April 2014

Whitepaper

Payment Solutions Trends

Telenor Research
Frode Kileng, Hkon Lnsethagen
TELENOR INTERNAL
Disclaimer:
This White Paper is issued for information only. It does not constitute an official position of the Telenor Group.
All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including
photocopying, recording, or by any information storage and retrieval system, without permission in writing from the publisher.

Executive Summary
The area of online and mobile payments is gaining a lot of growth and optimism. According
to a Gartner analysis, worldwide mobile payment transaction value increased 44% to a value
of $235 billion from 2012 to 2013 [Gartner]. The same analysis forecasts a 35% annual
growth until 2017, reaching a market worth of $721 billion and more than 450 million users
in 2017. This optimism is shared by many analysts, including Visa that predicts that 50% of
their transactions in 2020 will be done using a mobile device.
The mobile payment market is chaotic with a lot of actors trying to establish a position and
with a wide range of competing solutions. According to Crone Consulting, there are more
than 100 competitors in the mobile payment market [Bloomberg]. Although many actors
are struggling to make any money, the willingness of investments in this market is high.
According to Crone Consulting, PayPal and Google have invested over $1.2 billion in mobile
payment since 2009.
Telenor and other operators are trying to take a stake of the mobile payment market. The
NFC based VALYOU mobile wallet solution from Telenor and DnB is one example. New
entrants face challenging competition from three types of actors.
1. New payment actors like Google and Apple that due to their control of the mobile
platform possess a vertical control over the mobile eco-system.
2. Traditional actors like banks and credit card companies with an established customer
relationship and customer trust and also their established financial network
infrastructure.
3. Established pure online payment actors like PayPal with its roots back to 1998.
The complexity within a payment ecosystem itself is another challenge for
new entrants, not at least if there is a
need to deploy Point-Of-Sale
(PoS) solutions. An indicator that
it is challenging to succeed is the
closure of the NFC based wallet
service "O2 Wallet", one of the
first mobile wallet services to be
launched [O2].

"When we launched the O2 Wallet 18 months

ago we were one of the first mobile wallets

around. Since then lots has changed for us, the
market and our customers. So, we've decided to
close the O2 Wallet to give us time to look into
new and better ways to help people manage
their money on the move, both in the UK and
abroad" [O2]

The objective of this whitepaper is to give some insight into current trends in online and
mobile payment solutions. We also describe a potential future direction where a
standardization of open payment eco-system interfaces may enable Telenor and new
entrants to take and secure a position. The key take-away from this whitepaper twofold: (i)
Telenor faces challenges from actors with a competitive advantage and from new innovative
and potentially disruptive solutions; and (ii) Telenor should support payment eco-system
standardization efforts, including the new World Wide Web Consortium (W3C) payment
standardization initiative.

User accepptance and trust

According to a 2013 study commissioned by the mobile money company Monitise plc,
"banking", "shopping" and "discount vouchers" are all on the top-12 list of applications used
by smartphone owners in UK, Germany and Spain [Monitise]. This study also found that
about 50% of the users in these countries have bought something else than an app using
their mobile. But what is their preferred method of payment and who do the customers
trust to provide payment services?
According to a study commissioned by the outsourcing company Firstsource, UK consumers
don't trust mobile wallet solutions [Firstsource]. Only 22% of the UK respondents state their
willingness to use mobile wallet solutions. 80% of those not interested to use mobile wallet,
states that this is due to a lack of trust that their personal bank details would be kept
secure. A study from Forrester shows that 61% of US customers know about mobile wallets
but only 11% has used one [Forrester]. Another UK study from the payment solution
provider MPayMe supports the finding that lack of trust in the security is the biggest
problem (50%) [bankingtech.com]. This study also identified complex registration
procedures as a barrier and that 86% of the respondents stated their willingness to use a
mobile payment solution "if a simple system could be created using existing bank accounts
and mobile phones and no additional registration". Gartner is also pointing to the usability
challenge when stating that "people are not purchasing as much because the buying
experience on mobile devices has yet to be optimized" [Gartner].
Yet another study from the UK also points to the chicken-and-egg problem, finding that "less
than 10% of smartphone users made a point-of-sale payment", and at the same time, only
7.5% of the merchants of Oxford Street in London, Europe's busiest shopping street, accept
mobile payment [MPayMe].
Who do consumers trust as a provider of
payment services? The Monitise study
gives some indications, showing that
mobile operators have a lower degree of
trust compared to PayPal, banks, credit
card companies and retailers. At the
same time, the study shows that
operators have slightly higher degree of
trust compared to software companies Figure 1. "If you were paying for items with a mobile phone, which sort of
like Microsoft and Google and also company would you trust most to carry out the transaction?" [Monitize]
compared to mobile phone manufacturers like Apple and HTC. The Forrester study
mentioned above supports these findings. When asked who they trust to offer mobile wallet
solutions, 38% of consumers trusts PayPal, 35% bank and credit card companies and 23%
Amazon.

10 000 feet view of payment solutions

This whitepaper does not intend to give an overview of all relevant payment solutions from
traditional bank and finance actors and new entrants. Instead, our focus is solutions that
stand out due to their innovativeness or potential disruptiveness. We have also included
solutions under development and also a patent application. At the end of this chapter, 27
different payment solutions are identified. Some of those solutions are briefly described in
the following paragraphs, while a more detailed description of Bitcoin, mozPay and
Payswarm are described in the next chapters.
It is a trend in the professional media business today
that paywalls are becoming common for accessing the
creators. Give microdonations
content. Another trend is the increased consumption of
when you "Like", "Favorite" &
"Star" on all these services and
content from non-professional contributors. How can
more." [Flattr]
these contributors be supported with more than
reputation and "Likes"? This is the challenge addressed
by Flattr. Their solution is a micro donation platform enabling consumers of
content to donate money as simple as a "Like". Consumers can create an account, fill it up
with money and "flattr" content they want to support. Each month, the money in the
account is divided between creators of the content.
"The easiest way to support

Mintchip from the Royal Canadian Mint is the first

"...until now, there has been no
initiative coming from a governmental organization.
electronic solution that costIt is a crypto currency for direct transfer between
effectively addresses the verylow-value transaction markets,
"wallets" residing on a trusted store (secure chip) on
protects privacy, is available to
a mobile device, in "the cloud" or in an USB-stick to
everyone and emulates the
be attached to a tablet or PC. The main targeted
characteristics
of
cash."
[Mintchip]
payment use-case is to be the "digital equivalent of
the coins we use every day" in small value
transactions. Mintchip is currently under development, inviting developers and
entrepreneurs to contribute to its success.
Monetas is another solution under development and also the name of the company. They
are developing a mobile phone app enabling users to do payment and financial transactions
without a bank account and as an alternative to banking systems. They are also working on
an enterprise platform enabling anyone to set up a business to compete with traditional
payment and transaction systems. The system is fully
decentralized without a "single point of control,
"Monetas is building the worlds
attack or failure". No assets are stored on any server
first decentralized system for
financial and legal transactions.
and the users' receipts are the asset, receipts that
... immune to abuses of power
are digitally signed by all parties and transferred
and resilient to failure. Are you
ready for freedom? The future
starts here." [Monetas]

4
using cryptographic protocols. The transaction system, based on the open source Open
Transaction platform, is currency agnostic supporting transactions using Bitcoin, USD, NOK
or any currency. In addition to financial transactions, the solution also supports legal
transactions.
If you want to create your own (virtual) bank, Puddle is
the answer. It was initiated by three Ashoka fellows, the
largest worldwide network of social entrepreneurs, as an
answer to the criticism on the way microfinance
institutions are evolving. Puddle does not intend to
replace formal banking but enables anyone to establish
"lending circles". The service seems to be in a test phase
allowing only invited members.
Ribbon used to provide payment checkout services to
websites but launched a new service in January 2014
offering a free P2P transaction service allowing the users to send and receive money using
debit and credit cards. If using credit cards, transaction fee applies (2.9%+$0.30 per
transaction). To send money to a person, visit their Ribbon Figure 2. How Puddle Works [Forbes]
account short URL, a URL that can be sent in a SMS, mail,
instant message, etc. No Ribbon account is required to send money, although this will
improve the user experience by enabling the auto-filling of payment details. The current
requirement that the receiver has a Ribbon account will most likely be removed in the
future. Ribbon currently limits the number of new users and is also only currently available
in the U.S.
Ripple has been described as "the solution to the Bitcoin exchange challenge or a potential
competitor" [ieee.org]. It is an open distributed network for financial transaction, allowing
anyone to send money to anyone, almost at no cost, outside traditional banking systems. It
is also an automatic currency exchange, network wallet and introduces a new network
internal currency. Work on Ripple was initiated in 2005, predating
Bitcoin, becoming an Open Source
project (Opencoin.org) in 2013. The
anonymous user wallets are stored in a
"Lets say, for example, that I want to sell a Web
application to Bob, who knows my close friend
public database served by an open
Alice (credit limit $1000). Ripple allows Bob to
distributed system, working together
trade with me using his credit limit with Alice. If
she trusts him for $100, that becomes his credit
to establish consensus stored in Ripple.
limit with me. I would send Bob the merchandise in
Ripple is currency agnostic, supporting
exchange for his promise to pay. But instead of
any currency, including Bitcoin. XRP (or
owing me, Bob would actually owe Alice, who
would in turn owe me. Once Bob satisfied his debt,
Ripples) are the core currency within
the Ripple network would destroy the entire chain
Ripple. A small fee in XRP applies to
of IOUs" [ieee.org]
each
transaction,
"approximately

5
0.00001 USD". The only purpose of this fee is to prevent Denial-Of-Service (DoS) attacks. It is
not collected by anyone and "destroyed" after the transaction is completed. Ripple
gateways are the bridges towards the traditional financial systems and also new systems like
Bitcoin. IOUs (I Owe You) are the key for moving money in-and-out of Ripple in the gateways
exchanging between XRP and any other currency. Similar to the trust given to banks and
credit card companies in traditional transactions, trust relationship is the core of exchanging
XRP to any other currency. IOU represents a promise of a future payment in the selected
currency and is based on your trust relationship with a friend or a 3 rd party exchange
service. Ripple Labs Inc., i.e. the San Francisco based company behind Ripple, previously
known as OpenCoin Inc., succeeded in 2013 to receive venture capital from some notable
sources, including Google Ventures.
The last two payment solutions we would
like to mention are both from the San
Francisco based company Square Inc.
Square Cash enables you to transfer
money without any transaction cost as
easy as writing an e-mail to the receiver,
adding square.com as CC-receiver and the
amount in the subject field. No Square
account is required by the sender or
Figure 4. Sending money by Square Cash [Square]
receiver. If the sender has not already
registered a debit card, a mail will be sent instructing the
user to do this. The receiver will get an e-mail from
Square with a link with instructions to add debit card
information. Square also provides Android and iOS apps
for Square Cash. Square is also a provider of PoS
solutions. After customers have installed their Square
Wallet, added a photo and credit card information, they
can pay at the cashier by showing a QR code or just state
their name. The cashier uses the photo to validate the
customer. Payment by showing the QR code is supported at 7000 Starbucks stores.
Figure 3. Square Wallet [Square]

Payment Solutions
Primary payment use-cases

Description

-fin

P2P

PoS

-don

Name

Online

Company
Amazon
Amazon

Login and Pay

American Express

"Sync with"

Apple
Bitcoin
Barclay
Canadian Gov.
EE (Operator)
Flattr
Google
MasterCard
MasterCard
Monetas
Mozilla
O2 (Operator)
Orange
PayPal
PaySwarm
Puddle
Ribbon
Ripple
Square
Square
Telenor & DnB

"iMoney"

ValYou

NFC

NFC based mobile wallet

Vodafone (Operator)

SmartPass

NFC

Mobile wallet for NFC smartphone or "NFC sticker". Pay at Visa contactless terminals.

Vodafone&Safaricom (Op)

M-Pesa

Visa

"Mobile Money"

Online retail solution connecting pay & checkout to Amazon accounts. ("Amazon Coin = digital gift card)

"P2P payment"

Person-to-person payment solution, bypassing banks and other networks. Under development

Twitter (Pay by tweet), Facebook and Foursquare

A patent application from Apple, combining virtual currency , wallet and PoS payment

Bitcoin

Virtual currency and p2p payment network (Se detailed description)

Pingit

Mobile transfer of money. No requirement to have Barclay bank account

MintChip

Anonymous, crypto currency and wallet for smartphones, USB stick, PC, tablet and "cloud". In proof-of-concept phase.

Cash on Tap

X
NFC

Mobile Wallet. UK operator EE service based on MasterCard PayPass

Flattr
Google Wallet

X
X

PayPass

NFC

Google's wallet solution

NFC

MasterPass

"Donate money to a website/page as easy as a Facebook "like"

Contactless payment for NFC handsets or plastic cards

NFC, QR

PayPass with QR support. Also a wallet white label product offering to 3rd party banks/retailers

Monetas

Fully decentralized. Financial and legal transactions. "Any" currency. Under development

MozPay
O2 Wallet

Orange Money

"Mobile banking", transfers and payment. Partnership with Visa enables payment "anywhere"

PayPal

BLE, QR

Traditionally online payment/wallet. Expected to launch physical payment in 2014.

PaySwarm

Under development. Allows Buyer, Store and Producer each to select payment & currency (see detailed description)

Payment API for HTML5 mobile apps and any website. Producer selects Payment Processor (Se detailed description)
NFC

Discontinued at 31.03.2014, launched in 2012

Puddle

Social network principles for creating microfinance closed groups / "Virtual banks"

Ribbon

Ripple/OpenCoin

Payment, exchange and remittance network. "Cloud wallet". Open decentralized service infrastructure.

Send cash by e-mail (CC to square.com, amount in subject field).

Square Cash
Square Wallet

QR,name

Lightweight solution. App or Ribbon account not needed. Initially online payment focus, now P2P main focus

POS Payment solutions. Pay by showing a QR code or state your name.

"World's most successful" mobile money deposit and transfer service.

Managed "white label" solution for mobile operators and financial institutions

Onl: Online payment PoS: Point-of-Sale at physical store P2P: Person-to-person -fin: Micro financing -don: Micro donations

Bitcoin
Bitcoin is getting increased attention and coverage in a wide variety of news media. But
what is Bitcoin? Is Bitcoin the new global currency
"Its similar to me in import as the
that will conquer the world? In the following we
web browser,. Its as exciting and
will provide an introductory overview attempting
significant as that."
[Jeremy Allaire, Circle Internet Financial]
to answer some questions around Bitcoin.

What is Bitcoin?
Bitcoin was launched in 2009 and is based on a 2008 paper written under the Satoshi
Nakamoto pseudonym. It is generally conceived as both a digital currency bitcoin, in
lower case based on cryptographic algorithms and a peer-to-peer Internet payment
system -- Bitcoin, with the capital B with no intermediary transaction provider (i.e. no
unique trusted party). The benefits of Bitcoin
Perceived Benefits from Bitcoin
are several, as shown in the text box on the
Simple and cheap usage
right. This completely decentralized way of
optional or no transaction fees
working involves.
The bitcoin digital currency is not tied to a
specific monetary value. The value of a
bitcoin can be seen through goods and
services priced in bitcoin or the valuation of
bitcoins in online Bitcoin Exchanges. While its
value has been fluctuating heavily, the longer
trend has so far been a strong increase in its
value (see Figure 5).

Global reach
more than 200 countries
No banking fees or limitations on use
no central bank
Likely to increase in value over time
although its future value is
uncertain

Bitcoins can be purchased at Bitcoin Exchanges or earned as a reward for transaction

confirmation workas explained later on. Cryptographic techniques are used to ensure
correct and secure transaction behaviour, including avoidance of the double spending
problem. Each user has one private crypto key that is stored anywhere, including in a digital
wallet or on paper. This private key is used to prove ownership over an asset of bitcoins, as
well as to sign transactions.
All legitimate transactions are stored in chronological order in a shared public record called
the block chain, which acts as a transparent, public ledger. The block chain also keeps track
of the current bitcoin ownerships. For a transaction to be added to the block chain, it must
be confirmed as legitimate. For this, newly performed transactions are broadcasted to all
members of the Bitcoin network. Special members called miners take on the job of
confirming the transaction. Such a job involves packing together into blocks several
transactions awaiting confirmation and generating a hash code with very specific
characteristics, which demands time-consuming computations. When a miner is finished
processing and confirming a block of transactions, it appends the block to the shared block
chain. As a reward for their services, Bitcoin miners can collect transaction fees for the
transactions they confirm. New bitcoins are also createdor found, thus the mining
analogyevery time a block of transactions is confirmed and added to the block chainin
this way new bitcoins come into circulation. Per 4th of March, the transaction fee equalled

1
0.14 USD per transaction, while for the same day, the income per transaction, including the
rewarded bitcoins, amount to USD 28.72 [BlockChain]. Hence, the income from the
rewarded bitcoins is as of today the main motivation for establishing a Bitcoin mining
operation. However, the bitcoin mining algorithm is designed to steadily increase the
computational burden of the mining process until a ceiling of maximum 21 million bitcoins.
At this point, the reward for mining will solely come from transaction fees.

Status
In the first Bitcoin purchase in 2010, the bitcoin's exchange value was 0.003 USD. The year
2013 put Bitcoin in the spot
light of mass media and was
the start of a dramatic increase
in bitcoin's value, but also of
heavy
fluctuations.
After
reaching its all-time peak value
of 1163 USD in December
2013,
the
fluctuations
continues and the value of
bitcoin per 25th of March 2014
is $573. The rapid and large
drop and fluctuations in Q1 this
year are mainly due to the Figure 5. Bitcoin value in USD, Jan 1, 2013 to Mar 21, 2014 [CoinDesk]
closing of one major exchange, Mt.Gox based in Japan [CoinDesk].
Currently, around 20.000 online shops [Bitcoin Directory] and more than 1000 physical
shops [CoinDesk] accept bitcoins. There is a substantial circulation of Bitcoin exchanges.
New exchanges enter the market while those that get into trouble may take client bitcoins
down the drain in their closure as they typically also offer a secure home of clients
bitcoins. Note that the price of a bitcoin does vary from one country or region (exchange) to
another.

What drives Bitcoin?

There are several additional motivations and drivers for supporting, using and investing in
bitcoins. In many countries the national currency is unstable with high risk of inflation.
Government imposed regulation on foreign exchange, as well as other capital controls,
weakens the laymans trust in the local currency. Lack of trust makes people perceive
bitcoin as an alternative. There is also a more general conception that the current banking
system is too heavy weight and with far too high transactions fees.
The combination of substantial value increase of bitcoin and the systemic ceiling of 21 mill
bitcoins also contributes to a belief that the bitcoin's value will keep increasing. This has
resulted in the bitcoin becoming a target for investors as well as a general tendency of
hoarding.

Security Threats and Uncertainty

Bitcoin is also associated with illegal trades and money laundering. The use of bitcoins for
selling illegal drugs, gambling and unregistered sales of guns is assumed to be higher than
the volume of legal merchandise. One
driver behind this trade has been the
Risks that you should be aware of when
seemingly anonymity property of
buying, holding or trading virtual currencies"
the Bitcoin transactions. Although
You may lose your money on the
it is not a straight forward task, it is
exchange platform
Your money may be stolen from your
possible to trace the block chain
digital wallet
transactions back to the Bitcoin
You are not protected when using virtual
exchange where the bitcoins where
currencies as a means of payment
purchased. This lack of strict
The value of your virtual currency can
anonymity is considered as a problem
change quickly, and could even drop to
zero
by some users and has been a

Transactions in virtual currency may be

motivator for the introduction of other
misused for criminal activities, including
crypto-currencies. As of this writing,
money laundering
around
100
different
crypto You may be subject to tax liabilities
currencies with varying degrees of
[European Banking Authority (EBA)]
anonymity and functionality exists
[ArsTechnica].
The total number of bitcoins in circulation today is some more than half of its designed
maximum volume. It is difficult to say if there are any scalability issues or other systemic
issues of the peer-to-peer network for maintaining Bitcoin mining and the Block chain.
Especially as the computational workload of these tasks increases exponentially while the
reward decreases. Hence, the transaction fees must increase in order to maintain the
system.

Regulation and outlook

It is important for regulators and legal
authorities that illegal trade can be
alternative currency, it is much more plausible
combatted, that Bitcoin based trades
that bitcoin eventually has a significant impact
are not evading taxation and that
in terms of its innovation on payments
customer rights can be established and
technology, by forcing existing players to adapt
to it or coopt it.
protected. Bitcoin and other crypto[Dominic Wilson /Jose Ursua, GS Markets
currencies work independent of
Research]
traditional banking systems and there
are challenges related to existing and
future regulation in that the Bitcoin
system and the bitcoins can relate to
several roles or instruments and extends globally. While some countries, such as Thailand
and China, have banned financial institutions from trading in bitcoins, apparently
considering it as currency, other countries such as Germany state that it is a "unit of
account" (more akin to "private money") [CNBC], meaning it can be used for tax and trading
purposes.
More than taking off as a widely-used

In the US, the Internal Revenue Service (IRS) has clarified that bitcoins will be taxed as
property, not money [Wall Street Journal]. The US Department of Treasures has also

3
declared that: 1) if bitcoin mining is done "for a user's own purposes, the user is not a money
transmitter"; and 2) "a company purchasing and selling convertible virtual currency as an
investment exclusively for the companys benefit is not a money transmitter" [US
Department of Treasures].
In Japan, vice finance Minister Jiro Aichi states that any regulation of the bitcoin cryptocurrency should involve international cooperation to avoid loopholes [Reuters].
The instability of the bitcoin value, uncertainties related to inherent properties as well as
regulatory issues makes the future prospects of Bitcoin uncertain. Even during these volatile
times for the bitcoin, the attention, acceptance and optimism has increased. But since a
first-mover advantage for businesses not targeted to the Bitcoin business itself is considered
negligible, a wait-and-see attitude may be a reasonable strategy.

Towards a future open payment framework?

The future payment landscape is complex with traditional and new actors trying to establish
or protect a position and also with new solutions enabled by new technologies. Predicting
the winners in this battle is impossible and makes it challenging to navigate and prepare for
new payment solutions. But do we need to elect the winner(s)? What if the details of
payment systems do not matter and instead it is possible to establish an open online
payment framework, mapping the generics of the payment process onto any underlying
payment solution and make each actor in the payment process individually select their
preferred payment solution and provider? Here, we will identify a couple of existing
initiatives as an indicator that this is possible. In the context of this analysis, we are covering
sales on the Internet of both digital and physical products. We also define four main roles
involved in the payment process:
Buyer /
Customer

The buyer of the service or digital or physical product. In our context, it can
represent both the user itself and the end-user terminal.

Store

The store or aggregator where the buyer finds and pays for the product. For
example Apple's AppStore, Google Play or a web store.

Producer

The producer of the product. In many payment scenarios, the Producer is not
involved in the purchase payment transaction, only the Store. The direct
involvement of the producer role came with the introduction of appstores.

The actor that processes the payment. For example a debit or credit card
Payment company, PayPal, Bitcoin, etc. A Payment Processor can process the payment
Processor itself or It can be an intermediary, such as PayPal, that delegates the
processing to a 3rd party.

Today, it is the Store (or aggregator) that decides which Payment Processor/solution to be
used. A Buyer is typically given a few alternatives to choose from, but the list of alternatives
is decided by the Store. The Store is also deciding the Payment
Processor on behalf of the Producer, i.e. selecting how the Producer
will get paid for the app/content/service.
In the following, we will show how the Mozilla mozPay payment
interface and Payswarm challenges the Store's position on making the
decision of which Payment Processor to use. We will also describe an
initiative to establish a standard for a future open payment
framework, supporting any payment solution, reducing the current
complexity in supporting multiple payment solutions and enabling
anyone to take a position in the payment eco-system, independent of
current position.

Figure 6. The traditional

payment processor
selection

FirefoxOS lets Producer choose Payment Processer

FirefoxOS is a HTML5 based operating system for smart phones, tablets and other devices.
It is based on Linux and provides a pure HTML5/JavaScript application
environment. FirefoxOS is an initiative from the open source Mozilla foundation,
supported by many OEMs and mobile operators, including Telenor. Currently
smartphones with FirefoxOS has been launched in some countries in Europe,
Central and South America.
A fundamental property of FirefoxOS is the ability to install applications from
anywhere,
including traditional appstores as well as websites. The applications
Figure 7.
do not even have to be physically installed on the device, but run-on-the-fly
FirefoxOS
phone
when visiting a website. This openness and flexibility demand a more open and
flexible payment solution than traditional mobile platforms like Apple iOS or
Google Android.
FirefoxOS implements a payment interface named mozPay, available
not only for traditional mobile applications but also for any website. In
mozPay, it's the Producer of an app, content or service that makes the
decision of which Payment Processor to use, enforcing this choice on
the Buyer and the potential Store. The Producer may also make an
agreement with multiple Payment Processors and let the Buyer choose
one among them. Another key feature is the removal of the Store from
the payment dialogue, instead establishing a payment dialogue directly
between the Buyer and the Payment Processor. Avoiding the handling
of payment details by the Store increases the security and trust.

Figure 8. Producer
selects Payment
Processor in FirefoxOS

MozPay enables the producer to sell digital products through any online Store, select
Payment Processor and provide Buyers with the same purchase user experience across
Stores. A typical flow of a successful payment process when buying an app at an appstore is
as follows1:

Set-up
1. Payment Processor signup: Producer signs-up with one or
multiple Payment Processors. Main outcome of this is two
keys used for securing the product/price/sales-channel and
for securing payment transactions.
2. Product published for sale: Producer makes the digital
product available for sale at a Store (marketplace or website),
specifying product and pricing details.
Figure 9. FirefoxOS payment setup

MozPay also supports in-app payments. For inn-app payments, the app itself represents the
Store/marketplace.

Purchase (Buyer "selects Purchase")

1. List of Payment processors presented to Buyer: The Store
retrieves from the application back-end server signed
purchase requests, one for each supported Payment
Processor.
2. Completing the payment process:
1. Buyer selects preferred Payment Processor and the Store
initiates a secure purchase dialogue directly between
the Buyer and Payment Processor. The user interface is
provided by the processor.
2. The Store receives a purchase confirmation directly
from the Payment Processor
3. The Store asks the application back-end server to verify
the purchase confirmation by validating the payment
processor signature
4. The product is delivered to the Buyer

Figure 10. FirefoxOS purchase

5. At some point in time, the Producer receives the money

for the sale from the Payment Processor
For security reasons, the current version of mozPay use a whitelist of approved Payment
processors, a whitelist maintained by Mozilla. MozPay is currently only available for
FirefoxOS but Mozilla intends to also make it available in the multi-platform Firefox web
browser, available on any PC, smartphone or tablet.

Payswarm2 enables Buyer, Seller and Store to select their "payment processor"
independently
Although mozPay moves the decision of selecting the payment
processors to the Producer, it's still one actor that makes the decision
on behalf of the other. Payswarm changes this, enabling each actor to
choose independently, i.e. letting the Buyer decide which method to
use to pay for the product as well as enabling the Producer to specify
where to deposit the payment of the sale and the Store to specify how
to receive commissions for the sale. Each actor can also individually
specify which currency to use.
Payswarm is an open patent-free community specification developed
by volunteers organized as a W3C Community Group (CG) 3 . The

Figure 11. Payment

Processor selected
independently by Buyer,
Seller and Store

Although the open group working on Payswarm changed the name of the specification to "Web Payments" in
January 2014, we prefer to use the old name do differentiate this from the more formalized initiative within
W3C described later.

7
Payswarm framework is a fully decentralized solution with no central components and
supports any existing and future payment solutions, as long as they adapt to the payment
interfaces in the specification. It is suitable for both traditional banking services and crypto
currencies like Bitcoin. In addition to payment, it also supports signing of legal contracts. In
addition to online payment, it can also be used in physical POS.
Payswarm is a complex solution but a simplified process description is as follows:

Set-up
1. Create and Publish Public Identities: The Producer, Buyer
and Store each create their public identity using public-keycryptography and publish the public key part to their
"Payswarm Authority". This Authority is typically a Payment
processor.
2. Make Product available for sale: The Producer creates
product
description
("Asset
description") and a product "Listing"
("Asset listing") defining the specific
terms of sale, including pricing and
Figure 12. Payswarm Set-up
payment information and potential
information of resale conditions. This product description is
digitally signed by and published by the Producer.

Purchase (Buyer "selects Purchase")

1. Buyer retrieves the Product Listing: The Product Listing and
Asset is retrieved. The Listing is digitally signed by the Store and
the Asset by the Producer. The Buyer then creates a digitally
signed Purchase Request, including payment details.
2. The Purchase Request is sent to the Buyer's external
Payment Processor or processed locally at the Buyer's
device:
a. External payment processor: Request submitted to
buyers external payment processor.
b. Local device/software: This could be a mobile or
Bitcoin wallet solution on the device.
3. The Buyer's Payment Processor generates a "Contract"
after completing the authorization of the purchase, a
contract that is permanently stored and later available for
any of the actors.

Figure 13. Payswarm Purchase

4. The Buyer's payment processor sends a "Receipt" of the sale to the Store.

A W3C Community Group is an open forum for discussing ideas for potential future standardization. Anyone
can participate, not only W3C Members, and does not develop specifications, only reports.

8
5. The Store delivers the Product to the Buyer.
6. The Buyer's Payment Processor transfers money to the Payment Processors' of the Store
and Producer, using the details specified in the product "Listing".
The Payswarm specifications are under development and not ready for deployment. Only
one commercial implementation exists, a solution from Meritora that enables bloggers
using the WordPress platform to get paid for publishing content.
Although the W3C Community Group behind Payswarm includes individuals from payment
stake-holders, most of them seem to have joined just to observe and to track the
development. The lack of direct involvement and contributions in the specification
development from key stake-holders is a main challenge. This gives uncertainty with regard
to the suitability to cover their needs and their willingness support such a framework.

A future open payment standard?

Within the W3C, there have been onW3C is "the main international standards
going discussions for some time
organization for the World Wide Web",
regarding the opportunities for W3C
consisting of about 400 member
to initiate payment standardization
organizations, including Telenor, other
efforts. Although the main focus
mobile operators, large Internet actors
would be web payment, i.e. using a
(Google, Microsoft, Apple, PayPal, etc.),
vendors, government organizations,
web browser or web applications, it
interest groups.
would influence other application
scenarios: 1) Web technology is
extensively used by a majority of mobile
native applications. 2) Payment interfaces defined by W3C are easily utilized by any Internet
solution or application.
A W3C Payment Workshop took place in Paris in March 2014 with participants from multiple
sectors, including the banking industry, payment service providers, virtual currency
providers, financial institutions, telecom operators, mobile industry, browser vendors,
payment regulators, payment standardization bodies, merchants associations and
academics institutions. Telenor Digital was one of the participants. A W3C Workshop is
typically the first step within W3C to initiate new standardization work. The main objective
of this workshop was to gather all potential stake holders to discuss use-cases to be covered
and also to sense the interest and commitment to contribute in the standardization effort.
A key outcome of the Payment Workshop was a consensus to create a W3C Payment
steering group, organized as a W3C Interest Group (IG), to drive the future work on
payment within W3C. The scope of this IG is currently under development, with
participation from Telenor Digital. On a short term, it is expected that the IG will ensure that
payment related work items that falls within the scope of existing W3C technical Working
Groups (WGs) will be covered. Work items outside the scope of current WGs are expected
to be covered by launching new WGs. Further details of the workshop, including minutes
and presentations from the individual sessions, can be found in the [Web Payments
Workshop Report].

9
It is an open question if it is possible to succeed to establish a future web payment standard.
One challenge is the conservatism in the traditional banking and financial sector and their
old core IT systems. There is also a challenge with new actors trying to grab positions in
Internet payments and where any standard may challenge or undermine their positions or
key assets. A last challenge is potential regulatory issues.
It is a challenge for Telenor and other operators to establish a position within mobile
payment. The vertical control over the mobile eco-system gives actors like Google and Apple
a strong competitive advantage over new entrants. The competitive advantage from
traditional actors like banks and credit card companies is also a challenge for new entrants.
Another challenge for new entrants is the complexity within a payment eco-system itself. An
open payment eco-system based on open standard interfaces will contribute to increase the
competition and enable Telenor and other operators to establish a position. It is therefore
important for Telenor to participate in this standardization work to ensure that our usecases and requirements from operator billing, mobile wallet and current and future financial
services are taken into consideration. Telenor Digital has stated their intention to participate
in the W3C payment initiative.