<scribe> Scribe: Ian
Pramod: Chief architect of the
national (India) identity project
... one project is the Unified Payment Interface, which
transferred the instant payments landscape.
pramod: I will speak about
unified payment interface
... India is going digital very quickly; 1.21 Bn mobile
connections, 430M internet users
... most people use the internet for entertainment; there are
very inexpensive data plans
... connectivity improvements still called for, but many people
are connected
... India remains a very cash-driven society
... open a bank account has been a tedious process
historically
... < 20% of internet users buy online
... high cost of transactions and friction (due to multiple
digital payment systems) create friction
... but in the past 4-6 years many people have gotten a bank
account
... but cash remains king
... many young people are using smart phone; data is cheap and
android-based phones are widely available.
... NPCI is a non-profit for clearing and settlement of
interbank retail payments transactions.
... building a robust, scalable, secure, and affordable payment
infrastructure for 1 billion
... the "India Strack" evolution
... started with identity (aadhaar authentication) in
2010
... payment pipe and bank account opening in 2015
... now govt subsidies sent directly to a bank account (12Bn
savings to the gov)
... send payments to a (unique) identity number
... 1.2 Bn can now digitally sign information
... digilocker allows document exchange; digitally signed
documents such as drivers license
... UPI from 2015 changed how money is transferred
... you could re-imagine transactions in paperless, cashless
way, to reduce costs significantly. This also enables greater
scale (can afford to go after more customers)
... About 1/3 smartphone users, 1/3 feature phone, 1/3 no
phone
... so the system needs to take into account different payment
initiation environments
... UPI is an XML-based markup language along with a set of
APIs, standardized for the entire country
... any stored value account can transact with any other stored
value account instantly
... first bank-to-bank, but now bank-to-wallet as well, all
instantly
... the APIs allow push and pull payments
... also supports P2P payments (e.g., split lunch bill)
... everyone can use different apps and any bank; all
interoperable through the UPI API
... transaction happens through a virtual payment address; no
need to disclose account information (which fosters portability
and enhances privacy)
... you an use google pay or what's app and you can use those
addresses for payments
... the foundation ID was - to be able to send from any ID to
any other ID
... you can create 1-time virtual addresses, revoke them,
etc.
... you never reveal the actual instrument
... the entire cost of this is 1/10 of 1 Rupee (or ~1/700 of
USD) per transaction
... the architecture includes 1 click 2-factor
authentication
... the one factor is bound to mobile device (feature or smart
phone)
... second factor is a PIN
... this is a 4-party model
... acquiring APP, acquiring bank, issuing app, issuing
bank
... we unbundled the app from the bank
... so a venmo-like experience, but multiple interoperable
apps
... virtual payment addresses allow interesting abstractions
(e.g., one time VPA, amount limited VPA, revocation, attaching
different types of accounts to a payment address)
... the payment address resolves dynamically each transaction
to a stored value account
... e.g., my car has a toll collection RFID tag with its own
VPA
... I can recharge my toll payment account instantly from my
app
... merchants can all use this to pull and push money
... we've now introduced recurring payments
... checks are gone
... for the 1/3 of the people without a phone we have biometric
authentication (in UPI 2.0)
... merchants find it very easy because the acquiring cost is
near 0; you just need a phone (no POS machine required)
... you can initiate pull/push from any system
... merchants like Netflix, Amazon, etc. have integrated in
India with UPI
... we also have a national QR code standard
... this makes merchant life very easy; they are also digitally
signed
... signed QR codes
... any app can scan, validate the authenticity of the QR code,
take out the address to make a payment
... QR codes can have dynamic data (e.g., transaction id)
... people put QR codes on their vegetable cards; people scan
and pay to the merchant's account
... There are lots of apps now that enable lending, bill
payments, gifting, IPO investments, subscription payments,
etc.
... the interior leads to the network effect
... the architecture is quite straightforward.
... the NPCI runs the switch
[Diagram of Unified architecture]
stakeholders: gov agencies, banks, wallets, technology providers / integrators
[Adoption]
scribe: peer2peer, merchant
payments online, in-app payments, offline merchants
... numbers are staggering
... started October 2016 ; in 26 months there are now .5 Bn
transactions / month
... more transactions on UPI in 18 months than on credit cards
in 18 years
... banks are now offering real-time credit on UPI
... because cost is so low, people are sending very small
amounts over the pipe
... that's really useful if you want to penetrate to the next
300 M people
... 128 banks using UPI including global banks
... many many apps, including google pay, amazon pay, uber,
flipkart, etc.
... india is actively creating many digital playgrounds as
public goods
... leveling the playing field (common APIs and rules)
... the cost of on boarding and transactions has plummeted, and
access to products and services can now reach 1 Bn
... there are different stacks being built on top of UPI (e.g.,
lending, education)
Pramod: Thanks!
<Zakim> manu, you wanted to ask how centralized the Virtual Payment Addresses are -- who is in control of that database? and to ask if there is a plan in place to migrate to global
Manu: Pramod, congratulations! It
must be deeply rewarding to see that your creation has seen
such massive adoption.
... two general questions
... the first has to do with virtual payment addresses.
... one of the challenges we've had is how to scale virtual
addresses
... are those centralized in UPI?
... the second question is about whether you plan to deploy UPI
internationally, and whether this might be part of a global
standards effort
Pramod: In UPI, the rule of thumb
is that nearly nothing is central except settlement (at this
time, but that could change)
... other than settlement and switching, there is no central
database of virtual payment addresses or bank accounts
... what comes after "@" is registered with NPCI
... then, within that domain, each entity manages name
allocation
... resolution requests are forwarded to the owner of the
top-level domain
... there is a lookup API available but it's not a centralized
API
... e.g., google pay initiates a verify address call; that goes
to NPCI, forwarded to the manager of the top-level domain which
does the authentication
... when someone does a payment, the transaction initiates
through an app -> acquiring bank -> NPCI -> issuing
bank (based on domain) -> issuing app
... addresses are resolved dynamically
... my car has an address but not its own account
... We do plan to take the work globally (India Stack as a
whole)
... interest from Africa in particular
... the stack is a public good
... mostly this is done through "countries shaking hands"
<Zakim> dezell, you wanted to ask about navigating UPI download and use
dezell: What do you need to do to use the stack?
Pramod: UPI is just a
protocol
... not code
UPI info (including access to sandbox)
Pramod: India still figuring out
how to export this
... owned by NPCI
IJ: Are there other efforts you see as similar to this one?
Pramod: We looked at Open Banking
UK
... and venmo-like systems
... we studied the experience
... we have not seen anything however that is as comprehensive
as this, and for any stored value to any stored value
... also I haven't spoken about UPI - pay with miles to an
account, for example
<Zakim> manu, you wanted to talk about challenges - Aadhaar federation, requirement for public good infrastructure... why is this not taking off in Europe, US?
Manu: I wanted to dig into some
of the challenges of taking an architecture like this global; I
agree that there is not something as comprehensive as
this
... one benefit that India is the ability is to set up public
good infrastructure, to bootstrap the ecosystem
... relation to verifiable credentials
... and DIDs
Pramod: the India Stack itself is
a set of layers
... loosely coupled
... there are now multiple identity providers, for
example.
... there are now millions of digital signed digital drivers'
licenses
... I think the "digital infrastructure as public good" can
enable markets to innovate and still keep costs low; I think
the narrative works well for India
... the US is really behind
... in India it was easier to leapfrog since there was not a
lot of existing infrastructure and also because a large number
of people would experience value
... our goal was to get 100M people to get first time
transaction
... SME credit
... one learning was "don't lead with tech" but rather "explain
the value, at scale"
... and the markets (banks etc.) began to push for this once
they understood the value proposition (including, e.g., future
clients for loans)
... India's central regulator helped
... mass scale digital goods can help with inclusion,
etc.
... this might work well for Africa, maybe Europe
... so I think in the US you need to rekindle the sense of a
need for digital public goods
IJ: What is the US Fed perspective on this sort of activity in India?
Todd: I think it's interesting to see how this is being developed; I think the conversation about different markets and how they are evolving are interesting points
Pramod: Didn't BOA introduce instant payments among banks?
Todd: The US Fed is not currently operating in the area of settlement of instant payments.
Pramod: we all agreed on common
ATM protocols, common email protocols; so we've done this
(globally) before
... we could do it here; I hope so
dezell: To Todd - I think we need go get instant payments to 1/700 USD
<manu> Ian: Note to Pramod, this Thursday, we're having a conversation in the Web Payments WG on credit transfers and you mentioned Open Banking UK and that led me to think that there might be some interest from your side wrt. participating in the discussion to use Payment Request API to facilitate bank transfers.
<manu> Ian: We've been focusing on card payments, but have had banking transfers gaining interest of late.
Ken: Thanks also!
... Any timelines on going global? Through any standards
bodies? Any role for w3C?
Pramod: We will figure out in the
coming year how to take this forward
... UPI is opening up to international remittance
28 january 2019