OII Standards and Specifications List


I*M Europe
OII Home Page
What is OII?
Standards List
OII Guides
OII Fora List
Conference Reports
Monthly Reports
EC Reports
Whats New?
OII Index
OII FAQ
OII Feedback
Disclaimer
Search Database

OII Guide to Electronic Payment

This guide examines payments from the perspective of open information interchange. It has the following structure:

  1. Introduction
  2. Major Terminology and Technology
  3. Supporting Mechanisms
  4. Payment Mechanisms

This guide should be read in conjunction with the OII Standards and Specifications List section on Electronic Payment Mechanisms as well as the section on Payment Standards (within the Electronic Commerce coverage), which examines the sub-process within the context of the overall Electronic Commerce cycle.

Acknowledgement is given to the insights provided by the publication on Digital Money at the inter://trader library website.

Electronic Payment implementations are one of the recognised growth areas in Electronic Commerce and vendors have been rapidly developing their systems to ensure competitive edge. However, as electronic payment solutions are increasing in numbers and sophistication, it is noticeable that information that was once in the public domain has been withdrawn now that the technologies are maturing for commercial exploitation. It is expected that until the market is stabilised, and specific solutions have acquired a clear competitive advantage, such a trend will continue. For this reason, the headings of  'Standards and Specifications' within this guide should be interpreted loosely. They refer to specification information, as well as leading on-going projects and activities which are expected to lead to specifications as outputs.

As will be seen from this guide, the are many different systems competing for a place in the electronic payment marketplace -- both in terms of vendor solutions and the specific categories of implementations. Each category will have winners and losers, but it is clear than no single solution will dominate the entire marketplace, just as cash, cheques and credit cards are currently used in parallel. The high value electronic payment area (and typically business-business payments) is more clear in terms of direction (for example EDI), whereas in the area of micropayment, the way forward is more difficult to predict. As ever, the banks have been cautious in their approaches and many are experimenting with different solutions. However, it is expected that the financial institutions will have a decisive influence over the market adoption of specific electronic payment solutions. These are expected to have a relatively high degree of security, which is a traditional concern of the financial institutions. In addition, the introduction of regulations would have an enormous impact on the development and adoption of electronic payment.


1. Introduction

Money has no absolute definition. It began with simple bartering with the goods themselves being the 'money', then on to an abstract medium of exchange (tokens) which were themselves valuable (e.g. gold coins), and next on to today's main payment medium of valueless tokens such as coins and notes. Once the tokens became detached from value, the next step was notational money where the value was referenced and stored elsewhere (e.g. cheques). A final layer of physical abstraction is credit-based systems (notably credit cards) where the value is both indirect and a future liability rather than a transaction in situ. The next (and emerging) stage is the removal of physically based systems and the introduction of virtual, electronic environments where value is not bound by physical parameters and a value 'owner' has the direct ability to transform the value into different forms of electronic manifestations.

Another set of definitions is based on a number of properties that are associated with the total payment scenario. Electronic payment categories and solutions can be assessed in terms of:

  • Atomicity: The transaction must occur completely or not at all
  • Consistency: All parties must agree on the facts of the exchange
  • Isolation: Transactions must be independent of each other
  • Durability: It must always be possible to recover the last consistent state
  • Economy: Conducting a transaction should not be expensive
  • Divisibility: It must be possible to interchange multiple low denominations and single high denominations
  • Scalability: The system must support many users simultaneously
  • Interoperability: It must be possible to move value back and forth between different systems
  • Conservation: Where money holds its value over time and is easy to store and retrieve.

Yet another set of divisions is based upon the degree of information disclosure associated with a transaction, i.e. the visibility of various pieces of information with respect to the parties involved in the transaction (whether directly or indirectly). The parties are typically the Seller, Buyer, Bank and Public Authority. The pieces of relevant information include: Seller Identification, Buyer Identification, Date, Amount and Item. Taking cash as an example, all information is anonymous to the bank, whereas for a credit card transaction it is fully visible.

As already mentioned, security remains one of the most important obstacles to the general acceptance of electronic payment. Specific security concerns include transmission of personal information and other sensitive information over open, unsecured networks, anonymity of the user, theft of instruments/masquerade and other fraudulent use of electronic payment instruments (smart cards, tokens). The potential of exploiting advanced electronic payment techniques for illicit purposes is a matter of serious concerns of governments. On the other hand, given that some of these mechanisms challenge the traditional model of financial transactions, appropriate legal clarifications are envisaged to be beneficial. Given these considerations, existing electronic payment mechanisms tend to focus on small value transactions.

The present guide categorises payment from a more technical perspective. However, in doing so, it becomes clear that each specific solution does not reside easily in a single category. Indeed, when examining each solution in detail, it is likely to integrate features of other solutions. Thus care should be taken to distinguish between the available features and those that could be implemented. The key categories adopted by this guide are:

2. Major Technology and Terminology

There are several key technologies and terminology for electronic payment. These are introduced in this section:

Smart Cards

Smart cards store information on an embedded microchip in a credit-card sized piece of plastic. The microchip replaces the functionality of the traditional black magnetic card stripes, but additionally provides many more benefits:

  • Significantly more difficult to counterfeit than a magnetic stripe (at least so at the moment)
  • Ability to combine several different payment mechanisms on the same card, e.g. Visa, Mastercard, other cash point cards
  • Ability to combine several different functions on the same card, e.g. combining library card, phone card and health card functions. Several transport operators are also examining them as a replacement for tickets or for quick payment at bridges and other toll roads.
  • Ability to store associated information and transaction information due to vastly increased storage capacity, e.g. health details which can be used in an accident, the past banking transactions made from the card.

Smart card technology has been in existence for many years, and more serious banking trials began in the mid-1980s. Today there are numerous towns around the world which are piloting such systems; one of the more famous being the long-term Mondex trial in Swindon, UK.

In terms of payment functionality the primary (and often combined) usage includes:

  • Reloadable -- The ability to upload (typically small) values on the card and to exchange (parts of) this value with other parties. The card can be recharged and re-used indefinitely.
  • Disposable/Fixed value -- The card is not rechargeable. Currently this functionality is often used for phone cards but could also be used in the context of gift tokens, or presents. It is being piloted by some electronic payment mechanisms (e.g. Visa Cash)
  • Credit/Debit -- The ability to use as a credit/debit card whereby the microchip instead of the black strip is examined for the card information. This functionality provides a greater level of security than the traditional credit/debit cards.

Tokens

As mentioned above, the concept of money evolved from tokens of intrinsic value to valueless token of coins and notes and then onto notational money such as cheques and finally credit based systems. In the electronic environment, the virtual tokens can acquire one or more of these characteristics, depending on the nature of the particular token system. In this respect, it could be said that the (new) electronic payment system often attempts to create the same conditions as prevail in the traditional payment system, notably anonymity and the ability to support both big and small value transactions.

By their very nature, tokens are software based in the electronic environment, although it is feasible for an electronic payment system to combine usage of both tokens and smart cards. The key requirements for an electronic payment token are similarly to those for a physical payment token - transportable, private/anonymous, divisible, durable and the value that it denotes can be conserved over time. However, precisely given that the electronic token infrastructure is a recent development, and many who provide electronic token system today are newcomers to the financial environment, the fulfilment of these requirements has proved to be a considerable challenge. In particular, given that electronic tokens are inherently valueless, the support of and collaboration with money issuing organisations is essential for the electronic token system to succeed.

Strictly speaking, atomicity is very difficult to guarantee in electronic token-based systems. This is partly due to the inherent problem of transmitting information over a network -- while it possible to ensure that it is never the case that both parties think that they have legitimate access to a token, it is in principle impossible to insure against a situation where neither parties thinks they have access. That is, it is always going to be possible to lose value on a network.

Because electronic token is essentially bi-directional and peer-to-peer (anyone can send an electronic token to anyone), as well as being relatively cheap to generate, an interesting issue concerns the right to issue these tokens. Available electronic token systems have been careful to couple tokens to "real" money (i.e. existing financial instruments). However, it is possible that as such tokens gain wider acceptance over time, they become an alternative method of exchange on a global scale, but one which is detached from the regulation of financial markets and the legal tendering system (i.e. as a widely accepted private currency). Electronic token-based system, therefore, potentially offers the greatest challenge to the existing institution of finance, in comparison to other emerging electronic payment technologies.

In addition to private currency, electronic tokens could be used for many other purposes such as loyalty points, lottery, access to service, establishing validity (certification stamps). Such alternative usage raises both legal/regulatory as well as taxation issues.

Micropayment

Micropayment is payment of which the value exchanged is very small. There is no precise definition of the amount, but it is typically below 10 ECU, often 0.01-1 ECU or even smaller. In the current paper environment there is simply no ability -- or more precisely, no economic viability or physical ability -- to make extremely small payments (< 0.01 ECU). Such small value items therefore are either given away freely or simply not given away at all. However it is clear that these items do have potential value and many see the information age technologies as providing solutions to realise these values.

Until recently, micropayment has not caused a major problem since the mechanisms of trade have been based largely on the more traditional types of goods and services. Secondly, the investments required for electronic payment mechanisms are such that the focus had been on high value items. Thirdly, within the first stage of the electronic payment revolution -- typically credit cards -- payment has been limited to transactions typically above 5 ECU. These facts highlight the need for different forms of micropayment, where a sale of 1 ECU or less is not going to incur a bank change of, e.g. 2 ECU, that makes the transaction un-viable.

The launch of the information society, or more specifically the Internet and World Wide Web, enables such an environment and infrastructure. Now any party has the ability to sell anything, of any value to anybody with no physical infrastructure. Thus, for example, micropayment allows:

  • IPR Payments -- e.g. for a specific photograph or a designed background image
  • A focused news service
  • Pay per view
  • High value content such as reports
  • Small online utilities and programs
  • One day passes for monthly subscriptions sites
  • Pay per play games.

3. Supporting Mechanisms

Supporting Mechanisms are those technologies that are not part of the payment transaction itself but help to enable it, make it more efficient, and/or simply provide background management to the actual transactions. The following subjects are covered:

The supporting mechanisms are currently limited but expected to grow significantly as the payment services themselves stabilise.

Home Banking

Home banking is the ability to control and monitor your personal or company finance "from the comfort of your armchair" (or anywhere where there is access to a telecommunications device). There is no precise definition what it involves but typically home banking allows:

  • Bank statement download
  • Credit card statement download
  • Funds transfers including recurring transfers
  • Consumer payments, including recurring payments
  • Business payments, including recurring payments.

Electronic home shares trading services can be considered as a variety of home banking, although often the service is specific and not linked to the more generic home banking systems. This is expected to change overtime as more comprehensive services are offered. In addition, these are many other home banking services that can be offered and although many have been implemented by specific banks, they are currently not part of the perceived basic services -- e.g. international payments, cross-bank money transfers. etc. Again, this is expected to change in the near future.

Most individuals that use home banking at the moment use telephone based systems that have been available for several years. However, these are often either difficult to use -- for example, automated systems have whole cascades of touch-tone menu options -- or, in the case of manual systems, the sole added value is not having to physically visit a bank. These are set to be replaced by screen-based systems enabled though a PC, Personal Digital Assistants or even mobile phones. The impending launch of digital television is also likely to provide significant impetus since it will allow multiple channels and specific interactive services though set-top boxes. There are already significant trials in this area.

The advantage of screen-based systems is primarily that the user is in control in that they are not dependent on third parties and have the ability to access and use information at a time of the day which suits them (i.e. without queuing). Obviously screen-based systems have overwhelming advantages over voice systems in terms of user friendliness -- specifically control, presentation and being able to re-utilise the information in other applications such as spreadsheets. It is also interesting to note the advancement in kiosk and teller-machine technology and services in recent years, as a precursor to home banking. As more users accept these systems, such services and presentation techniques can be (and are being) transplanted to interactive TV-based systems that will obviously diminish the barrier of user-acceptance.

Another relevant trend is the breaking of the traditional banking infrastructure. For example, in the UK the major supermarket chains are now operating as banks and in most countries there are already banks which have no branch network and which rely solely on the telephone. There is currently only a limited presence of truly virtual banks (notably 'First Virtual'). However as user acceptance increases, this will change rapidly.

With increasing competition from the traditional non-banking sectors, both the market potential and danger of electronic payment for traditional banks is considerable. As such, co-operation between banks in this field in terms of standardisation is limited (although there are exceptions). In general, banks are both experimenting and in parallel defining their niche.

Standardization in this field is currently very limited, with notable exceptions of Homebanking Computer Interface (HBCI) and Open Financial Exchange (OFX). Both define a broad-based framework for exchanging financial data and instructions between customers and their financial institutions and allow institutions to connect directly to their customers without requiring an intermediary. The exchanges are defined in terms of request and response messages used by each financial service as well as the common framework and infrastructure to support the communication of those messages.

    Standards and Specifications
  • HBCI - Homebanking Computer Interface. Messaging format for exchanging information between banks and their customers
  • OFX - Open Financial Exchange. Consortium led by Microsoft, Intuit Inc. and Checkfree Corporation. Covers the exchange of financial data and instructions between financial institutions and their customers.

Payment Method Negotiation

Within a paper based environment, when payment is to be made the buyer and seller need to determine what payment instruments are accepted. This is often ascertained by signs on the shop door "We take Visa" or customer questions such as "Do you take Mastercard?" This situation needs to be replicated within the electronic environment such that the buyer and seller first agree on the instrument and then transact the payment. Currently, in most virtual environments, the instrument is fixed ("We only take..."). However with the explosion of new mechanisms and the ability of electronic environments to go outside the scope of classical banking control (e.g. vendor-based accounts), a more open and formal approach to payment method negotiations must be implemented.

Currently there is only one more visible method for payment negotiation: JEPI -- Joint Electronic Payments Initiative -- that has been launched by W3C. JEPI is a general purpose negotiation protocol based upon PEP (Protocol Extension Protocol) to allow web clients and servers to ask one another what extension modules they support, negotiate parameters for these extensions and ask the other end to commence using an extension if possible. This protocol is likely to be implemented in the HTTP 1.2 protocol through the IETF process. It involves the registering of buyer and seller payment systems with a software module that implements the Universal Payment Preamble (UPP) protocol. This is used to determine if the other party has UPP available and what payment systems are installed. Once these are determined the client and servers can be configured, in session, to select (or provide options) for the must applicable payment mechanisms. This specific method is still under trial/specification, but it is clear that standards activity within this area will be essential for a truly open electronic payment environment.

    Standards and Specifications
  • JEPI - Joint Electronic Payments Initiative under W3C
  • UPP - Universal Payment Preamble protocol

Electronic Fund Transfer

Electronic Fund Transfer (EFT) is defined as the exchange between computerised systems that process financial transactions and information about these transactions. Traditionally, such exchange is between financial institutions for interbank clearance (SWIFT at the international level and national interbank clearance systems). However, with the advent of electronic payment, EFT has been applied to trader to bank transactions (notably via EDI); more recently, it has also been applied to Home Banking, where a domestic user could send payment and related information directly to another bank.

Outside the usage of EDI messages, the EFT specifications are typically proprietary.

Standards and Specifications

See under EDI Messages referenced in the section on Electronic Transactions - Direct below.

4. Payment Mechanisms

Payment Mechanisms can be divided into the following:

  • Electronic Cheques. The are the electronic equivalents of paper cheques and require the user to have an account with some server
  • Stored Value. Electronic Cash or currency that is the equivalent of cash is stored on a user-based device. It is anonymous to some parties and consist of tokens that carry value
  • Electronic Transactions. These involve orders, payment and other payment related scenarios, instructions, procedures and protocols for the transfer of value between accounts.

Electronic Cheques

Due to the implementation of more classical electronic payment mechanisms (standing orders, credit cards, etc), the number of paper cheques that are issued has dropped significantly in recent years. However, in the business-to-business environment (especially for SMEs), the reduction is not so marked and cheques continue to be used for several reasons, including:

  • Maintaining the cheque clearing period
  • Needing only limited information from the paid party
  • Business-to-Business payment by credit card is unlikely to become a widely accepted mechanism due to security implications
  • User familiarity
  • Conservatism.

Research is being conducted on how paper cheques can be replaced with electronic cheques. These typically replicate the classic paper cheque functionality within a public key infrastructure, thus ensuring at least the same level of security -- or, more practically, a greater level of security. Claimed benefits of implementing such a system include:

  • Reduces processing costs (typically 30-50%)
  • Minimises fraud (digital signature as opposed to ink signature)
  • Allows integration with other business applications
  • Allows cheques to be tracked/recorded more efficiently
  • Can decrease communications costs through the use of Internet as opposed to costly banking service networks.
    Standards and Specifications
  • Mandate II. European Commission Electronic Cheque Project within the Electronic Trust Service Programme which is currently investigating how to implement the trusted transfer of electronic information over networks
  • FSTC - Financial Service Technology Consortium. A non competitive collaboration for research and development on interbank technical projects

Stored Value

Stored value systems work by allowing users to load value from, primarily, their bank account on to a device that the user owns. Invariably, this means either a:

In essence, stored value mechanisms try to replicate the scenarios of physical coinage and notes. Such mechanisms are thus often referred to as electronic cash.

When purchasing with a stored value device the amount to be spent is first validated (i.e. "Is that value available?"), then extracted from the stored running total, and finally added to the ‘vendors’ stored value.

The following stored value features are typical:

  • The device can be loaded over the telephone either through a PC/Modem combination or through a specific loading device connected to the telephone network
  • The transaction will most often be between a buyer and seller in a shop (also possible via an online Website), but it is also possible (given the right tools) to transfer money directly between individuals
  • From a consumer viewpoint, there is no longer the need to carry quantities of change, and the exact change, to use on trains, vending machines, etc
  • From a retailer point of view, they will similarly loose the need to hold, maintain and manage stocks of change and its investment. Till errors should also fall because there is no need to count change, and time will be saved by saving the time associated with banking operations
  • Suitability for micropayments since the number of transaction with the banks are limited -- e.g. once a card is loaded there are no further transaction between that card and the bank (in contrast to credit card payments). Often there is a relatively low limit for the maximum amount of electronic cash that can be loaded and spent in to a stored value device -- typically around 100 ECU or below
  • The value itself is most often anonymous in that the party that receives value may receive no additional information about the buyer unless they extract it through other means (electronic forms, etc)
  • The payment can be as quick as cash payment, or quicker, since no signature or authorisation needs to be made
  • Losing electronic cash is the equivalent of losing traditional cash, i.e. if you lose the charged electronic cash enabled device, all the electronic cash will be lost as well and there is no mechanism to claim back from the bank. Often potential users find this a particularly difficult concept to accept since they associate electronic cash (cards) with Credit and Cashpoint cards where the liability is often limited or absorbed by the bank. However, since it is stored, anonymous and thus an untraceable value, future transactions are also untraceable and unstoppable and thus there is no mechanisms for the banks to control or stop the loss
  • It is currently difficult to predict what will be the cost to consumers and retailers of electronic cash since most of the pilot systems have been free, centred on specific towns, incentive based and are novel. However, when encompassing schemes are launched, charges will invariably be set by the banks and may include annual charges or credit card type percentages of the transaction. It is true to say that the usage of such mechanisms will offer vast cost savings to the banks, but this has to be offset against the expense of the infrastructure to support it. It is pertinent to note that telephone banking systems and home banking systems offer the exact same benefits to banks, but users are often charged a premium for these services
  • Because stored values do not reside on a network, it allows money to be moved safely over any 'unsecured' network, including the Internet.
Stored Value -- The Smart Card

The Smart Card approach has all the advantages of generic Smart Cards (security, etc) but in the payment context has additional features:

  • Portability - the opposite to PC based systems where purchase can, primarily, only be made over the Net
  • Today, most smart cards work by feeding them into a reading device which makes physical contact with the microchip on the card and then provides additional features such as a PIN pad to allow secured authentication. However, chip cards are also (more expensively) available which use radio frequency to exchange information
  • The card typically comes with a small reading device that can be used to check balances and previous transactions. In some instances these can also be used to transfer value from one card to another
  • In many instances the card can also be interfaced to a user's PC to provide additional control and management functions, typically uploading with cash via a modem. However, the key difference between this and the stored value PC system is that the PC acts simply as a conduit, since the value is always transferred to the card itself
  • As smart cards are physical in nature, there is the potential danger that card systems, or more specifically card readers, could be incompatible. There is an ISO dimensional format for the cards as well as a common specification for the layout and properties of the microchip contact points, which is commonly implemented. However, additional agreement on the specification of the card reader and, equally important, agreement on its implementation, is needed
  • The general principle is that each time a payment card is used, the chip on the card generates a unique 'digital signature', which can be recognised by the other card involved in the transaction. This 'digital signature' is the guarantee that the cards involved are genuine cards and that they are dealing with un-tampered signals. This recognition process also identifies the card for which the cash is intended, so that funds cannot be intercepted by a third party.

Relevant recent developments in this area include:

  • Stand-alone cards whereby LCD display screens are embedded on the card itself
  • For an additional level of security, a tactile keypad can be added to provide control/management functions as well as acting as an embedded PIN
  • The ability of cards to exchange value simply by putting one over the other (i.e. no external connecting device), entering the appropriate commands on the key pad and using radio frequency technology to make a transfer
  • Use of smart card in PC to provide a control mechanism for payment over open networks such as the Internet.

It should be noted that electronic cash is generally loaded using automatic teller machines (ATMs). However, products are emerging which enable loading via telecommunications means such as the telephone, TV set-top boxes and the PC.

    Standards and Specifications
  • EMV '96. Integrated Circuit Card (ICC) Specifications for Payments. Proprietary specification developed by Europay, Mastercard and Visa. It defines the terminal and integrated circuit card (ICC) procedures necessary to effect a payment system transaction in an international interchange environment
  • Mondex. Proprietary application developed by a consortium led, in Europe, by National Westminster Bank, Midland Bank and British Telecom.
  • Proton. Proprietary application developed by Banksys for small value transactions, to complement the existing Banksys debit cards. Proton is based on the Interoperable C-SET specification
  • Visa Cash. Proprietary application developed by Visa. It includes both disposable and reloadable cards. A pilot programme for using Visa Cash on the Internet is currently underway
  • WorldPay. Proprietary application developed for National Westminster Bank by The Supernet Group Ltd. Covers the area of secure multi-currency electronic payment for use over the Internet. One of the interesting features is that it can be used anywhere in the world, with supplier's prices being converted into local payment prices at the time of purchase
Stored Value - The PC

This area covers the situation where the value is held on the personal computer itself. In this sense computer should be taken in its widest sense and can include TV/Set top box combinations or even Personal Digital Assistants (PDAs). Main features include:

  • The value is held in an encrypted file on the PC to which only a specific user has password protected access
  • The file holding this electronic cash value may, or may not, be transferable to other PCs, i.e. it may be secured to an individual PCs identity so providing additional security
  • There is no specific hardware requirements necessary to use the electronic cash with e.g. Net-based Electronic Commerce, since everything is software configurable, unlike smart cards which require readers connected to PCs
  • The electronic cash can more easily interface with other software applications.
    Standards and Specifications
  • Globe ID Payment System (GlobeID). Proprietary system developed by GlobeID Software S.A. Customers and merchants have to be members of the Globe Online organisation. Customers own one or more "Globe ID Wallets". Merchants own one or more "Globe ID Merchant Wallets"
  • Millicent. Proprietary specification developed by Digital to provide small-scale commercial transactions over the Web
  • NetBill. A payment system using a mixture of symmetric key and key pair cryptography aim for payment for information based goods such as library services, journal articles, CPU cycles, etc

Electronic Transactions

The specifications in this category are typically wider in scope than those in the previous categories. They could be sub-divided into further categories in accordance with the types of payment (e.g. credit/debit, notational), level and detail of coverage (e.g. payment related business processes), types of sponsors (banks, technology providers, a mixture of the two, etc). Unlike the previous two categories, the Electronic Transaction solutions generally implement a specific scenario of transactions, involving orders, payment and other payment related processes, instructions, procedures and protocols for the transfer of value between accounts. Of note are OBI and OTP, which define an overall payment architecture from the business perpsective. In particular, OTP is intended to provide a framework which can accommodate existing and emerging payment mechanisms. In this respect. OBI and OTP could be considered as general Electronic Commerce Frameworks. See the OII Guide on Electronic Commerce.

For the present purposes, the Electronic Transaction specifications are divided between:

  • Direct -- those which support / mirror the existing payment scenario
  • Intermediary -- those which involve a new category of third party/parties as value added intermediaries.

The diversity of the Electronic Transaction specifications highlights the importance, but also the difficulty, of interoperability between electronic payment mechanisms. In addition, many of the specifications listed in the Direct category also represent significant attempts by the existing financial institutions in introducing electronic payment into the mainstream payment environment. This is an area which is exceptionally dynamic and further developments are expected.

Direct
    Standards and Specifications
  • CyberCash/CyberCoin. Specification developed by CyberCash Inc and published as an Internet RFC. For credit card transactions and, within the US, for micropayments and electronic cheque transfers. CyberCash Inc has announced its intention to implement the SET protocol
  • EDI Messages. See the generic OII Standards and Specifications List section on Electronic Data Interchange (EDI) Standards. Specifically:
    • UN/EDIFACT EDI Payment messages. Open United Nations messaging standards
    • SWIFT EDI Bank-to-Bank messages defined by the Society for Worldwide Interbank Financial Telecommunications (SWIFT)
  • Interoperable C-SET. A proprietary specification developed by Groupement des Cartes Bancaires and Banksys for chip card based secure electronic payment over open networks. Supports both Debit/Credit (Cartes Bancaires) and electronic purse (Banksys - Proton) applications. Interoperability between different domestic chip card credit/debit payment schemes is via interfacing with SET, for which a software converter is specified
  • SET (Secure Electronic Transaction). A publicly available specification developed jointly by Visa and MasterCard for secure bankcard transactions over open networks. The specification covers application of cryptographic algorithms, certificate message and object formats, purchase messages and object formats, capture messages and object formats, and message protocols between participants
  • OBI (Opening Buying on the Internet). A publicly available specification developed by the Internet Purchasing Roundtable, partially underwritten by American Express and facilitated by Supply Works Inc. OBI includes an architecture, technical specifications, guidelines, and compliance and implementation information. It is based on the premise that process "owners" should be responsible for information associated with their business processes. The technical specification references SSL, X.509v3, a variant of ANSI X.12 850 Order Requests and Orders messages, and HTTP
  • OTP (Open Trading Protocol). A publicly available specification developed by a consortium of 30 companies, including Mondex International and MasterCard International. The OTP specification, which is based on XML, includes an architecture and a set of rules for various purchasing scenarios. Payment is but one of the various steps in the OTP architecture, which intends to provide a consistent interface for all trading steps and to encapsulate any Internet payment method
Intermediary
    Standards and Specifications
  • MPTP. Draft proposal to the IETF developed by the Payments group of the World Wide Web Consortium. A protocol for transfer of payments through the services of a common broker who keeps accounts for the party concerned. Permits the use of "double payment chains" -- the vendor's risk exposure is the difference between the low watermark chain (which the customer has fully committed to pay) and the high watermark chain (which represents partial commitments). Supports usage of multiple payment counters denoting different units of currency; also usage of both shared and public key based signature schemes
  • First Virtual. Offers an Internet payment system that is based on existing email protocols for message exchange between a buyer, seller and First Virtual bank. Registered buyers and sellers are assigned a unique PIN, which enables buyers to transact anonymously over the Internet. A key feature of the VirtualPIN is that there must be no deducible relationship between the PIN and any "real-world" financial instrument. The system is based on what the so-call the Green Commerce model which favours the buyer, with the seller carrying the risk of non-payment


Section Contents
OII Home Page
OII Index
OII Help

This information set on OII standards is maintained by Martin Bryan of The SGML Centre and Man-Sze Li of IC Focus on behalf ofEuropean Commission DGXIII/E.

File created: March 1998

Home - Gate - Back - Top - E pay - Relevant