From Web Payments
Jump to: navigation, search

December 2013: http://fedpaymentsimprovement.org/ comments by the Web Payments Community Group.

Contact Info

Name: Manu Sporny <msporny@digitalbazaar.com>, Joseph Potvin <jpotvin@opman.ca>
Position: Chair, Web Payments at W3C
Organization: Web Payments Group at World Wide Web Consortium
Industry Segment: Global Standards


Executive Summary

The World Wide Web Consortium (W3C) is the organization that manages the architecture for the Web. 2.4 billion people around the world depend on the technology co-authored by many contributors under the auspices of the W3C. The consortium consists of organizations like Google, Bloomberg, Apple, PayPal, Mozilla, Facebook, Baidu, Yandex, Microsoft, and 392 other technology companies that are united in perpetually improving the Web.

The Payment System Improvement Public Consultation Paper is of particular interest to the Web Payments community group at the W3C because we have been building a universal payment standard into the core architecture of the Web for over 3 years. Many of the problems identified in the Payment System Improvement paper are the same as those that were identified within our 118-member community group when we started the work. This open, patent and royalty-free payment standard would address many of the shortcomings outlined in the Payment System Improvement paper.

The Web Payments group has taken a layered approach to addressing the payments problem. We are conscious of the risks associated with disrupting live systems. We are also concerned with indirectly destabilizing the overall payment landscape through implied competition with long-running, legacy systems. Our strategy is to enable an elegant payments layer on the Web in cooperation with incumbent financial systems authorities. This technology can be deployed ubiquitously and non-disruptively, given that there is no prior standard for payments on the Web, and thus no legacy to replace. This layer would improve the experience of sending and receiving money while simultaneously creating a bridge between the fast-moving Web technology field and the deliberately slow-moving core financial systems field. With this collaborative and integrating approach in mind, our submission outlines a number of technologies applicable to Payment System Improvement that are in various stages of development, implementation, and deployment in the Web Payments group at the W3C.

When the Web Payments technology is finalized, billions of people will have access to it as a core part of the Web via desktop computers, tablets, smartphones, and other Web-capable devices. They will have the power to undertake transactions with one another over the Internet far more efficiently than they do today. This has large implications for banks, financial institutions, governments, telecom operators, payment solution providers, technology companies, and organizations addressing many socioeconomic issues such as poverty and access to banking services.

The W3C is holding a Web Payments Workshop on March 24th and 25th 2014 in Paris, France to discuss the future path of this work. Through this paper, the Web Payments community group is extending an invitation to the US Federal Reserve and any US government-related organization that would like to participate. Ideally, the US Federal Reserve would be on the program committee for this workshop; to join, please send a statement of interest to the Web Payments Workshop Program Committee <team-payment-workshop-pc@w3.org>. If there are any questions or concerns, please contact Manu Sporny <msporny@digitalbazaar.com>.

An Introduction to Web Payments

The Web has fundamentally transformed the way the world's people and organizations publish and interact with information. However, the transmission of monetary value has not yet changed. The Web’s foundation offers unrealized potential to transmit and receive funds with the same ease and rigor as sending and receiving email.

Making payments on the Web simpler and more accessible has more than superficial advantages. By distributing to everyone the payment methods that have been traditionally only available to banks and large corporations, the world's economies can benefit from financial system changes that both reduce transaction costs and create new kinds of innovative e-commerce applications. The goal is not to just enable simpler payments, but also to spur innovation in capital formation that helps entrepreneurs of any size, in any location, earn a legitimate living. One prominent global trend that could greatly benefit is crowd-funding, which is currently constrained by less than elegant and cost-inefficient payments methods. In general, the Web has already boosted funding opportunities for startups, eased tax collection, and increased payment security; and there is room for more improvement. The World Bank reports that 2.5 billion people around the world don't have bank accounts and have no ability to save money due to lack of banking services and/or high fees, which inhibits their ability to make a living. Online payments development enabled by telecom providers in some parts of Africa has served as a remarkable proof-of-concept, though it is restricted by limited competition.

It is evident that whilst bringing new or powerful tools to the general public will foster competition and innovation, open Web payments can also bring about more basic societal change. The promise of Web payments is about more than just an exciting future, it is about one that is at the same time far more egalitarian, and far more efficient for U.S. business.

Improving the Automated Clearing House (ACH) Network

Improving the speed of the ACH network in the United States is possible, but it's questionable whether the future of the US financial system should be constrained by incremental improvements to a system that was designed and implemented decades ago. Current-generation financial networks provide fundamentally better technological solutions to ACH. The gap is simply too wide for the incumbent system to incrementally catch up with the past 10 years of evolution in financial systems technology. For example, while the Bitcoin network lacks a number of characteristics required in a global payments system, such as anti-money laundering protections and native support for the know-your-customer principle, it does provide a proof-of-concept of an ACH-like system that is both architecturally and technologically better than the one the US financial system relies upon today.

Organizations like Ripple Labs have greatly improved on technologies pioneered by Bitcoin and have launched technology that could effectively replace the national ACH system. We recommend that Federal Reserve embrace current-generation technologies like Ripple and Web Payments that offer major tangible improvements to the United States' core financial system. Doing so will also help overcome current disincentives to improving the rate at which financial transactions occur, such as the ability for entrenched financial organizations to make money on the float. Even in Europe, the move to faster payments did not happen until the European Union effectively mandated a migration to the Single Euro Payments Area (SEPA).

The Web Payments group at the W3C offers to engage the US Federal Reserve in assessing the potential of these Internet-based payment technologies to improve the ACH network in the United States. These technologies can be put to use along side existing legacy technology stacks in order to provide a smooth transition.

Simplifying the Governmental Regulatory Environment

The adoption of the technologies being created by the Web Payments group could ease the regulatory burden placed on both the regulated and the regulators. All W3C technology is available on an open, patent and royalty-free basis. With open interoperability as a key concern when designing these technologies, more transparent and auditable systems may be created. Adoption of the Web Payments technologies will make it easier to dovetail with world wide legislation on financial policies regarding transparency and accountability both in government and at regulated organizations. It will also improve alignment with international guidelines and standards (as defined in WTO-TBT Annex 3) such as:

  • The International Monetary Fund's Code of Good Practices on Transparency in Monetary and Financial Policies;
  • ISO/IEC 11179:2003 standard for definitions, descriptions, business rules and metadata;
  • ISO/IEC 19501:2005 standard on modeling language in the field of software engineering;
  • ISO/IEC JTC 1/SC 27 set of standards on IT Security techniques.

There are also some more specific U.S. regulations that we can advise on, such as the current per-state regulatory framework for Money Transmitter Licensing. This framework is particularly obstructive to small companies attempting to innovate in this space. Most startups are faced with hiring a legal team for multiple years and buying tens of millions of dollars of surety bonds just to launch a simple U.S.-based payments service. Often, small technology organizations that create compelling financial systems are driven to try to partner with larger financial institutions because the financial burden of complying with money transmitter regulation in the United States is cost prohibitive. Since there is no strong economic incentive for a large financial institution to reduce the revenue that they make on the float, or to shift to faster payments solutions, many highly innovative small-payments startups languish searching for a financial partner with whom to launch their service.

One Federal Reserve driven initiative that could change this dynamic would be the implementation of a federal law that unifies the 48 sets of different money transmitter laws in the United States into a single federal set of money transmission laws. The law should provide an entry ramp for payment startups that does not require steep investment in licensing fees to merely launch a service whilst still protecting consumers.

The Web Payments group at the W3C is interested in engaging the US Federal Reserve to advise the organization about changes to the regulatory environment at the Federal level that would result in greater payments technology standardization, competition, and transparency.

Web Payment Requirements

Decentralization is one of the primary drivers of innovation on the Web. You don't have to ask permission to publish your creation on the Web. Open Web standards such as HTTP and HTML ensure interoperability between applications. Thus, a solution for payments on the Web must have at least the following traits:

  • It must be decentralized.
  • It must be an open, patent and royalty-free standard.
  • It must be designed to work with Web architecture like links, HTTP, and other Web standards.
  • It must allow anyone to implement the standard and interoperate with others that implement the standard.
  • It must backed by methods and processes for assurance, integrity, privacy, confidentiality, auditability, and reliability.

In addition to these basic characteristics of a successful Web technology, a successful Web Payments technology must also do the following:

  • It must enable choice among customers, vendors, and payment processors, in order to drive healthy market competition.
  • It must be extensible in a decentralized way, allowing application-specific extensions to the core protocol without coordination.
  • It must be flexible enough to perform payments as well as support higher order economic behaviors like crowdfunding and executing legal contracts.
  • It must be secure, using the latest security best practices to protect the entire system from attack.
  • It must be compatible with government concerns such as fair tax collection, a reporting infrastructure for central monetary authorities, money-laundering prevention, and anti-terrorism initiatives.
  • It must be currency agnostic with regard to central bank currencies (US Dollar, the Euro, and the Japanese Yen) and virtual currencies (e.g. Bitcoin and Ripple).
  • It must enable choice of vehicle currency and algorithmic pricing to support seamless commerce and stability in global markets.
  • It must be easy to develop for and integrate into the Web.

The Web Payments group at the W3C has created a set of specifications that address all of the requirements listed above. The group is currently in contact with organizations like Google, SWIFT, Mozilla, Ripple Labs, Bloomberg, and many other industry leaders to create solutions to address many of the shortcomings outlined in the Payment System Improvement paper. The rest of this paper will outline which components of online transactions are being standardized for the Web.

Flexible Identity

A decentralized payment system for the Web means that the identity mechanism should be decentralized as well. There are a number of identity solutions today that are decentralized. OpenID, WebID, Web Keys, and BrowserID/Persona are among some of the more well-known, decentralized identity mechanisms that are designed for the Web. Identity for Web Payments brings in an additional set of requirements on top of the normal set of requirements for a Web identity solution. The following is a brief list of these requirements:

  • It must be decentralized.
  • It must support discoverability by using a resolvable address, like a Web link or email address.
  • It must support the attachment of verifiable machine-readable information to the identity by 3rd parties, such as a government-issued electronic passport.
  • It must be able to provide both public and private data to external sites, based on who is accessing the resource.
  • It must provide a secure digital signature and encryption mechanism.

To address these requirements, the Web Payments group is currently exploring a solution called Secure Messaging. It enables secure, decentralized, discoverable, controlled access to arbitrary machine-readable information associated with an identity. This identity mechanism and the functionality it enables are at the heart of the Web Payments work.

This open technology being created by the Web Payments group is of particular interest to the US Federal reserve because it enables Know Your Customer data to be associated with an identity. Information such as digitally signed, verifiable citizenship claims can be stored with these identities. This feature enables a secure electronic-passport mechanism for the Web. Using this information, financial organizations can quickly and more easily identify their customers, thus reducing fraud, money laundering, and other illegal activities while also passing on the transaction savings to their customers in the form of reduced transaction fees.

Decentralized Products and Services

The data markup mechanism for a Web-based payments system must be capable of expressing decentralized resources like people, places, events, goods/services, and a variety of other data that will likely exist in the transaction chain, often on 3rd party websites.

The Web Payments work does not require that products and services be listed in a central location on the Web. Instead, it allows content creators and developers to be in control of their own product descriptions and prices in addition to giving them the option to delegate this responsibility to an App Store or large retail website. The Web Payments work has the following requirements when it comes to listing products and services for sale:

  • The products and listings must be machine-readable to gain the most out of automatic price-matching, and transaction speed and correctness.
  • The listings must be able to be decentralized, which reduces the possibility of monopolistic behavior among retailers.
  • The product being sold must be separable from the terms under which the sale occurs, enabling different prices to be associated with different licenses, affiliate sales, and business models like daily deals.
  • The creator of the product must be able to specify restrictions on pricing, resellers, validity periods, and a variety of other properties associated with the sale of the product. This ensures that the product creator is in control of her product at all times.
  • It must support decentralized extensibility, which enables applications to add application-specific data to the product description and terms of sale.
  • It must be secure, such that the risk of tampering with product descriptions and prices is mitigated.
  • It must be non-repudiable, such that the vendor of the listing cannot dispute the fact that they created it.

There are two concepts that are core to understanding how products and services are listed for sale via Web Payments.

The first is the asset. An asset is a description of a product or service. Examples of assets include web pages, ebooks, groceries, concert tickets, dog walking services, donations, rights to transmit on a particular radio frequency band, and invoices for work performed. In general, anything of value can be modeled as an asset.

An asset typically describes something to be sold, who created it, a set of restrictions on selling it, and a validity period. Since the asset is expressed using a Linked Data format, a number of other application-specific properties can be associated with it. For example, a 3D printing store could include the dimensions of the asset when physically printed, the materials to be used to print the asset, and a set of assembly instructions. Upon purchase of the asset, a digital receipt with a description of the asset is generated. This receipt can be given to a local 3D printer service to produce a physical representation of the asset.

The second concept that is key to understanding how products and services are sold via Web Payments is the listing. A listing is a description of the specific terms under which an asset is offered for sale. These terms include: the exact asset being sold, the license that will be associated with the purchase, the list of people or organizations to be paid for the asset, and the validity period for the listing. Like an asset, a listing may include other application-specific properties.

This open technology being created by the Web Payments group should be of particular interest to the US Federal reserve because improving the payment system in the US is not just about improving the speed of transactions, but the accuracy and richness of transactions as well. These assets and listings provide additional information to governments and payment processors that can be used to prevent erroneous transactions, detect illegal activity, more accurately levy taxes, and provide alternative lower-cost mechanisms to perform the purchase. The product information can also be included in digital receipts and virtual wallets to help customers more easily categorize their purchases as well as interact more elegantly with government fiscal instruments of all types, ranging from grants and contributions, to taxes and fee-based services.

Purchase Requests, Contracts, and Receipts

The Web Payments group is also standardizing several concepts such as the purchase request, the contract, and the receipt in order to enable interoperable commerce on the Web. These concepts build upon the decentralized identity and product/services publishing mechanisms previously described.

A purchase request is sent to a payment processor when a purchase is requested by the customer. It contains details about the asset and listing that the buyer would like to purchase.

A contract is an electronic document that expresses an agreement between all parties involved in a transaction. It contains the asset, digitally signed by the asset provider, and the listing, digitally signed by the vendor.

A receipt is the result of a successful purchase. Typically, receipts are provided to a vendor by a payment processor with the minimum amount of information necessary to prove that the sale of an asset to a particular customer was completed successfully. For a more comprehensive review of a purchase, a vendor or customer can request a full contract from their payment processor. A contract is provided to buyers as a proof-of-purchase and for offline storage. It will contain all of the details proving the purchase occurred, even if the payment processor that processed the purchase and/or the vendor go out of business or are shut down for any reason.

These standards should be of particular interest to the US Federal reserve because all of these digital purchase and receipt technologies can be layered on top of the existing ACH-based payment system in the US today. While layering these features on top of the Web and ACH won't improve the banking infrastructure, it will provide a layer of abstraction that many merchants could use while market forces determine the best banking financial backhaul to use, be it ACH, SEPA, Dwolla, or new mechanisms like Bitcoin or Ripple. That is, the front-office can be standardized to the Web while the back-office can be determined by market forces.

The Web as the Global Financial Network

Improving the payment system in the United States must consider the speed of transactions, the richness of the metadata associated with the transaction, the openness of the system, and the pleasantness of the customer and merchant experience. It must also be able to scale to the payments ecosystem that is the size of the Web, extending beyond the United States.

The Web Payments group is creating this future. The World Wide Web Consortium (W3C) has a proven track record of building and deploying open standards for the 2.4 billion people in the world that have access to the Web. We invite the US Federal Reserve to assist in the work that we are doing by participating in the Web Payments Workshop on March 24th and 25th 2014 in Paris, France to discuss the future path of a universal web payments standard. To this end we invite the US Federal Reserve to be on the program committee for this workshop. To join, please send a statement of interest to the Web Payments Workshop Program Committee <team-payment-workshop-pc@w3.org>.