Electronic commerce ‐ would, could and should you use current Internet payment mechanisms?

Introduction

This paper is about online payments. Such adiscussion, while ultimately being a key issue forthe much vaunted and long awaited informationsuperhighway (ISH), is as significant an issuenow as it ever will be. The explosive increase inthe use of the Internet, and especially the WorldWide Web, has seen the introduction of com-mercial services and pressures into what waspreviously a safe friendly medium for academia.Not only has this resulted in the emergence ofthe kind of service previously restricted to theworld of Compuserve and the like, but thepotential size of the market has made this amuch more frenetic and competitive activity.

AssumptionsThe Internet is viewed by many as the naturalprecursor and testing ground for the ISH. Forthe purposes of this paper I shall assume thatany payment systems on a future ISH would bebased on the same principles and techniques asthose for the Internet, and also that any pay-ment mechanism that becomes widespread andeffective on the Internet can and will be appro-priate on the ISH.

Electronic servicesAlmost everybody on the Internet, so it seems,wants access to the sort of commercial servicesthey use in other environments[1]. Mail-orderand catalog based services are obvious candi-dates for the Internet malls. Travel and holidayfirms are already proliferating. Informationservices too have been quick to see the potentialof this marketplace. As a primary informationsource for many people, newspapers havealready expanded into online editions. Publish-ing in cyberspace is considerably cheaper thanproduction and distribution in the real worldand with an audience that is claimed to bethousands or eventually millions of times largerthan any physical publication can hope to reach.These new online publications, be they virtualmagazines, newspapers or books, brochures,catalogs or price lists, can offer a level of interac-tivity and personal attention that customerscould only previously dream about.

So far, most of this information has beenmade available free – either subsidized by adver-tising revenue or limited in scope to attract

5

Internet Research: Electronic Networking Applications and PolicyVolume 6 · Number 2/3 · 1996 · pp. 5–18© MCB University Press · ISSN 1066-2243

Electronic commerce –would, could and shouldyou use current Internetpayment mechanisms?

S. Peter Buck

The authorSimon Peter Buck <[email protected]> is a Consultantwith Hyperion Systems Ltd in Guildford, Surrey, UK where heprovides specialist consultancy on electronic commerce to avariety of blue chip clients. Previously he was architect,designer and development manager for the London StockExchange’s Automated Quotation (SEAQ) system, which wasthe heart of the city’s “big bang” in 1986, moving the UK’ssecurities trading from the physical world into cyberspace.

AbstractSuggests that the discussion of online payments, whileultimately being a key issue for the future InformationSuperHighway, is as significant now as it ever will be. Theexplosive increase in the use of the Internet has seen theemergence of commercial services and pressures previouslyrestricted to Compuserve and the like. Many predictions seethis burgeoning electronic marketplace becoming a signifi-cant component of the world economy. However, this canonly happen once two key problems have been addressed,namely, protecting property rights, and making payments.This has led to a frantic battle for payment mechanisms thatcan provide the new medium with the means of conductingtransactions. Identifies the key commercial requirements thatsuccessful use of the Internet will impose on a paymentmechanism. Identifies the different types of mechanisms thatare proposed, on trial or in use on the Internet. Evaluateseach of these mechanisms against the requirements todetermine which (if any) are really suitable for electroniccommerce.

customers to subscribe to a separate servicesuch as the print edition of a traditional publica-tion. Apart from the determination of whethersubscribers would be prepared to pay for onlineeditions, the main constraint has been an effec-tive way to collect online payment securely andreliably. This need, common to all online ser-vices, has led to a frantic and often confusingbattle for payment mechanisms to provide thisnew medium with the means of conductingtransactions effectively.

Electronic commerceMany predictions see this burgeoning electronicmarketplace becoming a significant componentof the world economy (see for example Birch,1994). However, this can only happen once twokey problems have been addressed, namely:(1) protecting property rights (i.e. a mechanism

to ensure that the purchaser of digital goodssuch as images, software, music or videoscannot offer illicit copies for resale);

(2) making payments (a secure mechanism thatcan cost-effectively support transactions ina distributed environment).

I will only address the second of these problems(for a discussion of the first, see Lawrence,1995).

In this paper I will identify the key commer-cial requirements that successful use of theInternet will impose on a payment mechanism.I will then identify the different types of mecha-nisms that are proposed, on trial and in use(along with some representative examples). Iwill evaluate each of these mechanisms againstthe requirements to determine which (if any)are really suitable for electronic commerce.

Product versus service (would you…?)

In the online world, the distinction betweenservices and digital products has become diffi-cult to determine. A service can be seen as avehicle through which products can be deliv-ered, or as simply a sequence of products deliv-ered over time. Even physical products andservices that are delivered separately can still beordered or initiated online.

Concomitant with the worldwide hype of theInternet and its exponential growth in usage,there has been an equally explosive growth in

the commercial use of the Internet. This hasbeen largely catalyzed by the advent of the WorldWide Web and its popularization by NCSA’sMosaic browser[2] and Netscape’s Naviga-tor[3], making it very easy to publish multime-dia/hypermedia reasonably cheaply with verywide coverage across multiple platforms andnegligible incremental cost per “customer”.Publishing on the Web is so easy anyone can doit (and it often shows!) – luckily it is no longerjust in the realm of the IT department (probablyvery clever, but frequently a graphical disaster –what we could call the “Gee Whiz” phase), andthe better sites have moved beyond just themarketing department (graphically stunning ifyou have the patience to wait for the download –the “Ooh Ahh” phase) into a synergistic phasewhere design values, technical constraints andusability requirements can be brought together(the “At last!” phase?). As well as providing anew medium for both marketing and vox pop it isideal for the provision of services and goods toboth large and small user communities.

Commerce serversThe range of products and services available on-line increases every day[4]. Integrated Web andcommerce servers from the likes of Netscapemake the process even easier and the promise ofsecure mechanisms for payment transactions willremove what is a major doubt for many potentialcommercial participants. However, most ofthese rely on credit/debit mechanisms and whilethat is suitable for higher value payments (over£10) it requires the development and mainte-nance of billing and invoicing systems for usage-based or high volume low-value services.

MicropaymentsThe much heralded information economy ispredicated on easily accessible items of informa-tion which can be readily traded. The finer thegranularity of information “items” that can betraded, the more liquid this market will become.This will require payment mechanisms that cancost-effectively support very low value transac-tions (known as micropayments) ideally in real-time – for example I would not buy an electronicversion of the travel supplement from today’sFT if it cost me £1, I would buy the paperinstead; however, I probably would be preparedto pay for the three articles about self-catering

6

Electronic commerce – would, could and should you use current Internet?

S. Peter Buck

Internet Research: Electronic Networking Applications and Policy

Volume 6 · Number 2/3 · 1996 · 5–18

holidays in Tuscany from the last six months ifthey cost me five pence each to read theminstantly electronically. The service providergains from instant receipt of the payment andhas no need for expensive billing and invoicingsystems. This is most clearly appropriate wherethe nature of the service attracts ad hoc customerusage rather than a steady use over time.

Requirements

If a cost-effective payment mechanism is such anessential prerequisite for the effective expansionof cyberspace as the ultimate mall, can we quan-tify (or at least qualify) what the requirements onsuch a payment mechanism should be?

As with so many new technologies in theirearly days, most of the published material isfrom technologists and theorists. Much of theliterature to do with electronic payment mecha-nisms, whether on the Internet, ISH or else-where, has been dominated by academics andmathematicians. They have concentrated on theadvantages of one or other encryption mecha-nism to provide security and/or privacy. A littleof the literature has addressed economic andcommercial issues while some is just hype[5].Hardly a day goes by without the Internetappearing in at least one newspaper, and theconsequences of electronic commerce on theInternet are beginning to compete with onlinepornography as the topic for discussion (see forexample Cane, 1996).

But what has been sadly lacking is any atten-tion to what the potential users actually wantfrom such a mechanism (and there are a lotmore potential users than mathematicians – evenconservative estimates put the current Internetcommunity at 30 Million + world-wide).

Any payment mechanism has three signifi-cant, and essentially discrete, groups of interest-ed parties:(1) the users (who can in turn be subdivided

into retailers and consumers depending onthe transaction model adopted);

(2) the issuers (banks and other financial institu-tions who are providing the actual mecha-nisms or the means to integrate them intoother financial systems);

(3) the regulators (who are concerned withissues ranging from assuring the integrity ofthe mechanism and its operators, to the

potential impact on the wider economyboth at a national level and, of course,globally given the nature of the Internet).

I intend to concentrate on the requirements ofthe users, but not to the exclusion of the issuersor regulators.

Commercial requirementsAs a user I want:• flexibility: to be able to make and receive

payments without the intervention of anintermediary for each transaction;

• ease of use: to be able to make or receivepayments as easily as taking money out of mywallet;

• cost-effectiveness: no additional transactionfee, hence no effective lower limit to the valueof a transaction. Retailers may be keen toremove the need for billing systems, one ofthe most expensive parts of an operation.Collecting small payments for each item of“information” as it is bought/used may bemuch simpler (cheaper) than billing for totalusage after the event.

Issuers may also be keen to remove theneed for central transaction processing sothat costs and complexity can be reduced.Conversely acquirers are unlikely to be keenon a large number of low value transactionsclogging their processing system;

• fungibility: the ability to reuse (some or allof) the funds I receive to make other pay-ments, without having to change it at a bank;

• universality: the ability to use the same pay-ment mechanism not just on the Net butelsewhere too, to buy a paper in the highstreet, petrol at a garage, books over thephone, give my son his allowance, or pay thewindow cleaner.

The regulators will, of course, take moreinterest in “money” that can be used outsidethe net too. However, if this is “real” money,backed by funds in the same way as banknotesbut held electronically, it can be treated likeany other component of the money supply.

Security requirementsSecurity requirements, from a user’s point ofview, fall into three categories relating to safety(of the payment itself), privacy (of the con-sumer) and trustworthiness (of all participants).

7


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

SafeI want to be able to make or receive a paymentand be assured that no one else can divert it orimpersonate me in order to steal my funds oruse them for nefarious purposes.

Safety can be assured by a variety of methods.The simplest and oldest (illustrated in Figure 1) isto send critical information (such as a credit cardnumber) via a separate medium (e.g. phone orfax) thus reducing the risk of interception. Morerecently encryption techniques have been devel-oped to ensure that the data could not be under-stood if they were to be intercepted (Figure 2).

Additional techniques such as digital signa-tures can also be used both to assure the integri-ty of the data and the identity of the originator.Issuers and regulators are keen on safety to

ensure not only that customers’ funds cannot bestolen but also that counterfeit transactionscannot be introduced.

PrivateI do not want anyone else to know about mytransactions apart from the counterparty ineach individual payment.

Privacy can be assured by the removal of anydirect indication of the identity of a consumer inthe payment mechanism itself. This is clearlymore difficult where third parties are involved,or where checking the identity of the consumeris an integral part of the process. Once again asshown in Figure 3, encryption techniques canbe used to remove the opportunity for eaves-droppers to comprehend the details of anypayment.

8


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Orderdetails

Orderdetails

VISAVISA

Figure 1 Safety through separation

VISA

VISA

VISAOrderdetails

Orderdetails

VISA

VISA

Figure 2 Safety through encryption

Digital signatures provide a means of confirm-ing the validity of a payment without necessarilydivulging the identity of the consumer. While itmay seem that regulators (such as the taxman orCustoms & Excise) may be very unhappy aboutsuch an unaudited system, currently 70 percentof all transactions in the UK are cash (andhence largely unaudited) and 90 percent world-wide.

TrustworthyI want to be able to rely on the mechanism itselfand the counterparty in the transaction.

One of the significant differences betweencurrent everyday transactions and commerce onthe Internet is the potential remoteness of theretailer from the consumer. Combined with thepredicted increase in “cottage industries”, thiswill lead to many users attempting to conducttransactions with other individuals elsewhere inthe world. This remoteness and relativeanonymity of parties to the transaction, impliesa need for the certification of (at least) the payee(see Figure 4).

Such a mechanism may require the use of (a

hierarchy of) certification authorities or trusted

intermediaries[6]. This will become a highly

contested business in itself, with large “trusted”

organizations such as banks, insurance compa-

nies and industry associations being well placed

if they take the lead.

ConstraintsAs well as meeting these commercial and securi-

ty requirements, there are additional constraints

that may (or should) be imposed. The most

significant are:

• Integration. Larger retailers and issuers will

want to ensure that any payment mechanism

on the Net will integrate with their existing

payment mechanisms or at least their back

end systems.

• Acceptability. Small retailers and sole traders

will want to ensure that they are not forced to

use a payment mechanism that they find

unacceptable in the “real” world.


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

MONDEX

Orderdetails

Orderdetails

MONDEX

MONDEXMONDEX

Figure 3 Privacy through encryption

MONDEX

Orderdetails

Orderdetails

MONDEX

MONDEXMONDEX

Figure 4 Trust through certification

9

• Non-exclusivity. Individuals do not want tobe excluded from the Net by the widespreaduse of a payment mechanism that is notavailable to them.

Small retailers and sole traders equally donot want to be excluded from the Net by thewidespread use of a payment mechanism thatis only available to large organizations or byparticipating in a consortium.

• Portability. Individuals whose access to theNet is from shared or public access worksta-tions will need to be able to carry their pay-ment mechanism around with them, ratherthan be tied to a specific workstation orInternet address.

Payment mechanisms (could you…?)

Over the past few months there has been arapidly increasing number of proposals forpayment mechanisms on the Internet[7]. Forthe purposes of this paper I will use the follow-ing taxonomy of payment mechanisms in thereal world to classify these potential electronicpayment schemes:• credit: credit mechanisms such as credit

cards or pre-arranged accounts with billing inarrears;

• debit: debit mechanisms such as debit cards,cheques, or pre-paid accounts;

• token: pre-paid tokens such as traveller’schecks, bank drafts or phone cards;

• cash: fungible assets such as cash (or gold!).

The myriad proposals for Internet paymentmechanisms fall into one or other of these classi-fications. Table I shows a subset of these pay-ment mechanisms that is representative of thosein use or proposed.

Credit

There are many mechanisms available to usecredit cards on the Internet, with a range ofsecurity (from none at all to “military” strengthencryption). The most interesting event in thewhole of this area recently has been the off-againon-again liaison between Mastercard and Visa toproduce what will become the de facto Internetstandard for secure bank card payments.

E-mail, etc.Various online shopping malls and small retail-ers such as the pioneering On-line Book Store(OBS) have for some years been using the basicmechanisms of the Internet to effect the equiva-lent of a mail order/telesales transaction. Toplace an online order in the store a consumercan supply credit card details using a form on aWeb page or via e-mail. Many Web based sitesoffer the option to send card details separately(by phone or fax) for consumers who wish toavoid any potential insecurity.

Secure sockets layerMany Web based sites also use the basic (SSL)security developed by Netscape to encryptcredit and order details before sending themfrom the consumer to the retailer.

Netscape was founded by Jim Clark (alsofounder of Silicon Graphics) and nine out of tenof the original developers of Mosaic (the firstgraphical web browser that catapulted the Webfrom a research tool at CERN to the fastestgrowing component of the Internet) who leftNCSA to form their own corporation. Theyhave defined a protocol SSL – secure socketslayer (see Netscape, 1994) based on RSAencryption and digital signature technology – toprovide authentication, privacy and dataintegrity as a protocol layer above TCP/IP andbelow application protocols such as http, ftp,etc. It is implemented in the Netscape Naviga-tor Web browser and Netsite server software,and has been adopted by many other browsersand servers as a de facto Internet standard. The


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Table I Representative schemes

Classification Scheme

Credit e-mail etc.a

SSL (US)a

First Virtual (US)a

CyberCash (US)a

Visa/Mastercard (US)Debit BankNet Echeque(UK)b

FSTC Electronic check(US)Token Digicash (NL)b

Cash Mondex (UK)b

Notes: a In useb On trial

10

full implementation of their browser cannot beexported from the USA under munitions legis-lation (!) so they produce a version using lesssecure keys (40 bits as opposed to 128 bits) forexport to most parts of the world (except Cuba,Haiti, Iraq, Libya, Yugoslavia, North Korea,Iran, or Syria). Netscape also support X.509digital Certificates such as those from theVeriSign[8] Certification Authority.

First Virtual Formed in early 1994 by a small team of Inter-net pioneers, First Virtual (FV) is currently foronline information services only – users registeras a buyer or seller with FV, sending thembank/credit card details by post not via theInternet. Registered users are issued with anaccount ID. Buyers use their FV account IDwhen buying, sellers verify it online with FV andsupply the information purchased, buyers laterconfirm the transaction to FV via e-mail. Smallvalue transactions are aggregated until a reason-able amount ($10) is reached and then themoney is collected from the buyer’s credit card,with FV taking a small fee. FV take a transactionfee (29 cents) and 2 percent of the transactionvalue from the seller. Currently they can onlyapply transactions to Visa and Mastercardaccounts and only in US dollars. Sellers receivefunds into a nominated bank account whichmust be in a US bank[9].

CyberCashFormed in 1994 by the founder of VeriFone Inc.(makers of credit authorization terminals) andTNS (a US financial transaction network),CyberCash provides free client software to usersand merchants, implementing their SecureInternet Payment Service™ which uses propri-etary encryption techniques. This enables usersto submit credit card payments to retailers whothen pass it to a CyberCash server linked to anumber of US banks’ private networks. Theretailers do not get to see the credit details in theencrypted payment. CyberCash also intend tointroduce their Money Payments Service™ andMiniPayments™ allowing online paymentsbetween bank accounts. They intend to supportall “standard” Internet payment mechanismsincluding the Visa/Mastercard protocol[10].

Visa/MastercardIn the summer of 1995, Visa[11] and Master-card[12] announced that they were workingtogether to define a protocol that would enablesecure bank card transactions on the Internetand would be adopted as the Internet standard.After a few months, Mastercard announced thatthey were no longer working with Visa, andcomplained that Visa’s protocol would not be anopen standard as their technology partner,Microsoft[13], intended to take a royalty pay-ment for each credit payment across the Inter-net (this view is supported by an analysis of BillGates in Schlender, 1995). Mastercardannounced their own protocol developed inconjuction with Netscape, supported byIBM[14], GTE[15] and CyberCash. TheMicrosoft/Visa protocol STT – Secure Transac-tion Technology (see Microsoft, 1995) wasplanned to be incorporated into the Microsoftbrowser by the end of 1995. The Mastercard/Netscape protocol SEPP – Secure ElectronicPayments Protocol (see Mastercard, 1995) wasto be implemented in Netscape Navigator 2.0available in beta form from October 1995. Bothstandards were proposed as Internet standards,and there was much concern at the implicationsof two separate (but very similar) protocolsbeing in use.

Early in February 1996, Visa and Mastercardannounced that they were working together todefine a protocol that would enable secure bankcard transactions on the Internet and would beadopted as the Internet standard (déjà vu?). Thedraft specification of the new protocol SET –Secure Electronic Transaction (see Mastercard1996) was published on 23 February 1996, andhas been produced by Visa and Mastercard inconjunction with Microsoft, Netscape, IBM,GTE, Verisign and others. It allows the creditand order details to be separately encrypted anddigitally signed by the consumer’s browserbefore being sent to the retailer. The retailer willnot get access to the credit details which can onlybe decrypted once securely inside the acquirer’ssystem – equally the acquirer does not get accessto the order details. This process involves the useof highly secure encryption and digital signaturetechniques, as well as digital certificates. Thereshould, however, be no export problems (asthere have been with SSL) because these mechanisms are embedded in the payment

11


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

process and are not accessible to the users tosecure other (non-financial) information.

Debit

A number of Internet banks have started offer-ing services (all claiming to be the first electron-ic bank on the Internet!) These offer a variety ofservices including payments using electroniccheques. BankNet is a UK based example.Meanwhile, FSTC, a US consortium of banksand government research institutions, isattempting to define a proposal for the stan-dardization of such mechanisms.

BankNetBankNet is a joint venture between MarketNetand Secure Trust Bank. They have establishedan Internet Bank, with online facilities for customers to query their account and submitpayment instructions. They provide electronicpayment instructions known as Echeques to beused as payment for goods and services on theInternet by their account holders. Their brows-er allows the user to sign Echeques digitallywith a private key which must be registeredwith BankNet. Currently in Beta trial, thissystem allows a BankNet customer to makepayments to another BankNet customer. Theyintend to extend the system so that it will bepossible for recipients of an Echeque to credit itto a normal bank account in other banks viae-mail. Accounts and payments are in sterlingonly[16].

FSTCFSTC – Financial Service Technology Consor-tium – is a group of US banks and governmentresearch establishments looking at ways ofdeveloping the technology necessary to supportthe financial infrastructure into the future. Oneof their projects is to develop a standard forelectronic checks, and though still in the discussion and proposal stage, the list of partici-pants adds credibility and hence significance towhatever they eventually propose. So far, theyappear to be in favor of external hardwaredevices to act as secure electronic check books(e.g. a smart card or PCMCIA card)[17].

Token

While there has been a lot of hype about electronic cash on the Internet, it has largelycentered on mechanisms that are in fact tokensrather than cash, predominantly the Digicashsystem.

DigicashThe Digicash system involves the creation of“electronic coins” in the form of digitally signednumbers in exchange for money from the user’sbank account. Each of these coins can be spent,once and only once, with a service provider whoaccepts them. When the coin is spent it is imme-diately sent by the recipient to the issuing bankfor online verification and logging (to ensure it isnot spent again) before confirming receipt to thepayer, who then discards the used coins. Theappropriate amount is credited to the recipient’sbank account. Much of the effort behind thissystem has been to develop very clever “blinding” techniques to ensure that the coincan be verified without revealing the identity ofthe consumer to the retailer or the bank (for acomprehensible explanation see Chaum, 1992).However all transactions are processed centrallyand all received payments are paid into therecipient’s bank so the only anonymity gained isby the payer of any individual transaction. Thishas been in beta-trial world wide since October1994 using virtual money (CyberBucks) witheach participant given 100 CyberBucks tospend. A number of shops are offering virtualservices in exchange for the virtual money[18].

In October 1995 Mark Twain Bankannounced a trial using real money, by linking aversion of Digicash software to deposit accountsin their bank in St Louis, USA. They are invit-ing retailers and service providers to join thetrial to accept their version of Digicash tokens inexchange for real goods and services[19].

In March 1996, EUnet, a leading Europeanprovider of Internet services, announced thelaunch of a Digicash service in Finland, inconjunction with Merita Bank, Finland’s largestbank. Merchants already accepting tokens onlaunch day included popular magazines, news-papers and one selling stock quotes. If success-ful in Finland, EUnet, working with majorbanks, intends to roll out the service during1996, in more of the 41 countries in which it

12


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

operates. In May 1996 Deutsche Bankannounced it was to operate a pilot Digicashproject with 1,000 customers later in the year.

Recent exposure of security flaws andbreaches in the protocol and the bank servershas undermined confidence in the Digicashsystem[20]. What effect this will have on thebanks remains to be seen.

Cash

The only example of genuine electronic cashthat has been successfully demonstrated on theInternet is Mondex.

MondexTrue electronic cash, the Mondex system isbased on a tamper-proof smart card that holdsthe cash (in multiple currencies) and the soft-ware to make and receive payments. Invented byNatWest Bank it has been developed as analternative to cash for global use in the realworld. A prototype has been in everyday use by2,000 staff at one of Nat West’s computer centres since March 1992, users being able topay with it in the on-site shops, restaurants andcafés and load money on to it from on-siteATMs. The millionth transaction wasannounced in 1994 (see Mondex, 1994). In theUK, Mondex is being operated jointly byNatWest and Midland banks in conjunctionwith BT. A public trial started in Swindon inJuly 1995 to include up to 40,000 consumersand the vast majority of the town’s 1,000+retailers, prior to national rollout. ElsewhereMondex will be operated by franchisees –HSBC have already signed up for the rights tooperate Mondex in most of Asia; CIBC andRBC[21] have signed up for Canada and haveannounced their own Swindon-like public trialin Guelph, Ontario, in conjunction with BellCanada[22]; and Wells Fargo[23] are runningtrials in California.

Mondex payments can be made betweenindividuals using a hand held “wallet” and alsousing specially adapted telephones from BT(and others), which may also be used as“ATMs” to load money remotely from a bankaccount. Equally easily, Mondex payments havebeen made over the Internet and can be usedfor fund transfers between individual users aswell as to retailers or service providers. As the

software is resident on the smart card andauthentication techniques are used, the(in)security of the communications channel isirrelevant, making the use of Mondex on theInternet both simple and ideal. No centralprocessing is required; only the two partici-pants’ cards are involved in the transaction, sono central records can be kept or interrogatedand hence the anonymity of cash ismaintained[24].

Transaction model

The most significant differences between thesediverse payment mechanisms are brought aboutby the assumption of different transactionmodels. There are essentially three differentmodels, post-paid, pre-paid and cash.

Post-paid modelIllustrated in Figure 5, this is widely implement-ed in credit/debit mechanisms. There are eightsteps:(1) credit/debit details sent by user to retailer;(2) retailer verifies details with issuer;(3) issuer logs details;(4) issuer confirms details;(5) goods sent by retailer to user …(some time

later);(6) transaction sent to issuer for settlement;(7) user account debited by issuer;(8) retailer account credited by issuer.

This offers the consumer all the usual benefitsof a bank card transaction such as deferredpayment (Pay Later or Pay Soon) and a degree ofguarantee/insurance provided by the cardissuer, but also incurs the costs. It can only beeffected with a merchant authorized by theissuer, and has a minimum transaction valuebelow which it is not economic, because of thecentral transaction processing costs. There mayalso be additional overheads imposed by thesecurity mechanism used.

The merchant runs the risk of chargebacksowing to subsequent repudiation by the card-holder, as Internet transactions are treated likeany other card-holder not present transaction.

Pre-paid modelIllustrated in Figure 6 this is implemented byDigicash. Again there are eight steps:


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

13

(1) money debited from user account by bank;(2) tokens issued to user;(3) user sends tokens to retailer;(4) retailer sends tokens to bank to verify;(5) bank logs use of tokens;(6) bank credits retailer’s account;(7) bank confirms to retailer;(8) retailer sends goods to user.

This allows the transfer, between users as well asto merchants, of pre-paid tokens which can thenbe exchanged for money at the issuing bank. Italso incurs central transaction processing coststhat impose a minimum economic transactionvalue. The central processing must occur as part

of the critical transaction path and hence is likelyto become a bottleneck for all transactions. Thesecurity overheads (blinding, random numbergeneration, etc.) can be transparent to the user ifthe interface software is well designed.

Consumers run the risk of not receiving thegoods or services that they have paid for, andhave no guaranteed way of determining theidentity of the counterparty.

Cash modelIllustrated in Figure 7 this is implemented byMondex. There are two steps:(1) User sends cash to retailer.(2) Retailer sends goods to user.

14


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Account details – user

acme co 15.50online pix 25.75payment 40.00–

Balance 1.25

Account details –retailer

P Buck 25.50–User 25.75–

Balance 51.25–

VISAAccess

11

5

2

6

8

4

7

3

Figure 5 Post-paid transaction model

010010100101010100110101010101001010101010101010101010101010101010100101010101010101001010101110100100

010010100101010100110101010101001010101010101010101010101010101010100101010101010101001010101110100100

Account details – user

Withdrawn 15.50Withdrawn 25.75Deposited 40.00–

Balance 1.25

Account details –Retailer

Deposited 25.50–Deposited 25.75–Withdrawn 11.25

Balance 40.00–

Access

3

8

7

6

4

1

5

010010100101010100110101010101001010101010101010101010101010101010100101010101010101001010101110100100

2

Figure 6 Pre-paid transaction model

This allows the transfer of cash between usersand to merchants, which can then be used forfurther transactions. There is no central transac-tion processing, no additional transaction costsand hence no minimum economic transactionvalue. In the Mondex implementation all securi-ty processing is carried out on the Mondex cardsand is completely transparent to the users.

Consumers run the risk of not receiving thegoods or services that they have paid for, andhave no guaranteed way of determining theidentity of the counterparty.

Mechanisms versus requirements (shouldyou…?)

Looking at each group of payment mechanismsin terms of the requirements and constraintsidentified above provides a review of the suit-ability of each of the alternative approaches forelectronic commerce.

Commercial requirementsIt is clear from Table II that all are easy to usealthough the security mechanism employed fordebit/credit may impose a significant burden onthe user, dependent on such issues as the com-plex key management and distribution infra-structures implemented.

Both credit/debit mechanisms and tokensrequire an intermediary to effect a transaction.

This central processing incurs a transactioncost. Neither allows the funds received to berespent without first banking them.

Bank card mechanisms cannot be used forperson to person transactions (with the excep-tion of the First Virtual scheme), and the tokenmechanisms are only available on the net. Justas physical cash has a universality within adefined boundary (e.g. legal tender withinnational borders) electronic cash will haveboundaries either defined by the commercial/political imposition of geographical borders orimplicitly defined by the currency or currenciesbeing transacted.

Only cash fulfills all our requirements.

ConstraintsAs shown in Table III, both credit/debit andcash mechanisms are in use outside the Internetso their use online can be readily integrated, andthey meet our portability constraints. Currenttoken mechanisms that are unique to the net, arenot readily portable, although, as they areentirely software based, mechanisms could befound to achieve portability using removablestorage media. However, this uniqueness meansthey do not easily integrate without being turnedinto some other form of financial instrument.

Credit and debit mechanisms are only avail-able to users subject to status. Credit mecha-nisms are only available to accredited merchantsand may not be cost-effective for small retailers


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Table II Evaluation – commercial requirements

Debit/credit Token Cash

Flexibility ✘ ✘ ✓

Ease of use ✓ ✓ ✓

Cost effectiveness ✘ ✘ ✓

Fungibility ✘ ✘ ✓

Universality ✘ ✘ ✓

Table III Evaluation – constraints

Debit/credit Token Cash

Integration ✓ ✘ ✓

Acceptability ✘ ✓ ✓

Non-exclusivity ✘ ✓ ✓

Portability ✓ ✘ ✓

2

1

Figure 7 Cash transaction model

15

or sole traders with predominantly low valuetransactions.

Once again only cash meets all ourconstraints.

Security requirementsAchieving the security requirements, however,is much more closely determined by the detailsof the payment mechanism and must beassessed for each scheme separately. Table IVshows an assessment of the representativeschemes.

Most online schemes are safe, and while thecredit/debit schemes can offer a degree of trust(by virtue of their inherent “certification”mechanism) it is at the expense of privacy. Theuse of certification in conjunction with thetoken or cash schemes would allow all threerequirements to be met (see Birch (1996) for afurther discussion of the potential for electroniccommerce once trust can be established formicropayments).

Conclusion

There are many payment mechanisms beingproposed for the Internet. Most are being pro-posed by technologists and concentrate onovercoming the insecurity of the Internet toenable existing credit/debit card mechanisms tobe used.

While this is a first step towards electroniccommerce it only addresses a part of the poten-tial market. The flexibility of this new medium

requires the flexibility of alternative paymentmechanisms – even more so than in the realworld – if it is to be exploited to its true potentialas a global marketplace.

In other words what is needed is both:• Credit/debit facilities – guaranteed safe high

value transactions with certificated retailers.The cost of the “guarantee” and the conve-nience of Pay Later or Pay Soon is a transac-tion fee and a loss of privacy.

• Electronic cash – private safe low value trans-actions with anyone. The cost of the privacyand lack of transaction fee is Pay Now andincreased risk if transacting with uncertificat-ed counterparties.

The future

The impending migration of credit/debit cardsfrom magnetic stripe to smart card technology,the likely adoption of smart cards as electroniccheckbooks and the existing use of smart cardsfor electronic cash will lead to smart card read-ers becoming as ubiquitous as PCMCIA or evenfloppy disk drives (see Card Technology Today,1995).

In this smart environment, the choice ofpayment mechanism will return to the con-sumer on an individual transaction basis. Theincreasing use of applets and helper applicationsinterfacing with the ubiquitous browser willallow proponents of each payment mechanismto ensure that appropriate (branded?) softwarecan be easily and cheaply (probably freely)distributed to users over the Internet itself. Thewidespread adoption of a standard for securefinancial transactions (SET being the mostlikely candidate) that does not fall foul of USexport laws and is supported by the internation-al financial community, will also move theproblem of integration from the service providerto the acquirer. However, the desire for cheapanonymous electronic cash transactions willundoubtedly continue to increase and will needto be supported by large organizations as well asindividuals (for an interesting discussion of thepotential for alternative “currencies” onceelectronic cash becomes prevalent, see Birchand McEvoy, 1996).

16


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Table IV Evaluation – security requirements

Safe Private Trustworthy

CreditE-mail, etc. ✘ ✘ ✘

SSL ✓ ✘ ✘

First Virtual ✓ ✘ ✓

CyberCash ✓ ✘ ✓

Visa/Mastercard ✓ ✘ ✓

DebitBankNet ✓ ✘ ✓

FSTC ✓ ✘ ✓

TokenDigicash ✓ ✓ ✘

CashMondex ✓ ✓ ✘

Summary

Each of the many payment mechanisms pro-posed, on trial or in place on the Internet can beclassified as one of Credit, Debit, Token orCash.

The majority are schemes offering a securemeans to transfer credit/debit details for settle-ment in the existing financial systems. Thisallows transactions with accredited merchantsbut cannot offer facilities to transfer fundsbetween consumers. It also suffers from a trans-action processing overhead ensuring that lowvalue transactions cannot be cost-effective. Thesecurity of these mechanisms has been a keyfactor in their development, owing to the inher-ent insecurity of the Internet. The mostadvanced mechanisms use highly secure trans-mission protocols to ensure the safety of thefinancial information being transmitted.

A token-based mechanism, such as Digicash,can offer transactions with retailers or betweenconsumers, but still requires all transactions tobe centrally processed and logged as part of thetransaction path, hence introducing a potentialbottleneck as well as transaction processingcharges that will affect the cost-effectiveness oflow value transactions. The security mechanismsused to ensure the safety of the transactions areindependent of the transmission protocol in use.

An electronic cash scheme, such as Mondex,offers the user the ability to pay retailers andother consumers on the Internet as well as in thehigh street, over the phone and in the home.The payment requires no other participantsthan the payer and payee, thus imposing notransaction processing overhead and henceallowing low value transactions (even one or twopence) to be cost-effective. This uses inherentsecurity mechanisms to ensure the safety oftransactions independent of the transmissionprotocol being used.

Electronic commerce on the Internet needspayment mechanisms that can cater for as muchdiversity as commerce in the real world. Largevalue transactions will require secure ways touse existing bank card mechanisms. Low valuetransactions will require the equivalent of cash.

Restricted to secure credit/debit, onlineservices will be much like existing services withbilling and invoicing overheads. With electroniccash, online services can collect micropayments

in real-time, with no need to establish the iden-tity of end-users or maintain bills and invoicesfor them.

Notes

1 Many of the proponents of various payment schemesshow survey results in their public presentations todemonstrate their potential market. According to PriceWaterhouse (1996), the US consumer online services,including the Internet, currently have seven millionsubscribers expected to rise to 40 million by the year2000.

2 Mosaic is available to educational users from the NCSAweb site (NCSA can be browsed onhttp://www.ncsa.uiuc.edu/). It has been licensed toSpyglass for commercial distribution (Spyglass can bebrowsed on http://www.spyglass.com/). Spyglass Mosaicis the basis of many other browsers including theMicrosoft Internet Explorer which is available from theMicrosoft web site (http://www.microsoft.com/)

3 The Navigator browser is available online from theNetscape website (Netscape Communications Corpora-tion can be browsed on http://home.netscape.com/)

4 According to Price Waterhouse (1996), the US consumeronline services market, including the Internet, was only$1billion in 1994 with the prospect of growing to$2billion in 1995 and almost $9billion by 2000.

5 Much of the literature has been produced by technolo-gists and has concentrated on the mathematics ofsecurity mechanisms (for example Brands, 1995). Someof the literature is government sponsored, (for exampleXIWT, 1994). Some of the literature is actually writtenfrom an economist’s point of view, (for example TheEconomist, 1994). A small (thankfully increasing) subsetof the literature is written from the viewpoint of theeventual users (for example, Levy, 1994).

6 For a good overview of security implications of com-merce on the Internet, and especially the ways in whichcertification authorities may operate see Neuman (1995).

7 There are many mechanisms being proposed, trialed,used or merely discussed in various Internet forums. Oneof the easiest ways to keep in touch with the currentissues is by subscribing to the e$ mailing lists establishedby Bob Hettinga. For details and to subscribe browse thee$ home page on http://thumper.vmeng.com/pub/rah/

8 VeriSign, founded as an offshoot of RSA Data Securityand with financial backing from Visa International,launched the first online Certification Authority on theWeb in September 1995, and started issuing “DigitalIds” for individuals using Netscape in May 1996. Theycan be browsed on http://www.verisign.com/

9 Of particular interest is the account of their first year’soperation (Borenstein et al., 1995) which has somesalutary tales for anyone involved in providing serviceson the Internet not just payment mechanisms. FirstVirtual (Holdings) can be browsed on http://www.fv.com/

17


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

10 CyberCash can be browsed on http://www.cybercash.com/

11 Visa can be browsed on http://www.visa.com/visa/

12 Mastercard can be browsed onhttp://www.mastercard.com/

13 Microsoft can be browsed on http://www.microsoft.com/

14 In fact the Mastercard protocol SEPP was based verylargely on the iKP protocol developed by IBM’s Zurichresearch laboratories and used as the basis of a Euro-pean research project into electronic commerce –SEMPER (also supported by Europay). IBM can bebrowsed on http://www.ibm.com/

15 GTE have been operating key management services forthe US DoD since the 1980s. They are in the process ofestablishing commercial certification authority servicesas part of their CyberTrust service. CyberTrust can bebrowsed on http://cybertrust.gte.com/

16 BankNet can be browsed on http://mkn.co.uk/bank

17 FSTC can be browsed on http://www.llnl.gov/fstc/

18 Digicash can be browsed on http://digicash.support.nl/

19 Mark Twain Bank can be browsed on http://www.markt-wain.com/

20 Details of the security flaws so far found by Ian Goldberghave been widely discussed on the cypherpunks mailinglist – the archives of which are available at http://infini-ty.nus.sg/cypherpunks/

21 RBC can be browsed on http://www.royalbank.com/

22 Bell Canada can be browsed on http://www.bell.ca/

23 Wells Fargo can be browsed onhttp://www.wellsfargo.com/

24 Mondex information is available by e-mail [email protected] or can be browsed onhttp://www.mondex.com/mondex/

References

Birch, D.(1994), “Downloading software, uploading money –business on the infobahn”, Internet and the EnterpriseConference, London, June. Available WWW:http://www.hyperion.co.uk./pub/library/lib-bank.html

Birch, D.(1996), “Trust in cyberspace – a new model foronline commerce”, Retail Solutions Conference, RMDP,Birmingham, May. Available WWW: http://www.hyperion.co.uk./pub/library/lib-bank.html

Birch, D. and McEvoy, N. (1996), “DIY Cash”, Wired UK, Vol.2 No. 5, pp. 31-3. Available WWW: http://www.hyperion.co.uk./pub/library/lib-bank.html

Borenstein, N.S. and the First Virtual Team (1995), Perils andPitfalls of Practical CyberCommerce, The Lessons of

First Virtual’s First Year, October. Available WWW:http://www.fv.com/pubdocs/fv-austin.txt OR FTP: Hostname: ftp.fv.com Path: pub/nsb File: fv-austin.txt

Brands, S.(1995), “Electronic cash on the Internet”, Proceed-ings of the Internet Society 1995 Symposium onNetwork and Distributed System Security, San Diego,CA, February.

Cane, A.(1996), “Net’s rivals feel the squeeze. A quietrevolution is transforming global electronic trade”,Financial Times, February 26, p. 15.

Card Technology Today (1995), “Survey: smart cards and theInternet”, Card Technology Today, September, pp. 12-16.

Chaum, D.(1992), “Achieving electronic privacy”, ScientificAmerican, August, pp. 96-101.

Lawrence, A.(1995), “Publish and be robbed?”, New Scien-tist, February 18, pp. 32-7.

Levy, S.(1994), “E-Money (that’s what I want)”, Wired,December, pp. 174-9, 213-18.

Mastercard (1995), SEPP – Secure Electronic PaymentsProtocol. Available WWW: http://www.mastercard.com/ Sepp/sepptoc.htm

Mastercard (1996), SET – Secure Electronic Transaction.Available WWW: http://www.mastercard.com/set/set.htm

Microsoft (1995), STT – Secure Transaction Technology.Available WWW: http://www.microsoft.com/ win-dows/ie/stt.htm

Mondex (1994), “Mondex byte scheme completes millionthtransaction”, Mondex UK News Release, December 2.

Netscape (1994), SSL – Secure Sockets Layer. AvailableWWW: http://home.netscape.com/ newsref/std/SSL.html

Neuman, B.C. (1995), “Security, payment, and privacy fornetwork commerce”, IEEE Journal on Selected Areas inCommunications, Vol. 13 No. 8, October, pp. 1523-31.Available [IEEE SEPTEMBER] WWW:http://www.research.att.com/jsac/

Price Waterhouse (1996), “Technology Forecast: 1996”, PriceWaterhouse, London.

Schlender, B.(1995), “Keeping up with Moore’s law”,Fortune, January 16, pp. 35-63.

The Economist (1994), “So much for the cashless society”,The Economist, November 26, pp. 25-30.

XIWT (1994), Digital Cash, Tokens and Payments on the NII, areport by the Cross-Industry Working Team (XIWT).Available WWW: http://www.cnri.reston.va.us:3000/XIWT/public.html

18


S. Peter Buck


Volume 6 · Number 2/3 · 1996 · 5–18

Electronic commerce ‐ would, could and should you use current Internet payment mechanisms?

Documents

Transcript of Electronic commerce ‐ would, could and should you use current Internet payment mechanisms?