Tuesday, August 30, 2011

The Web Needs a Federated Payment Protocol

When it comes to paying for good and services on the Internet, the consumer has many
choices - Paypal, Amazon, Google Checkout, their respective Credit Card...

However, you
rarely see all of these accepted in a single place - and for very good reason: Its gorram difficult to
implement so many different APIs and systems, and have to deal with tracking each of them.

Clearly,
the Web needs a way to deal with this - and having a Federated Payment Protocol would solve it.

Think
about it: A vendor website would easily communicate with a payment processor through this protocol.  They
wouldn't have to know who the Payment Processor is, or even care for that matter.  The vendor would issue a
request to the payment processor.  The processor would be in charge of authenticating the user, and would
send back their "terms" (out of the requested amount, *this* much will be dispersed and *this* much will be
taken as a processing fee).  The vendor will agree, disagree, or change the payment amount based on what the
processor sent.  The processor would then submit this change to the user, if the user accepted the processor
would send the new details and the vendor would accept or deny.  The processor would send the money through
whatever system they need to, notifying the vendor how long it should take, and if its a short enough time
the vendor can hold the user until the payment has cleared (or if it is a trusted source not hold at all)
and provide the promised goods or services, after confirming the transaction with their receiving service.

This
solves a few key issues:

  • Vendors have to trust that they are
    receiving the money for their services.

  • Credit Card details would never have
    to be provided to the vendor, as the service would be directly through their credit company's payment
    service.

  • Vendors would not have to implement different APIs for different
    payment methods.

  • "Credit Card Fraud" liability would be the burden of the
    Credit Company, of whom authenticated the user.  A vendor would no longer be required to make sure a person
    is who they say they are.

  • Banks could offer their own payment services
    ("Debit."  Possibly with No Fee, resulting in a reduction of prices from vendors, hopefully).


Clearly
this is a good idea, and I wish I had the know-how to put it together myself.