Web Payments Community Group Telecon

Minutes for 2013-11-13

Agenda
http://www.w3.org/wiki/TPAC2013/session-web-payments
Topics
  1. Introduction
  2. Plan for Workshop
  3. Open Discussion / Debate
Chair
Manu Sporny
Scribe
Christian Fuhrhop
Present
Christian Fuhrhop, Manu Sporny, Virginie Galindo, Daniel Austin, Michael Hutchinson, Mountie Lee, Mete Balci, David Ezell
Audio Log
Christian Fuhrhop is scribing.
You can find out more about this session here: http://www.w3.org/wiki/TPAC2013/session-web-payments
The session start will be at 14:05 to make sure people can make it from the dining hall to here.
Manu asks for introductions of all participants while we're waiting.
Introductions done, 21 participants with a few more trickling in. There is a mix of electronics manufacturers (Toshiba, Samsung, LG, Nokia), payment processors (PayPal, PayGate, Positron), mobile operators (Telefonica, Orange), television/broadcasters/media companies (TBS, WOWOW), and security companies (Gemalto)
Outline for the break-out session is 15 minutes introduction, 45 minutes planned for discussion

Topic: Introduction

Manu Sporny: Here's the introductory slide deck: https://payswarm.com/slides/2013/w3ctpac-web-payments/
Manu Sporny: Elevator pitch for Web Payments - payments should be in the core architecture of the Web.
Manu Sporny: Aim is one click payment across every single web site,
Manu Sporny: That's the high level, but that's a lot of handwaving involved, so we need to go into the tricky details as well.
Manu Sporny: The Web Payments CG does lots of development around payments/security/identity.
Manu Sporny: All needed for open payment standard on the web.
Manu Sporny: In general, traditional financial architecture does not scale well to the web.
Manu Sporny: Proprietary, slow, insecure, hostile to innovation.
Manu Sporny: Most payment today built on 1970's technology - credit cards, bank transfer.
Manu Sporny: Real problem - financial sector does not understand the web.
Manu Sporny: Don't have the expertise to really address the problem, even though it is core business for them.
Manu Sporny: All systems are still dependent on arcane underlying banking architecture.
Manu Sporny: Goal: Browser native payments.
Manu Sporny: With W3C principles - open, patent and royalty-free
Manu Sporny: PaySwarm as example, not a destination, but a starting point for the work. The expectation is that everyone here will rip it apart and come up with something better. Let's take a look at the sorts of things we want out of a Web-based payment solution.
Manu Sporny: Decentralized identity, cryptography-based, deep identity data, fraud-resistant
Manu Sporny: Also things like age verification or proof of nationality.
Manu Sporny: Close to 100 billion dollars 'worth' of fraud. Fraud-resistant is important.
Manu Sporny: Payment information (item price, currency) should be handled
Manu Sporny: Use of digitally signed receipts
Manu Sporny: including product information
Manu Sporny: Should be machine readable and portable
Manu Sporny: payment processor agnostic
Manu Sporny: Example implementation in PaySwarm and FirefoxOS
Manu Sporny: Other companies have their own implementations as well that solve bits and pieces of these problems.
Manu Sporny: We currently involve technology companies, finance, governments
Manu Sporny: Government interested because of international purchases tax issues
Manu Sporny: Workshop planned in Paris on 24th/25th of March
Manu Sporny: Goal of the workshop is to identify basic problems.

Topic: Plan for Workshop

When will the Call for Papers be published?
Manu Sporny: Hopefully by the end of the month, it'll probably only be a call for position statements with those that want to present having papers.
Manu Sporny: Creating a flexible architecture at the workshop would be a welcome bonus.
Manu Sporny: But more likely will be shifted to a follow-up workshop three months later.
Slides on the web, linked from the web page - see earlier link in minutes.
manu presents list of suggested topics from here: http://www.w3.org/wiki/TPAC2013/session-web-payments
Virginie Galindo: Difficult to comment as the presentation refered to known solution that many here do not know in detail.
Manu Sporny: Trying to avoid the "Where do you start?" problem, what's presented is just a starting point.
Manu Sporny: So there has been an initial suggestion made by a fairly small group, we need all of you to refine it, tear it apart, replace it, etc.
Manu Sporny: Lots of players who don't want to standardize need to be considered by the group.
Manu Sporny: Need to do well defined areas of where proprietary solutions might be required,
Manu Sporny: even though the approach is generally frowned upon by W3C.
Manu Sporny: Also currently missing are issues like ripple and bitcoin topics, detailed identity solution, crowdfunding solutions, how this integrates w/ Secure Element API or NFC API, etc.
Manu Sporny: Existing elements that can be used almost right out of the box: RDFa 1,1, JSON-LD, HTTP Signatures... they're already standards or are going to be standards very soon.
Manu Sporny: Just core architecture, co-used with many other web aspects,

Topic: Open Discussion / Debate

Daniel Austin: Hi, Daniel Austen from eBay / PayPal.
Daniel Austin: I don't think Paypal is the problem.
Manu Sporny: To clarify, I didn't say they were the problem. I said that PayPal depends on problematic old and proprietary banking architecture and it harms their ability to innovate.
Daniel Austin: I want to talk about things we would want and not want.
Daniel Austin: We want a level playing field for everyone, an equal standard
Daniel Austin: No discrimination by the browser vendors.
Daniel Austin: Our web payment vision is much larger. Large intersection between payment and offline/retail payments.
Daniel Austin: Payment on automobiles, vending machines, in-flight entertainment system, payments throughout commercial organization
Daniel Austin: Scaling across device technologies needed.
Daniel Austin: Scale with payment size. There are limits on smallness of payments due to fixed transaction fees.
Daniel Austin: Also need to be able to handle large transactions, also across national boundaries... cross-border payments.
Daniel Austin: Apple is a system of en proprietary system, anything that doesn't work with them is a non-starter. Similar for Samsung or LG.
Daniel Austin: We want to use existing security and identity specs and initiatives. (example OAuth)
Daniel Austin: Also FIDO Alliance for identification
Manu Sporny: Most of the vision for Web Payments matches the vision you outlined. I don't see any large conflicts at this time, which is good.
Virginie Galindo: How to provision special information to find the right processor/institution from the point of the user? How does the browser know which payment processor to contact?
Virginie Galindo: Also what is the business model, who are the actors?
Manu Sporny: Ultimately, there will be friction, as there will be browser involvement, but the hooks involved shouldn't give the browser vendors undue advantages.
Manu Sporny: Ideally the browser would understand which payment processor you want to use.
Manu Sporny: If we want to be able to smooth it out, the user presses the button and the payment standard figures the payment processor out based on user selection (which is cached)
Manu Sporny: For now the solution is JavaScript and the Mozilla Persona Approach, based on local storage and centralized system that is designed to go decentralized ASAP.
Manu Sporny: Currently it's a stop-gap approach, need to see in mid-range what else comes up.
Daniel Austin: Contact between user and us is mediated by the browser. That is not acceptable to PayPal.
Daniel Austin: Data from transaction is valuable and we would miss out of that.
Daniel Austin: Mozilla could sell transaction data to MasterCard while we get charged extra as we can't pass the info on.
Manu Sporny: That's not what I said. I was talking about selection box for payment processor - similar like user selection of search provider, but without a default. Let me re-iterate that we don't want to do something that gives undue advantage to any player in this environment. We are not disintermediating PayPal by giving the browser the ability to route around PayPal. It is the customer's decision on which payment provider they want to use.
Manu Sporny: What do we need to make the process smooth without overstepping? That's a question that we need to constantly ask ourselves as we develop this technology.
Daniel Austin: Unsecured POS system would probably not work for us.
Manu Sporny: To be clear, an unsecured POS-like system is typically how most of the credit card transactions are processed today, so it's unclear to me what we mean by "unsecured POS".
Michael Hutchinson: Do you have a table where the gaps in the specs are?
Manu Sporny: Unfortunately, nothing detailed. However, we have something very basic (on the wiki page listed above).
Michael Hutchinson: If there are gaps, how do you have a full workable solution?
Manu Sporny: Some open source implementations work or parts were written by us, but the specs trail the implementations in some areas.
Michael Hutchinson: Which is not unusual (actually pretty standard) in W3C.
Mountie Lee: I'd like to talk a bit more about my proposal for an ecommerce interoperability standard: http://www.w3.org/wiki/Electronic_Commerce_Interoperability_Standard
Mountie Lee: Needed for interoperation with(in?) micropayment groups.
Mountie Lee: Many small providers have issues in initiating payment.
Mountie Lee: Current service providers need standards for interoperation.
Mountie Lee: Do not touch existing benefits of players.
Manu Sporny: We don't have enough time to go through your document right now, but I did personally read it when you sent it out to the mailing list. There is lots of overlap with what the group wants and some of the technologies that we've already developed.
Manu Sporny: So, you've come to the right place. The right place to discuss your proposal is here, in the Web Payments group.
Mete Balci: Hard for me to understand what we are trying to work on, it seems like the problem space is too big.
Mete Balci: Talking about standardizing service provider to payment processor, payment processor to bank, bank to bank, user interface
Mete Balci: And bitcoin is in list. Are we talking of it as a different currency or a different money model?
Mete Balci: We need clear boundaries to be able to go forward.
Mete Balci: Regarding question about business model - not sure how much that needs to be integrated into spec.
Mete Balci: Suggest something more related to Mounties request. Want to be able to add apple/telco/banks interfaces easily.
Mete Balci: That is more practical to do now.
Manu Sporny: Yes, you're absolutely right. We need to be careful about the scope - make sure not to overscope the group. We'll fail if we take too many things on. Part of the problem is that for payments to work well on the Web, lots of missing pieces need to be there.
Manu Sporny: We need a very narrow scope in the beginning. Have to be careful on what to pick. That's the purpose of the upcoming workshops. We need to make sure to identify the problem areas and then identify which ones we're going to try to address.
Manu Sporny: Task of the workshop - identify problems, narrow down the scope.
Manu Sporny: We need to get buy-in from members on a scope that seems plausible.
Manu Sporny: We won't know until the end of the workshop. But we will surely fail if we try everything as once.
David Ezell: Hi, I'm from the National Association of Convenience Stores. Payment interchange is a big problem for us.
David Ezell: Things to think about: Lot of interesting ideas killed by the banks already, as they make good money with current model. If you scare them, they'll crush this work through litigation.
David Ezell: Steep slope we need to ascend.
David Ezell: Get banking groups involved. How do we do the direct marketing to the consumer?
David Ezell: Popular with consumers since merchants take up the bill, thus easy to sell to consumers.
David Ezell: Traditionally there is a difference between personal device and using these to handle other people's money.
David Ezell: Today changing one line of C-Code in payment app is a $4,000,000 bill in recertification effort.
Manu Sporny: Great questions. We are actively talking with the banks and (in general) they see this as an opportunity. However, many of your other questions, we haven't raised that in the group, since retailers have hardly been involved to date.
Manu Sporny: So, I'm glad you showed up because we need more input from the retail community. Ok, we're out of time.
Manu Sporny: Thanks for the great discussion today, we look forward to seeing all 25 of you at the Web Payments workshop in Paris in late March 2014!

Created by the Web Payments Community Group. Shared with love under a CC-BY license.