The Future of Electronic Payments
By Bob Pollitzer, ALLTEL
The technology needed to transact online payments of any size or type exists today. In fact, electronic payments are arguably more reliable and significantly less costly than paper-based forms. Yet, despite billions in potential savings, consumer uptake remains marginal. Why is this? The answer rests on the notion that payments are a sociological phenomena not a technology problem. The simple fact is that people trust people, not computers--especially those attached to the Wild West Web, the place where even Microsoft can get hacked. Trust enablement is the key to cracking consumer adoption; it represents the future of banking.
Subsequent its emergence in the mid-1990s, Internet commerce became quite literally a national obsession. Everyone is now doing it, from consumers trading stocks, to an increasingly time-strapped middle->
Yet the promise of truly frictionless online transacting remains unfulfilled. Internet payments - that vital other half of the online commercial equation - continue to stubbornly refuse trivialization into an oversimplified "point and click" format. The lesson here is that trust is crucial, especially in money matters.
Here we argue that consumer e-commerce adoption rates, the central issue in B2C e-commerce, have failed to materialize due to a fundamental flaw in the Web payments paradigm. After setting the context and identifying the problem, we will discuss some very promising research on how trust may be enabled online. And finally, we look at how these new tools might prompt an adoption breakthrough while simultaneously offering a significant business opportunity to the banking industry.
It's only money.
Using money to facilitate commerce is a well-practiced art, one dating back to Babylonian times. Money serves as a substitute for material wealth, thus presenting a number of benefits to the economy in which it circulates. With this technology, commerce was able to scale up to civilization-sized proportions - effectively enabling the emergence of modern culture.
While money can't actually be material wealth (as King Midas tragically discovered), it is often psychologically associated with such fundamental human needs as food, shelter and security. And despite strong social conditioning to the contrary (e.g., unemployment benefits, deposit insurance, social security, disability benefits, etc.), this perception remains very deeply seated.
As a result, it is mistaken to view money as a mere technological artifact. In the 1920s, French writer Marcel Labordere noted that "...man will never be able to know what money is no more than he will be able to know what God is.....Money is not the infinite but the indefinite, an astounding complex of all sorts of psychological as well as material reactions." In other words, money and payments must be understood as a sociological phenomenon of profound depth and complexity; one which both shapes and facilitates the fundamental processes of commercial interaction.
As the story goes, rounded dinner knives exist because we humans are particularly "animalistic" when eating - there were simply too many dinnertime stabbings. The practice of using less dangerous dinner knives is a social protocol evolving from a long-perceived truth. Daily life is immersed in such protocols. They describe and orchestrate conduct of that richly complex choreography we call civilized life.
Social protocols involve tokens and rituals that are manifested through cueing systems, some subtle, some not. Humans constantly, and usually quite subconsciously, use these cueing systems in order to establish and work within familiar situational frames. In the process of social interaction, people make and then seek to verify a series of assumptions that collectively shape expectations for how the encounter will play out. Violating these expectations - particularly when money is central to the interaction - automatically raises "red flags."
The social protocols relating to money and payments are especially important because of the strong emotional associations they evoke. For example, people can become uncomfortable in the presence of large sums of cash, just as they might if confronted with a social taboo. But money is not a forbidden fruit, is it?
We also know that money can bring out the worst in people. Just recall the storied behavior of kings and dragons (who are maybe just derivatives of kings) when ensconced in their treasure-laden strongholds. In fact, the word treasure itself says a great deal about our culture - it is both a noun (money and money substitutes) and a verb (to cherish).
Bottom line, when it comes to money, two rules prevail:
- People trust people not computers; and:
- People have absolutely no sense of humor when it comes to money. It is indeed something they cherish, and the very subject all too often motivates crime, divorce proceedings, sibling rivalries, murder and even war. People's money is not a thing to be trifled with.
Moreover, since payments are nothing more than money delivery systems, they are naturally veiled in the same patterns of behavior. These protocols can be observed wherever money is exchanged. Nowhere are money and payment conventions more evident than in a traditional mid-twentieth century financial institution. The bank's external architecture - an image so enduring as to become standard in most PC graphics packages - is designed to exude an air of safety and security.
Inside, one can see the bank's platform area, with the officer's desks out in the open - as if to say "we have no secrets from the people whose money we handle." Also in view are the tellers, who stand framed by enormous enclosures, at once guarding and hiding the otherwise discomfiting stacks of currency. And the manner in which employees quietly transact with their customers lends an air of courtroom-like dignity to the proceedings.
The above are all cues which bankers understand, and which are deliberately employed to appropriately solemnize the serious business of handling people's money. The story is told of a Chicago banker who carried an umbrella every day, rain or shine, knowing people would look and say, "That must be a safe bank [a place you can trust].1" But, even in more modern times, the industry's experience with ATMs shows just how thin the margin of customer trust is when money is on the line. After more than 30 years of history, we can say with some confidence that the mainstream American consumer is now comfortable with unlocking the ATM/human interface by inserting a card and then navigating his way through the screens needed to obtain some cash.
To this point, however, one could make a reasonable argument that the advent of direct payroll deposits has created a market for convenient access to cash. And while the ATM's timely evolution in serving this purpose has not been without blemish (e.g., early users writing their PIN on the card itself, providing a wonderful gift to the pickpocket and inviting debate as to exactly when the stolen card changed hands), consumer confidence in the reliable functioning of ATMs an ATM networks has within this modality (i.e., the withdrawal of cash) become nearly ubiquitous.
However, the modality aspect of the prior statement is very revealing. While now willing to withdraw cash, a large population of ATM-using Americans are not, for example, comfortable in making an ATM deposit, even at their own bank. For this, many want the assurance - even if interacting with a drive-through teller - of dealing with a human being trained to assure that everything goes correctly. And even though tellers still eventually process deposits made through an ATM, that deposit receipt from the teller at the drive-through is somehow more reassuring than a similar slip from the ATM. When it comes to money matters, trust matters.
The point here is that when it comes to handling money or payments and managing accounts, a breach of trust (whether real or perceived) can create a potentially explosive situation.
Bankers understand that trust is both a very delicate emotion and the lifeblood of their value proposition. They intuitively grasp that money is not so much a technological artifact as it is a sociological phenomena. And thus in today's world, banks serve as trusted third-parties who possess the practices and protocols needed to consistently and unerringly facilitate the processes of commercial exchange while imposing well-understood rights and obligations on buyer and seller alike.
It is the sociological aspects of payments that underlie the flaw in today's Web payments paradigm. Virtually without exception, non-bank e-commerce providers treat money as a technology problem. While tendering money is, in reality, an immensely personal act, Web payments are treated as just another series of keystrokes and clicks, no different than selecting a CD or a book.
Moreover, the requested information encompasses some of the individual's most private details (e.g., credit card number, address, telephone number, etc.). For obvious reasons, this puts many people off. After all, on the Internet even Microsoft can get hacked. Maybe someone will steal my credit card number, or worse still, my identity like that guy on "60 Minutes"!
This is not to say that payments offer the only stumbling block to consumer adoption of B2C e-commerce. Short of a significant cost/convenience value proposition, consumers generally will not venture online (there are always that 5 percent segment of early adopters) to perform tasks that are "comfortable" in today's paper-based world. Also, it is fair to say that many of the abandoned online "shopping carts" are due to difficulty in navigating the session through closure (i.e., the act of tendering money for a specific purchase).
By the same token, it is still a fact that most online payments are effected by a relatively small group of early adopters. And while that is changing, the pace is so slow as to make any investor wonder if they can afford to wait it out.
The essence of the problem is therefore: How can online payment and financial transfer mechanisms be designed so as to cultivate that essential bond of personal trust needed to mainstream consumer adoption of electronic payments?
First, it would be helpful to define what constitutes trust, a highly complex human emotion. One scholar has written, "One leaves others an opportunity to harm one when one trusts, and also shows one's confidence that they will not take it.2" To re-state this in our context: "We trust when we give another the opportunity to defraud us out of our money but believe they won't." This, of course, both describes the societal role and core competence of depository institutions (more on this later).
Earlier we discussed human-to-human interactions. Now we get to the "Wild West Web," with no human to interact with in consummating the transaction. Instead, one is generally presented with a rather impersonal screen into which one is asked to enter some rather personal information. This presents a somewhat discomfiting irony that is all too apparent to the many Web users who still refuse to transact online.
So how can e-commerce providers enable trust in such a way as to break through the low consumer adoption barrier? What follows are three very promising trust-enablement initiatives, one in the lab and the other two already in use:
Reputation Systems. eBay, the predominant online auction house, uses a mechanism called the Feedback Forum, where buyer and seller have an opportunity to rate each other. This accumulated rating is displayed alongside the participant's screen name. That rating can either comfort or alert a potential seller or buyer, and it has the further benefit of incenting buyers and sellers alike to behave honorably, lest their (otherwise poor) ratings begin to stand in the way of future opportunities. While by no means perfect, the Forum is considered by many to be a legitimate value-added service of eBay.
And it is not just auction sites that will ultimately benefit from such techniques. These so-called Reputation Systems have the clear potential to become a Web-based version of the Better Business Bureau, using more sophisticated means and a broader scope to gather reliable information regarding the business practices of e-commerce merchants in general.
Trusting the Interface. While lab studies have shown that "talking heads" - merely vocalizing text - does little to engender trust, some scientists at the MIT Media Lab's Gesture and Narrative Language Group have taken a similar concept to the next level of sophistication. For several years now they have been developing what they call "embodied conversational agents (ECAs)." These virtual "people" mimic human conversational techniques - both through pattern and intonation - and utilize certain "...nonverbal modalities, including gesture, gaze, ...and posture..." to heighten the level of trust at the computer/human interface.
Recently, these scientists "...began modeling some of the social cues people use to signal trust in face-to-face encounters and conducting experiments into the ability of these interfaces to engage users' trust." This led to "investigating the use of interactive rituals to build trust in ECAs...small talk, in particular, can...serve to provide "a conventional mechanism for users to establish the abilities and credentials of the agent?." Early results show that "in a myriad of subtle ways, users felt heard and as if the technology was adapting to them rather than the other way around.3" This mechanism can potentially be used to educate, advise and market to consumers.
Trusting the Process. Security and privacy. These are the oft-mentioned issues related to making the Internet commerce zone a comfort zone. The industry's term of art is (what else) an acronym: PAIN. This stands for Privacy, Authentication, Integrity and Nonrepudiation.
Privacy is that quality which limits knowledge of a transaction's content to only those having a need to know. Further, not all of the parties need see all of the transaction. For example, why must the merchant actually see the payor's credit card or checking account number? All they really need to know is whether the payment is "good" or not.
Authentication refers to protocols that insure that both buyer and seller are who they say they are. The very nature of the Internet makes it relatively easy for impostors to transact business. In the real world, mutual trust is established through a variety of familiar tokens and rituals (e.g., driver's licenses, familiar "face and place" settings, etc.), but the Internet offers new and different modes of interaction, requiring new and different conventions.
Integrity is another critical trust issue. People need assurance that the content of a transaction has not been altered (except where specifically allowed) by those involved, by third-party attackers or by system errors. Payors simply won't stand for having their money lost, diverted or fraudulently manipulated as it travels through cyberspace.
Nonrepudiation is the quality of a transaction that prohibits any of those involved from later claiming they weren't. For example, in the real world a canceled check can be used to prove that the payor wrote it (via the signature) or that the payee deposited it (via the endorsement).
In the online world, PAIN is going to be addressed through a mechanism called PKI (Public Key Infrastructure), "Public Key" referring to a particular method of data encryption that accommodates spontane
us transactions between strangers. The term "Infrastructure" is used because making PKI generally available will require a substantial build-out of specialized software tools, data bases and service providers. However, the successful rollout of PKI should:
- Make transactions private (through data encryption);
- Authenticate the parties involved (through the use of digital certificates and Certificate Authorities);
- Insure the transaction hasn't been altered in any way (one function of the digital signature), using a combination of encryption and message management tools; and
- Prevent repudiation of the transaction's issuer or endorser (the digital signature's second function).
It is important to note that there are no absolutes here. The four PAIN attributes are not near bulletproof in real life. And one can make a compelling argument that if properly done, e-commerce can more effectively manage the PAIN equation than the comparatively loose procedures and practices which underlie today's paper-based payments systems. But difficulties and disputes will arise, and before these tools can achieve their full societal benefit, legal issues will have to be resolved and precedents established.
The key point here is that all of the technologies, all of the fancy buzz words and acronyms and all of the media hype really boil down to one thing: trust. At the end of the day, if consumers and businesses do not trust or feel comfortable with exchanging or moving money over the Internet, they won't do it.
However, the work of trust enablement has already begun. Clearly we are on the verge of making computer/human interactions into something which the mainstream consumer will call "comfortable" for all the right reasons. The next and obvious question is how might banks play in such a world.
The three initiatives related to trust enablement described above are not dissimilar in basic form from methods employed by banks for millennia in facilitating and managing the processes of commerce. There is no reason why banks shouldn't play the role of trusted third-party and economic intermediary in cyberspace. The business potential in B2C e-commerce will be limited only by the factors of cost, convenience and comfort; factors which banks have a unique opportunity to satisfy.
Many analysts have chided the financial industry for not moving more quickly to exploit Internet commerce. But until recently, it has been impossible to deliver the kind of "five-9s" reliability the public expects of their payments systems. Money matters, and no one but a banker better understands how explosive a real or perceived breach of trust can be. And we have already seen that the pioneers in Internet payments did indeed take a number of arrows in their backs (e.g., First Virtual, DigiCash, CyberCash, etc.). And while some convenience and navigation problems may have existed, in every case it was lack of consumer trust that in the end proved fatal.
But the time has come. Hardware has become fault-tolerant. Operating systems are now both robust and efficient. Databases support high transaction rates. Banks have the opportunity to spur consumer adoption of e-commerce and electronic payments by using their existing reputation as trusted third-parties to build and provide Internet-based trust enablement services. For example:
- Banks have already weighed into the PKI business, with a consortium of large banks (Identrus), a bank in Utah (Digital Signature Trust) and even the American Bankers Association acting to serve as Certificate Authorities. The Digital Signature Act has created a legal skeleton onto which financial institutions can hang PAIN-conforming digital financial instruments. Open XML-based standards allow for the exchange of rich-information interbank transactions (e.g., IFX).
- Embodied Conversational Agents have the potential to serve as virtual "private bankers" that can accompany their patrons on e-commerce excursions by riding along in a "digital wallet." These agents can act as information brokers in using reputation systems to supply their clients with information about the merchant in question. Using an ever-increasing understanding of their client, these agents can explain the payment options available along with pertinent risk and cost details, as well as provide assistance in identifying the liquidity source(s) for such transactions.
- These same techniques can help banks add new products and services such as Electronic Bill Presentment and Payment (EBPP) or serving as safe and secure repositories for legal digital documents (i.e., electronic safe deposit boxes).
Opportunities abound. Trust enablement is a value proposition that lies at the core of commercial banking's societal franchise. Timing and technology are just now coming together. Banks must move deliberately but unceasingly to assume their proper role in cyberspace, acting as agents of trust. But no one can do it alone. Banks must work cooperatively if they are to be successful.
- The Bankers; Meyer, Martin; Penguin Press, 1997
- Trust and Antitrust; Baier, Annette, Ethics, Jan., 1986
- External Manifestations of Trustworthiness in the Interface; Cassell, Justine, Bickmore, Timothy; Communications of the ACM; Dec., 2000
Bob Pollitzer, Director of e-Business Solutions, Alltel Information Services
Bob Pollitzer was named executive director of e-Business Solutions for ALLTEL's Financial Services organization in December 1998. He provides the combination of thought leadership and operational experience to help ALLTEL stake out a competitive position in the New Economy.
Pollitzer joined ALLTEL in 1978 as a programmer trainee and was promoted to account manager in 1985. He also managed five outsourcing data centers, four of which were startup/conversions for newly signed clients.
Since 1993, Pollitzer has held such positions as software development quality assurance manager, vice president of strategy within Financial Services, and senior vice president of ALLTEL's corporate strategy.
First published on BankersOnline.com 8/13/01
First published on 08/13/2001