A micro-payment is defined by visa as any transaction of a value below $20 U.S.D.[V][i]. The World Wide Web consortium also maintains the micro-payments initiative which has recently been closed; one major reason for the cessation was that organizations such as Paypal and Ebay have developed far more pervasive systems using existing W3C standards [W3C][ii].
Micali et all defined a micro-payment as:
A payment Scheme consists of a set of protocols involving at least three basic parties: An individual, buyer or user, the merchant and the bank. These could be individual entities – such people, device or computer programs or collections of entities.[MSRR][iii]
Transactions across the internet must be encrypted and are usually conducted utilizing transport layer security and x.509 based certificates. Security is a necessity of any financial transaction regardless of location. Companies such as PayPal process hundreds of thousands of transaction requests per day as micropayments are their primary business [PP][iv]. The core of a PayPal transaction is an embedded XML request that transfers the transaction to PayPal for processing directly on pay pals web-servers. Merchants including Ebay use paypal as a payment processor. Paypal uses standard Transport layer security to ensure that the session for the transaction is secured. The core value of PayPal is that as an intermediary they protect the identity and details of the purchaser from the merchant for the duration of the transaction.
One major trend in micro-payments is the use of Peer to Peer technologies to support the transaction as opposed to traditional XML or XMLRPC over encrypted links to facilitate transactions; one example is PPay a recently developed peer to peer based transaction protocol that uses a “floating self managed currency” [YB][v] Another not yet widely adopted online currency is the BitCoin which is based upon the ideas of PPay but utilizes a proprietary PKI based mechanism to transfer generated hashes between parties as a form of virtual currency. [NS][vi]
The goal of Bit coin is to facilitate transactions without the need for a broker or bank such as Paypal or Visa but to have the parties agree to exchange “bitcoins” for goods and services. Bitcoin achieves security by using encrypted connections to transfer hashes generated by using the public key of the receiver and the private key of the sender using PGP and AES as it’s incredibly secure and due to the nature in which bit coins are generated they are very difficult to if not impossible to fabricate. However bitcoins are not a micropayments but a virtual currency similar with a novel micropayment protocol; similar to eGold or Flooz. Both eGold and Flooz failed due to low market adoption rates and that eGold was used for laundering and fraud.
The security considerations of all micropayments are traditionally referred to as fraud and or “Salami slicing” or “penny shaving” where the nature of the fraud involves various individual small manipulations of a system to amount to a large amount of fraud. Penny shaving was an actual practice at one point where the party would shave the edge of a penny to collect the copper whilst still retaining the ability to spend the penny. Although “Salami” techniques involve small thefts they are still considered fraud and computer abuse in most industrialized countries. The concern with micropayment and micropayment systems is the ability for “salami techniques” to be applied to them by using identity theft or fabrication and potential attacks on any transaction systems. As long as currency has value people will find ways to “game the system” regardless of any consideration for law; whether or not the currency is virtual or real is now a moot point.
References:
[i] [V] n.a. (Visa inc., June 24th 2010) Visa launches a new way to pay online [Online] PDF Document, Available from: https://www.payclick.com.au/getattachment/e693f4a2-3e0b-4811-841e-5c43ef5aa19b/payclick-Press-Release-24-June-2010.aspx (Accessed on June 20th 2011)
[ii] [W3C] n.a. (W3C, Micropayments Initiative, 2010) Micropayments Overview [Online] World Wide Web, Available from: http://www.w3.org/ECommerce/Micropayments/ (Accessed on June 20th 2011)
[iii] [MSRR] Micali, Sylvio; Rivest, Ronald L (MIT, Cambridge, Laboratory for Computer Science, 1997) Micropayments Revisited [Online] PDF Document Available from: http://people.csail.mit.edu/rivest/MicaliRivest-MicropaymentsRevisited.pdf (Accessed on June 20th 2011)
[iv] [PP] n.a.(Paypal Inc. n.d.) What is Paypal [Online] World Wide Web, Available from: https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/popup/OLCWhatIsPayPal-outside (Accessed June 20th 2011)
[v] [YB] Yang, Beverly; Garcia-Molina, Hector (Stanford Unverisity, 2003) PPay: Micropayments for Peer to Peer systems [Online] PDF Document Available from: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.85.7457&rep=rep1&type=pdf (Accessed on June 20th 2011)
[vi] [NS] Nakamoto, Satoshi (Bitcoin.org, n.d.) Bitcoin: A Peer-to-Peer Electronic Cash System [Online] PDF Document, Available from: www.bitcoin.org/bitcoin.pdf (Accessed on June 20th 2011)
No comments:
Post a Comment