The present invention relates to the field of electronic transactions between parties. For example, the present invention may have relevance to the field of monetary transactions.
Credit or debit card transactions are known mechanisms for performing monetary transactions between two parties, such as between a purchaser and a seller. After confirming the transaction amount, credit or debit transaction typically proceeds by the purchaser providing information that uniquely identifies them, such as an account or credit card number. The purchaser is then required to provide some means of authenticating that the transaction has been authorised by them. For example, the purchaser may be asked to enter a personal identification number (PIN). The PIN can be checked for validity by comparing it to a checksum value stored on the card itself, for example. Alternatively, when purchasing online or via telephone, where a PIN cannot be easily and securely entered, a user may be requested to provide additional information displayed on the credit or debit card to prove that the user has physical possession of the card. For example, the user may be requested to provide at least one of a CV2 code, a start date, an expiry date, or an issue number of a card. Again, this data is then checked for validity before the transaction is permitted to proceed. In either case, once the transaction is authenticated, the seller issues a transaction request to a trusted third party (also referred to as a clearing house or TTP), which performs the transaction and causes the funds to be transferred as appropriate.
Such a system has several drawbacks. In particular, it is necessary for the seller to have a connection to the clearing house in order to issue the transaction request.
A further disadvantage of this approach is that the authentication is entirely one-way. Although the seller is able to authenticate the purchaser, the buyer has no means of authenticating the seller. It would be possible for a nefarious fourth party to spoof or masquerade as the seller in order to deceive a user into agreeing to a transaction that was either valueless or one that the nefarious fourth party has no intention of following through on. In fact, such systems typically rely on the seller being implicitly trusted, and it is possible for this trust to be exploited. For example, having confirmed that the buyer agreed to a transaction of a particular value, the seller could secretly send a transaction request for a different value to the trusted third party.
Yet another disadvantage is the above approach does not provide any privacy. The purchaser is uniquely identified by the identification number that they provide. It is therefore possible for a seller, the trusted third party, or another entity elsewhere in the system to gather information on the buyer such as their spending habits or geographical location. By making inferences and cross referencing purchases, it is possible to also infer other information. For example, it could be inferred that a purchaser that buys a large amount of cat food every week owns several cats.
Some of these disadvantages can be overcome by the use of offline credit card transactions, which were common before the advent of dial-up modems. Offline credit card transactions involve creating a paper certificate authorising a specified payment from the card holder to the recipient. The paper certificate may be created by taking an impression of the credit or debit card on carbon paper, thereby creating an accurate copy of the card's details. The purchaser's signature is obtained, thereby validating the details and authorising the payment. Copies were kept by both parties so that neither could alter the contract subsequently without being detected, and at a later date, a trusted third party such as a card payment settling service would receive the details and initiate the transaction.
However, such a system remains problematic in several regards. Firstly, the issue of privacy is not overcome. In particular, the buyer is still identifiable, and purchase history, as well as other personal information, may be determined by other parties including the buyer.
Secondly, the identity of the seller is not verifiable by the buyer. In particular, the buyer has no means of verifying that a seller is who they claim to be.
A further disadvantage to both the above systems is that it is necessary for the buyer to have set up and provide full details regarding how payment is to be made, at the time of purchase. The seller must also have provided full details regarding how the payment is to be received prior to the time of purchase. This may be inconvenient if a user wishes to maintain a number of sources of funds and/or organise their finances at the time the purchase is made. The seller may wish to maintain a variety of accounts into which payments may be made, depending on a number of considerations. Such considerations may include, for example, liquidity of the seller's assets, the amount that the transaction is for, the nature of the goods, or the trustworthiness of the buyer.
Other known systems include the Octopus card, which is a smart card used for making electronic payments online or offline systems. Octopus allows users to pay for goods or services provided by businesses. Another known system is that of Bitcoins, which form part of a decentralised digital currency that can be spent online.