Lynn,
I don't think you got the whole picture.
The scheme described is as far as I know identical in
every respect to how purchases, invoices, and payments
are handled in major organizations today. I.e. these
"third parties" do authorize purchases and authenticate
purchasers. The only difference using .PAY, is that the
process is real-time which is perfect for a lot of things
like air-line tickets. And that it eventually can be
performed from a PDA in a shop.
Digital signatures are used in every critical step
giving full non-repudian support for all parties.
I.e. the merchant is bound to their quote/shopping cart,
the buying organization is bound to their acceptance,
and last not least the bank is bound to the payment
transaction. Rather "neat" in my opinion. At least it
is a big improvement over most current systems.
Or to put it in another way: How would *you* design
a system that better matches what you consider crucial?
Don't forget to include details on how information is
to be managed, as this is a corner-stone of any enterprise
system.
Anders
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Anders Rundgren" <[EMAIL PROTECTED]>
Cc: "internet-payments" <[EMAIL PROTECTED]>
Sent: Saturday, September 28, 2002 06:55
Subject: Re: Purchasing Cards - The Next Generation
this is over simpliefied. banks already authenticate and authorize a
payment .... both the authentication and authorization can cover a number
of things like fraud, balance, limits, etc. payment cards have been crafted
into that infrastructure expanding the number of things considered for
valid transaction.
even if some new 3rd party took 100 percent liability for authentication
and authorization ... the bank would probably continue to perform some
authentication and authorization (as well as various kinds of fraud)
checking ... possibly not being able to eliminate all duplication.
also it isn't clear how each of these employer/3rd parties which means
that each of these 3rd parties (employers) might either have to perform
explicit liability contracts with each possible merchant ... or form some
of new association which picked up the responsibility of some global
merchant contract under the auspices of the employer/3rd party/payment
association.
if the are performaning all the authentication and authorization ... and
the banks just moving money with no liability .... there is some
possibility that such organizations then might come under the jurisdiction
of various national financial regulatory organizations ... subjecting these
organizations to some level of financial industry regulatory control.
Anders Rundgren
<anders.rundgren@ To: internet-payments
telia.com> <[EMAIL PROTECTED]>
cc:
09/27/2002 02:18 Subject: Purchasing Cards -
PM The Next Generation
Currently purchasing cards apparently rely on close ties with issuers as
well as supplier support.
.PAY (*), an "input specification" to a proposed OASIS payment
standard track, changes this by making each party do what they are
best at which means:
- Issuers/Banks pay
- Suppliers deliver goods or services
- Employers control/authorize/archive what their employees do
How does this work?
1. The merchant sends a "rich" transaction request to the buying
organization
2. The purchasing-server authenticates the purchaser
3. The purchasing-server checks the Level III-like items and authorizes if
ok
4. The purchasing-server sends the transaction request to a PSP/bank fo
fulfillment using ACH, credit-cards, debit-cards, etc.
5. The PSP/bank returns the complete transaction
6. The purchasing-server sends this back to the merchant
(there are some minor deviations but the principle is as above)
The net result is that the entire concept of a purchasing card
disappears, and a real-time B2B-transaction takes its place.
And how about those non-web-based transactions? Well,
unfortunately we will have to wait another 5 years or so
until the phone-makers heve recovered from the current
recession and see some light in the tunnel.
*) Reading only: http://buyer.x-obi.com/dotpaybuyer/faq.html
Running .PAY: https://buyer.x-obi.com/dotpaybuyer/buyer
cheers,
Anders
