Warning:
This wiki has been archived and is now read-only.

WebPaymentsUsaidEpesoResponse

From Web Payments
Jump to: navigation, search

Comments on USAID’s Draft E-PESO Statement of Work Submitted on 21 January 2014 to manila‐roaa‐rfp@usaid.gov

Organization: Web Payments Community Group at the World Wide Web Consortium (W3C), with the support of Integra LLC

Website: https://web-payments.org/

Co-Authors: Manu Sporny <msporny digitalbazaar.com> (Chairman), Joseph Potvin <jpotvin opman.ca> (Member), John Waugh <jwaugh integrallc.com> (Integra LLC).

About the World Wide Web Consortium

The World Wide Web Consortium (W3C) is the organization that manages the architecture for the Web. 2.4 billion people around the world depend on the technology co-authored by many contributors under the auspices of the W3C. The consortium consists of organizations like Google, Bloomberg, Apple, PayPal, Mozilla, Facebook, Baidu, Yandex, Microsoft, and 392 other technology companies that are united in perpetually improving the Web.

Introduction

The Web Payments Community Group (WPCG) at the W3C has been collaborating for over 3 years to make the case for a universal payment standard as part of the core architecture of the Web. Some of the challenges identified in the E-PESO draft statement of work are the same as those that have been identified within our 129-member community group. This approach to standards-based payment components and solutions through open source methods, unencumbered by patents or royalties, can address many of the shortcomings of vendor-specific or device-specific approaches.

The WPCG has taken a layered approach to addressing the payments problem. We are conscious of the risks associated with disrupting live systems. We are also concerned with indirectly destabilizing the overall payment landscape through implied competition with long-running, legacy systems. Our strategy is to enable an elegant payments layer on the Web in cooperation with incumbent financial systems authorities. This technology can be deployed ubiquitously and non-disruptively, given that there is no prior standard for payments on the Web, and thus no legacy to replace. This layer would improve the experience of sending and receiving money while simultaneously creating a bridge between the fast-moving Web technology field and the deliberately slow-moving core financial systems field. With this collaborative and integrating approach in mind, our submission outlines a number of technologies applicable to payment system improvements that are in various stages of development, implementation, and deployment in the WPCG at the W3C. When the Web Payments technology is finalized, billions of people will have access to it as a core part of the Web via desktop computers, tablets, smartphones, and other Web-capable devices. They will have the power to undertake transactions with one another over the Internet far more efficiently than they do today. This has large implications for banks, financial institutions, governments, telecom operators, payment solution providers, technology companies, and organizations addressing many socioeconomic issues such as poverty and access to banking services. The W3C is holding a Web Payments Workshop on March 24th and 25th 2014 in Paris, France to discuss the future path of this work. Through this paper, the WPCG is extending an invitation to USAID and its leading Philippine partners to participate. Please send a statement of interest to the Web Payments Workshop Program Committee <team-payment-workshop-pc@w3.org>. If there are any questions or concerns, please contact Manu Sporny <msporny@digitalbazaar.com>, Chairman of the WPCG​.

An Introduction to Web Payments

The Web has fundamentally transformed the way the world’s people and organizations publish and interact with information. However, the transmission of monetary value has not yet changed. The Web’s foundation offers unrealized potential to transmit and receive funds with the same ease and rigor as sending and receiving email.

Making payments on the Web simpler and more accessible has more than superficial advantages. By distributing to everyone the payment methods that have been traditionally only available to banks and large corporations, the world’s economies can benefit from financial system changes that both reduce transaction costs and create new kinds of innovative e-commerce applications. The goal is not to just enable simpler payments, but also to spur innovation in capital formation that helps entrepreneurs of any size, in any location, earn a legitimate living. One prominent global trend that could greatly benefit is crowd-funding, which is currently constrained by less than elegant and cost-inefficient payments methods. In general, the Web has already boosted funding opportunities for startups, eased tax collection, and increased payment security; and there is room for more improvement. The World Bank reports that 2.5 billion people around the world don’t have bank accounts and have no ability to save money due to lack of banking services and/or high fees, which inhibits their ability to make a living. Online payments development enabled by telecom providers in some parts of Africa has served as a remarkable proof-of-concept, though it is restricted by limited competition.

It is evident that whilst bringing new or powerful tools to the general public will foster competition and innovation, open Web payments can also bring about more basic societal change. The promise of Web payments is about more than just an exciting future, it is about one that is at the same time far more egalitarian, and far more efficient for business​.

Improving the Payments Network

Improving the payments network in each country is possible, but it’s questionable whether the evolution of the financial system should be constrained by incremental improvements to a system that was designed and implemented decades ago. Current-generation financial networks provide fundamentally better technological solutions for payments. The gap is simply too wide for the incumbent system to incrementally catch up with the past 10 years of evolution in financial systems technology. For example, while the Bitcoin network lacks a number of characteristics required in a global payments system, such as anti-money laundering protections, native support for the know-your-customer principle, and a method for valuation stability, it does provide a proof-of-concept of an automated clearing house system that is both architecturally and technologically better than the approach the current financial system relies upon today.

We recommend that USAID proactively accommodate current-generation technologies relating to Web Payments that offer major tangible improvements to the financial system. Doing so will also help overcome current disincentives to improving the rate at which financial transactions occur, such as the ability for entrenched financial organizations to make money on the float. Even in Europe, the move to faster payments did not happen until the European Union effectively mandated a migration to the Single Euro Payments Area (SEPA).

The WPCG at the W3C offers to engage USAID in assessing the potential of these Internet-based payment technologies to improve the efficiency of commerce amongst its partner countries such as the Philippines. These technologies can be put to use alongside existing legacy technology stacks in order to provide a smooth transition​.

Simplifying the Payments Regulatory Environment

The adoption of the technologies being created by the Web Payments group could ease the regulatory burden placed on both the regulated and the regulators. All W3C technologies are standards-based and are unencumbered by patents or royalties. With open interoperability as a key concern when designing these technologies, more transparent and auditable systems may be created. Adoption of the Web Payments technologies will make it easier to dovetail with world wide legislation on financial policies regarding transparency and accountability both in government and at regulated organizations.

It will also improve alignment with international guidelines and standards (as defined in WTO-TBT Annex 3) such as:

  • IMF Code of Good Practices on Transparency in Monetary and Financial Policies;
  • ISO/IEC 11179:2003 standard for definitions, descriptions, business rules and metadata;
  • ISO/IEC 19501:2005 standard on modeling language in the field of software engineering;
  • ISO/IEC JTC 1/SC 27 set of standards on IT Security techniques.

There are also specific national regulations to take account of, such as regulatory frameworks for Money Transmitter Licensing which can be particularly obstructive to small companies attempting to innovate in this space. In the US, for example, startups attempting to launch a simple U.S.-based payments service are faced with hiring a legal team for multiple years and buying tens of millions of dollars of surety bonds. Often, small technology organizations that create compelling financial systems are driven to try to partner with larger financial institutions because the financial burden of complying with money transmitter regulation in the United States is cost prohibitive. Since there is no strong economic incentive for a large financial institution to reduce the revenue that they make on the float, or to shift to faster payments solutions, many highly innovative small-payments startups languish searching for a financial partner with whom to launch their service.

Harmonization of different money transmitter laws would help to provide an entry ramp for payment startups that does not require steep investment in licensing fees to merely launch a service whilst still protecting consumers.

The authors of this note are pleased to advise USAID about potential changes to the regulatory that would result in greater payments technology standardization, competition, and transparency​.

Web Payment Requirements

Decentralization is one of the primary drivers of innovation on the Web. You don’t have to ask permission to publish your creation on the Web. Open Web standards such as HTTP and HTML ensure interoperability amongst applications. Thus, a solution for payments on the Web must have at least the following traits:

  1. It must be decentralized.
  2. It must have at least one reference implementation available through open source methods that is be unencumbered by royalties towards patents or other restrictions.
  3. It must conform with and be designed to work with open standards generally, and with Web architecture standards such as HTTP, WCAG, etc..
  4. It must allow anyone to implement the standard and inter-operate with others that implement the standard.
  5. It must backed by methods and processes for assurance, integrity, privacy, confidentiality, auditability, and reliability.

In addition to these basic characteristics of a successful Web technology, a successful Web Payments technology must also do the following:

  1. It must enable choice among customers, vendors, and payment processors, in order to drive healthy market competition.
  2. It must be extensible in a decentralized way, allowing application-specific extensions to the core protocol without coordination.
  3. It must be flexible enough to perform payments as well as support higher order economic behaviors like crowd funding and executing legal contracts.
  4. It must be secure, using the latest security best practices to protect the entire system from attack.
  5. It must be compatible with government concerns such as fair tax collection, a reporting infrastructure for central monetary authorities, money-laundering prevention, and anti-terrorism initiatives.
  6. It must be currency agnostic with regard to central bank currencies (Philippine Peso, US Dollar, Chinese Renminbi, the Euro, and the Japanese Yen) and legal virtual currencies.
  7. It must enable choice of vehicle currency and algorithmic pricing to support seamless commerce and stability in global markets.
  8. It must be easy to develop for and integrate into the Web.

The Web Payments group at the W3C has created a set of specifications that address all of the requirements listed above. The group is currently in contact with organizations like Google, SWIFT, Mozilla, the US Federal Reserve, Ripple Labs, Bloomberg, and many other industry leaders to coordinate the creation of solutions to address many of the goals outlined in the USAID E-PESO Statement of Work​. The rest of this paper will outline which components of online transactions are being put forward for future standardization.

Flexible Identity

A decentralized payment system for the Web means that the identity mechanism should be decentralized as well. There are a number of identity solutions today that are decentralized. OpenID, WebID, Web Keys, and BrowserID/Persona are among some of the more well-known, decentralized identity mechanisms that are designed for the Web. Identity for Web Payments brings in an additional set of requirements on top of the normal set of requirements for a Web identity solution. The following is a brief list of these requirements:

  1. It must be decentralized.
  2. It must support discoverability by using a resolvable address, like a Web link or email address.
  3. It must support the attachment of verifiable machine-readable information to the identity by 3rd parties, such as a government-issued electronic passport.
  4. It must be able to provide both public and private data to external sites, based on who is accessing the resource.
  5. It must provide a secure digital signature and encryption mechanism.

To address these requirements, the Web Payments group is currently exploring a solution called Secure Messaging. It enables secure, decentralized, discoverable, controlled access to arbitrary machine-readable information associated with an identity. This identity mechanism and the functionality it enables are at the heart of the Web Payments work.

This open technology being created by the Web Payments group may be of particular interest to USAID and its partners because it enables Know Your Customer data to be associated with an identity. Information such as digitally signed, verifiable citizenship claims can be stored with these identities. This feature enables a secure electronic-passport mechanism for the Web. Using this information, financial organizations can quickly and more easily identify their customers, thus reducing fraud, money laundering, and other illegal activities while also passing on the transaction savings to their customers in the form of reduced transaction fees​.

Decentralized Products and Services

The data markup mechanism for a Web-based payments system must be capable of expressing decentralized resources like people, places, events, goods/services, and a variety of other data that will likely exist in the transaction chain, often on 3rd party websites. The Web Payments work does not require that products and services be listed in a central location on the Web. Instead, it allows content creators and developers to be in control of their own product descriptions and prices in addition to giving them the option to delegate this responsibility to an App Store or large retail website. The Web Payments work has the following requirements when it comes to listing products and services for sale:

  1. The products and listings must be machine-readable to gain the most out of automatic price-matching, and transaction speed and correctness.
  2. The listings must be able to be decentralized, which reduces the possibility of monopolistic behavior among retailers.
  3. The product being sold must be separable from the terms under which the sale occurs, enabling different prices to be associated with different licenses, affiliate sales, and business models like daily deals.
  4. The creator of the product must be able to specify restrictions on pricing, resellers, validity periods, and a variety of other properties associated with the sale of the product. This ensures that the product creator is in control of her product at all times.
  5. It must support decentralized extensibility, which enables applications to add application-specific data to the product description and terms of sale.
  6. It must be secure, such that the risk of tampering with product descriptions and prices is mitigated.
  7. It must be non-repudiable, such that the vendor of the listing cannot dispute the fact that they created it.

There are two concepts that are core to understanding how products and services are listed for sale via the Web Payments work.

The first is the asset. An asset is a description of a product or service. Examples of assets include web pages, ebooks, groceries, concert tickets, dog walking services, donations, rights to transmit on a particular radio frequency band, and invoices for work performed. In general, anything of value can be modeled as an asset.

An asset typically describes something to be sold, who created it, a set of restrictions on selling it, and a validity period. Since the asset is expressed using a Linked Data format, a number of other application-specific properties can be associated with it. For example, a 3D printing store could include the dimensions of the asset when physically printed, the materials to be used to print the asset, and a set of assembly instructions. Upon purchase of the asset, a digital receipt with a description of the asset is generated. This receipt can be given to a local 3D printer service to produce a physical representation of the asset.

The second concept that is key to understanding how products and services are sold via Web Payments is the listing. A listing is a description of the specific terms under which an asset is offered for sale. These terms include: the exact asset being sold, the license that will be associated with the purchase, the list of people or organizations to be paid for the asset, and the validity period for the listing. Like an asset, a listing may include other application-specific properties.

This open technology being created by the WPCG may be of interest to USAID and its partners because improving the payment system in any given market is not just about improving the speed of transactions, but the accuracy and richness of transactions as well. These assets and listings provide additional information to governments and payment processors that can be used to prevent erroneous transactions, detect illegal activity, more accurately levy taxes, and provide alternative lower-cost mechanisms to perform the purchase. The product information can also be included in digital receipts and virtual wallets to help customers more easily categorize their purchases as well as interact more elegantly with government fiscal instruments of all types, ranging from grants and contributions, to taxes and fee-based services​.

Purchase Requests, Contracts, and Receipts

The WPCG is also proposing the standardization of several concepts such as the purchase request, the contract, and the receipt in order to enable interoperable commerce on the Web. These concepts build upon the decentralized identity and product/services publishing mechanisms previously described.

A purchase request is sent to a payment processor when a purchase is requested by the customer. It contains details about the asset and listing that the buyer would like to purchase.

A contract is an electronic document that expresses an agreement between all parties involved in a transaction. It contains the asset, digitally signed by the asset provider, and the listing, digitally signed by the vendor.

A receipt is the result of a successful purchase. Typically, receipts are provided to a vendor by a payment processor with the minimum amount of information necessary to prove that the sale of an asset to a particular customer was completed successfully. For a more comprehensive review of a purchase, a vendor or customer can request a full contract from their payment processor. A contract is provided to buyers as a proof-of-purchase and for offline storage. It will contain all of the details proving the purchase occurred, even if the payment processor that processed the purchase and/or the vendor go out of business or are shut down for any reason.

These efforts towards standardization may be of interest to USAID and its partners because all of these digital purchase and receipt technologies can be layered on top of existing payment systems. Layering these features on top of the Web will provide a layer of abstraction that many merchants could use while market forces determine the best banking financial backhaul to use, be it ACH, SEPA, Dwolla, or potentially new mechanisms derived from the architectures of Bitcoin or Ripple. That is, the front-office can be standardized to the Web while the back-office can be determined by market forces​.

The Web as the Global Financial Network

Improving the payment system in the any market must consider the speed of transactions, the richness of the metadata associated with the transaction, the openness of the system, and the pleasantness of the customer and merchant experience. It must also be able to scale to the payments ecosystem that is the size of the Web, extending beyond the United States.

The WPCG is collaborating to create this future. The World Wide Web Consortium (W3C) has a proven track record of building and deploying open standards for the 2.4 billion people in the world that have access to the Web. We would like USAID to become more involved in the work that we are doing because it will have a direct impact on the E-PESO work. We invite USAID to participate in the Web Payments Workshop on March 24th and 25th 2014 in Paris, France to discuss the future path towards a universal web payments standard. http://www.w3.org/2013/10/payments/