 Stan: There is much more at stake than just a payment transactions, we need need to preserve human freedom on the Web. 11:32:06 s/strutures/structures/ 11:32:08 usecase: take the change for your $100 bill through a web payment 11:32:41 Olivier: Anonymity is meaning less and less - there is room for anonymity. No system has made it through, but we can't wipe it off of the Agenda. 11:32:41 [for more on anonymity, see Financial Crypto, PETS Symposium] 11:32:53 rrsagent, make minutes 11:32:53 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html dsr 11:37:06 AndroUser2 has joined #W3CPayment 11:38:41 virginie has joined #w3cpayment 11:43:31 voxpelli has joined #w3cpayment 12:03:33 Present+ mhepp 12:10:48 andym has joined #w3cpayment 12:24:11 melvster has joined #W3Cpayment 12:24:12 Harish has joined #w3cpayment 12:31:02 dka has joined #w3cpayment 12:31:27 tim has joined #w3cpayment 12:31:28 evan_schwartz has joined #w3cpayment 12:31:36 Session 2 — Toward an Ideal Web Payment Experience 12:32:47 virginie has joined #w3cpayment 12:32:57 I'll be scribing for this session but unlike Manu I don't know everyone's names. To all on IRC, any help with figuring out who's talking would be much appreciated 12:33:03 phariramani has joined #w3cpayment 12:33:34 Ox2Oh has joined #w3cpayment 12:33:38 hellekin has joined #w3cpayment 12:33:41 will do 12:33:43 mhepp has joined #w3cpayment 12:33:53 Present+ mhepp 12:33:56 Topic: Toward an Ideal Web Payments Experience 12:34:06 speaking, Natasha Rooney 12:34:39 Natasha: in this session, look at use cases for web payments, analyzing issues and questions associated. By the end we should have some guidelines on how to move forward with these issues 12:34:55 dezell has joined #w3cpayment 12:34:56 Angie has joined #w3cpayment 12:35:39 dsr has joined #w3cpayment 12:35:46 jphong has joined #w3cpayment 12:35:46 FlorisKleemans has joined #W3CPAYMENT 12:35:48 kodonog has joined #w3cpayment 12:36:34 Manu Sporny: "Cat herding 101", everyone has a different idea of what to standardize 12:37:17 Manu: W3C creates standards through consensus, "ideal" payments experience is subjective and there are many, we can only realistically standardize parts of the experience 12:37:22 marie has joined #w3cpayment 12:37:27 Manu: don't want to beat innovation out in the process 12:37:44 phobeo has joined #w3cpayment 12:37:46 mountie has joined #W3Cpayment 12:37:50 jeff has joined #w3cpayment 12:37:51 Manu: 3 main inputs to standardization: position papers, input from Web Payments Community Group, attendees of this workshop 12:38:06 keir has joined #w3cpayment 12:38:22 BryanS has joined #W3Cpayment 12:38:44 OlivierMaas has joined #w3Cpayment 12:38:45 Manu: survey of papers, common themes: no verified identity / trust mechanism (72%), outdated security tech (50%), no payment request standard (38%), no proof of purchase standard (38%) 12:38:58 usecase: verify identity or assess trust of partners in a transaction 12:39:07 Manu: didn't think identity was going to be such a common issue but it was the #1 issue cited amongst the papers 12:39:24 usecase: initiate / request payment 12:39:49 usecase: issue, transmit, validate proof-of-purchase 12:40:08 Mauro has joined #w3cpayment 12:40:38 darobin has joined #W3Cpayment 12:40:39 usecase: find and compare payment options for transaction 12:40:46 kjheimark has joined #w3cpayment 12:40:54 Manu: other themes: bad payment provider competition and lock-in (38%), expensive for vendors to integrate with payment providers (31%), mobile payments are fragmented (31%), payment provider lock-in (28%), poor rate of extensibility 12:41:24 prakash has joined #w3cpayment 12:41:34 Manu: Web Payments CG - 146 members -- not an official group at the W3C, existed for ~3 years, creating space where open payment technologies can incubate 12:41:47 Manu: currently working on 14 technologies that can be applied to payment problems 12:42:11 Manu: machine-readable products and offers, initiating transactions, digital receipts, identity, web security upgrades 12:42:26 usecase: digital receipts 12:42:28 Manu: (types of tech being worked on) 12:42:55 Manu: workshop attendee input: looking to determine problems, constraints, use cases, goals, and actions for the W3C 12:44:00 Manu: if you are interested in following up with this work, please join the Web Payments CG, it's not official but there will be a lot of post-workshop work 12:44:53 Kumar McMillan: for the past several years mozilla has been building mobile OS called Firefox OS 12:45:01 Parslow has joined #W3Cpayment 12:45:08 q? 12:45:16 Kumar: looked at HTML5 and available APIs, tried to create APIs that did not already exist 12:45:39 Kumar: wanted to have commerce as part of the mobile operating system, for developers to sell apps 12:45:52 usecase: selling apps in mobile scenarios 12:45:59 Kumar: navigator.mozPay is not on the standards track 12:46:17 Kumar: talk will focus on what can be standardized based on mozilla's experience 12:46:23 Kumar: web payments work today 12:47:15 Kumar: when presented with a choice between credit card and paypal, I'll almost always choose paypal. This works on the web, we have secure HTTP. There's also Stripe and Square in the US. Lots of startups disrupting the space 12:47:23 Kumar: there are some problems 12:47:43 danny has joined #W3CPayment 12:47:48 Kumar: credit card numbers are insecure, mobile billing is broken in some major ways, new customer info, no standard for asset ownership 12:47:58 usecase:: Prove asset ownership 12:48:21 Kumar: credit card numbers are totally insecured, Target got hacked and I had to cancel my card, get a new one, and update all of the accounts 12:48:39 Kumar: why are we giving people credit cards when all they want to do is make a specific payment 12:49:04 Kumar: payment tokens for merchants: merchants could give token that requests specific amount of money and token expires 12:49:09 usecase: temporaty payment tokens for mechants 12:49:37 Kumar: payment processor needs to move money from customer's account to merchant account -- merchant doesn't care how payment is executed 12:50:02 s/temporaty/temporary/ 12:50:03 s/temporaty/temporary 12:50:03 Kumar: PayPal hosted flow works with tokens, mozPay JSON web token works the same way, as well as Stripe and Square 12:50:13 mdadas has joined #w3cpayment 12:50:17 Kumar: merchant never receives credit card number 12:50:34 usecase: mobile billing 12:51:04 Kumar: mobile billing is broken, it's a nice way to pay and works on the web, but there is HTTP header injection, every operator is different, and there are SMS hacks 12:51:39 Kumar: don't know how to fix this, operators need to step up and fix this 12:52:07 Kumar: at mozilla, introduced silent SMS API, they'd like to extract that from mozPay -- still just a better hack 12:52:16 Kumar: Apple's facetime has published how they do silent SMS 12:52:31 usecase: registering new / as a new customer 12:52:40 Kumar: becoming a new customer is hard, you have to fill in home address, billing address, credit card number, and you need to do it all over again for each payment provider 12:53:22 Kumar: Request Autocomplete was developed by Google, shipping in Chrome, web page can request and autocompletion by the device and the info will be stored securely on the device 12:53:48 Kumar: standard web identity could be one solution but it's pretty ambitious, there are strongholds around identity so it might be harder to use that 12:54:05 Thomas_Picard has joined #W3CPayment 12:54:47 Kumar: how do you prove you own an item? FirefoxOS is trying to embrace fragmentation, they want firefox marketplace to sell app but other marketplaces can also sell that app -- to make this work they made a digital receipt format that is portable, decentralized, and verifiable 12:55:15 Kumar: digital receipts could be standardized to help payments 12:55:36 Kumar: payments work well, it's important to focus on things that are real problems 12:55:54 bshambaugh has joined #W3Cpayment 12:55:58 Kumar: also important to think about what are the payment primitives? the basic, low-level building blocks like the token idea 12:56:40 q? 12:57:31 Yaromin from Dynorg (?): looking at the spec for web payments provider, it asks providers to be in a whitelist, what does it take to get in there? 12:57:38 q+ 12:58:00 q? 12:58:18 Kumar: whitelist of payment providers may end up being deprecated, need low-level building blocks for accessible APIs 12:58:29 ack mhepp 12:58:39 Jonny has joined #W3Cpayment 12:58:57 @@: how is the idea of digital receipts related to the work on schema.org? -- could be applied to JSON-LD representation 12:59:17 Kumar: no plan right now to align this with JSON-LD but he thinks it's a better idea than Mozilla's free-form JSON 12:59:39 q? 12:59:43 q+ 13:00:20 Stephane Boyera: mozPay seems like an interesting abstraction across other payment provider APIs 13:01:16 q+ 13:01:21 andym has joined #w3cpayment 13:01:21 Kumar: it's an abstraction but anyone could make an abstraction, all the building blocks are on there on the web with HTML forms that have a submit button, i don't think we need to standardize an end-to-end flow, only focus on things that are missing like tokens. Stripe has its own abstraction 13:01:33 ack schuki 13:01:54 Daniel Appelquist: working at Telefonica I agree with what Kumar said, but I don't agree that SMS is a hack 13:02:40 Lou has joined #W3Cpayment 13:02:40 Daniel: using SMS is becoming pretty well cemented as mechanism for verification -- silent SMS may be useful in some cases but in others it might make the customer feel more secure 13:04:01 Daniel: is there really an ideal payment experience? Micropayments have long been needed. HTTP status code 402 was intended to support micro-payments. There were people in the mid-1990s trying to implement micropayments but there is plenty of room for innovation, shouldn't just focus on an ideal scenario. Need to focus on security and convenience 13:04:25 Angie has joined #w3cpayment 13:04:32 Daniel: there are issues with the current security aspect, chromeless webapps or native applications, how can you determine if you're in a secure application 13:05:09 Daniel: certificate model of web security is broken because people don't pay attention to it, people click through even on old certificates 13:05:28 Daniel: innovations in payment UI like using camera to recognize credit card, but then there's a privacy issue 13:05:47 q? 13:05:50 q+ 13:05:53 Daniel: loyalty cards have interesting developments 13:06:04 Daniel: mobile ticketing is also part of payments 13:06:31 joe has joined #w3cpayment 13:06:48 Daniel: not currently convinced that we need payments as part of the core architecture of the web. we should incrementally strengthen existing work 13:07:53 Bryan Sullivan: ATT has operated as payment broker since 2002, APIs have improved over the years, also mobile wallet in the US. There isn't an ideal experience 13:08:01 usecase:loyalty cards 13:08:06 Bryan: people should look at the push API he's working on with Telefonica 13:08:28 s/:loyalty/: loyalty/ 13:08:30 Bryan: payment is personal, enabling user choice in everything regarded to payment is a key aspect of the UI 13:09:02 Bryan: W3C doesn't have to address entire industry but it should look at key use cases and requirements 13:09:41 Bryan: UI for web on moblie is very diverse, all of contexts should be supported. Don't want a fragmented web UX 13:10:27 Bryan: UX is going to be driven by how consistently the APIs are implemented, not so much about the UI -- you can set expectations but mandating a particular UX leads to narrowing scope of problem too much 13:11:10 Bryan: transfer of funds as an exercise is a really good place to start but we need to think of payments as an aspect of transaction processing in general, need to be able to exchange all types of value 13:11:18 ack ernesto 13:11:22 q+ 13:11:36 andym has joined #w3cpayment 13:11:42 q+ JeremyKing 13:11:51 q+ andym 13:13:01 Ernesto: used to work for Telefonica and Mozilla, background on what mozPay offered them -- it was good because everything is web-based, needed a way to verify trusted UI for entering details, the only problem was that there wasn't an option to open it up to every type of payment provider 13:14:30 q- andym 13:14:32 Kumar: in mozPay there's a trusted UI, but it is still spoofable. That's not a payment-specific problem, it's a problem for all mobile. There's no way to trust that a site is connected to the right URL, all of mobile needs that 13:15:38 David Birch: if you assume payment token is the invoice signed by the provider, that's completely feasible. The client is going to pass the token to the payment service provider so they need to manage providers. They'll also resolve certificate chains 13:16:05 David: digitally signed invoice can act as the receipts 13:16:10 erik_anderson has joined #w3cpayment 13:16:34 David: if we assume most of this is going to move onto mobile, Trusted Execution Environments might add some optimism even if it's not ideal right now 13:16:50 +1 to Dave Birch point on TEE optimism 13:17:12 Kumar: maybe the token doesn't need the W3C but I want to see sites stop using credit card numbers 13:17:20 Hello Web Payments Workshop! 13:17:46 Kumar: with the receipts there's also the ownership part, like a cookie that lives on device so you could give it back to the website 13:18:21 Bryan: people should look at global platform for TEE, this is a problem that's been around since feature phones 13:18:21 s/@@/MartinHepp/ 13:18:50 Bryan: it's a general problem of the web that things can pop up and take over the screen 13:18:51 Erik_Anderson has joined #w3cpayment 13:19:03 ack phobeo 13:20:35 note : light explanation of Trusted Execution Environment technology there : http://poulpita.com/2014/02/18/trusted-execution-environment-do-you-have-yours/ 13:20:37 Ricardo: the moment we start getting into trusted elements, we're getting into manufacturers and browsers, etc. we'll need to decide if we want to involve those. Payments are not just a form, the actual payment is done later. The open question is whether payments should be a more integral part of the web. Similar to geolocation where you say I want your location, a merchant could say I want $10 13:21:53 Natasha: many position papers separate UI and intent to pay, questioning whether UI should be standardized. What do people want from standards? 13:22:29 stanstalnaker has joined #w3cpayment 13:22:32 q? 13:22:38 q+ hannes 13:22:44 hello world 13:22:49 q+ 13:22:52 Kumar: dangerous to standardize things that don't need to be standardized -- UI is easy to build on existing web technology. Risky to introduce APIs that are not useful. A 402 response is not as useful as a 301 redirect that redirects to a page saying you haven't purchased this option 13:23:12 usecase: when doing a payment, need a way to assure the customer he is his payment service provider and is not subject to phising. Specially problematic in mobile when browser chrome is not available. 13:23:14 q+ 13:24:41 Manu: agrees completely. Dangerous to say this is exactly how payments look on the web, it's more about the intent to pay. Whitelists and digital receipts have been raised a number of times but if we say there will be a whitelist on payment provider signatures we'll continue having the same ecosystem we see today, no innovation. We could potentially put in the same infrastructure that was put in for the Certificate Authorities, we want a m[CUT] 13:25:20 Bryan: management of that type of data is the essence of evil, solution needs to be more scalable 13:25:48 OlivierM has joined #w3cpayment 13:26:18 q+ 13:26:34 q+ to ask what the relation is between digital receipts and EME, and to offer the counter-example of EV certificates and standardisation of UI 13:26:39 Daniel: shouldn't describe things as evil. On mobile, most apps are being used in a chromeless way, there is a disparity because there isn't the same kinds of visual queues 13:27:01 * cues 13:27:17 s/queues/cues/ 13:27:25 Bryan: trusted consent is a general problem of the web 13:27:29 q+ jorg 13:27:38 If I may ask, how's linked data, Ethereum? 13:28:26 q? 13:28:27 Prakash: murkiness in terms of the standard for payment tokens, what does the Fed and European Commission think of the standards? 13:28:33 note : some trusted user interface like work is discussed in WebAppSec see : http://www.w3.org/TR/wsc-ui/ 13:28:48 can't hear unmiced commentors 13:29:37 BryanS has joined #W3Cpayment 13:29:39 andym has joined #w3cpayment 13:29:41 Jeremy King: the standard that Mastercard and Visa have just related is taking tokenization from the issuer perspective and using token to iinitiate transaction 13:30:09 Jeremy: from PCI standards there is tokenization from the acquirer's side 13:30:34 q+ about commenting on UI specification 13:30:35 Jeremy: everyone's talking about tokenization from different ends of the spectrum 13:30:41 usecase: Tokenization 13:30:47 Not sure how the tokenization spec relates to the UX, maybe this can be clarified 13:30:58 q? 13:31:13 q+ for Gray Taylor 13:31:28 ack gmandyam 13:31:32 q+ GrayTaylor 13:32:03 q+ to comment on UI specification 13:32:30 keir has joined #w3cpayment 13:32:39 steph has joined #w3cpayment 13:32:40 Geary: re: mozilla telefonica paper -- why aren't client technologies for geolocation good enough? How will third party payment providers being included? 13:32:44 q- dezell 13:32:45 note emvco tokenization framework : https://www.emvco.com/specifications.aspx?id=263 13:32:55 s/Geary/Giri/g 13:33:23 (see above for an example :) ) 13:33:30 q+ to talk about merchant ideal experience: adding easily psps without changing a line 13:33:53 Kumar: we're not sure, that's why there's a whitelist right now. There are really sensitive APIs, there are privacy reasons why we don't want to allow access to that 13:34:00 q+ re privacy 13:35:06 r2d2 has joined #W3CPAYMENT 13:35:53 Natasha: want to pull conversation away from mozPay because they're not going to spec it 13:36:19 ack JeremyKing 13:36:57 Jeremy King: re comments about SMS, not long ago there was a laptop and mobile phone, but now they've merged into one so SMS is ineffective 2FA 13:37:27 Jorg has joined #W3Cpayment 13:38:01 q- GrayTaylor 13:38:03 +q 13:38:10 ack hannes 13:38:14 ack hannes 13:38:26 s/+q// 13:38:31 q? 13:38:51 Hans: there's always a reluctance to standardize UI but the standardization is gone on mobile, as well as the certificate validation. Is there any possibility to improve the mobile experience? No one wants someone to dictate UI but it's not a good state now 13:39:20 Re SMS use in stolen phones, the solution there is faster response for locking phones. And anyway in most cases the thief will pull the SIM first thing, which prevents the SMS from being an attack vector. 13:39:26 q? 13:39:45 Kumar: any time you're talking to any website on mobile phone, need better mechanism than a lock icon for non-crypto users to know they're talking to the right site 13:40:25 there is not only stolen phones but a lot of stolen OTP are due to cloned SIM issued by the operators 13:40:46 Daniel: security is a payments issue. HTTPS was designed for payments 13:40:52 Re earlier point on location, I agree it should be entirely adequate (GeoLoc API) for payment purposes. Newer tech and networks e.g. LTE will also support indoor location soon. 13:40:59 ack jeff 13:41:40 s/HTTPS was designed for payments/per PHB, HTTPS was designed for payments, i.e., to make consumers feel confident enough to make payments online./ 13:41:43 Jeff Jaffe: both Kumar and Manu have made strong points about not standardizing UI, but if we're talking about an ideal UX for payments, we have to get people to trust us with their dollars or Euros, it's different than browsing the web for information 13:42:02 Ori_Eisen has joined #W3Cpayment 13:42:06 Hi, I would like to make a comment 13:42:14 q+ Ori_Eisen 13:42:23 Kumar: there's a lot of innovation on the current web with UI. Amazon payments are incredibly fast, Stripe has made it super easy to pay. We'd hold people back 13:42:38 q+ 13:42:40 Manu: does anyone even have an idea of what the ideal UI would be? 13:42:45 Natasha: too many stakeholders 13:42:46 sorry, new to this format ;-) 13:42:48 s/Hi, I would like to make a comment// 13:42:57 i believe we are mixing ideal functional interface vs ideal design 13:43:01 Manu: never heard an idea that would work for everyone 13:43:06 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html wseltzer 13:43:22 Bryan: shouldn't focus too much on UI 13:43:35 UI will always be branded by the organization. They will want their own particular theme. Standardizing the UI will never go anywhere. 13:44:07 i/Natasha: in this session/scribenick: evan_schwartz 13:44:28 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html wseltzer 13:44:38 Wendy, do I type just "q+" or like you did "q+ Ori_Eisen"? so I know 13:44:45 ack chaals 13:44:45 chaals, you wanted to ask what the relation is between digital receipts and EME, and to offer the counter-example of EV certificates and standardisation of UI 13:44:48 The problem is that solutions that focus on UI get reduced to a solvable surface, in the case of tracking protection for example limited to web browsers, and leaving all other web contexts off the table. 13:44:54 +1 to Dan 13:45:01 thanks! 13:45:27 s/Wendy, do I type just "q+" or like you did "q+ Ori_Eisen"? so I know// 13:46:19 keir has joined #w3cpayment 13:46:28 Chaals: when we created extended validation certificate system, one of the things we did at W3C was standardization of UI to show that you were on an extended validated system. There's not a full spec but there are some clear guidelines to help users be sure they know what they're getting. You do have to dictate something about the UI to pass a clear message across different UIs, need to pass minimal viable set. This wouldn't be restricted[CUT] 13:46:31 evan_schwartz: s/Yaromin from Dynorg/Jaromil from Dyne.org/ 13:46:48 thank you 13:47:24 UI can come from many places... Web servers are the most flexible source of UI, and OAuth servers have the same advantage of being able to dynamically pull in content/info to present to the user, and don't impact browser code bases (another limiting factor). 13:47:38 q? 13:48:44 Chaals: might be way to standardize receipts 13:49:04 Natasha: who thinks it's a good idea to start looking into UI elements of payments? 13:49:16 some people think it's a good idea, a few think it's an awful idea 13:49:29 Natasha: good case to start looking at it 13:49:39 ack Jorg 13:49:42 Note : UI with security merits may be worth looking at 13:50:00 q+ on non-normative UI/UX work 13:50:16 Jorg: need to differentiate between UI and user iteraction patters, need to get into user interaction patters which blend into technical transaction interactions 13:50:46 [having a digital receipt that is transferable doesn't solve all of EME, but one part of what they want to do is determine whether you have the right to use the content] 13:50:58 scribe is getting very tired of typing :( 13:51:00 To address offline use cases, we also have service workers and other new tech that can serve the same goals e.g. local OAuth servers that can on the back end integrate with TEE Trusted Applications or Secure Elements, which can provide a truly trusted UI capability for the web. 13:51:05 q+ 13:51:32 +1 to thinking about interaction (not interface). 13:51:42 +1 too 13:51:56 Would web components provide a means to create secure interactive elements? 13:52:08 BryanS: I was going to say! 13:52:09 [+1 the distinction between interaction and interface is a helpful distinction] 13:52:11 Daniel: interaction is the more accurate term than interface 13:52:35 [… i.e. a digital receipt. And having a decentralised receipt instead of your prof-of-ownership being provided as a service by a particular provider would, for example, reduce the problem of your key expiring with the company that made it] 13:52:39 Bryan: what would be the role of web components? they could provide secure interactive elements 13:53:04 Natasha: B2B payments haven't come up yet 13:53:21 bryan, I don't think so: web components at its basic form are just glorified client-side template engines, they don't solve anything we couldn't do already (of course they have benefits like reusability but they don't add new "use cases") 13:53:52 Bryan: whole range of relationships beyond B2C, in order to really reach scale, need to look at end-to-end interaction and see all of the players. Need means of exchange between providers and a market 13:54:43 ack ernesto 13:54:43 ernesto, you wanted to comment on UI specification 13:54:44 usecase: encrypted media extensions 13:54:50 ack schuki 13:54:52 q+ 13:55:46 Ernesto: 2 tracks for UI, browser or OS UI and there's also UI for payment flow from payment processor. need way to show customer in mobile and desktop that they're in a trusted environment. shouldn't standardize how that looks but should provide means for browsers to show it's in a trusted environment 13:57:00 Ernesto: different aspects of this could be standardized separately as layers 13:57:03 Businesses and enterprise user use cases are just as important as consumer use cases. For example, the parties involved in enterprise use cases might aggregate or authorize payments on behalf of the enterprise, thus represent a B2B use case. 13:57:11 StephanSteglich has joined #W3CPAYMENT 13:57:16 scribe: chaals 13:57:25 thank you so much 13:57:26 q? 13:57:28 Manu: Don't think anyone is arguing against a layered approach 13:57:31 DKA: Agreed 13:57:34 ack steph 13:57:34 steph, you wanted to talk about merchant ideal experience: adding easily psps without changing a line 13:57:49 q+ 13:58:15 Steph: We talk a lot about users. I feel we need a holistic approach. Think of the merchant UI. What merchants want is to support more payment providers without changing the website for each one. 13:58:22 … that has a huge impact. 13:58:42 Kumar: Would be nice, don't see it happening. People woudn't follow a standard for an API. 13:58:48 stanstalnaker_ has joined #w3cpayment 13:58:51 … the incentives are not there. Open source is a good answer 13:59:12 [chaals thinks a standard is a far better tool than an Open Library] 13:59:18 … that would get traction. 13:59:35 +1 to chaals 13:59:56 Steph: There is an abstraction that can be done like mozpay, routing the user through the payment layer generically seems a clever way to provide benefits to merchants and customers. 14:00:13 Isn't the interface between a virtual wallet and payment providers valuable to standardize? 14:00:13 … think that could be a good goal, allowing innovation where it makes sense and a generic approach where it is required. 14:00:29 Manu: Big problem for merchants- if there is an open mechanism, the merchant still needs to get the money. 14:00:44 q? 14:00:49 … They want to accept all payment, but don't want to make individual deals with each processor. Not sure we touched on that. 14:01:00 The merchants don't need to know or use the API between the wallet and payment provider, just the web API that provides access to the wallet. 14:01:11 Steph: Think that would solve the issue. It isn't just an account today, it is also writing a whole backend. 14:01:19 Manu: So where to they open the account? 14:01:36 Natasha: Wallets might be able to handle that, giving a bundle of accounts. 14:01:41 Danny_Jeong has joined #W3CPayment 14:01:44 … people innovating around there can cause issues. 14:01:54 ack wseltzer 14:01:54 wseltzer, you wanted to discuss privacy 14:02:13 Wendy: Wanted to re-emphasise Dan's quote about HTTPS - giving customers confidence to make payments on the web. 14:02:27 … shared interest is giving the customer confidence in transactions. 14:02:33 q+ hannes 14:02:37 … and we have interest in making that confidence justified. 14:02:56 Merchants dont want to be exposed to all of the underlying payment sources or technologies. 14:03:08 They want it more simple 14:03:22 d:) deep thought - what would an httpp:// protocol look like as a means of annotating a potential payment marker 14:03:30 … some attention to the UX is needed. We need some workto standardise and help people see they don't need to be an expret in choosing providers to do business, don't need to do a lot of research before knowing if payment will work on the web. 14:03:47 [chaals to stan: payto:… ?] 14:03:55 … we want this to happen, where can we do the work? 14:04:03 ack hannes 14:04:04 Merchants want choice, but not necessarily infinite choice. Having ANY choice would be a huge improvement over status quo. 14:04:42 Hannes: Raises an interesting question for W3C. On the one hand you create building blocks, and let industry innovate, but how do you ensure that these are sound for security, which is the sum of, not just individual block propoerties. 14:04:52 … relates to white-listing/certification. 14:05:29 … When people meet the right criteria they get the User Experience. I see layers in standardisation - some blocks at W3C, but some maybe somewhere else (dunno where) 14:05:51 … to provide a block that people get which is trustable. There are examples in other sectors, like FIDO or Bluetooth. 14:05:57 I agree that trusted UI is an important thing to be considered but in general, not just for payments. And we should keep a broader focus when we consider this, remembering that much of the Web's UI exists outside the user agent, at least in how the presentation layer is crafted. 14:06:02 Natasha: has happened in eg WebRTC too. 14:06:19 ack Ori_Eisen 14:06:28 bgidon has joined #w3cpayment 14:06:55 +1 core 14:06:58 virginie: Ori_Eisen 14:07:03 Ori: Suggest we keep the UI and visual to the end. Computers are great in shell before they had UIs. Let's fix the core issue and then worry about how to signal what we are trying to solve. 14:07:31 .me thanks schuki, helps preparing my security session 14:07:33 … Think there are plenty of things W3C can and should do. BUT there is no standardisation of fighting viruses. The bad guys are too agile to make standards of how we fight them. 14:07:33 APIs are the analogy of the shell 14:07:49 [cough Kerkhoffs] 14:07:51 … any standard we make will be so slow that bad guys have a roadmap in advance. 14:08:04 … need to figure what should and what shouldn't be standardised. 14:08:22 betehess has joined #w3cpayment 14:08:30 … who takes responsibility for paymetn security if it goes bad. How do people who take responsibility for lost money fit into the standardisation. 14:08:41 … Don't forget there is an adversary watching us. 14:09:15 DKA: My perspective is this workshop is looking to feed a process in W3C, but the thinking we are doing can have a big influence too. 14:09:25 q? 14:09:40 … documented record of the meeting might produce outcomes which are work items but not for W3C. 14:09:56 acl tobie__ 14:10:09 ack tobie__ 14:10:09 tobie__, you wanted to comment on non-normative UI/UX work 14:10:18 s/cough Kerkhoffs/Kerckhoffs's Principle, that a cryptosystem should be secure even if all is disclosed but the key; transparency can aid security 14:10:34 q+ hannes 14:10:37 tobie: Following up on UX. The reason not to standardise is 1: IPconcerns, 2: don't block innovation. Which are important points. However, there would be value in some non-normative documents on the topics. 14:10:50 ack Erik_Anderson 14:11:05 [Jeff supports Tobie's point. We often call that "Best Practices".] 14:11:17 Erik: All the merchant cares about is getting the money into their bank. What is their experience going to be? 14:11:51 Manu: we ar focusing on customer experience and especially security issue for them, not "does their payment provider match the merchant"? 14:12:40 … Visa and MC don't care who people bank with. Unless we're building on existing powers, you have to have a standard where the merchant and customer can have different bank accounts, otherwise we can't compete with what we already have. 14:13:04 DKA: Agree. E.g. Stripe's value-add is simplifying life for the merchant. 14:13:39 q? 14:13:43 … Yandex proposal has some issues but the thinking behind it to make it easy for merchants to integrate payment is something we really need to understand how to do, and to get right as an output. 14:14:07 Kumar: Why do we need to standardise? Merchant can accept bitcoin. 14:14:19 [there are some governments who take a dim view of merchants doing that] 14:14:31 q? 14:14:34 -1 to Kumar 14:14:35 q+ 14:14:36 q+ 14:14:38 q+ 14:14:59 q+ 14:14:59 Bryan: downside is fragmentation inhibits growth. Developers always complain about the lack of standard APIs. The developer experience is horrible and they don't have bandwidthto track the fragmented world. 14:15:10 … standardising at least a digital receipt might help as a minimum. 14:15:58 Manu: Any merchant can integrate any currency, so long as the value ends up at "X". Ideal is that when a vendor implements a cart, the mechanism is the same across currencies. They just want a receipt for the amount they asked for. 14:16:01 +1 to manu 14:16:19 DKA: Sometimes the vendor needs more info than the credit, e.g. for regulatory requirements (reporting, etc) 14:16:28 ack mountie 14:17:08 Mountie: Re certificates, a strength is that it is not yet fully standardised. Problem of transport medium. Web is on the application layer. 14:17:19 … certificate has ??? 14:17:57 … 2nd point, payment can be connected to the merchant or delivery or ID service providers. Have to think about integrating the process from initiating, getting the receipt, … 14:18:27 … 3rd We can use recommendation systems to determine trust. 14:18:50 Hannes has joined #W3CPayment 14:18:56 … we can rent the idea from bitcoins and use users instead of whitelisting 14:19:11 DKA: So learn from cryptocurrency and bring ideas into mainstream payment? 14:19:25 The third idea seems to call for vendor reputation integration into the UX for payment. 14:19:53 Mountie: No, we get votes from users. Accumulating votes can use the bitcoin transaction history mechanism to increase trust. 14:20:10 q? 14:20:17 Manu: Trust of merchant based on other transactions. More people work with them, the more you an trust them. 14:20:38 q? 14:20:48 q- 14:20:50 Mountie: Also user experience reports. No trust until you get "xyz" accumulated experiences 14:20:53 q- to not eat the break 14:21:04 [chaals: problem with that is how new entrants get on board] 14:21:26 q? 14:21:26 usecase: Merchant and User reputation 14:21:32 Bryan: reputation is integral. If we could integrate verifiiable reputation recommendation it would be valuable 14:21:35 zakim, close queue 14:21:36 ok, wseltzer, the speaker queue is closed 14:21:56 [I hear "two-sided market"] 14:22:01 Bryan: reputation is important for all the parties, not just merchants 14:22:02 Ricardo: payments with cards are optimised for merchants. I ahve no idea what I get charged when I make an international purchase. 14:22:08 q? 14:22:18 ack hannes 14:22:20 ack phobeo 14:22:35 Usecase: reputation based selection of providers in a payment transaction, or info about merchants to help the user choose whether to complete the transaction 14:22:38 … The same will happen here. Merchants already whitelist payment providers - won't accept some card because of various factors. 14:22:44 … question is who does whitelisting. 14:23:03 … in B2B, a merchant cannot ust receive money out of everywhere, they have to justify the income. 14:23:09 now in France you can be charged for exchange rate between EUR and EUR … 14:23:28 q? 14:23:34 ack Jorg 14:23:57 I'm sure this existe also elwere chaals 14:24:03 Jorg: Important to understand that the security things are about risk management, since 100% security is an illusion. We need to keep that in mind and associate risk with the right players. 14:24:21 … in many cases the system holds the user free of liabilities - this is a service of the payment provider. 14:25:02 … f they can make the browser secure easily, they can make things cheaper. We're not looking for *a* security mechanism but a framework that supports many. We want to give users and merchants a choice. 14:25:14 DarrenG has joined #w3cpayment 14:25:38 … I go to a shop and they say what they accept. I want to see that on the web, and then choose the instrument of those I want. two places where choices can be matched, which is a protocol thing that we can work on. 14:25:39 q? 14:25:56 phariramani has joined #w3cpayment 14:26:10 ack sch 14:26:11 Natasha: Seemed from position papers that stronger solutions were the simple things. Is a simplesolution the right thing to do? What would it be? 14:26:13 ack schuki 14:26:45 Kumar: Think we need to focus on the small pieces, not an end-to-end solution. Everyone has different incentives. So they won't adopt a standard that doesn't match their incentive. 14:27:02 phariramani_ has joined #w3cpayment 14:27:18 … If we focus on e.g. receipts, someone finds that useful but will want to e.g. maintain their own control over identity provision. So think we can only focus on the primitives. 14:28:14 Manu: Largely agree. Important to know where we are going. Would expect work to happen in phases. Primitives first, then maybe higher-level concepts. Can we give anyone the ability to crowdfund up to X value? Not in generation 1, but with the right primitives in place it might be possible to handle that. 14:28:26 … best approach to failure is to try and make this a big standards initiative. 14:28:31 DKA: +1 14:29:02 Bryan: Keep it simple. Don't make a thin abstraction layer covering a mess of javascript that covers all the horrors. 14:29:18 … finding the sweet spot is complex (we're going through that with PushAPI) 14:29:32 Natasha: Wrapping: Trust and security is a big topic. 14:29:46 s/initiative/initiative, we need to start on small blocks/ 14:30:20 … we focused on trust and trustworthy UI. Lot of attention paid to digital receipts and tokens. Whitelisting has scalability issues but we want to look at what they really are. 14:30:21 It was interesting that all panel members argue for **simple** solution 14:30:26 usecase: whitelisting of parties - users, merchants, payment providers 14:30:34 … flow from the merchant perspective is important - we are all users, but not all merchants. 14:30:43 (Nobody every argues for complex solution and for standards that are hard to understand. How boring is that?) 14:30:51 … for standards, keep things simple and/or standardise in modules. 14:31:07 … We dabbled in stakeholders, and wallets (there is a session on that tomorrow) 14:31:36 Even consultants argue for simple solutions. They just add that the search for simple solutions is still ongoing and requires lots of work 14:31:37 rrsagent, draft minutes 14:31:37 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html wseltzer 14:31:38 … I'm eating your break, but while there, think of the primitives to standardise around and tweet with #w3cpayment tag 14:31:51 [break] 14:34:13 sboyera has joined #w3cpayment 14:34:15 rrsagent, make minutes 14:34:15 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html marie 14:47:22 phariramani has joined #w3cpayment 14:53:32 andym has joined #w3cpayment 14:55:53 phariramani has joined #w3cpayment 14:56:17 phariramani_ has joined #w3cpayment 14:59:42 skddc has joined #W3Cpayment 15:04:14 steph has joined #w3cpayment 15:06:18 kjheimark has joined #w3cpayment 15:06:19 SartoriMichele has joined #w3cPAYMENT 15:06:43 scribenick: dsr 15:06:47 scribe: dsr 15:06:50 mountie has joined #W3Cpayment 15:06:51 Topic: Session 3 — Back End: Banks, Regulation, and Future Clearing 15:07:09 Day 1: 16:00 Session 3 — Back End: Banks, Regulation, and Future Clearing starting 15:07:37 dka has joined #w3cpayment 15:07:40 Stephane introduces the session moderator Erik Anderson 15:07:55 darobin has joined #W3Cpayment 15:08:00 Erik Anderson: Session focused on banking, back end and regulation 15:08:10 Erik: this session will be more about the backend and the banking side. 15:08:24 kodonog has joined #w3cpayment 15:08:27 darobin has joined #W3Cpayment 15:08:35 darobin has joined #W3Cpayment 15:08:37 (introduces Jean Claude Barbezange, Worldline) 15:08:44 phobeo has joined #w3cpayment 15:09:16 Floris has joined #W3CPAYMENT 15:09:18 Hannes has joined #W3CPayment 15:09:24 jeff has joined #w3cpayment 15:10:00 mhepp has joined #w3cpayment 15:10:01 JC: slide on legacy web payment mode 15:10:37 Jean: Front end: web form: declarative data: E.g. PAN, CVV 15:10:44 PAN = Personal Account Number 15:11:09 CVV = security code at back of card 15:11:36 secure mechanisms: 3dS, tokenization, dynamic CVX 15:11:36 marie has joined #w3cpayment 15:11:37 ... front end with a web form, declarative data, e.g. card info. Security with 3DSecure, and more recently tokenization. 15:11:53 stanstalnaker has joined #w3cpayment 15:12:08 Dynamic CVX provides better secuirty 15:12:22 dezell has joined #w3cpayment 15:12:30 Slide 3: Legacy Web Payment -> Back end 15:12:34 ... also dynamic CVS for improved security. Also convenience for user, e.g. form auto completion and one click purchases. 15:12:55 Banking card: universal, fee for payee, some level guarantees 15:13:00 jphong has joined #w3cpayment 15:13:13 tim has joined #w3cpayment 15:13:20 In some countries like Germany, credit transfer is used for nilling, home banking.. 15:13:26 Ideal is used in Netherlands 15:13:30 mdadas has joined #w3Cpayment 15:13:40 Direct debit is used for regular recurring payments 15:13:50 Slide 4: Legacy web payment mode 15:13:51 Angie has joined #w3cpayment 15:13:55 scribe: phariramani 15:14:15 depends on cultural user behavior per country/usage/trusted level 15:14:39 Parslow has joined #W3CPayment 15:15:07 different rules for some functions: transaction collection, clearing/settlement, cancellation/refund, dispute, risk management, fraud detection 15:15:33 If token is used for txn lifecycle management then toke needs to be preserved for long period 15:16:50 Backed protocol is moving to ISO 20002 15:17:05 Slide 5: New web payment mode (crypto currencies) 15:17:30 Crypto tools: hash, asymmetric signatures, mathematical functions like pairing 15:17:38 Mark_E has joined #W3Cpayment 15:17:46 currency virtualization: dynamic change currency 15:18:08 autonomous cryptogram contains all the data for the transaction as bank notes or coin. 15:18:29 Interest in reducing cross border transaction costs 15:18:43 in some cases can keep anonymous information on user 15:18:50 Slide 6: New web payment mode 15:19:11 Front end: P2P: Based on open source software wallet 15:19:26 DarrenG has joined #w3cpayment 15:19:49 Front end: Also based on new internet technologies like IP (TCP/UDOP), IP Address 15:20:20 Slide 7: New Web Payment mode: Back end 15:20:27 Real time with instant balance 15:20:35 distributed functions for txn validation 15:20:44 Slide 8: Conclusion 15:20:57 For both ecosystems, trust and security are mandatory 15:21:20 PSPs also have to develop authentication, risk analysis and fraud detection 15:21:48 erik_anderson has joined #w3cpayment 15:21:56 Some standardization on web browser could be helpful like fingerprinting, secure inputs, API to secure client device resources 15:22:20 and privacy requirement on vendor 15:22:31 virginie has joined #w3cpayment 15:22:33 NeilMJ has joined #W3Cpayment 15:23:43 Erik: W3C is encapsulation layer beyond a low level protocol; need to consider legacy systems while considering standards 15:24:08 Erik: introducing World Bank/Harish Natarajan 15:24:56 manu2 has joined #w3cpayment 15:25:05 Harish: Build on topics introduced from this morning 15:25:19 Key findings from WB global payments survey... 15:25:43 Innovative = anything not based on traditional bank accounts 15:26:33 11% of innovative product transactions accounted for more than 5% of electronic payments volume 15:26:46 69% of innovative product transactions were growing 15:27:04 Slide 4: Findings & policy implications .. 15:27:38 Right hand corner of pie chart -> innovations could serve affordability & accessibility of payment services 15:27:44 Slide 5: interoperability 15:27:53 Interoperability generally associated with card products 15:28:30 Interoperability fosters competition and consumer convenience 15:28:54 Several levels of interoperability. Infrastructure, system wide & cross system 15:29:36 E.g. card level interoperability -> POS terminal in US can support cards issued by any bank as long as card adheres to standards 15:29:53 E.g. system wide interoperability -> Visa system 15:30:10 dlongley has joined #W3Cpayment 15:30:29 Cross system interoperability not as easily achieved 15:31:09 However cross membership across systems (Visa / MasterCard) could achieve cross system interoperability 15:31:51 Money transfer example: Typically Western Union/Money Gram generally prohibit sharing of agents; restricts interoperability 15:32:26 Thats sounds good. Thanks Dave 15:33:07 Slide 7: Infrastructure and access interoperability//use of clearing & settlement 15:33:24 s/Thats sounds good. Thanks Dave/ / 15:33:49 More than 50% of innovative products settled in books of issuer and only around 24% with central bank 15:33:56 Ok chaals. Good idea 15:34:11 Slide 9: Legal and Regulatory Considerations 15:34:34 s/Ok chaals. Good idea// 15:34:40 StephanSteglich has joined #W3CPAYMENT 15:35:00 AML/CFT = Anti-Money Laundering/Combating the Financing of Terrorism (AML/CFT) 15:35:23 rrsagent, draft minutes 15:35:23 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html chaals 15:35:32 4 main issues-> safety of customer funds; typical bank has deposit insurance however this may not apply for a non bank institution 15:36:17 link: http://www.imf.org/external/np/leg/amlcft/eng/ 15:36:20 Heightened AML/CTF risks: The way non bank accounts are setup created higher AML/CTF risks but can be addressed thru velocity limits, txn sizes 15:36:50 TomPic has joined #W3CPayment 15:36:53 Weaker authentication could lead to higher fraud risks. E.g. SMS used by some for operator billing 15:37:44 Consumer protection: when a customer signs up for credit/debit card there are very clear requirements however that is not the case with many prepaid products so customer may not be aware of what they are getting into 15:38:21 how to know if a customer really knows what they are getting into? $64K question 15:38:35 Need to ensure competitive market conditions: Avoid regulatory arbitrage. Banks subject to higher constraints but non banks may have more relaxed requirements 15:39:23 Oversight arrangements: Typically supervision is the term used; oversight looks at impacts to system as a whole and typically function of central bank. Non banks typically fall outside of this central bank purview 15:40:12 Conclusion: Innovative payment mechanisms expand access, efficiency but form a regulatory perspective they need to be seen as an integral part of the national payment system of the country 15:40:17 usecase: payment process includes user informed consent requirements about "what they are getting into" 15:40:52 Dave Birch: 2 of the most successful schemes (mesa and SMART Philippines) do not involve banks. Is that a coincidence? 15:41:24 Harish: They adopted a model that banks typically do not use (agent model) and a consumer pays model 15:41:47 s/mesa/MPESA/ 15:41:53 q+ 15:41:54 Harish: mesa transactions have a typical 1% transaction fee but many banks are not allowed to charge users for withdrawing cash form their own account 15:42:17 Erik: Introducing Evan from Ripple 15:42:24 s/mesa transactions/MPESA transactions/ 15:42:38 [chaals wonders how much of the reason MPESA/Smart didn't come from banks is due to banks thinking "payment already works…"] 15:42:48 zakim, open queue 15:42:48 ok, wseltzer, the speaker queue is open 15:42:53 q+ gmandyam 15:43:05 Evan: Ripple = global, open source decentralized payment network that connects other payment networks 15:43:22 Erik: Talk about how Ripple can make payments faster, easier and cheaper for everyone 15:43:34 s / Erik / Evan 15:43:52 Ripple = Global decentralized open source network 15:44:23 Ripple Labs = company dedicated to supporting Ripple's development 15:44:40 Next slide (no slide numbers unfortunately) : Ripple payments are . . . 15:45:14 Ripple payments are fast, free, in any currency, global and secure. Can be done in any currency, gold or any stored value 15:45:41 Slide: Payments technologies are not interoperable .. 15:46:11 payment technologies do not work together because inter network transfers are slow and expensive. Very difficult to move money cross border 15:46:29 Slide: Web payments need decentralized clearing and settlement 15:46:50 There will never be buy in for a centralized clearinghouse 15:47:06 Slide: Ripple connects payments technologies 15:47:19 Ripple takes 2-5 seconds to settle and is essentially free 15:47:41 Slide: Ripple connects payment networks (slide with Paypal, Bank of America logo) 15:48:02 Slide: Ripple has 4 broad categories of users 15:48:16 Basic user example is someone trying to send a payment 15:48:31 Merchant, market makers and gateways are the other 3 users 15:48:45 Slide: Send from any currency to any currency .. 15:49:05 Network takes care of all the exchange and this is seamless for the end user 15:49:14 Slide: Receive only the currency you want 15:49:35 usecase: send money to any currency type 15:49:38 This is great for merchants because they can accept only the currencies they desire. No currency risk with Ripple 15:50:00 Slide: Market makers facilitate exchange 15:50:06 usecase: receive money in a desired type 15:50:27 Market maker facilitates exchange. E.g. someone buying USD and selling Euros. Transparent to user since market maker handles this 15:50:40 Slide: Market makers compete on a distributed exchange 15:50:57 1st open decentralized currency exchange 15:51:09 User does not have to worry about FX 15:51:12 usecase: market makers acting as transfer agent 15:51:28 Slide: Financial institutions act as entry/exit points on Ripple 15:51:41 These could be Paypal, mesa, etc 15:51:51 s/mesa/mpesa/ 15:52:21 As long as the institutions are connected to the Ripple network this is transparent to the user. 15:52:33 Slide: Deal only with institutions you trust 15:52:57 No individual integrations required; you sign up with only one service you trust 15:53:37 Unlike other systems where both sender/receiver to have say signed up with Visa/MC this is more interoperable 15:53:54 Slide: Connected without needing any prior business arrangements 15:54:13 Picture of 2 Ripple gateways and market makers are between them 15:54:26 usecase: transfer money through gateway providers of financial networks 15:54:32 Market makers compete to offer the best exchange between these gateways 15:55:04 Does not require FIs/merchants to have individual negotiations 15:55:10 usecase: knowing through which financial network your transaction will be delivered (you might care?) 15:55:14 Slide: Summary 15:55:31 Ripple connects other payment technologies, fast easy to integrate .. 15:55:52 Erik introducing Max (CoinAPex) 15:56:04 Max: Introducing Bitcoin incubator 15:56:32 Mac: Interesting to talk about standardization in context of decentralized community like bitcoin 15:56:40 Please do take over scribing :-) 15:56:44 Thanks dsr 15:56:45 scribe: dsr 15:57:34 What's interesting is that there are lot of solutions in the bitcoin world which can move quickly, but are not necessarily what the regulators will want to see. 15:58:50 We're seeing a split in the bitcoin community with some who want to create an identity layer on top of bitcoin and others who want to avoid any kind of centralization. 15:58:52 the "interesting interplay" and knowing this is a concern (or may be) is one rationale for the use case of knowing how your money is being transfered (what if an international network used bitcoin internally?) 15:59:31 What US banks and regulators will be able to do is still in progress and it will be interesting to see how it plays out. 16:00:22 Connie Theien (US Federal Reserve), I want to take us back to legacy system and the feedback we got from stakeholders. 16:00:30 W 16:00:51 s/W/We've identified about 11 major kinds of use cases/ 16:01:24 ... We've document the requirements and are looking at the gaps from what is doable now. 16:02:09 ... We want to understand where we should be focusing our efforts -- shoring up the existing systems or supporting new kinds of systems. 16:03:03 We would like to make payment systems more accessible. We look at ACH as an efficient system, but we want to make it more open. 16:03:52 We've seen interest from some sources for a means to initiate cheque based payments electronically. 16:03:53 usecase: Electronically originated checks 16:04:49 We're also looking at the unique needs of businesses, and their specific requirements as compared to B2C. 16:05:09 usecase: knowing what info will be required to supplement a transaction 16:05:59 On the international side, we're looking at an ACH service that is fairly fast relative to other international payment solutions. Today this reaches 35 countries and we are looking to expand this further. 16:06:31 r2d2 has joined #w3cpayment 16:06:36 X9 = http://x9.org/ 16:06:39 ISO 20022 ... 16:07:14 NACHA = https://www.nacha.org/ 16:07:20 andym has joined #w3cpayment 16:07:25 We're interested in enabling improved security, information sharing and fraud detection. 16:07:27 andym has joined #w3cpayment 16:08:07 This is what we're hearing from our qualitative assessment of our consultation. 16:08:15 ISO 20022 = http://www.iso20022.org 16:08:20 q+ 16:08:23 usecase: knowing that data minimization principles are followed by systems in a payment chain 16:08:24 Erik: I would like to open the floor to questions. 16:08:57 Manu Sporny: an observation, it is great that all of the panelists have been focusing on their individual areas. 16:09:35 ... I am seeing that there is a very large divide between what is said in public and what people will say privately. 16:09:58 q+ 16:10:20 For example in respect to bitcoin and risk of legal litigation 16:11:09 ... As far as I can see, banks don't have a motivation to switch to truly decentralized clearing solutions. Very little cross pollination with the bitcoin communities. 16:11:37 ... It is great to see representatives from both communities sitting down together here. 16:12:52 Max: you are going to see caution at least from a high level. Things are happening, maybe not at the pace bitcoin folks want, but progress nonetheless. 16:13:44 If states start seeing tax dollars from bitcoin transactions, this will ease things forward. 16:14:41 Connie: I do see the dialog starting with people keen to reach out and talk. I think there is interest in learning and understanding where the future of payment systems might evolve. 16:14:58 TomPic_ has joined #W3CPayment 16:15:00 ... Much of our focus and effort is on how we can improve. 16:15:35 Jeromie: I would like to second Manu, it is readlly good to discuss the potential changes. 16:16:02 s/Jeromie/Jaromil/ 16:16:26 ... games are now bigger than movies, and kids are trading their WoW goods. 16:17:01 ... we are talking too much about fraud and not enough at the opportunities for supporting new markets. 16:17:39 Erik: not significant traffic as now on these alternative networks for governments to worry too much. 16:17:51 is fixing the broken Card Not Present system in scope? 16:18:26 Stan: Our experience with governments has been surprisingly open. It is difficult for small startups to fly and meet people. 16:19:24 ... We need to see greater effort on non-incumbent organizations to reach out and make their case on behalf of their communities. 16:20:09 Anonymity is a real concern in some areas of the world. 16:20:25 ... we need to avoid setting up conflict. 16:20:28 in an environment which a variety of decentralized / "innovative" systems may be used by money transfer networks, how important is it for users to know which types of networks may be involved, and to set preferences or express consent for their money to be transferred via such networks? 16:21:16 stanstalnaker has joined #w3cpayment 16:21:40 Bryan: in the environment, how important is it for standards and metadata about transactions, e.g. to enable people to know whether a given solution is more likely to be subject to scrutiny. 16:22:25 Evan: as long as the payment solutions are trusted and secure, that's probably sufficient. 16:23:59 q? 16:24:08 David Birch: as a consumer I am protected against fraud on credit cards. This is different from regulating money. Can you be a little clearer about consumer protection vs regulatory requirements 16:24:08 ECB paper I've mentioned https://www.ecb.europa.eu/pub/pdf/other/virtualcurrencyschemes201210en.pdf 16:24:38 q? 16:25:24 Harish: a customer may not know, but the bank will. There needs to be a framework governing how exceptions are handled. 16:25:39 the notion of trustworthiness and the current user transparency to how their money is transferred point to an issue of (a) who is asserting the trustworthiness (regulators?), and (2) the fact that users can currently rely upon a safe/reliable transfer system i.e. they have never had to worry about such things, so far. 16:25:59 Evan: on Ripple, all transactions are irreversible, so there is now mechanism for charge back. 16:26:43 q- 16:26:48 ... Ripple is much more like a debit system than a credit system, payments only proceed if you account has the necessary funds. 16:27:24 Harish: it is more about when a service needs to be refunded, e.g. on cancelling a flight. 16:27:58 Evan: you could have an escrow service that only transfers the funds when the service is delivered. 16:28:22 s/there is now mechanism/there is no mechanism/ 16:28:29 ... The merchant would have a rock solid guarantee of receiving the funds. 16:29:18 q? 16:29:21 q+ 16:29:26 Erik: we've seen stories of people paying with bitcoin on ebay and never getting a refund on non-delivery of the product. Escrow is important. 16:30:34 Evan: Ripple would allow card issuers to reduce their fees and it is likely that market pressure would force that. 16:31:24 ??: will crypto currencies become important for wallet to wallet transactions? 16:32:53 YY: VISA and MasterCard are profit driven. Merchants are tee'd up to go, but are concerned about volatility. 16:33:07 s/YY/Gray Taylor, NACS/ 16:33:15 marleen has joined #W3Cpayment 16:33:50 ... smaller payments are subject to a different risk model 16:34:12 way long ago, I used Tradenable to sell a high-value guitar to a buyer in the UK, with international shipping required - a complex sale. the role of the escrow company was an essential one. speed of transaction or the lowest fees are often (if not always, to me) secondary to trust in the transaction. 16:34:59 stanstalnaker has left #W3Cpayment 16:34:59 Manu: I've just heard something really scary. Evan: you've just explained why MasterCard and VISA are unlikely to adopt Ripple. 16:35:21 stanstalnaker has joined #w3cpayment 16:35:47 Manu - don’t forget that 50% of the interchange fee goes to the banks, so they are in the same boat as Visa/Mastercard 16:35:54 ... We're talking about standardization process that could drive fees down, and this may deter adption, unless it is forced by governments. 16:37:32 Max: if enough merchants switch, the market will force a transition to reduced fees. This is likely to happen in an incremental and initially small way. 16:38:32 If the banks become more comfortable and regulators give a nod, we can expect to see change. 16:38:47 q+ to say there is a market for visa/mc apart from interchange, and there are plenty of people living in wildly fluctuating currencies 16:39:35 I think enabling payments on the web through APIs is orthogonal to the desire to reduce fees which I would think in user's minds is secondary to trust in the payment provider/system 16:39:38 Evan: I expect an inevitable decline in fees as the market evolves. 16:39:56 +1 to bryan 16:40:37 in summary we don't have to solve the international transfer problems to enable payments on the web 16:40:45 ZZ: the only thing that is likely to be regulated is the entry point to the system. 16:40:53 s/ZZ/Ricardo/ 16:41:48 q? 16:41:53 ??: regulation of virtual currency to virtual currency will happen when the volume is sufficiently high to take notice. 16:42:02 s/??/Bailey/ 16:42:08 ack me 16:42:08 chaals, you wanted to say there is a market for visa/mc apart from interchange, and there are plenty of people living in wildly fluctuating currencies 16:43:11 Chaals: We've heard about exorbitant fees especially in less regulated markets 16:43:57 and a lot of people are paying 300% for payday loans... web payments enabling similar loans could operate a much more efficient/low-cost system for the masses of people that currently depend upon payday loan services 16:44:03 ... bitcoins might be attractive simply on the grounds of cost. Credit cards on the other hand are attractive because they offer credit. 16:44:33 s/of cost/of transaction cost and relative stability/ 16:45:19 q+ 16:45:24 Evan: some of those fees are due to unnecessary issues and we may be able to get rid of them. 16:45:32 stanstalnaker has left #W3Cpayment 16:45:44 q? 16:45:57 Max: once we see a stable future's market for bitcoin, this should address volatility concerns. 16:46:13 q? 16:46:50 David Birch: are there any ideas for merchant run payment systems? 16:47:52 Max: ... 16:47:59 q+ GrayTaylor 16:48:41 q + 16:49:05 Joerg: as long as the issuing banks are receiving the interchange fees, they are motivated to continue this. 16:49:11 q+ phariramani 16:50:27 sorry i typed too quickly 16:50:50 q? 16:50:56 Max: if there is no intermediary then bitcoin transfers incur no fees. 16:51:38 stanstalnaker has joined #w3cpayment 16:51:44 ack gmandyam 16:51:49 ack phobeo 16:51:58 q+ phobeo (sorry!!!) 16:52:07 s/q +// 16:52:13 q- sorry 16:52:44 q- (sorry!!!) 16:52:52 Mark_E has joined #W3Cpayment 16:52:58 Giri: can standardization realistically address the problem of bad debts for merchants of apps? 16:53:10 Re: bad debt. Many of the speakers have focused on consumer protections, but not so much on merchant protection. There are many well-known methods where operator-direct billing can be exploited by end users to obtain electronic goods (e.g. apps). Merchants either bear the cost through worse rev-shares or eating the costs. Can standardization realistically address this problem (e.g. standardized receipts)? Will they ever achieve adoption worldwide? 16:53:44 Evan: I don't know how standards could dictate terms. 16:54:01 ack phobeo 16:55:04 jameslei has joined #W3Cpayment 16:55:06 Regardng my question , I didn't expect standards could address business terms. I was asking whether standardization (e.g. standardized receipts) could be used to address bad debt. 16:55:07 [wseltzer notes that W3C can make recommendations, at the behest of its members' consensus] 16:55:24 Phobeo: if visa and mastercard removed their fees, what other reasons would merchants have for using Ripple? 16:55:42 q? 16:55:45 q+ 16:56:35 Evan: we're more likely to see competition across a wide range of payment solutions. We want to see standards that make it easier for users to have a free choice. 16:56:55 ack stan 16:57:52 Stan: metadata could be one answer given the opportunities for the Ripple ledger. 16:58:11 ER has joined #W3Cpayment 16:58:20 Evan: metadata could be attached to any transaction and made public or subject to some form of access control. 16:58:35 ... we've been thinking of SWIFT style clearing 16:59:28 "intelligent data" (or metadata) sounds to me like a double-edged sword, especially one that comes with access control / privacy implications 16:59:45 Max: the sky could be the limit for what could be built on top of the bitcoin technologies, but on the other hand it could be nothing (Laughter) 16:59:59 q- GrayTaylor 17:00:37 +1 to avoiding all discussion of fees in a standards context 17:01:01 XX: Visa and MasterCard aren't here, so let's not refer to unjustified claims about fees 17:01:06 q- 17:01:30 Evan: I was only referring to what we heard earlier. 17:01:48 re fees and Visa/MC my comment on bank take - that information is public from MC 17:01:48 ... except that disclosure of such fees might be useful metadata for a payment transaction, something that might drive user choice 17:02:51 Harish: there is a question of whose metadata is involved in transactions, there is a privacy issue here. 17:03:10 Evan: we're very interested in digital receipts and where these are stored. 17:03:23 zakim, close queue 17:03:23 ok, chaals, the speaker queue is closed 17:03:42 stanstalnaker has left #W3Cpayment 17:04:05 Erik: let me close up the session! This is the first time I've seen all of these players in the room, but it is disappointing that MC and Visa aren't. 17:04:16 Stephane makes some closing announcements. 17:04:28 rrsagent, make minutes 17:04:28 I have made the request to generate http://www.w3.org/2014/03/24-w3cpayment-minutes.html dsr 17:05:57 [adjourned] 17:17:44 mhepp has joined #w3cpayment 17:33:31 phariramani has joined #w3cpayment 17:39:21 skddc has joined #W3Cpayment 17:56:56 andym_ has joined #w3cpayment 18:23:14 Harish has joined #w3cpayment 19:22:40 Zakim has left #W3Cpayment 19:25:43 kees has joined #W3CPayment 20:32:06 steph has joined #w3cpayment 20:40:45 dka has joined #w3cpayment 20:59:28 bgidon has joined #w3cpayment 21:03:10 mountie has joined #W3Cpayment 21:06:11 dka has joined #w3cpayment 21:54:32 bryan has joined #W3Cpayment 22:12:13 cyv has joined #W3Cpayment 22:39:43 mountie has joined #W3Cpayment 23:01:54 mhepp has joined #w3cpayment