Episode 065: 11‐14‐2024 Improving bank mobile security - GluuFederation/identerati-office-hours GitHub Wiki
Title: Improving bank mobile security
- Host: Mike Schwartz, Founder/CEO Gluu
- Guest: Anders Rundgren Digital Banking Expert
Description
Identerati are excited about the potential for EU identity wallets. But less obvious is what the proponents intend to do to enable PAYMENTS. Identity and payments have different functional requirements, making it challenging creating a "unified" standard without ending up with an unimplementable "frankenwallet". This episode will discuss an idea for a different kind of Payment Authorization Wallet, uniquely targeting payments, that it is based on Deterministically Encoded CBOR rather than JSON.
Homework
- Idea: Saturn - Payment Authorization Wallet
- Wallet Wars: The Battle for Your Digital Life
- Wallet Strategy Part 3: The Three-Wallet Problem
Takeaways
-
There is an opportunity to move to open standards to implement payment authorization that integrate with existing payment processors like Mastercard and Visa.
-
Payment transaction privacy is desirable but implementing a way for processors, issuers, regulators, and law enforcement to decrypt would require new rules and agreements--it's not just a technical challenge.
-
With an improved protocol, especially with an enhanced payment authorization request, it's possible to address more complex payment use cases, for example, subscriptions (periodic payment) or max payments (e.g. authorize up to $100).
-
The conversation around identity in wallets should be distinct from payments--especially given the current overly optimistic view about how quickly the usability, security and trust issues raised by wallets will take to get settled.