For the first 20 years of my working life, my home and my office were quite proximate. Now my workplace sits across the street from Stanford University, and my 50-mile drive to get there presents itself as an anachronism. I try to maintain the perspective that it gives me plenty of time to think; there is certainly enough to think about! Having to commute so far is a statement on values from several perspectives. Reflecting on how society establishes values, I've been feeling rather fortunate to have spent a few years trying to become an economist before concluding that managing technology would more likely net me an office in proximity to the Stanford campus. Economics has been called the dismal science, but it hasn't seemed so dismal the past few sunny mornings out on I-280. Thinking about economic history and the advance of information and communication technologies lately, I realize that it's not just hype: We really are at the dawn of a new economic age. I think I now understand why. I also find that it's more fun to make history than to study it.
During the second half of this century, the information content of even the most traditional product has increased substantially. As an example, consider the impact of genetic engineering on agricultural goods (another popular subject of late). As information increases its role as a factor of production (now we need land, water, grass, and lots of genetic information to make sheep), it changes the production process permanently. The way we produce, distribute, and pay for that information factor is very different from the way we produced, distributed, and paid for land, physical materials, capital equipment, and labor. As an economist, I tried to understand how production and distribution requirements impacted the distribution of human settlements. One aspect of that line of inquiry was consideration of how money and finance systems evolved to support increasingly complex patterns of distribution and trade. Today we can observe emerging production and distribution mechanisms triggering new forms of payment and financial instruments.
One of the recent significant events in economic history was the deployment of cross-continent power grids that made it possible to deliver energy to factories. We no longer have to build factories near coal mines or build train tracks to carry coal to the factories. Just for the sake of visualization, let's think of the Internet as a power grid that delivers information to the point of production. Just as electric and gas meters measure the flow of electricity and gas through transmission media, information-metering facilities need to evolve as a way to provide a standard way to charge for this production factor. The emergence of new ways to charge for and pay for information is already beginning to change the way we charge for and pay for traditional goods (such as wool!).
A variety of payment mechanisms are emerging to address the diverse requirements of businesses and consumers engaging in the full range of commercial activities. By and large, these systems attempt to translate existing structures into electronic form. Meat-and-potatoes applications for business, for instance, take check processing and convert it into electronic form to eliminate the massive amount of paper handling that occurs in corporate payment systems. The major players in the credit card industry are building the infrastructure for a broad initiative to take credit cards online. They, and others, are using the Internet to expand the deployment of debit card systems. The most intellectually interesting developments are taking place in the area of digital cash. Here a variety of monetary forms are emerging in an attempt to serve particular buyer-seller relationships and products.
Different forms of money address different payments scenarios. Corporate trade payments that satisfy supplier/customer liabilities require a high degree of control, traceability, and authentication. The parties to these types of payments often have ongoing payer-to-payee relationships. The amounts involved can be substantial, because they represent compensation for fairly high-value goods and services. Payments for lower-valued goods and services are an interesting area that is evolving from a trade payments to an immediate resolution model through the use of vehicles such as debit cards. As I alluded to earlier, measuring and paying for information flows requires the highest degree of process innovation. Access to individual servings of information, such as viewing a Web page or the right download of an image, is likely to be priced very low. The mechanisms used to pay for hard goods are too granular -- and the transaction costs are too high -- to support an environment where high volumes of very low-value transactions are likely to occur.
In the basic digital money scenario, a shopper presents standard currency (for example, dollars) to his electronic banker who converts it into digital currency of equivalent value. The digital currency is returned to the shopper as binary files that represent specified units of value; you can think of these as tokens. When the shopper wants to make a purchase, he or she transfers the required number of these tokens to the vendor. The vendor then presents the tokens to the electronic bank for redemption.
From a control standpoint, some technical wrinkles must be ironed out in order to ensure the security of these digital cash transactions. The electronic bank will stamp the digital tokens that it provides with a serial number. When the buyer spends the ecash, and it returns to the bank, the bank checks the serial number against its list of spent coins and, if the coin has not previously been spent, credits the vendor's account.
The basic token model has two problems. First, if verification occurs at some time after the transaction, the payee may not be able to verify that the token proffered for payment has not previously been spent. The payee can verify that the digital signature of the coin verifies that the token was indeed provided by the electronic bank. It will not indicate whether the token was previously spent. Only the introduction of a third-party institution into the verification process can prove that the token was not already spent. Introduction of such a third party into the transaction adds delay and expense to the processing of the transaction. It also increases the likelihood that the payer's identity will be revealed.
The blinded token model seeks to preserve payer anonymity. Rather than having the electronic bank create the tokens, the payer acquires software that generates digital tokens. Each token contains a serial number and must be submitted to the electronic bank for authorization before it can be spent. Prior to submittal to the electronic bank, the payer's software hides, or blinds, the serial number by multiplying it by a random factor. Thus the bank can authorize the token by adding its own digital signature to it without knowing the identity of the person who submitted it. Before the payer spends the token, the software removes the blinding factor, so that the payee and the payee's bank will see the original serial number. When such a token is spent, the payee and the payee's bank can verify that the signature on it was indeed the signature of an authorized electronic bank. This is how the electronic money system developed by Digicash Inc. functions.
The next problem in the chain of challenges in creating electronic money lies in ensuring that a shopper only spends a token once. For some, the temptation to duplicate tokens and spend them many times may be great. A system in which the shopper's identity is revealed at the time the transaction and bank authorization occur online will prevent this from happening. In an online clearing system, used tokens are immediately delivered to the originating electronic bank, and subsequent transactions are checked against the store of used tokens. Such a system is equivalent to a credit card processing system and is not desirable from a privacy or cost standpoint. As DBMS readers will immediately realize, the store of used tokens will get very large very quickly, requiring a rather high-performance online-verification process.
The technical foundation for offline (or after the fact) clearing of blinded token transactions rests on the ability to encode information about the payer's identity in the token in such a way that if the token is spent only once the information remains encrypted. If someone tries to spend a token that has previously been redeemed, the second spending will disclose the information encoded on the coin about its original owner. This system works even if the payer spends the token with two different merchants. Implementing the check requires a challenge -- response protocol between the payer and payee. Before accepting an offline payment, the payee's system issues an unpredictable challenge to which the payer's system must respond with some information about the note number. By itself, this information discloses nothing about the payer. But if the payer spends the note a second time, the response to the second challenge will reveal his or her identity when the note is ultimately deposited. The algorithms that enable this protocol to work are closely guarded secrets of developers such as Digicash.
Mondex International (which recently became a subsidiary of MasterCard International) is the world leader in developing smart card technology and the infrastructure for such a system. The Mondex system includes a wallet that enables the owner to transfer value between cards, a balance reader, and terminals that read the cards when they are presented for purchase. These include terminals that connect to a PC or other computer system. Currently there are seven pilot Mondex systems operating around the world, including one in the San Francisco Bay Area, organized in conjunction with Wells Fargo Bank. Now that MasterCard owns the Mondex system and has indicated that it will standardize on the Mondex system as its stored-value solution, we can expect an accelerated deployment rate.
Mondex's security relies on a unique 'digital signature' that is generated by the chip on the card and that can be recognized by the other Mondex card involved in the transaction. This digital signature is the guarantee that the cards involved are genuine Mondex cards and that they are dealing with untampered Mondex signals. This recognition process also identifies the counterparty card for which the cash is intended -- so funds cannot be intercepted by a third party without detection.
Of course, encrypting and signing my credit card numbers virtually eliminates the opportunity for online abuse. The first step toward online credit card security was the implementation of Secure Socket Layer (SSL) in both the Netscape and Microsoft Web infrastructures. SSL ensures that information communicated between the browser and the Web server cannot be captured by a third party. This discourages attacks aimed at collecting credit card numbers or those where the contents of the message is purposefully altered. Such attacks are not difficult to mount, given that the IP address of the vendor is publicly available.
The next step in establishing a secure platform for credit card transactions will be the implementation of the Secure Electronic Transaction (SET) specification, which was developed by Visa and MasterCard in conjunction with other developers of the Internet commerce infrastructure. SET establishes an end-to-end model that encompasses certification of shoppers, merchants, and credit card processes, and online authorization and clearing of credit card transactions. In the SET model, both cardholders and merchants will obtain digital certificates that they can present to authenticate themselves when they want to participate in a transaction. SET uses a dual digital signature scheme to communicate authorization requests to acquiring agencies. Under this scheme, the merchant transmits both the authorization request and a message digest of the order information to the authorizing agency. This enables the merchant to pass the cardholder's information through to the authorizing agency without seeing its contents, while continuing to ensure its authenticity.
Some larger businesses are already set up to make payments via EFT. They supply their bank with an electronic list of the bills that they want to pay, and the bank converts that data into a format that can enter the existing bank-to-bank electronic funds clearing network. This network is called ACH, for Automated Clearing House. The Federal Reserve Banks and a few other select organizations are charted by the National Automated Clearing House Association (NACHA) to manage ACH networks. There are 38 NACHA member ACH Associations representing 13,000 financial institutions that, in turn, provide ACH services to more than 500,000 companies and millions of consumers. Transactions processed through the ACH network include direct payments and electronic data interchange (EDI) transactions, as well as payments for direct deposit of payroll, dividends, pensions, and annuities.
ACH rules specify the format of funds transfers that can be communicated over ACH. Currently, four ACH payment formats are available: Cash Concentration or Disbursement (CCD), Cash Concentration or Disbursement plus addenda (CCD+), Corporate Trade Exchange (CTX), and Corporate Trade Payments (CTP). Through the use of addenda records, the CCD+, CTP, and CTX formats enable businesses to electronically transmit payments and payment-related information to their vendors. This information travels in standard formats through the business's financial institutions. Each of these formats specifies the fields required in file headers, batch headers, detail records (where applicable), the positions where those fields must appear, their length, and allowable content.
The CCD payment format communicates only the amount being paid; it is the only corporate format that is not accompanied by addenda records. Because remittance data is not transmitted with the payment, the payer may need to employ an additional vehicle to transport remittance information. However, a reference number is placed in the entry detail record so that the payment and remittance advice can be reconciled by the seller (receiver).
The CCD+ format adds a single addenda record to the CCD. Part of the addenda record contains a payment-related information field of 80 characters in which data segments defined by ASC X12 or NACHA-endorsed banking conventions are used. This addenda record allows the transmission of limited remittance information related to the payment.
The CTX format enables a company or business to electronically transmit one payment that satisfies multiple invoices and provides the remittance information for those invoices. The CTX format allows up to 9,999 addenda records. For CTX entries, the addenda are linked together with each succeeding addenda record carrying the next 80 characters of the message. The complete ASC X12 820 or 835 transaction set (EDI remittance advice document) is 'enveloped' within the CTX addenda records.
NACHA is responsible for maintaining the ACH rules and standards governing the exchange of ACH payments between financial institutions. NACHA has several subcommittees that are working on developing the infrastructure necessary to expand the use of electronic payments. The Authentication & Network of Trust Work Group is pursuing the development of a public-key infrastructure within the banking industry, consisting of operating rules and guidelines, business practice standards, and certificate policy and certification practice statements. This infrastructure will enable financial institutions to issue digital certificates to their customers for the purpose of engaging in Internet-based electronic commerce. Another group is working on developing standards for interfaces among digital cash, credit card, and corporate payments systems.
In the corporate realm, the credit card processing system works equally well for corporate purchasing cards as it does for personal credit cards. MasterCard's acquisition of Mondex improves the prospects for widespread international deployment of a smart card infrastructure. A smart card system with the intelligence to maintain purchase audits is likely to gain favor in corporate circles. For a while I've wondered whether corporate payers would give up the flexibility of net 15-, 30-, or 60-day terms, but they have indicated to me that they will. It turns out that the cost of maintaining those systems is extremely high: Simply writing checks costs some organizations up to $10 per check. Immediate settlement eliminates the cost of managing payables. A relatively small incentive in the form of a discount for cash or equivalent form of payment will yield a major change in the trade payments landscape.
This discussion relegates digital cash to the realm of interesting technology without broad application. By and large, the banks are focusing their efforts on electronic check systems and online account management. In my view, widespread adoption of digital cash requires more aggressive support from some existing banking institutions, as well as the development of standard micropricing schemes for information content delivered over the Internet. Although such standards are in process, it's still early in their evolution. For the next couple of years, online credit card and checks will represent the preponderance of both transaction volume and value transferred over the Internet.