Few bankers working today remember depositors abandoning banks in favor of money market funds when those instruments first arrived in the seventies. With tidal force, bank liquidity eroded and the profits of non-bank financial institutions swelled. Unstoppable wave upon wave of cash withdrawals stressed the balance sheets of banks for more than a decade.
During this time, Non-Interest Income (e.g. transaction fees) from the credit card industry became the most important new source of revenue for banks. It was inflation-proof, popular with customers and wildly profitable. The card business evolved, adding the Debit Card product and its (popular with bankers) Insufficient Funds Penalty fee.
Now, for various reasons, the fees associated with credit & debit cards (hereinafter referred to as bankcards) are under pressure from merchants and regulators. New economic models alleviate this pressure by the organization and selling of information derived from transaction events instead of assessing fees as a percentage of the transaction value. Ownership rights of this information need to be asserted, assigned and tracked.
For generations, long strings of numbers have been used as account identifiers. Unfortunately, long numeric strings of numbers were hard to remember, so it became a common practice to use magnetic stripes and embossed numbers on plastic cards to supply the important account information to the merchant. The merchant submits the number to a payment processing network, which routes it to the consumer's financial service provider for the automatic debiting of his credit account or his demand deposit account (a.k.a. bank account). Payment by bankcards also transfers the risk of a fraudulent transaction from the payee to the card-issuing bank, but only in those cases where the physical card is used as part of the authorization of the transaction. Payment by bankcard leaves the risk of fraudulent transactions with the payee if, as is inevitable in an Internet or telephone transaction, the physical card is not presented as part of the authorization.
Transactions that are mediated by computer also offer opportunities for imposters posing as legitimate merchants. Maximum reduction in the risk of fraudulent transactions of all types requires multi-factor and multi-channel authentication.
In those cases where the card-issuing bank bears the risk of fraud, it charges the payee a fee to compensate for that risk. In those cases where the payee retains the risk of fraud, the payee incurs the costs of unauthorized transactions directly. Whether directly or indirectly, payees bear the cost of unauthorized transactions. This cost in turn is built into the cost of goods sold and services rendered to the public. It is called, hereinafter, the “interchange fee.”
Thus, although the public is protected by law from directly bearing the losses on most fraudulent transactions, eventually it pays indirectly for all the losses from unauthorized transactions. Moreover, the public pays even more than the losses themselves: first, the public bears significant costs from fraud and identity theft in time, inconvenience and temporary loss of the use of funds. Second, the public indirectly bears the significant costs incurred by banks, merchants and their insurers to mitigate risk. A processing fee is charged to the payee to cover both the processing costs and risk to the bank or non-bank financial institution that serves the payer. This fee has become the subject of controversy as bankcard transaction processing fees have risen steadily despite gains in fraud mitigation technologies, including new and additional factors to authenticate payment authorizations and economies of scale. Banks have come to rely on this source of non-interest income, especially in this age of dubious assets on balance sheets due to previously lax lending practices. Recent Federal Legislation has reined in what merchants regard as runaway interchange fees. This legislation also protects the consumer with a mandate of notification messages to accountholders when a ‘good funds’ balance or a credit limit may be too low to support automatic debit of a particular payment.
An argument can be made that today's bankcard industry is effectively unopposed by alternative payment systems of any size or significance. The bankcard interchange fee merchants pay is passed on in everyday prices. It is essentially a hidden tax on everything we purchase.
The interchange fee is split among the participants in the payment value chain and has been heretofore regarded as an inherent element in any new payment ecosystem. Led by the dominant bankcard companies, merchants and banks alike believe that any new payment method must run across ‘existing rails’ or payment networks to minimize cost related to conversion. The so-called interchange fee is the by-product of a system of payments that is prevalent today.
In these payment systems, the cardholder agrees by signing the bankcard application contract to permit the merchant that obtains his card number to have the cardholder's implicit permission to have the merchant's bank send an automatic debit transaction instruction to the payer's bank for the automatic debiting of his credit or demand deposit account.
Such systems, based on implicit permission, were developed in an age before there were smart phones and a truly ambient Internet. Smartphones, because of their ubiquitous connectivity, are an increasingly popular choice to provide an extra authentication channel and factor to insure that the risk surrounding the payment is minimized. Furthermore, this ‘additional rail’ or communication network can be used to send explicit permissions on a transaction-by-transaction basis or to modify one's a priori permissions policy for an entire class of transaction types.
The smartphone is rapidly becoming the platform of choice to manage a range of applications involving the transfer of monetary or informational assets. It has become the consumer's hub for vendor relationship management. Mobile device users choose among thousands of smartphone based applications. It is a common practice among applications developers to layer application functions on other applications. Hotels and restaurants deploying Google Maps on their reservations web sites are classic examples of this phenomenon. Such vertical integration is successful because it improves the user experience. Users shun applications that require too many steps or decisions to attain basic goals.
Knowing the true identity of the other party is the best predictor of a successful transaction. However, we are too fearful or simply don't know how to pay electronically, especially when concerns about privacy often prevail. When we must make emergency, last minute or just spontaneous electronic payments, we pay exorbitant fees or we pay a ‘hidden tax’ (interchange fee) that is built into everyday prices. What is needed is a convenient, private, and safe way to send and receive money instantly, anywhere, anytime with added benefits of tailored analyses of our transactional ‘bread crumbs.’ These ‘bread crumbs’ of information are potentially valuable enough that consumers may choose to divulge their identity information to processing systems in order to receive tangible benefits such as coupons, rebates and the like. A mechanism for the wishes of consumers to be established once, for several different kinds of transactions, eliminates the tedium of too many steps or permission decisions to divulge identity information. A system to determine a priori when permissions are explicitly given and when permissions must be obtained from customers in real-time is the subject of this invention. The term customers, in this application, may include entities, individual people, and, in some embodiments, agents of the customers.
This extra communication channel of the smartphone substantially reduces risk of fraud and associated processing costs in the bankcard industry. As there is downward pressure now on interchange rates, new business models have arisen where the consumer can be presented with an electronic invoice or bill, directly to his smartphone, and with which he can explicitly authorize a payment be pushed to the merchant's account. Modigliani, U.S. patent application Ser. No. 10/786,023, published Feb. 12, 2004, teaches synchronization of unique identifiers associated with payments at different institutions. It is a Method and System for obtaining a routable instant or next-day payment address as well as other informational attributes that are associated with unique identifiers that can be discovered and trusted to be true. Modigliani teaches that payments (and bill presentments) made to such properly constructed and registered payment addresses can be made without risk of repudiation due to lack of explicit authorization.
In other words, when an explicit permission to push a payment to the payee is given, a receiving bank can justify posting good funds to an account in advance of actual settlement because it is knows that the transfer will not be reversed by the sending institution for any reason.
Furthermore, by making a registry of such payment addresses publicly available, the risk that the payment address (as well as other informational attributes associated with the unique identifiers) is unknowable and/or not certified to be authentic is eliminated. When payees' unique identifiers and associated information attributes are registered in the directory/processor taught by Modigliani, '023, the risk bearer's costs from the prevalent implicit-permission-to-automatically-debit method can approach zero.
The risk of the transaction is borne entirely by the payer, who explicitly authorizes the payment, not their bank. The payee's electronic payment address and associated information attributes such as but not limited to name, physical address and phone number, are guaranteed to be true by the registrar that supplies the asset transfer address to the validation registry. In the unlikely case that the registrar bank has been tricked by a fraudulent customer impersonating a legitimate payee, it (i.e., the registrar bank) would be responsible for any transaction failure attributed to an inaccurate payment address. Further, when a payor's unique identifiers and associated information attributes are also in the registry, the payee's system can query and react according to preset instructions. Hill, U.S. Pat. No. 7,349,843 teaches a system assigned unique identifier is placed on the outgoing mail. Tsuei, U.S. Pat. No. 7,213,748 describes a privacy protection scheme in which the user is assigned a private code identifier that is placed on the letter or package. The delivery service, but not the sender, has access to a database that can convert the privacy code into the recipient's actual address. In this way, a consumer can have goods shipped to his privacy code, and the shipper will reliable the item with consumer's address, so that the consumer's identity or location need not be revealed to the merchant who sends the goods. Instructions can pertain to various kinds of information as well as various kinds of application contexts. Logan, U.S. patent application Ser. No. 11/198,124, published Nov. 24, 2005 teaches that user-chosen vanity names or existing identifiers already assigned to the user, such a phone or fax number, URL, email address, or a Global Location Code can be cross-referenced in a directory and resolved to a physical address. A registry such as the one envisioned by Modigliani '023 does not need to presume which kind of unique identifier is easy to remember by a given user. A system is needed that enables users to determine, in advance, which unique identifiers (and permissions) relate to specific monetary asset transfer and/or informational asset transfer applications.
Now, payment systems are emerging where the merchant pays for the transaction processing and risk-bearer's cost by itself supplying information pertaining to the transaction instead of paying the traditional interchange fee. This flow of personal shopping behavioral data may be regarded as confidential by some consumers but in fact, the merchant owns this data and he can do whatever he wants to do with that information. If the merchant desires to reduce the payment processing burden of paying interchange with an implicit-permission payment system (such as debit or credit cards) by supplying sales data pertaining to each item purchased in a particular transaction, he can do so. If the merchant desires to reduce the burden of paying interchange by allowing a payment method that partially masks the consumer's specific identity while divulging such information such as mobile phone number or address of the consumer, he can do that. Personal identifiers add value to the many streams of data pertaining to transactions for data mining.
But in the bankcard era, when consumers gave card numbers to merchants along with their implicit permission to automatically debit their accounts, they did so with the belief that the merchants would never disclose their private shopping habits to others. However, nothing in the past prohibited merchants from selling their summary store sales data to large repositories. While Hill '843, Tsuei '748 and Logan '124 attempt to solve the problem of customer information such as delivery address becoming widely distributed by merchants among numerous data repositories, none of this prior art attempts the same for addresses for ‘to and from’ delivery of digital content much less delivery of monetary assets to so-called electronic payment addresses. As data repositories grew to oceanic proportions, inferential analysis has become the norm. Retailers and manufacturers alike seek direct referential knowledge of an individual's behavioral data segmented by their membership in one or many consumer groupings. What is needed is a mechanism that gives consumers the capability to regulate when and how their consumption data is used for analytical purposes so that unauthorized use of data analysis does not harm them in any way.
In brief, the old way of payments is based on implicit debits and the new way uses explicit permissions to “push” asset transfers (i.e., this is the explicit authorization taught by Modigliani '023). Just so, the emerging cases and systems where merchants use consumer information to “pay” for costs are based on implicit permissions to “push” these information transfers. This invention brings preset policy concerning when to allow, via explicit permissions, automatic information stores/transfers and when to require real-time customer authorizations to such information transfers.
This invention helps merchants by reducing systemic chargebacks associated with payments that are repudiated due to lack of proper authorization. Merchants offset their costs of acquiring valuable marketing behavioral analytics that are otherwise unobtainable by reducing or eliminating their interchange fees altogether. Merchants that elect to obtain analyses of their customers' behavior will have trade advantages in the marketplace because they will have new awareness and capability to communicate with their segmented customer base.
What is needed is a mechanism that replaces the current default condition of blanket implicit permissions with explicit permission whenever conditions arise whereby such is desired, and to do so without forcing a specific decision step for every transaction. The convenience of bankcards continues to be the standard by which all alternative payment methods are measured. Allowing one's ‘transactional breadcrumbs’ to be aggregated, sorted and mined can be valuable to consumers when merchants wish to offer incentives to return to the store for loyalty benefits such as special sale prices, rebates, and the like. Payments data is now more valuable than ever before for behavioral targeting. Online advertising/data analytic companies realize premium value for data related to payments, especially data from consumers when they transact while mobile. Online advertising/data analytic companies realize opportunities for mashups by consolidating reporting and giving advertisers the ability to compare data directly vs. trying to process it all themselves.
For example: when you order food online, you become part of a vast database that lenders might tap to help them determine whether you are a good risk. A food delivery proves that you actually reside at an address where you claim to be living. Moreover, all sorts of these data reservoirs exist, and none of them is off limits to lenders, who are coming off the worst financial debacle since the Great Depression. Risk management companies work with lenders and investors to build better underwriting mousetraps by continuously probing for ways to help clients quantify their risk to prevent fraud and otherwise insure the quality of their loans.
For example, they might peek into your online-buying habits. Someone who purchases his shirts from a Brooks Brothers catalog may have more disposable income than someone who shops at J.C. Penney. The safest lenders are digging into databases maintained by Domino's Pizza, Papa John's or Victoria's Secret. The only boundary is whether the information can be accessed legally. Mobile payments initiated from a smartphone can replace cash, checks and even bankcards for smaller transactions. Personal identifying information such as caller ID number & other identifiers may be used to authenticate the owner of the smartphone in order to mitigate risk that a payment is authorized. Trust that sales data obtained from authentic sources can be proven and legally certifiable will be valuable when dispute of information ownership may arise.
Some consumers care a great deal about privacy. Others recognize that in today's noisy digital world, privacy is hard, if not impossible, to protect, and they simply don't care to be stressed about it. Other groups don't mind having their shopping behavioral data aggregated by marketing cohort group, and if it only means that a phone number or address is needed to assign membership in one of several cohort groups then that is fine. As long as these consumers receive something of value in return, they are happy to leave behind a trail of ‘digital breadcrumbs.’ Still others may be reluctant to participate when they are uncertain about having to provide certain data, or how that data may be used, and may in fact provide misleading or false data to protect their privacy while participating.
In today's world, many kinds of information now flow into repositories that may be owned or operated by entities other than the original merchant. In many cases, these repositories, having acquired the ownership of or access to such data, are not restricted on their use of such data. In Modigliani '023, the interaction (query/response/transact) with the registry results in an asset transfer without repudiation from lack of authorization. When information attributes (permissions) are supplied when the registry is queried by a merchant (e.g. to send a bill listing items ordered for a meal after a menu selection is made), the subsequent compilation of sales data in a repository specified by information attributes (permissions) can also be said to be certifiably obtained. This adds value because of the assurances of provenance and quality of the data.
This phenomenon will increase in likelihood as non-repudiable electronic payments become more prevalent and consequently increase the volume and value of transactional data. Some project that the value of data to payment processors and banks will soon exceed the value of the income from interchange.
Many consumers are flustered and feel overwhelmed by the cacophony of digital noise in modern life. Asking a consumer to provide explicit permission to allow information flows for each transaction is unrealistic and burdensome. What is needed is a system and method that enables the consumer to establish and lock down his own custom rule-set for a priori permissions pertaining to defined categories of information flows that result from transfers of both monetary and/or informational assets. Such a system supports the range from default conditions when implicit permissions are granted to default conditions when explicit permissions need to be granted. A number of responses to this set of problems have been proposed.
Mohsenzadeh, U.S. Pat. No. 7,742,884 issued Jun. 22, 2010 is for a Method and System for conducting payment transactions over the public telephone network. In Mohsenzadeh, when goods or services are purchased from a merchant, an individual can initiate, authenticate and authorize a payment during a single phone call. This method stores the number of the telephone device in the payment processor's system for retrieval and match with caller ID information as a factor of authenticating the owner of an account is the same as the owner of a telephone device. In Mohsenzadeh '884, when the payer authorizes the transaction with multiple authentication factors such as a PIN, Caller ID and even other authentication factors, things proceed somewhat similarly to how they would with a traditional credit or debit card transaction, i.e., implicit permission is presumed and an automatic debit of the payers account ensues. Normal interchange fees are still assessed. There is no mechanism proposed to operate to ensure a priori policy requiring explicit permission of the purported authorizing party regarding the disposition of discreet data pertaining to what was purchased in the transaction. While Mohsenzadeh '884 teaches how additional authentication factors can reduce risk of repudiation with a simple user experience, he relies on the unique identifier of the phone number associated with static bankcard or bank account numbers. Consequent automatic debiting once said numbers are presented alongside multiple factors still supports traditional interchange economic models and NOT a model that acquires information in lieu of interchange or the lowering of interchange costs by some measure of value derived from the acquisition of information.
Monaghan, United States Patent Publication No. US2004/0030645, published Feb. 12, 2004, is for a Method and System for Performing a Transaction Utilizing a Thin Payment Network. In Monaghan, when goods or services are purchased from a merchant, the purchaser provides identification to the merchant. The merchant then forwards the purchase details to a processing means that verifies the merchant's authenticity and forwards the transaction details to the purported purchaser's bank. The bank issues a request through a separate channel to its customer, who purportedly is the purchaser, for authorization using a PIN. If the bank receives the correct PIN, the bank authorizes the transaction, and things proceed somewhat similarly to how they would with a traditional credit or debit card transaction.
Monaghan teaches that the current methods of authorization are not effective because such methods only confirm the presence of funds in an account and fail to address the issue of improper authorization of the user involved in the transaction. Ultimately, upon receipt of a periodic statement or even sooner, a user may dispute a monetary transaction on the grounds of improper authorization, and if successful, either the payee or the bank suffers a loss. Another issue recognized by Monaghan with regard to current processing methods is that sensitive information is available to numerous parties, who may misuse it or fail to protect it from identity thieves. When information pertaining to a person's personal behavioural characteristics is gathered and sold, there is further risk that a user may dispute an informational transfer transaction on the grounds of improper authorization, and if successful, either the entity receiving and/or purchasing the information or the entity sending and/or selling the information suffers a loss.
Both Monaghan and Mohsenzadeh, like the current PIN debit system, rely on PINs (or passwords) as their primary security mechanisms. But a PIN (or password) is not a very robust authorization factor: for example if a person writes a PIN down to avoid forgetting it, the PIN is subject to compromise. The act of knowing what a PIN or password conveys an implicit permission to present it for authorization.
What is needed is an invention that addresses PIN/password and other factors such as callerID weaknesses by implementing explicit permissions in a fashion analogous to Modigliani '023's explicit authorizations to pay a deposit-only payment address without repudiation due to lack of authorization.
In Monaghan's second patent application, U.S. Patent Application Ser. No. 61/366,029, of Jul. 23, 2010, advances the art beyond the earlier system described in the '645 publication which is now public domain material since that case was abandoned. The original '645 publication discloses a process flow that enables an invoice to be routed to the consumer's financial institution which in turn, contacts the consumer to seek approval and authentication from the consumer for the purchase of the goods or service by entering a password or PIN to indicate that the consumer's approval of the transaction. The consumer's financial institution then sends a message to system indicating approval. The system then acknowledges this approval to the merchant who then releases the goods or service to the consumer. The payments may be pushed via efficient ACH networks, eliminating the need to pay higher interchange fees that are split among each participant in the payment ecosystem.
The Monaghan '029 application teaches how the one time code supplied by a financial institution replaces all personal identifying information of the payer. Consequently, the transaction database of the merchant will contain the one time code as a unique identifier only for that transaction. This renders all consequent data pertaining to the transaction to be assigned to an anonymous payer. Merchants and manufacturers alike place higher value on behavioural analytics segmented by marketing cohort groups. Such segmentation can only be deduced when the phone number or address of the consumer is assigned to the transactional data from the purchase event. The invoice details associated with any one time code may still be presented to the consumer prior to the payment being approved so that the consumer can authorize payment. This method simultaneously: a.) enables the consumer's bank to obtain an aggregation of invoice details for monetization from data-mining without the consumer's explicit permission; and b.) avoids needing consumers' explicit permissions for non-banks to exploit data pertaining to the consumer's shopping behavior because the user identity is never retained by the merchant or the payment system.
However, neither Monaghan system proposes an operational mechanism to ensure a priori policy requiring explicit permission of the purported authorizing party regarding the disposition of discreet data pertaining to what was purchased in the transaction. The sales data of the consumer is still retained by the payer's bank and no mechanism is proposed to set a priori policy instructions to exploit or safeguard these ‘transactional breadcrumbs’ according to the consumers' wishes. This remains an unfulfilled need.
Singhal, U.S. Patent Publication No. 2002/0062281, published May 23, 2002, discloses a payment system in which a user may make a private and secure payment to a merchant using a wireless device, a payment card or a bank card or to another party using a wireless device. Singhal '281 proposes a payment system in which the user does not share his financial information with, and may not even disclose his identity to, the merchant and does not disclose to the user's bank the type of purchase involved (thereby keeping confidential from both the user's bank and the merchant the user's purchasing habits). Further, the user does not have to carry his bankcards or checks. In each embodiment in which a payment is transacted to a merchant, the payment system includes, generally, a central system that works in conjunction with a wireless device belonging to a user, a payment card generated by the central system or an existing bank card. The payment card bears no relationship to the banking entity or the existing bankcard, but it may be utilized to identify the user in the transaction.
In practice, a user selects merchandise or services for purchase from the merchant. The user scans or enters transaction related information into a wireless device and enters either a PIN or a pre-stored number identifying a payment card or a bank account that the user is authorized to access. The wireless device is used to create a payment request that is transferred to the Singhal payment system for authorization. The central system assembles a payment record including pre-stored bank account data and submits the information to an automated clearinghouse. The Singhal system proposes no additional means to ensure explicit permissions of the purported authorizing party regarding the disposition of discreet data pertaining to either a monetary or informational asset transfer event.
Holcombe, U.S. Pat. No. 6,671,696 and U.S. Pat. No. 7,136,869 disclose an Informational object authoring and distribution system and a Common point authoring system for tracking and authenticating objects in a distribution chain, respectively. These patents rely upon a registry to track uniquely identified products but neither envisioned a system and method for a priori policy granting explicit permission to certifiably attach and store metadata that commemorates the transfer of ownership of an informational asset from one party to another party.
Monaghan, U.S. Provisional Patent Application Ser. No. 61/377,362 filed on Aug. 26, 2010 discloses a map of rules that accompanies money to control how it is spent. This patent relies upon a registry to manage money under an entire new definition of money. Monetary assets are tagged with meta-data or rules that restrict its use. Monaghan '362 does not give users a method to assert ownership privileges or restrictions over assets of an informational nature.
As more and more goods and services reside ‘in the cloud’ and as more and more data about physical goods and services reside in the cloud, the ability to transfer and later track rightful ownership along with certified digital provenance documentation becomes increasingly valuable.