Electronic Payment Schemes

This paper presents a framework for discussion of electronic payment schemes. A comprehensive index of such schemes and a brief overview of their relationship to the framework is provided. The framework consists of two axes, the levels of abstraction at which the protocol is analyzed and the payment model considered.

A Layered Protocol Model.

A three layer model is used to compare payments schemes.

Policy

The semantics of the payment scheme. This includes refunds policies, and the liabilities incurred by customers, merchants and financial institutions.

Data flow

The requirements for storage of data by and communications between the parties. This includes not only the data flows for payments themselves but also for refunds, account enquiries and settlement.

Mechanism

The methods by which the necessary security requirements for messages and stored data are achieved.

All three abstraction levels are tightly coupled since policy makes requirements of data flow and data flow makes requirements of mechanism.

Payment Protocol Models.

Cash

Cash consists of a token which may be authenticated independently of the issuer. This is commonly achieved through use of self authenticating tokens or tamper proof hardware.

Cheque

Cheques are payment instruments whose validity requires reference to the issuer.

Card

Card payment schemes provide a payments mechanism through the existing credit card payment infrastructure. Such schemes have many structural similarities to cheque models except that solutions are constrained by that structure. A key feature of card payment systems is that every transaction carries insurance.

List of Internet Payments Schemes and Proposals.

The following list was compiled with the aid of indices maintained by the World Wide Web Consortium, Cornell, SIRENE, IBM, AT&T Bell Labs, and the Home Page of the www-buyinfo mailing list. See also pages by Stefan Brands Robert Hettinga and Michael Peirce. Yahoo e$ sites of interest

Additional payments schemes may be announced via a fill in form. These announcements may be viewed in unmoderated form.

Anonymous Internet Mercantile Protocol, Anonymous Credit Cards AT&T Bell Labs

A card model protocol which implements a policy which balances strong guarantees of confidentiality with the needs of law enforcement. A formal approach is employed with comprehensive details of mechanism and data flow.

BankNet Electronic Banking Service Marketnet

Full electronic banking service offers ability to write cheques. Uses PKCS envelope formats.

BarclayNet Barclaycard

An electronic mall run by one of the worlds largest credit card companies. Preventing disclosure of the credit card number to the merchant is thus superfluous and a simple secure socket communication mechanism to prevent eavesdropping is sufficient.

CAFE CAFE

A cash based scheme with strong guarantees of anonymity. Backed by a 13 member European consortium. Details are not avaliable at present.

e-Cash DigiCash

Anonymous digital cash. Few details are given about the specific scheme employed but voluminous archives of papers by the companies founder, David Chaum are provided. Mark Twain Bank have deployed this scheme.

Electronic commerce payments Financial Services Technology Consortium

No public details on this project are available at present.

Electronic cheque Financial Services Technology Consortium

A cheque scheme designed to provide an upgrade path from the existing cheque system.

Green Commerce First Virtual

First Virtual's Green Commerce payments model is one of the first payments schemes to become established on the internet. The major novel feature of this scheme is its `satisfaction guaranteed' policy which protects customers from dishonest merchants by allowing them an unconditional right to refuse payment for individual items. A statistical mechanism is used to identify over frequent use of this option and exclude habitual non-payers. Identification of customers is via an email call back loop scheme.

Internet Keyed Payment Protocols(iKP) IBM (Zurich & Watson Labs)

A card based model of payment which mainly addresses the questions of data flow and mechanism. Public key cryptography is used to ensure the privacy of a customer's card number and PIN number and provide non-repudiability. iKP has three options,, 1KP, 2KP and 3KP in which the acquirer alone, acquirer and merchant and acquirer merchant and customer respectively have a public key. See also the SEPP protocol which is based upon iKP.

CheckFree CheckFree

Company provides various payments schemes on a number of models.

FBOI First Bank of Internet

Novel payments system employs ATM cards and PGP. Provides strong guarantees which prevent loss of money by the bank. Protection for the customer is less apparent.

LETSystems LETSgo Manchester

LETSystems presents a novel policy view in the radical tradition of Northern England. A system of local currencies is proposed and a a pilot project in Manchester, England described.

NetBill Carnegie Mellon University INI

An implementation of a cheque payment model employing a symmetric key cryptography mechanism based on Kerberos.

NetCash/NetBank Software Agents, Inc.

Policy allows transactions for free but a charge of 2% is levied for transfers into or out of the system. No security mechanism or data flow is described.

NetCash USC

A cash model.

NetCheque USC

An implementation of a cheque payment model employing a symmetric key cryptography mechanism based on Kerberos.

NetPay Boston Automation

An EDI based transaction settlement system developed by Advantis.

NetChex NetChex

Payments scheme based on a cheque mode but using credit cards for account settlement. Mechanism is proprietary and a detailed descriptions is not provided. The mechanism appears to employ a shared secret.

Magic Money Cypherpunk's

The ultimate in privacy policy, even the originators of the scheme are anonymous. Mechanism seems to be based on PGP. Used to implement a scheme by Chaum NexusBucks and by the Phantom Exchange

Millicent DEC (Systems Research Center)

A payments protocol with a scrip based variant of a cheque model.

Mondex Mondex

Cash scheme based on a hardware "purse" device. This provides the portabilitiy and network independence of physical coin.

Secure Courier Netscape

A card payment scheme based upon public key technology built on the Secure Sockets Layer protocol.

Secure Electronic Payment Protocol MasterCard

MasterCard sponsored payments protocol based upon the IBM iKP protocol. Developed in association with IBM, Netscape, CyberCash and GTE Corp.

Secure Internet Payment Service CyberCash

An established payments scheme employing public key cryptography to protect the customers authentication data and provide provide non-repudiability.

STT Microsoft, VISA

Details to be announced.

Stored Value Card VISA

A planned cash scheme based on a hardware device permitting purchases of up to $10.

Vishnu Hewlett-Packard Labs Bristol

A mechanism for cheque/card based payment. Employs a Diffie Helleman based cryptographic mechanism which permits novel data flow optimizations.

Related work

Articles:

Slaves of a New Machine: Exploring the For-Free / For-Pay Conundrum Laura Fillmore

Considers the impact of electronic payments on publishing with examples drawn from personal experience.

XIWT

Another National Information Infrastructure consortium. This one provides a comprehensive breakdown of the requirements for electronic cash.

Electronic Money and Money in History Roy Davies

Two articles on the history of money with a well designed annotated index.

Conferences:

Making Money on Internet

Conference proceedings, University of Texas at Austin, Austin -- May 8-10, 1994

The First International Conference on Electronic Commerce

University of Texas at Austin, Austin -- October 30-31 1995

Further Work

Provision is made for unlisted schemes to be registered. At present no facilities are provided to provide alternative analysis according to a taxonomy of their choice such as performance or to provide comment on a particular proposal.

Links to this page:

Articles

• WEBster--The Cyberspace Surfer, Oct. 3, 1995 [3Oct95]

Collections of payments system links.

• www-buyinfo Home Page [10Nov95]
• Whitey's Web Works - Online Marketing and Research [3Dec95]
• Agorics, Inc. References to Interesting Documents [2Dec95]
• Communication Links [20Nov95]
• Network Payment Collected Information [30Nov95]
• Privacy-on-Demand (PoD) - ECommerce [6Nov95]
• egBanks: example Banking links [27Nov95]
• egMedia: example Media links [18Nov95]
• Electronic Commerce [28Nov95]
• Jiri Baum - e-cash vs. cash and CC [3Nov95]
• e$ sites of interest [29Nov95]

Personal Home Pages

• David Messner's Bookmarks [16Nov95]
• Henry's Pretty Good Security Page [22Nov95]
• William McKee's Home on the Web [23Nov95]
• Howard Melman's Bookmarks [29Oct95]
• Markus Langenbahn's Bookmarks [6Nov95]
• Sonja's Home Page [24Nov95]
• Andreas Bogk's Bookmarks [8Dec95]
• Home Page for Don Kitchen [8Dec95]