Recapping from the last two blogs, we have in place a standard
specification for the transmission of payment data from a personal electronic
device (PED), and a secure retailer database. If we could use the infrastructure
put in place by central banks then we would be done; however active users of
Fedwire and the like do not like penny-ante transactions polluting their
pristine flows, so we must build our own.
I think it’s best to start with a small scale model and show
scalability for size than it is to propose a world-wide SVGRTP built by the
private sector. Diagram 10 shows the
concept of a single SVGRTP contained within a single bank.
Diagram 10: Single SVGRTP
Ideally, maybe in two or three years we won’t have to use
this cumbersome message architecture at all. Our PEDs will have entangled
quanta with corresponding quanta at our bank, and the device will spin the
quanta to corresponding quanta at the bank with message details. No chance of
data intercept limits attacker tools. However, in case there are technical
issues developing a quanta payment system I will press on with stone knives and
bearskins (apologies to Star Trek “City on the Edge of Forever” fans[1]).
Diagram 10 shows a simple “on-us” transaction that
corresponds with a retailer and a cardholder having their accounts at the same
financial institution. However Diagram 10 shows the transaction with the newly
minted SVGRTP.
Banka in the diagram translates the retailer id
to an account that exists at Banka and translates the device ID to
an account that exists at Banka and moves the payment amount on
receipt of the message. The diagram leaves out the notification and security
details.
I think it might be possible to select a small town with
lots of cell phone users and a few shops and one major bank popular with local
retailers. How might we convince such a
bank to go along with this madcap scheme?
If the bank is in the US then Regulation E does not cover the
transaction because it does not meet the definition of an electronic fund
transfer as defined in the regulation, namely:
Electronic fund transfer (EFT) is a transfer of funds initiated
through an electronic terminal, telephone, computer (including online banking)
or magnetic tape for the purpose of ordering, instructing, or authorizing a
financial institution to
debit or credit a consumer’s account. EFTs include, but are not limited
to, point-of-sale (POS) transfers; automated teller machine (ATM) transfers;
direct deposits or withdrawals of funds; transfers initiated by telephone; and
transfers resulting from debit card transactions, whether or not initiated
through an electronic terminal (12 CFR 1005.3(b)).[2]
The SVGRTP defined earlier does not give instructions to
debit or credit a consumer account, the SVGRTP gives instructions to credit or
debit a retailer account. I am not a lawyer, and if you accept my
interpretation without legal advice then you are quite mad. However, it seems
the whole purpose of Regulation E is to prevent a retailer from falsely
accessing a consumer account, which is not what happens in the SVGRTP. The PED instructs the consumer bank to credit
the retail bank; the retailer does not instruct the bank to debit the consumer
account.
So, without Reg E, retailers do not have to worry about
charge backs and banks do not have to worry about Reg E claims. By ditching the
bank card networks, both retailers and banks drop the most costly aspects of
the current system.
Next
Blog: ?, or reply to comments, or the math of payment system architecture
[1] Spock: I am endeavoring,
ma'am, to construct a mnemonic memory circuit using stone knives and bearskins.
From http://www.imdb.com/title/tt0708455/quotes
[2] http://www.federalreserve.gov/boarddocs/supmanual/cch/efta.pdf
No comments:
Post a Comment