Hi Anders, About the proposition:
I think the main problem of 3D Secure is that it's only an authentication mechanism and not a payment protocol at all. Compared to SET, the seperation auf authentication mechanism and payment protocol is a huge step back. About core technology: it's interresting that in Jannuary, we had a similar idea. However, we didn't think that the customer wants to remember the issuer's domain, so we proposed a lookup mechanism (similar to DNS) mapping the user's eMail adress to the domain of his/her issuing bank. About the idea: Great approach! Yours, Sebastian Kübeck ____________________________________________________ QENTA paymentsolutions sebastian kübeck www.qenta.com [EMAIL PROTECTED] tel: +43 316 81 36 81-0 fax: +43 316 81 36 81-20 Anders Rundgren wrote: > > Dear e-Payers, > > A SUCCESSOR TO 3D SECURE > Working with state-of-the-art e-commerce solutions and standards > based on Web Services, I see an opportunity to create a system that > would inherit the core 3D Secure idea (the Issuer doing the actual > payment-transaction), but among many things, offering a better > "user experience" by instead of asking for credit card data, ask the > user to input the issuer's domain name. Like "bigbank.com". > This makes even more sense when /if cards get fully virtual, as > then there will be no credit-cards to keep in your purse anymore, > or for shared company-cards, as memorizing huge non-static > numbers is much harder than just remembering the name of a bank. > A further advantage is that almost the entire payment-process > can GUI-wise be performed in the bank (like card selection), > rather than by more or less arbitrary merchant-defined > applications. > > THE PROPOSITION > I'm interested in forming a vendor-neutral consortium for > creating a 3D Secure replacement based on other principles, > that would not only support credit-card transactions for *any* > brand, but local account-to-account transaction-schemes as > well. This would make sense for both merchants, and banks, that > probably are less than happy about the current situation, with > solutions that are "all over the map" for no apparent reason, but > the competition between different card-brands and proprietary > payment-schemes. A successor of 3D Secure should be neutral, > distributed, and locally adaptable to become the norm. OASIS- > open is a possible place for hosting such a project. > > THE CORE TECHNOLOGY > As far as I understand. 3D Secure relies on a VISA directory to > map a PAN-code to an issuer URL, but by using Web Services, > Web Service Discovery, and DNS SRV records, you can achieve > the same (or actually considerably better), functionality for the > user as described in the first section. I.e. using DNS which is > already globally available, and completely decentralized, seems > like a much better idea than creating brand-specific, centrally > maintained, one-function-directories. > For those who are deeply into technology and want to know > even more about the anticipated principles behind the proposed > 3D Secure replacement, the following URL shows a B2B- > scenario, that does practically the same thing for the creation > of purchase orders (with the exception that DNS SRV-records > were not used): > http://www.x-obi.com/OBI400/OBI4-sc-New-Customer-Order.doc > I.e. you should think of the buying organization as an Issuer and > the purchase order a signed payment transaction. As you may note, > the number of [server] steps are maybe double that of 3D Secure, > but our experience with the OBI Express B2B-standard-to-be, > (can be tested at https://buyer.x-obi.com/BuyerASP/buyer ) > indicates that this is no longer a problem. For the end-users things > remain as simple as possible. > > BE MOBILE AS WELL > The proposed system is targeted to be equally suitable for mobile > e-payments as well, regardless if the mobile user performs a local > transaction, or a remote ditto. > > Any thoughts on this? > > Regards > Anders Rundgren > CEO X-OBI > > +46 70 - 627 74 37 -- Mit freundlichen Grüßen, Sebastian Kübeck ____________________________________________________ QENTA paymentsolutions sebastian kübeck www.qenta.com [EMAIL PROTECTED] tel: +43 316 81 36 81-0 fax: +43 316 81 36 81-20
