Electronic Payment Schemes

Dr Phillip M. Hallam-Baker
World Wide Web Consortium.

This paper presents a framework for discussion of electronic payment schemes. A comprehensive index of such schemes and a brief overview of their relationship to the framework is provided. The framework consists of two axes, the levels of abstraction at which the protocol is analyzed and the payment model considered.

A Layered Protocol Model.

A three layer model is used to compare payments schemes.

Policy
The semantics of the payment scheme. This includes refunds policies, and the liabilities incurred by customers, merchants and financial institutions.
Data flow
The requirements for storage of data by and communications between the parties. This includes not only the data flows for payments themselves but also for refunds, account enquiries and settlement.
Mechanism
The methods by which the necessary security requirements for messages and stored data are achieved.

All three abstraction levels are tightly coupled since policy makes requirements of data flow and data flow makes requirements of mechanism.

Payment Protocol Models.

Cash
Cash consists of a token which may be authenticated independently of the issuer. This is commonly achieved through use of self authenticating tokens or tamper proof hardware.
Cheque
Cheques are payment instruments whose validity requires reference to the issuer.
Card
Card payment schemes provide a payments mechanism through the existing credit card payment infrastructure. Such schemes have many structural similarities to cheque models except that solutions are constrained by that structure. A key feature of card payment systems is that every transaction carries insurance.

List of Internet Payments Schemes and Proposals.

The following list was compiled with the aid of indices maintained by the World Wide Web Consortium, Cornell, SIRENE, IBM, AT&T Bell Labs, and the Home Page of the www-buyinfo mailing list. See also pages by Stefan Brands Robert Hettinga and Michael Peirce. Yahoo e$ sites of interest

Additional payments schemes may be announced via a fill in form. These announcements may be viewed in unmoderated form.

Anonymous Internet Mercantile Protocol, Anonymous Credit Cards AT&T Bell Labs
A card model protocol which implements a policy which balances strong guarantees of confidentiality with the needs of law enforcement. A formal approach is employed with comprehensive details of mechanism and data flow.
BankNet Electronic Banking Service Marketnet
Full electronic banking service offers ability to write cheques. Uses PKCS envelope formats.
BarclayNet Barclaycard
An electronic mall run by one of the worlds largest credit card companies. Preventing disclosure of the credit card number to the merchant is thus superfluous and a simple secure socket communication mechanism to prevent eavesdropping is sufficient.
CAFE CAFE
A cash based scheme with strong guarantees of anonymity. Backed by a 13 member European consortium. Details are not avaliable at present.
e-Cash DigiCash
Anonymous digital cash. Few details are given about the specific scheme employed but voluminous archives of papers by the companies founder, David Chaum are provided. Mark Twain Bank have deployed this scheme.
Electronic commerce payments Financial Services Technology Consortium
No public details on this project are available at present.
Electronic cheque Financial Services Technology Consortium
A cheque scheme designed to provide an upgrade path from the existing cheque system.
Green Commerce First Virtual
First Virtual's Green Commerce payments model is one of the first payments schemes to become established on the internet. The major novel feature of this scheme is its `satisfaction guaranteed' policy which protects customers from dishonest merchants by allowing them an unconditional right to refuse payment for individual items. A statistical mechanism is used to identify over frequent use of this option and exclude habitual non-payers. Identification of customers is via an email call back loop scheme.
Internet Keyed Payment Protocols(iKP) IBM (Zurich & Watson Labs)
A card based model of payment which mainly addresses the questions of data flow and mechanism. Public key cryptography is used to ensure the privacy of a customer's card number and PIN number and provide non-repudiability. iKP has three options,, 1KP, 2KP and 3KP in which the acquirer alone, acquirer and merchant and acquirer merchant and customer respectively have a public key. See also the SEPP protocol which is based upon iKP.
CheckFree CheckFree
Company provides various payments schemes on a number of models.
FBOI First Bank of Internet
Novel payments system employs ATM cards and PGP. Provides strong guarantees which prevent loss of money by the bank. Protection for the customer is less apparent.
LETSystems LETSgo Manchester
LETSystems presents a novel policy view in the radical tradition of Northern England. A system of local currencies is proposed and a a pilot project in Manchester, England described.
NetBill Carnegie Mellon University INI
An implementation of a cheque payment model employing a symmetric key cryptography mechanism based on Kerberos.
NetCash/NetBank Software Agents, Inc.
Policy allows transactions for free but a charge of 2% is levied for transfers into or out of the system. No security mechanism or data flow is described.
NetCash USC
A cash model.
NetCheque USC
An implementation of a cheque payment model employing a symmetric key cryptography mechanism based on Kerberos.
NetPay Boston Automation
An EDI based transaction settlement system developed by Advantis.
NetChex NetChex
Payments scheme based on a cheque mode but using credit cards for account settlement. Mechanism is proprietary and a detailed descriptions is not provided. The mechanism appears to employ a shared secret.
Magic Money Cypherpunk's
The ultimate in privacy policy, even the originators of the scheme are anonymous. Mechanism seems to be based on PGP. Used to implement a scheme by Chaum NexusBucks and by the Phantom Exchange
Millicent DEC (Systems Research Center)
A payments protocol with a scrip based variant of a cheque model.
Mondex Mondex
Cash scheme based on a hardware "purse" device. This provides the portabilitiy and network independence of physical coin.
Secure Courier Netscape
A card payment scheme based upon public key technology built on the Secure Sockets Layer protocol.
Secure Electronic Payment Protocol MasterCard
MasterCard sponsored payments protocol based upon the IBM iKP protocol. Developed in association with IBM, Netscape, CyberCash and GTE Corp.
Secure Internet Payment Service CyberCash
An established payments scheme employing public key cryptography to protect the customers authentication data and provide provide non-repudiability.
STT Microsoft, VISA
Details to be announced.
Stored Value Card VISA
A planned cash scheme based on a hardware device permitting purchases of up to $10.
Vishnu Hewlett-Packard Labs Bristol
A mechanism for cheque/card based payment. Employs a Diffie Helleman based cryptographic mechanism which permits novel data flow optimizations.

Related work

Articles:

Slaves of a New Machine: Exploring the For-Free / For-Pay Conundrum Laura Fillmore
Considers the impact of electronic payments on publishing with examples drawn from personal experience.
XIWT
Another National Information Infrastructure consortium. This one provides a comprehensive breakdown of the requirements for electronic cash.
Electronic Money and Money in History Roy Davies
Two articles on the history of money with a well designed annotated index.

Conferences:

Making Money on Internet
Conference proceedings, University of Texas at Austin, Austin -- May 8-10, 1994
The First International Conference on Electronic Commerce
University of Texas at Austin, Austin -- October 30-31 1995

Further Work

Provision is made for unlisted schemes to be registered. At present no facilities are provided to provide alternative analysis according to a taxonomy of their choice such as performance or to provide comment on a particular proposal.

Links to this page:

This collection of links was compiled on 18th December 1995. See AltaVista for a current list of links.

Articles

Collections of payments system links.

Personal Home Pages