A few thoughts on your “Online payments are a mess” section of the show. I’m the Chair of the W3C Web Payments Community Group and have been working hard to bring payments into the W3C for well over 4 years now. I really appreciate all of you giving this topic some thought, as barely anyone knows it’s going on. There’s some background on the W3C Web Payments work here:
In general, I was hoping for a bit more than “this is an impossible task and nobody likes Bitcoin”. Some corrections to start:
Many of the people in the group love Bitcoin and think it’s a good first cut, but could be improved. It’s not that we don’t want it to succeed, it’s that we think all 1.0 technologies can be improved in ways that help them scale better.
There are loads of things that could be done to improve the payment experience, and many of the organizations that were at the Web Payments Workshop wanted to make these changes. Even the most cynical organization that attended was less cynical than the folks on your show.
Credit card are awful in so many ways. Online fraud being the worst side-effect of a world run by credit cards. Most everyone wants to replace them with something better, including the banks.
In order to understand the work, you have to understand the motivations for each market segment that’s participating in the work:
The technology industry thinks it can disrupt the banks (see where Silicon Valley VCs are pouring their money?).
The smart banks feel paralyzed to make any significant change w/o some serious help. Web technology is not their forte. The traditional banks think everything is just fine.
The governments are annoyed that their banks aren’t innovating in the areas that need it the most (security, speed, underbanked and unbanked, etc).
Online payments suck for a variety of reasons. There are too few players, there is no single payment interface, the market is heavily regulated, the big players don’t want interoperability, we’re using laughable security measures (CVV2 codes, credit card numbers, HA!), etc. This payments industry is ripe for disruption and everyone knows it.
The banks are terrified of Google, Facebook, Apple, or Microsoft waking up and deciding that they could provide financial services to the world in a more effective and profitable way than the banks can. It costs around $25M to start an international bank, and each of those organizations could do it many times over (and do a much better job wrt. customer service). Bitcoin-like technology could remove droves of middle-men that vampire off money for very little value-add.
Governments are trying to get financial services into the hands of the people that aren’t a priority for the banks, that is the worlds underbanked and unbanked. Mobile services like M-Pesa are making great inroads, and many of the people that don’t have bank accounts or access to financial services actually do have Internet access and a mobile phone. These people are not a priority for banks because they’re not profitable, but they are a priority for organizations like the World Bank, the United Nations, and many local governments. One of the ingredients in the recipe to get people out of poverty is to provide a mechanism that allows people to save for the future (banking services), but the banks aren’t really motivated to provide these services.
So, the financial industry is feeling pressure to reinvent themselves or risk an evolutionary dead end. They’re feeling this pressure from the technology industry, government, and their customers. No one likes their bank as much as they like their favorite technology company.
Take a wild guess as to what each industry above needs in order to achieve their goals? They need a set of solid Web Payment standards.
The technology companies need to band together if they’re going to provide financial services that are compelling to a large demographic.
The financial industry needs to implement a payment mechanisms that are easier to use and that also bring their customer closer to them. At the very least, they need to back a technology that’s not going to send droves of their customers over to Apple and Google.
The government organizations need to back something that’s going to bring a global financial infrastructure to their citizens just like the Web brought a global communications infrastructure to their citizens.
This doesn’t mean that we’re going to end up with “one single way to pay for everything”… that’s a pipe dream. The future is a mix of payment instruments and thus a successful Web Payments standard needs to assume this as a fact. The things that we are planning on standardizing is a standard way to initiate a payment and a standard digital receipt (proof-of-purchase) format. If we can’t support what we use today with this new payment standard, as well as Bitcoin, Ripple, Ethereum, and all the other future cryptocurrencies, the work is dead in the water.
The ideal payment experience in the future is that, when you arrive on a website and see something you’d like to purchase, you just click “Buy”. Your browser would figure out the payment methods the website takes (Visa, Mastercard, Ripple, Bitcoin, Dogecoin) and match it against the payment options you want to use (Visa, Bitcoin). You’d see the final amount, authorize the purchase, and a verifiable digital receipt would be delivered to the merchant ensuring them that you paid.
However, to think that what we’re after is just a simpler payments experience misses the point completely. This is about providing access to a global financial infrastructure in the same way that the Web provided access to a global communication medium where you didn’t have to ask for permission to innovate. This is about bringing the tools that have only been available to the most wealthy and elite in the world and putting them, in a safe way, into the hands of anyone with a connection to the Web.
The above barely scratches the surface of what’s being worked on. The Web Payments Steering Group is expected to launch by mid-September, which is when we’ll see the scope of work get hammered out. Expect the first technical working groups formed by the end of the year to create the future that is laid out above. If you’d like to learn more, or join the cause, we’d love your help. Find out more here:
I freely admit nothing but cynicism on this point. Having worked a bit on web standards generally, it’s pretty common to feel disillusioned sometimes about how the big players flatly refuse to work together when they see competitive advantage in not doing so, and wading through the murk of self-interest can sometimes be pretty disheartening. However, this murk is as the sparkling waters of Lake Treviso when compared with anything at all ever which involves money. I am not a Bitcoin booster – we’ve discussed it on the show in the past, and the flag-waving “fiat currency is a Tool Of The Man!” lunatics are their own worst enemy when it comes to widespread adoption, but the instinctive knee-jerk anti-crypto-currency reaction from banks and governments is instructive here.
I agree that banks are terrified that Google might decide to eat their lunch in the developed world, and meanwhile that services such as M-Pesa will define themselves as “the way money is done” in the developing world such that 25 years from now M-Pesa has become a bank and every existing bank missed the boat. These are serious problems, if you’re a financial institution of some kind. However, I can think of no example, none, where the world of finance has seen a long-term attack on their current base and has attempted to solve it by being better rather than through attempting to legislate it out of existence. I’ve heard a lot of people say that, well, they’re businesses, you have to expect that, but frankly that’s what I’d consider cynicism here! When faced with a choice of “be easy for customers”, or “be easy for customers who are locked in to our ecosystem, at the cost of being less easy for customers overall”, every single financial institution has chosen the lockin route unless forced not to by government legislation (see: publishing APRs for loans in the UK, the FSA forcing banks to prove customer fault in Chip & Pin transactions rather than merely asserting it, etc). I think it’s totally excellent that the institutions are prepared to get together and actually have discussions on this point – @msporny in particular deserves some sort of a medal for his tireless pursuit of this subject for the last half-decade, and I very much appreciate his detailed response to and hopefully continued engagement with this discussion – but I am completely totally unconvinced that it’s anything beyond an intellectual exercise which won’t get anywhere near actual adoption.
I feel like I’m being unfair here – the Web Payments group are working hard and making progress – but I honestly am not even a tiny bit confident that HSBC or Apple or Bloomberg or Google or anyone else with skin in the game and who’s already making money is interested in being part of a thing which makes it easier to not be locked in. I hate that this is the case, but I believe it. I’m not confident in government either; while I don’t want to go on about “banksters” here, if the last ten years have a message for us then it could well be that given a choice between large financial institutions pursuit of the status quo and what’s better for their customers, the institutions have a great deal of power to not change anything even when forced to.
I hope my cynicism is misplaced. I truly do.
So, perhaps a more pertinent question for @msporny: what can people do to help? I understand what I could do to help if I were, e.g., chairman of the Fed. What could be done by those reading this to improve the chances of web payments happening?
But as that link continues, “manual, and paper-based processes during a typical customer onboarding process can cost up to 20 times more than computer-assisted, electronic document processing”, so it’s easy to see that they’d support some kind of web-based system that reduces the cost of onboarding the billions of unbanked people. Better than waking up in 20 years time to discover that you’re just passing customers around in the developed world, while Africa has developed its own parallel system that regards HSBC, Barclays, Citibank etc as entirely irrelevant.
But what’s the incentive for the big tech companies to level the playing field and risk losing the customers that they currently lock in? If a big company - let’s called it AppleZonoogle - thinks it can gain gazillions of customers, why would they want to participate?
I’m a pragmatic idealist and try to not allow cynicism to bleed in so much that it prevents us from trying to make progress where we can. In the particular case of Web Payments, we’re talking about empowering billions of people with a financial infrastructure that’s built with the same principles that are of the Web. Openness, transparency, permission-less innovation (as long as it’s legal), connected-ness, etc. Now, I know that you’d like to see that too but also believe that there are too many entrenched interests to allow that to happen. Hopefully the rest of this response will give you some extra information that you most likely did not have before. I’d like to focus on five points:
There is no monolithic “the banks”. It’s actually a much richer ecosystem than most people realize (6,000+ different banks in the US alone, 9,000+ international banks in the world). The banks do compete for customers and marketshare. There are people internally that are fighting to bring their banks into the modern age.
The way to get standards developed isn’t to try and convince large organizations to do the right thing, it’s to convince them that they’ll be wiped out if they don’t (and then show them the technology that’s going to do it). You not only have to go top-down, but bottom-up as well. That is, we need to convince people with an audience (like you), that this is worth doing and that you actually do have the power to affect change.
The people in government that care about this sort of thing are smarter than you think, and there are many of them that want to see improvements in global financial networks.
The problem is systemic. It’s not because there are a bunch of evil people working at banks to prevent this from happening, it’s that the incentives are misaligned. The key here is creating a set of incentives that are aligned with the banks and large corporate interests.
Assuming your cynicism, what’s the worst possible outcome? A better web.
Of course they don’t want to be a part of something that reduces their lock-in. They do, however, want to be involved in something that could become an existential threat to them (or enable their competitors to gain an advantage over them). They want to do this because they want to control the outcome. HSBC and Apple are two very different organizations with very different motivations. There is almost nothing but upside for Apple if the effort is successful, and there is almost nothing but downside for HSBC if the effort is successful and they aren’t ready for it. If they both participate, at least there is a neutral outcome. If neither of them participate, we have proven that there are many more other organizations that will participate and will use the technology developed in the Web Payments work to their advantage. In other words, the cost of not participating is too high at this point.
There are over 6,000 banks in the US today. There are over 9,000 international banks. These are large organizations and there are a lot of them, and each of them is trying to differentiate themselves from the other. The reason they move so slowly isn’t because they don’t want to change, it’s that technology isn’t their forte, they have to ensure the stability of the global financial system, and they have loads of regulations that they have to follow.
To say that none of those organizations are motivated to do something that’ll make them a leader of the pack when it comes to ease of use, or speed of transactions, online payments, is a very difficult argument to make.
Second point:[quote=“sil, post:28, topic:2053”]
I freely admit nothing but cynicism on this point. Having worked a bit on web standards generally, it’s pretty common to feel disillusioned sometimes about how the big players flatly refuse to work together when they see competitive advantage in not doing so, and wading through the murk of self-interest can sometimes be pretty disheartening.
Disheartening, yes, but that’s what for-profit beasts do. It’s not cynicism to think that, it’s reality. It helps to treat large corporations like machines that have pretty simple programming; they’re predictable over a large range of inputs. The real question is: what set of inputs could be fed in that would provide a predictable outcome. At the core, it’s a really fascinating engineering problem. In general, most large organizations react predictably when a technology is discovered that would provide powerful competitors with a real advantage if it were not adopted. For example:
A technology that would enable customers to do seamless, immediate transactions over the Web regardless of the payment type (credit card, ACH, Bitcoin, etc.).
The ability to identify customers using cryptographic means, thus meeting regulatory burdens of “Know Your Customer” without paying the $325/customer/year tax that banks pay today.
A mechanism that delivers a customer directly to their bank instead of to a 3rd party payment processor, thus strengthening the relationship the customer has with their bank (instead of, for example, the relationship that the customer has w/ the 3rd party payment processor).
Any financial institutions would be foolish to not adopt the technologies above if their competitors could do the same. However, let’s assume that banks don’t adopt the technologies. Ask yourself what would happen if large technology companies adopted that technology instead? Do you see the existential threat this creates for the banks? Assume the technology companies do nothing with the technology above. Do you see the multi-hundred-billion dollar opportunity that the technology companies pass up if they cede the technology advances to the financial industry? There are good incentives in place for both technology companies, and banks to participate. Fear and greed are two great motivators when it comes to large organizations.
Third point: [quote=“sil, post:28, topic:2053”]
I’m not confident in government either; while I don’t want to go on about “banksters” here, if the last ten years have a message for us then it could well be that given a choice between large financial institutions pursuit of the status quo and what’s better for their customers, the institutions have a great deal of power to not change anything even when forced to.
Populism is fun! It’s fun to go on about how ineffective our governments are at controlling the banks. Yes, we all wish that the governments of the world would have seen the disaster of the past 10 years coming. We wish they would have done more for us commoners. If only we had better governments!
Yes, it’s true that large banks have a great deal of power to not change, even when forced to. Could it be that we’re not providing our governments with the proper tools to force that conversation to happen? What would happen if we built a new financial system into the Web that was friendly to governments, regulation, and enabled thousands of new competitors into the market. Do you think governments would be in a better position to “convince” the large financial instritutions to change?
The fact is that the US Federal Reserve and the European Commission came to the Web Payments Workshop and made a slew of public statements about what changes they want to see happen. Those changes were aggressively pro-citizen. I was floored by a number of the statements made by the European Commission; they came out swinging. The fact is that these government bodies are providing feedback to the Web Payments Steering Group chartering process. The fact is that the US Federal Reserve has taken a great interest in this work and the meetings that I’ve had with them have demonstrated that they really know what they’re doing. Their technologists are very bright people, and I say that having worked with luminaries in the Web world. Will this be enough? Who knows, but we have some of the best people involved from the governmental side of things. These are people that have built software systems that regularly, without error, move trillions of dollars around the economy on a yearly basis. They’re good people to know.
Fourth point: [quote=“sil, post:28, topic:2053”]
However, I can think of no example, none, where the world of finance has seen a long-term attack on their current base and has attempted to solve it by being better rather than through attempting to legislate it out of existence.
You’re not looking hard enough. Here are just a few public examples: Simple’s acquisition by BBVA. The fact that most major banks now have a team focused on innovation and funding financial startups (almost none of them did in the 1990s-early 2000s). Finance’s quiet involvement in FIDO Alliance. Fidor Bank’s use of the Ripple protocol and underwriting of Bitcoin trading. Finnish banks like Nordea, Osuuspankki, and Tapiola onboarding Bitcoin as a supported currency. The state of New York in the US creating a new license for Bitcoin gateways.
One of the issues with your argument is that you keep thinking of the “world of finance” as one homogeneous entity. It’s not. There is so much variation in there and there are banks that are trying to become better.
The problem with our banking infrastructure is systemic. We haven’t provided the proper systems to the financial industry that would enable them to move foward while also ensuring that the regulatory landscape can be addressed. Bitcoin did great on the first requirement and then seriously screwed up on the second requirement. The Web Payments work is an attempt to try and at least put our best technological foot forward in a way that’s responsible and inclusive of all parties that this affects.
Fifth point: [quote=“sil, post:28, topic:2053”]
I hope my cynicism is misplaced. I truly do.
I think it’s misplaced, but let’s do something crazy for a second and assume that it’s not. Let’s assume that this whole initiative is going to fail horribly. We never end up with a simpler way to transmit money around the Web. If you take a look at the Web Payments specifications page, you’ll find a slew of technologies:
In order to get Web Payments to where we want it to be, it requires that we invent entirely new technologies. For example, JSON-LD was invented because we needed a way to transmit offers for sale, payment requests, and digital receipts for the Web Payments work. It just so happens that Google, Yandex, Microsoft, and Yahoo! adopted JSON-LD in a big way earlier this year because it turns out that it helps web developers express machine-readable locations, events, product reviews, and other things we search for using search engines. We didn’t know they were going to use it for that when we created JSON-LD, but are pretty happy that it ended up being useful for something else.
We’re also wrapping up work on HTTP Signatures, which helps developers digitally sign HTTP requests and identify the client in a single HTTP call (and provide message integrity). No more OAuth round-tripping to get a token to make a call. No more shared secrets. The simple 6 page spec can be used for machine-to-machine communication where you need to authenticate yourself while you’re making a request. This is important for the Internet of Things work that’s going to be happening over the next 5 years. We need HTTP Signatures so that payment clients and payment processors can ensure that payment requests are coming from people authorized to use a particular financial account. It’s a general technology that Joyent (corporate sponsor of node.js and a big cloud hosting provider) is already using in production, so even without the start of the official Web Payments work, Web Payments technology has already benefited another industry.
Other technologies we’re working on include digital signatures for JSON-LD, Secure Messaging (signed linked data messaging), digital receipts, high-stakes credentialing (proving that you are who you say you are, digital government IDs, proof of age, proof of shipping address), and many more pieces that, even if the Web Payments work fails, will be useful to the broader Web.
The Web Payments work is worth doing any way you look at it, even if we fail to achieve the end goal of simpler payments for the Web.
So, now that I’ve lost just about everyone that started reading this thread, here’s why you should get involved. Seriously, if you’ve read this far, you’d fit into the Web Payments Community Group really well.
The number of people that work on any Web standard is fantastically small. I don’t think many Web professionals truly understand that. The core of most specifications that you know about were created by maybe 3-5 people. There are exceptions like HTML5, but really, the vast majority of specs were created by a handful of people and of those people probably around 50% of them were new to standards development. There are few things on this planet that allow you to have the sort of impact that working on a Web standard does. The ratio of ‘significantly contributed to a standard’ to ‘positively affected by a Web standard’ is close to 1:500,000,000. It’s a really rewarding experience.
So, the first thing you should consider doing is lurking on the mailing list to see if you’re interested in what we’re talking about:
So, what can you do? Well, what are you good at doing? Chances are very good that we need your help. If you’re a graphic designer, we need a logo and our web pages to be redesigned. If you’re a programmer, we need implementations of the specs and test suites to be written. If you’re a decent technical writer, perhaps you’d like to improve some of our documentation? If you are a speaker, why don’t you do a talk about Web Payments at your next local meet up. If you have a community, let people know what we’re doing and point them to the links above. If you’re a systems architect, perhaps you could join us on the calls or critique the specifications. Whatever your technical skill set is, chances are that we need it.
Everything that you do, no matter how small, is something that brings this brighter future that we’re trying to reach for within grasping distance. Join us and be a part of opening up the global financial network to the 2.4 billion people that use the Web today, and the next billion people that are going to be coming online in the next decade.
So, are we to sit on our hands and do nothing? As a member of the Web Payments Group, we may be attempting to herd cats, but that doesn’t mean we don’t try: One who does try, doesn’t accomplishing anything.
For our part, Accreditrust is focusing on identity-based micro-credentials, which as @msporny points out will allow you to provide digitally signed credentials that can validate your identity and auto-fill out forms when applying online for such things as bank accounts, loans and educational study. We are working hard to recruit corporations, organizations, government and educational institutions to contribute to this work.
I need to properly digest these thoughts; there are a lot of them. Firstly, thank you for the effort to explain things to me; secondly, I have now joined the mailing list. Now to work out what I think about all this payment stuff by reading in detail
Can you give any examples of these, Manu? Not that I’m too lazy to go digging around your mailing list archive, you understand. But @sil probably is.
OK - I’m convinced that this is an effort worth keeping an eye on because, if your analysis above is correct (and I can’t find any significant holes in it), the market conditions look favourable and (2) the prize is worth achieving.
My forte is public speaking and activism. I’ll spend 5 mins at a 50 min keynote speech at a Future of the Web type conference in October talking about it. Is it worth doing longer talks yet? Premature activism is counter-productive, hence asking,
“Normally standardization is pro-competitive, but we were concerned in an investigation on epayments by the European Payments Council (EPC) that major players may have banded together to create an exclusionary effect on non-bank epayment mechanisms.” –http://www.w3.org/2013/10/payments/minutes/2014-03-24-intro/#87
“There is so much money floating around in this system, banks have not wanted to comply w/ competition law. Mastercard has made no attempt to do anything other than bare necessary changes… Visa has always made changes at very last moment. We haven’t seen lowering of interchange fees. It takes a very long time to force people to do it.” –http://www.w3.org/2013/10/payments/minutes/2014-03-24-intro/#132
… and here’s some stuff from the US side of things:
“How is the US Fed going to weight those comments? In the EU, the government had to step in and mandate it… Ken Isaacson (Senior Vice President at US Fed in NY) responds: Our perspective is an end-to-end perspective. So, we have our high-level objectives. If there’s something in the public interest, we want to support that. Many people said that the only way this is going to happen is to do a mandate - that may be where we’re headed.” –http://www.w3.org/2013/10/payments/minutes/2014-03-24-s1/#157
I agree, 5 minutes seems like an appropriate time to spend on the Web Payments stuff for the next year. Just keep it high level for now, point hardcore devs to the Community Group that might want to shape the technology or do implementations. We’re short staffed, so getting people that are willing to roll up their sleeves and dive in to do the conversation wrt. use cases, requirements, proposed technologies, and doing implementations would be the best focus for now.
I’m still making my way through the show, but I had a thought on the section about Google being not very good at converting an idea to a product… Maybe they need to effectively form small companies off the back of the 20% projects that are useful and interesting but aren’t $1b interesting… So reader could have been spun off into a subsidiary, being paid by Google Core for material data on reading habits and feed sources, paying Google hosting for use of Google App Engine, authentication and a maintenance fee for the Google Ops team to feed and water the boxes with ticket tracking and patching. That way they stop being a company with 20 OMG-have-you-not-hit-$100m-yet-this-month project, and turn into an umbrella company with 100 projects which might just have one or two of them being a $1b project, and the rest can die on their own when they can’t break even. By separating the projects away from the mothership a bit, it means that if you have another Wave, which wants to go and live in Apache, they don’t need to spend 6 months decoupling the code from Google, because it’s already separate… But if it does well, it can be brought back into core without having to radically change it.
As a side note… Did you see that one of the wave-like projects finally became open source this month? GitHub.com/rizzoma/rizzoma - I’ve been using their hosted edition for a few projects, and once this code drop shakes off a few bugs, I think it’ll be really interesting to follow…
So… Google just become a VC? This is what Google Ventures is already doing, right? I assume that if, say, Reader was a viable business then they wouldn’t have shut it down. The problem isn’t that it was bad technology, it’s that it wasn’t self-funding. Also, making the technology standalone is useful if you want a thing to be runnable by other people, but that’s not really how Google do things, and being able to build on their existing technology base means that a bunch of stuff can be built relatively quickly and easily which just couldn’t otherwise – they’d end up re-solving a whole bunch of scaling and data storage problems which they already have solved if you build on the Google base.
Well, then we’re in the same place. Nobody is near 100% convinced that it’ll actually happen. We’d like it to happen, and we can’t think of any insurmountable blocking problems. The worst part of all of it is how costly it is to meet the regulatory requirements.
We’re operating under the assumption that even if 25% of the stuff we’re working on ends up being adopted that we’ll leave the Web in a much better place than it is today.
That I think is a reasonable goal, indeed. Basically, what I want is some way to be able to go to a website and click a button to pay for things – approximately the experience I get on the iOS app store, or a site using Stripe where I’m already registered – but available to everyone without having to set up many accounts and so on… and to be able to sell things to people from websites and mobile apps and desktop apps the same way. To the extent that the web payments group are also working on that, and those are a couple of the use cases, I’m interested in seeing how I can help, hence being on the mailing list and asking questions
This is what we’re working on. It’s in the critical path of the Web Payments version 1.0 work. The focus is on exactly what you laid out above, so it seems like your desires are aligned with the group’s desires.