Electronic Payment Schemes
Dr Phillip M. Hallam-Baker
World Wide Web Consortium.
This paper presents a framework for discussion of electronic payment
schemes. A comprehensive index of such schemes and a brief overview of
their relationship to the framework is provided. The framework consists
of two axes, the levels of abstraction at which the protocol is analyzed
and the payment model considered.
A Layered Protocol Model.
A three layer model is used to compare payments schemes.
- Policy
- The semantics of the payment scheme. This includes refunds
policies, and the liabilities incurred by customers, merchants
and financial institutions.
- Data flow
- The requirements for storage of data by and communications
between the parties. This includes
not only the data flows for payments themselves but also for
refunds, account enquiries and settlement.
- Mechanism
- The methods by which the necessary security requirements
for messages and stored data are achieved.
All three abstraction levels are tightly coupled since policy makes
requirements of data flow and data flow makes requirements of mechanism.
Payment Protocol Models.
- Cash
- Cash consists of a token which may be authenticated
independently of the issuer. This is commonly achieved through
use of self
authenticating tokens or tamper proof hardware.
- Cheque
- Cheques are payment instruments whose validity requires
reference to the issuer.
- Card
- Card payment schemes provide a payments mechanism through the
existing credit card payment infrastructure. Such schemes have
many structural similarities to cheque models except that solutions
are constrained by that structure. A key feature of card payment
systems is that every transaction carries insurance.
List of Internet Payments Schemes and Proposals.
The following list was compiled with the aid of indices maintained by
the
World Wide Web Consortium,
Cornell,
SIRENE,
IBM,
AT&T Bell Labs,
and the
Home Page of the www-buyinfo mailing list.
See also pages by
Stefan Brands
Robert Hettinga and
Michael Peirce.
Yahoo
e$ sites of interest
Additional payments schemes may be announced via a
fill in form.
These announcements may be viewed in unmoderated form.
- Anonymous Internet Mercantile Protocol,
Anonymous Credit Cards AT&T Bell Labs
- A card model protocol which implements a policy which balances
strong guarantees of confidentiality with the needs of law
enforcement. A formal approach is employed with comprehensive
details of mechanism and data flow.
- BankNet Electronic Banking Service
Marketnet
- Full electronic banking service offers ability to write cheques.
Uses PKCS envelope formats.
- BarclayNet Barclaycard
- An electronic mall run by one of the worlds largest credit
card companies. Preventing disclosure of the credit card number
to the merchant is thus superfluous and a simple secure socket
communication mechanism to prevent eavesdropping is sufficient.
- CAFE
CAFE
- A cash based scheme with strong guarantees of anonymity.
Backed by a 13 member European consortium. Details
are not avaliable at present.
- e-Cash
DigiCash
- Anonymous digital cash. Few details are given about the specific
scheme employed but voluminous archives of papers by the companies
founder, David Chaum are provided.
Mark Twain Bank have
deployed this scheme.
- Electronic commerce payments
Financial Services Technology Consortium
- No public details on this project are available at present.
- Electronic cheque
Financial Services Technology Consortium
- A cheque scheme designed to provide an upgrade path from the
existing cheque system.
- Green Commerce
First Virtual
- First Virtual's Green Commerce payments model is one of
the first payments schemes to become established on the internet.
The major novel feature of this scheme is its `satisfaction
guaranteed' policy which protects customers from dishonest
merchants by allowing them an unconditional right to refuse
payment for individual items. A statistical mechanism is used to
identify over frequent use of this option and exclude habitual
non-payers. Identification of customers is via an email call back
loop scheme.
- Internet Keyed Payment Protocols(iKP) IBM (Zurich & Watson Labs)
- A card based model of payment which mainly addresses the questions
of data flow and mechanism. Public key cryptography is used to ensure
the privacy of a customer's card number and PIN number and provide
non-repudiability. iKP has three options,, 1KP, 2KP
and 3KP in which the acquirer alone, acquirer and merchant and acquirer
merchant and customer respectively have a public key.
See also the SEPP protocol which is based upon
iKP.
- CheckFree
CheckFree
- Company provides various payments schemes on a number of models.
- FBOI
First Bank of Internet
- Novel payments system employs ATM cards and PGP. Provides strong
guarantees which prevent loss of money by the bank. Protection
for the customer is less apparent.
- LETSystems
LETSgo Manchester
- LETSystems presents a novel policy view in the radical tradition
of Northern England. A system of local currencies is proposed and a
a pilot project in Manchester, England described.
- NetBill
Carnegie Mellon University INI
- An implementation of a cheque payment model employing
a symmetric key cryptography mechanism based on Kerberos.
- NetCash/NetBank
Software Agents, Inc.
- Policy allows transactions for free but a charge of 2% is levied
for transfers into or out of the system. No security mechanism or
data flow is described.
- NetCash
USC
- A cash model.
- NetCheque
USC
- An implementation of a cheque payment model employing
a symmetric key cryptography mechanism based on Kerberos.
- NetPay
Boston Automation
- An EDI based transaction settlement system developed by Advantis.
- NetChex NetChex
- Payments scheme based on a cheque mode but using credit cards
for account settlement. Mechanism is proprietary and a detailed
descriptions is not provided. The mechanism appears to employ
a shared secret.
- Magic Money
Cypherpunk's
- The ultimate in privacy policy, even the originators of the scheme
are anonymous. Mechanism seems to be based on PGP. Used to implement
a scheme by Chaum NexusBucks and by the
Phantom Exchange
- Millicent DEC (Systems Research Center)
- A payments protocol with a scrip based variant of a cheque model.
- Mondex
Mondex
- Cash scheme based on a hardware "purse" device. This provides the
portabilitiy and network independence of physical coin.
- Secure Courier
Netscape
- A card payment scheme based upon public key technology built on the
Secure Sockets Layer protocol.
- Secure
Electronic Payment Protocol MasterCard
- MasterCard sponsored payments protocol based upon the IBM
iKP protocol. Developed in association with IBM, Netscape, CyberCash
and GTE Corp.
- Secure Internet Payment Service
CyberCash
- An established payments scheme employing public key cryptography
to protect the customers authentication data and provide provide
non-repudiability.
- STT
Microsoft,
VISA
- Details to be announced.
- Stored Value Card
VISA
- A planned cash scheme based on a hardware device permitting
purchases of up to $10.
- Vishnu Hewlett-Packard Labs Bristol
- A mechanism for cheque/card based payment. Employs a Diffie
Helleman based cryptographic mechanism which permits novel
data flow optimizations.
Related work
Articles:
- Slaves of a New Machine: Exploring the For-Free / For-Pay Conundrum
Laura Fillmore
- Considers the impact of electronic payments on publishing with
examples drawn from personal experience.
-
XIWT
- Another National Information Infrastructure consortium. This one
provides a comprehensive breakdown of the requirements for electronic
cash.
- Electronic Money and Money in
History
Roy Davies
- Two articles on the history of money with a well designed
annotated index.
Conferences:
- Making Money on Internet
- Conference proceedings, University of Texas at Austin, Austin -- May 8-10, 1994
- The First International Conference
on Electronic Commerce
- University of Texas at Austin, Austin -- October 30-31 1995
-
-
Further Work
Provision is made for unlisted schemes to be registered. At present
no facilities are provided to provide alternative analysis according to
a taxonomy of their choice such as performance or to provide comment on a
particular proposal.
Links to this page:
This collection of links was compiled on 18th December 1995.
See AltaVista for a
current list of links.
Articles
Collections of payments system links.
Personal Home Pages