Tuesday, August 26, 2014

Will a Personal Electronic Device Data Standard Eliminate the Acquiring Function?

Let me (for the purposes of this post) define acquirer as any entity between a purchaser and the purchaser’s financial institution. This definition is far too broad for a typical discussion of the payment services industry; however it suits the point of this post quite nicely. The definition makes any part of the payment network providers (regardless of brand or size) an acquirer, It leaves an issuing FI or its authorizing agent, the sole party needed for  a financial transaction with a payer and it is a very scary concept to payment network providers.

To demonstrate the concept Diagram 26 shows the current retail payment system infrastructure present in many countries today.

Diagram 26: The Acquiring Function Infrastructure

And Diagram 27 shows an imaginary structure without an acquirer.

Diagram 27: Hypothetical Payment Hub without Acquirer

I ask my readers which diagram depicts a cheaper network easier to deploy and more adaptable to the emerging human communication methods.

The reason we cannot implement diagram 27 right now is because data transport standards encapsulating payment information from a personal electronic device (PED) do not exist. Such standards need to adapt a key management scheme such as DUKPT, a reasonable number of digits to be stored in secure areas of the PED for use as offsets, transaction counters, etc. and more importantly able to accommodate an astronomical number of individual PEDs.

Another reason we cannot implement diagram 27 right now is because of the insistence that payees pull payment from payer accounts instead of payers pushing payments to payee accounts. If we build the standards the more efficient push method of payment will come because it eliminates regulation E in the US and more importantly for the rest of the world it eliminates switching fees.

The standard needs much more detail than a reasonable encryption scheme and I can think of many elements that need careful consideration among technical folks from quite a few different industries, so the sooner, we build a standards technical committee, then the sooner we can build a payment hub that gives the security payers need at a fraction of the current costs.

Next Blog: Why queues containing payment data in the clear are the biggest target today

No comments:

Post a Comment