The rise of e-commerce, and more recently digital wallets, has been a fragmented affair, meaning there is little standardisation across the e-payments industry. This is something that needs addressing, says Jeff Jaffe, CEO of the World Wide Web Consortium, and there is no time to lose.

Electronic commerce – through credit card payments, PayPal, etc – is of increased importance to the global economy. E-commerce sales (business to consumer) were projected by market research company eMarketer to rise to $1471bn in 2014, an increase of 20% from 2013. At the World Wide Web Consortium [W3C], which creates standards for web technologies, we are not surprised by this trend. The open infrastructure we are developing has helped to transform the lives of billions of people, empowering them to share, communicate and engage in economic activity in innovative ways.

We are also mindful that as this trend intensifies, it produces new challenges for web technology. As World Wide Web inventor Tim Berners-Lee wrote in March 2014 at the occasion of the web's 25th birthday: "Though the mood is upbeat, we also know we are not done. We have much to do for the web to reach its full potential." For the area of a payment infrastructure on the web, there are three aspects that require immediate attention: mobile payments, digital wallets and security.

Fragmented market

The popularity of mobile devices has made mobile payments the focus of many current initiatives. According to IT research firm Gartner, by 2017, mobile commerce revenue will make up 50% of all digital commerce revenue in the US. A number of major players have brought mobile digital wallets to market, but without large-scale success. The proliferation has resulted in fragmentation that has created confusion among merchants and consumers and hindered adoption. According to management consulting firm McKinsey: "Today's mobile payment market is changing rapidly and is littered with incompatible choices and no clear winners, with diverse players locked in a high-stakes battle for consumer relationships."

Inadequate security and privacy, complex user interfaces and other obstacles are also preventing us from realising the full potential of the web, and e-commerce by extension. To give a sense of the magnitude of the security concerns, for example, a European Commission report estimated that one in seven payment cards in the US was exposed to a data breach in 2013. A report by fraud detection specialist Kount states that 35% of internet users in Europe have expressed concern about the security of online payments. And research by Gartner notes that merchants across a variety of industries are increasingly concerned about platform security and fraud management.

Act now

The time has come to standardise web payments.

Why do I believe it is time? The main reason is a confluence of technical developments that make this timely. This includes novel means of making mobile payments, including digital wallets. These technologies offer a substantial basis to simplify transaction flow, which should improve usability and decrease the number of e-commerce transactions that are left incomplete. They also offer the possibility of enhanced security, which should decrease fraud.

We also need stakeholders to be willing to come together on a standard. Major players from all parts of the payment industry – banks, card issuers, merchants, mobile operators, browser vendors and payment processors – have chosen to work together for the first time, at the W3C. They began by defining a charter for this work, a new W3C web payments activity, which we launched in October 2014.

Initial participants include the US Federal Reserve Bank of Minneapolis, Rabobank, Group BPCE, Bloomberg, Target, Financial Services Technology Consortium [FSTC], GSMA, AT&T, Deutsche Telekom, Orange, Gemalto, IBM, National Association of Convenience Stores, Opera Software, Tencent, Verisign and Yandex. Many others attended our March 2014 workshop on payments, including ABN Amro, Crédit Agricole, the European Commission, Google, GSMA, HSBC, ING, KDDI, Ingenico, Microsoft, Mozilla, PCI SSC, Qualcomm, Samsung, the Society for Worldwide Interbank Financial Telecommunication, Telefonica, and the World Bank.

A necessary complication

Standardisation is never easy among diverse stakeholders, but here it is different. There is a common understanding that simplifying the transaction process, providing advanced services through digital wallets (such as loyalty schemes), and reducing fraud are paramount. Indeed, these stakeholders are converging on what they wish to improve through open standards: security and authentication, support for multiple payment approaches and interoperability among them, seamless user experiences and creating a platform for innovation.

The web's strengths play a decisive role. Consider the scale of the web: two in five people on the planet are connected to the global internet. There is still much to do to connect the rest of the planet, but we believe the web offers the right infrastructure and openness to get us there.

The second reason is that today’s Open Web Platform, with HTML5 as its cornerstone, has become a full-fledged programming platform that can run on a huge variety of devices, lowering the cost of creating rich applications to reach users everywhere. This makes the web the premier platform for cross-device innovation.

A third reason is that the web is flexible enough to allow multiple approaches and different ways to distribute control. Standards will create a larger market for everyone, and enable them to innovate through services. For example, US consumers have indicated, in research by Wedbush Securities, they would most trust their banks as providers of mobile wallets. Banks are in the unique position of enhancing wallet offerings by integrating payments with other banking services. Broad digital wallet interoperability will enable banks to provide those services to the most customers.

Making advancements

There is considerable work under way to continue to enhance web technology in general, which also helps web payments. A web crypto application programming interface [API] will increase security by giving app developers access to underlying security mechanisms (so app developers do not have to write their own). Geolocation APIs make it possible to tailor offers, and discussions about geo-fencing are ongoing. APIs for near-field communication and Bluetooth will enable mobile payment approaches. These developments are important but more must be done. That is why the Web Payments Interest Group – a group launched by WC3 – is looking at use cases to develop a roadmap for standardisation.

The group has already identified several opportunities around digital wallets, which show promise for increasing security, usability and innovation. Standards such as ISO/IEC 7810 for the physical characteristics of identity cards make real-world wallets convenient in a variety of ways. Manufacturers can design wallets at a lower cost that are broadly usable. Consumers can easily add new credit or identity cards without prior negotiation. In the digital world, data standards determine whether a card fits into a digital wallet. Card issuers and wallet application designers will implement the standard APIs for payments or receipts. This will allow one to add a card to one’s wallet from an arbitrary issuer. But there are many ways to pay – token-based approaches, push-based solutions (PayPal and others), coupons and loyalty cards, crypto-currencies, etc – so we will need to consider the interoperability of a range of instruments.

Another protocol that we can standardise is how the digital wallet and merchant determine which payment instruments I can use for a given transaction. One expects to be able to open their digital wallet (on desktop or phone) at a given store (web or brick-and-mortar) and choose one’s preferred payment instruments. Standards will drive innovation at the moment of selection.

A flexible approach

One challenge we anticipate will be to identify the right standardisation abstraction given the diverse forms of authentication that will be available. Mobile devices will feature secure elements, biometrics, multi-factor authentication and more. But we also need more security from other devices. Many banks, for example, have recently announced a push for broad adoption of tokenised payments. In all likelihood, we need a flexible approach that can be customised later to diverse forms of authentication.

We will also need standards for stronger proof of payment. For example, merchants want to know that they have been paid in push-based scenarios, and consumers will want to store electronic receipts in their digital wallets for financial management, expense reports and so on.

Given the complexity of the payments landscape, the success of our effort will also depend on collaboration with other organisations that are creating standards at different layers of the stack. In addition to direct participation in our work by organisations such as the FSTC, we are developing liaisons with other organisations such as ISO and X9 to ensure that the W3C's work interoperates with other parts of the payments stack.

The US Federal Reserve Bank has said: "The main factors limiting consumer adoption of mobile banking and payments are security concerns and the belief by some that these services fail to offer any real benefits to the user over existing methods for banking or making payments." We believe the web is the best platform for eliminating those obstacles to adoption, and also that we have the right players at the table to be successful (including the Federal Reserve Bank). The web has played a fundamental role in the growth of e-commerce for the past 25 years, and we believe it is ideally positioned to support the next wave of payment innovation.

Jeff Jaffe is the CEO of the World Wide Web Consortium. W3C's Payments Activity is supported in part by the EU through the HTML5Apps project. Stéphane Boyera has been leading W3C's new web payments activity.

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter