Managed information cards for secure online purchasing

Here&#39s news of an important technology demonstration from Ping Identity and ACI Worldwide at the upcoming DIDW Conference (just two weeks away in San Francisco in case you have forgotten to register).

To put this in context, ACI Worldwide is the world leader in retail payments – over half the plastic card transactions in the world (55 billion last year) go through ACI&#39s software at banks, merchants and networks in over 85 countries.

The presentations will include a discussion of how,  “the 3D-Secure protocol used by Visa, MasterCard, and JCB, as well as the PayPal protocol, could easily be adapted to support Information Card”.

The work is the result of a collaboration by Sid Sidner, the architect for ACI’s virtual SET wallet and 3D-Secure products, and Ping&#39s Ashish Jain and Patrick Harding.  Ping&#39s backgrounder says:

“The identity metasystem concept embodied in Information Cards has applications beyond pure authentication.  For example, Information Cards could be excellent for supplying payment data to an e-commerce merchant during a purchase.

“It would go like this: A payment provider such as a bank or PayPal issues a consumer a payment Information Card.  Then the consumer can use it at participating merchants.  They simply click a button which activates the identity selector software on their PC, phone, or set-top box – an identity selector like Microsoft&#39s CardSpace or any of the other ones being developed.  The consumer selects the payment Information Card of their choice, enters their PIN, and the identity selector gets the payment information from the payment provider and returns it to the merchant.

“The consumer will like it because they don&#39t have to type in the card number, expiration date, CVV, and billing address.  The merchant will like it because the clickpath to order submission is shorter; they will should get better merchant fees and fraud risk; and they don&#39t have to store sensitive cardholder information in their databases.  The payment provider will like it because they can dramatically lower their e-commerce fraud.

“An exciting aspect of this is that the 3D-Secure protocol used by Visa, MasterCard, and JCB, as well as the PayPal protocol could easily be adapted to support Information Cards.”

3 thoughts on “Managed information cards for secure online purchasing

  1. This is really cool news!!! I advocated open standards at Visa, and 3-D secure always rubbed me the wrong way for a) not being an open standard that could be leveraged by other parties, b) had very limited ability to be extended to work in any sort of “identity metasystem” and c) didn&#39t really allow for the sort of innovation that openid & information cards allow.

    That being said, the problem with changing 3-D Secure is one of costs – there were a lot of machinations just to get 3-D adopted in the last few years – I&#39m not sure its realistic to expect a lot of enthusiasm for *more* investment in technology change across the online electronic payments ecosystem! (Though it would be pretty cool…)

  2. Pingback: IdentityBlog - Digital Identity, Privacy, and the Internet's Missing Identity Layer

Leave a Reply