ISSN: 1204-5357
Dave Birch
Email: daveb@hyperion.co.uk
Web Site: http://www.hyperion.co.uk
Visit for more related articles at Journal of Internet Banking and Commerce
Protocols such as SET have begun to standardise one part of the online shopping process: the payment part. Buying something online, however, involves more than just payment. Merchants and consumers need to be able to negotiate payment types, receipts, currencies and so forth. Protocols capable of supporting and automating this complete fulfilment of customer/merchant interaction requirementsshopping protocolsare now emerging, and they could turn out to lead to a fundamental restructuring of bank and retailer business processes.
A few weeks ago, I was tapping away at my Macintosh and listening to a battered and ancient cassette tape. It occurred to me that the old album I was listening to might be available on CD, so I did a search on Alta Vista. In a couple of clicks I found a mail order music shop in Bristol (England) offering it. I emailed to ask if it was in stock and to find out whether they took Visa. They emailed me back saying that they could get it in a couple of days and yes, they did take Visa. I emailed them my credit card number and got a message a couple of days later saying that they had charged the card and dispatched the CD, which duly arrived . Out of this whole (satisfactory and efficient) shopping experience, only one small part (me emailing in my credit card number) was payment: most of the experience, most of the messages flying around, were to do with creating the conditions for a payment to take place and passing information and receipts around after the payment had been made.
The purchasing transaction between a retailer and a consumer includes different types of interaction at different times. These interactions might be broadly categorised as negotiation, payment and fulfilment. Negotiation covers interactions such as do you take Visa? and Im in Americans frequent flyer programme, is there a discount?. Fulfilment covers interactions such as the goods have been dispatched, here is your tax receipt and thank you for buying from us, heres a voucher for $5 off your next purchase. A payment protocol, such as Visa and MasterCards Secure Electronic Transactions (SET) protocol, handles only the payment interaction. There is therefore a requirement, recognised by the players , for a protocol operating at a higher level, addressing transactions in the round. Such a protocol would handle the negotiation, payment (which may be effected using SET, digital cash, smartcards or whatever) and fulfilment phases in a common framework. Well call this protocol the Shopping Protocol. The designers and implementors of payment protocols have discovered that they cant get very far without considering shopping protocols. IBM, for example, as one of the early implementors of SET began work on SuperSET to address just this issue.
Another early attempt to define a global shopping protocol came from the World Wide Web Consortium (W3C) and CommerceNet, who set up the Joint Electronic Payments Initiative (JEPI). JEPI set about defining protocols such as the Universal Payments Preamble (UPP)but its not clear as to how much commitment there really is to their work. The market seems to have overtaken them, with a mindboggling panoply of companies and consortia working to achieve interoperability between merchant servers, consumer wallets and payment schemes. Microsoft recently unveiled its wallet offering and announced an array of almost 70 companies supporting their strategyincluding American Express, First Data, Wells Fargo, MasterCard, Visa, GTE and Verisign etcwhich includes a protocol between wallet and merchant server that includes many of the fulfilment elements. Other vendors have similar products.
Coming from another direction is the Open Trading Protocols (OTP) initiative. OTP has some substantial momentum . The original backersAT&T, HP, MasterCard, Mondex and Open Markethave been joined by (amongst others) Actra, British Telecom, CyberCash, Dot Matrix, Hitachi, IBM, Nokia, Oracle, Sun Microsystems, Unisource and VeriFone. The purpose of OTP is to create a multiplatform shopping protocol. If consumers and merchants are using OTP to communicate, then as new payment instruments are developed they can be made available through OTP without having to completely rebuild the merchant software or the software in consumer devices . An OTP session might include the merchant making an offer to the consumer, the consumer purchasing (by sending the offer and payment to a payment server), the consumer presenting the receipt to the merchant, and so on. During the purchasing part of the transaction, OTP drops into the payment protocols chosen by the participants. As an example, if my browser negotiates with an online merchant and a Mondex payment is required then it is the Mondex Value Transfer Protocol (VTP) that actually moves the value from my card to the payment servers card. Once value transfer is complete, we go back to OTP to continue.
While OTP is aimed at the consumerretailer transaction, American Express are behind the Open Buying on the Internet (OBI) standard which is aimed at the businesstobusiness sector: its much more of an EDI meets the Net effort. Whether OTP and OBI are successful, or whether other standards come along and replace them, its clear that online commerce in both the retail and wholesale sense is heading towards a small number of standard shopping protocols. The level of standardisation is good for everyone. Suppliers providing payment instruments, loyalty schemes, discount coupons and other shoppingrelated services need only support a relatively small number of negotiation and fulfilment protocols. By providing their services as plugins to protocols such as OTP, they can make there services available to a large market.
A generalised model of the interaction between retailer and consumer can be built from elements of the legal definitions of a contract: an unambiguous offer, an unconditional acceptance, a consideration and a warranty where appropriate. When the contract is agreed the consideration (generally a monetary payment) goes in one direction and the goods or services, accompanied by a warranty, in the other.
This model can be applied to the specific case of buyerseller interaction over open public networks. A buyer browses a catalogue under the control of a catalogue manager and makes selections. When the buyer has finished making the selection and wants to buy, the catalogue manager checks the selection and generates a bill for the selected goods or: this is called the Unambiguous Offer (UO). The buyer and the catalogue manager then negotiate a payment mechanism for the consideration, a negotiation that will conclude with the catalogue manager directing the buyer to some kind of cash register under the control of a payment manager. The buyer sends the UO to the payment manager (at which point the UO becomes an Unconditional Acceptance, or UA) and pays. Once the payment is complete, the payment manager digitally signs the UA to form an Consideration Receipt (CR). The CR might entitle the buyer to many things: the CD they wanted, 10 hours online playing a games, 20 searches on a database, whatever. The buyer passes the CR to some kind of delivery agency or content library, under the control of a content manager, to get whatever it is they have ordered. Since the content manager can easily check the signatures in the CR it knows that it has a valid order and that payment has been made and can then start the delivery process : this may be immediate or it may coordinate the delivery of physical goods. Once the goods or services have been provided, the content manager adds relevant information (e.g. a serial number) to the CR and signs it form an optional Warranty (OW) that may be needed for warranty purposes or to return goods or whatever: the OW is retained by the consumer so that it can be passed to an aftersales manager if required.
The catalogue, payment, content and aftersales managers may be colocated, operated on separate servers or, indeed, operated by completely different business entities. This is what Neil McEvoy (who helped design the shopping protocol for the Unisource Smart Access pilot) calls the Argos model .
This is a very sensible way to do things, because it means that the merchant does not need to process the payment. If the consumer is using SET, Mondex, ChipSET, Cybercash, DigiCash or anything else, the payment is made between the consumer and the payment manager. So long as the content manager gets a CR, it doesnt care how the payment was made. Merchants dont have to implement anything other than the protocol handling, as shown below: not only is the merchant indifferent to the payment mechanism used but they may not even know which payment mechanism was used. Assuming that the payment server is operated by (e.g.) a bank, then its as if you could go to the supermarket and choose what you wanted, then when the check out clerk presents you with the bill you went next door to the bank to pay and get a receipt. Only on presentation of the receipt would the clerk give you your shopping.f
In this model, then, the retailer has outsourced the entire payment process to the bank: this could be an excellent deal for retailers and an excellent opportunity for banks. Its especially good for small retailers, for whom the cost and complexity of paymentcapable merchant servers is a barrier to entry and space in an online mall unappealing. Suppose Im a stamp dealer and I want to go online. I open a small Net business account with my bank. This gives me an account on their payment server. I set up my web site-with no payment software at all-and go into business. People order my specialist stamps and each day my PC prints out a list of PPs. I mail out the stamps and at the end of the month the payment server transfers the takings (less a commission, of course) to my business account.
Just as the separation of catalogue and content servers creates new business opportunities for organisations to specialise in their provision, so the evolution of the payment server provides opportunities for banks to generate new value-added services. The bank might send the stamp dealer a monthly statement showing him who bought which stamp, chargebacks, statistics and so forth. Shopping protocols arent just about shops: they mean a whole new area for the financial services business.
Copyright © 2024 Research and Reviews, All Rights Reserved