SlideShare a Scribd company logo
Open Stack For Open Web Payments Praveen Alavilli Ray Tanaka
Agenda ,[object Object]
State of the Online Payments
Payment Networks
Features and Functionality
A Case for Open Web Payments
Open Stack for Open Web Payments
Next steps / Call for Action,[object Object]
There are many players…
The Result: Fragmentation
Payment Networks ,[object Object]
ACHsome gateway
Essential components of Online Payments Authentication – Who are you? Authorization – How much do you want to charge? Payment Instrument – What are you using to pay?
Motivation Reduce Friction Interoperability across multiple payment platforms PCI Compliance
Open Web Payments Consistency APIs across platforms Single model for authorization, payments and transactions Support for real and virtual currencies Single, extensible document model
What we’re not covering (for now) Payment data portability (Merchant + Consumer) Client, user and receiver account management Direct integration with financial institutions
Transactions AS THE CORE
The closest sibling on the web !
Feeds – web resources
Feeds – A closer Look <entry> 	 <id>tag:blogger.com,1999:blog-754260340057137512.post-2123024611142172293</id> 	 <published>2010-03-11T13:46:00.001-05:00</published> 	 <updated>2010-03-11T13:46:50.788-05:00</updated> 	 <category scheme='http://www.blogger.com/atom/ns#' term='wallet'/> 	 <title type='text'>Fueling the Wallet.Next</title> 	 <content type='html'>……</content> 	 <link rel='alternate' type='text/html' href='http://whyidentity.blogspot.com/2010/03/fueling-walletnext.html' title='Fueling the Wallet.Next'/> 	 <link rel='replies' type='text/html' href='https://www.blogger.com/comment.g?blogID=754260340057137512&amp;postID=2123024611142172293' title='0 Comments'/> 	 <author> 	 	<name>Praveen</name> 	 	<uri>http://www.blogger.com/profile/10778095038892167017</uri> 	 	<email>noreply@blogger.com</email> 	 </author>  </entry>
Transactions – A closer look ,[object Object]
Sender – Payer, Buyer, Customer
Receiver - Friend, Merchant, Seller, Some Service Provider)
Type of Payment – instant, subscription, pre-pay, post-pay, refund, agreement to pay in future
Reason for payment – purchase, personal, gift, etc.
Category – Restaurant, Merchandise, Travel, etc.
Unique identifier
Amount and Currency
Status
Application/Client– Web Site, Mobile Application, etc.,[object Object]
Open Web Payments Extensions Filling in the missing pieces in the puzzle
ATOM An XML-based Web Content and metadata syndication format
POCO Simple, Portable and Standard Contact schema Shipping & Billing Address -- poco:address
OAUth 2.0 Request (Client) Authentication  End User Authorization (Transaction Approval) Little sketchy !
ATOMPub Application level protocol for publishing and editing web resources
So what’s our open stack ? Transaction History Application Consumer Application Merchant Application PoCo Open Web Payment OpenSearch Open Web Payments Stack Atom AtomPub OAuth host-meta/WebFinger Payments Provider
How does this work ?
Transactions represented by an Entry <entry> 	<id> -unique-transaction-id- </id> 	<title type=“text”> -short desc of transaction- </title> 	<published> -transaction creation date- </published> 	<author> 		<name>-name of the app-</name> 		<uri>-app url-</uri> 		<id>-unique-app-identifier-</id> <OWP:consumer_id>-id-</OWP:consumer_id> 		<OWP:consumer_transaction_id>-txn-id-</OWP:consumer_transaction_id> 	</author> 	<category scheme=“-iri-” term=“-category-” label=“-label-”/> 	<link rel=“alternate” type=“text/html” href=“-url-to-receipt-”> 	<content type=“xhtml”>-detailed-desc-</content> 	<OWP:transaction>…</OWP:transaction> </entry>
OWP:transaction <OWP:action></OWP:action> <OWP:status-type></OWP:status-type> <OWP:start-date/> <OWP:end-date/> <OWP:entity> 	<name/><uri/><email/><id/> 	<OWP:entity-type></OWP:entity-type> 	<OWP:amount currency=“”></OWP:amount> 	<OWP:fundingType></OWP:fundingType> 	<OWP:securePin></OWP:securePin> 	<OWP:refTransactionId></OWP:refTransactionId> 	<OWP:payment-type></OWP:payment-type> 	<OWP:status-type></OWP:status-type> 	<poco:address/> </OWP:entity>
OWP:transaction OWP:action: http:/owp-api.net/schema/1.0/verbs/Pay http://owp-api.net/schema/1.0/verbs/PrePay http://owp-api.net/schema/1.0/verbs/PostPay http://owp-api.net/schema/1.0/verbs/PrePayAgreement http://owp-api.net/schema/1.0/verbs/PostPayAgreement http://owp-api.net/schema/1.0/verbs/DelegatedPaymentAgreement http://owp-api.net/schema/1.0/verbs/HoldFunds OWP:entity-type: http://owp-api.net/schema/1.0/entity-types/Sender http://owp-api.net/schema/1.0/entity-types/Receiver http://owp-api.net/schema/1.0/entity-types/PrimaryReceiver http://owp-api.net/schema/1.0/entity-types/SecondaryReceiver OWP:payment-type:http://owp-api.net/schema/1.0/payment-types/Personal http://owp-api.net/schema/1.0/payment-types/Goods http://owp-api.net/schema/1.0/payment-types/Services http://owp-api.net/schema/1.0/payment-types/Donations OWP:funding-type: http://owp-api.net/schema/1.0/funding-types/Bank http://owp-api.net/schema/1.0/funding-types/Card http://owp-api.net/schema/1.0/funding-types/Gold OWP:status-type:http://owp-api.net/schema/1.0/status-types/Created http://owp-api.net/schema/1.0/status-types/Pending http://owp-api.net/schema/1.0/status-types/Complete http://owp-api.net/schema/1.0/status-types/Canceled

More Related Content

What's hot

Introducing safex pay june2017
Introducing safex pay june2017Introducing safex pay june2017
Introducing safex pay june2017
Neha Sahay
 
Hotelpay - The Omni Channel Payment Solution for hotels
Hotelpay - The Omni Channel Payment Solution for hotels Hotelpay - The Omni Channel Payment Solution for hotels
Hotelpay - The Omni Channel Payment Solution for hotels
Amit Kapoor
 
Airpay - Omni Channel Payment Solutions
Airpay - Omni Channel Payment Solutions Airpay - Omni Channel Payment Solutions
Airpay - Omni Channel Payment Solutions
Amit Kapoor
 
Payments Anywhere with PayPal
Payments Anywhere with PayPalPayments Anywhere with PayPal
Payments Anywhere with PayPal
PayPalX Developer Network
 
Airpay Payment Solutions
Airpay Payment SolutionsAirpay Payment Solutions
Airpay Payment SolutionsAtreyee Ghosh
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
ParvezKhan173
 
When iOT meet FinTech.
When iOT meet FinTech.When iOT meet FinTech.
When iOT meet FinTech.
qumedia
 
Safex pay wl-pg-presentation
Safex pay wl-pg-presentationSafex pay wl-pg-presentation
Safex pay wl-pg-presentation
Neha Sahay
 
PayPal Android SDK Integration + Tech/Business Highlights
PayPal Android SDK Integration + Tech/Business HighlightsPayPal Android SDK Integration + Tech/Business Highlights
PayPal Android SDK Integration + Tech/Business Highlights
Robert Schwentker
 
Tips on back end
Tips on back endTips on back end
Tips on back end
Bambootechies
 
自動販賣機與開放式掃碼支付
自動販賣機與開放式掃碼支付自動販賣機與開放式掃碼支付
自動販賣機與開放式掃碼支付
qumedia
 
Authorized payment gateway
Authorized payment gatewayAuthorized payment gateway
Authorized payment gateway
spencerwebb
 
EMV QRCode Payment in Vending Machine
EMV QRCode Payment in Vending MachineEMV QRCode Payment in Vending Machine
EMV QRCode Payment in Vending Machine
qumedia
 
Hacking with PayPal
Hacking with PayPalHacking with PayPal
Hacking with PayPal
Jonathan LeBlanc
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
Neha Sahay
 
E commerce
E commerceE commerce
E commerce
AshutoshSharma734
 
Unified payment interface
Unified payment interfaceUnified payment interface
Unified payment interface
Ravi Raj Kamal
 
Introducing safex pay 2018
Introducing safex pay 2018Introducing safex pay 2018
Introducing safex pay 2018
Neha Sahay
 

What's hot (18)

Introducing safex pay june2017
Introducing safex pay june2017Introducing safex pay june2017
Introducing safex pay june2017
 
Hotelpay - The Omni Channel Payment Solution for hotels
Hotelpay - The Omni Channel Payment Solution for hotels Hotelpay - The Omni Channel Payment Solution for hotels
Hotelpay - The Omni Channel Payment Solution for hotels
 
Airpay - Omni Channel Payment Solutions
Airpay - Omni Channel Payment Solutions Airpay - Omni Channel Payment Solutions
Airpay - Omni Channel Payment Solutions
 
Payments Anywhere with PayPal
Payments Anywhere with PayPalPayments Anywhere with PayPal
Payments Anywhere with PayPal
 
Airpay Payment Solutions
Airpay Payment SolutionsAirpay Payment Solutions
Airpay Payment Solutions
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
 
When iOT meet FinTech.
When iOT meet FinTech.When iOT meet FinTech.
When iOT meet FinTech.
 
Safex pay wl-pg-presentation
Safex pay wl-pg-presentationSafex pay wl-pg-presentation
Safex pay wl-pg-presentation
 
PayPal Android SDK Integration + Tech/Business Highlights
PayPal Android SDK Integration + Tech/Business HighlightsPayPal Android SDK Integration + Tech/Business Highlights
PayPal Android SDK Integration + Tech/Business Highlights
 
Tips on back end
Tips on back endTips on back end
Tips on back end
 
自動販賣機與開放式掃碼支付
自動販賣機與開放式掃碼支付自動販賣機與開放式掃碼支付
自動販賣機與開放式掃碼支付
 
Authorized payment gateway
Authorized payment gatewayAuthorized payment gateway
Authorized payment gateway
 
EMV QRCode Payment in Vending Machine
EMV QRCode Payment in Vending MachineEMV QRCode Payment in Vending Machine
EMV QRCode Payment in Vending Machine
 
Hacking with PayPal
Hacking with PayPalHacking with PayPal
Hacking with PayPal
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
 
E commerce
E commerceE commerce
E commerce
 
Unified payment interface
Unified payment interfaceUnified payment interface
Unified payment interface
 
Introducing safex pay 2018
Introducing safex pay 2018Introducing safex pay 2018
Introducing safex pay 2018
 

Similar to Open web payments

Monetize with PayPal X Payments Platform
Monetize with PayPal X Payments PlatformMonetize with PayPal X Payments Platform
Monetize with PayPal X Payments Platform
guest72b121
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
Nyros Technologies
 
SMA Online
SMA OnlineSMA Online
SMA Online
jasolarte
 
Integration of payment gateways using Paypal account
Integration of payment gateways using Paypal account Integration of payment gateways using Paypal account
Integration of payment gateways using Paypal account
Phenom People
 
Payment Processor vs Payment Geteway The Biggest Difference.pptx
Payment Processor vs Payment Geteway The Biggest Difference.pptxPayment Processor vs Payment Geteway The Biggest Difference.pptx
Payment Processor vs Payment Geteway The Biggest Difference.pptx
Merchantech - Payment Processing Services
 
Monetizing your Applications with PayPal X Payments Platform
Monetizing your Applications withPayPal X Payments PlatformMonetizing your Applications withPayPal X Payments Platform
Monetizing your Applications with PayPal X Payments Platform
guest72b121
 
Monetizing your Applications with PayPal X Payments Platform
Monetizing your Applications withPayPal X Payments PlatformMonetizing your Applications withPayPal X Payments Platform
Monetizing your Applications with PayPal X Payments Platform
PayPalX Developer Network
 
Cloud Based Payment Gateway Features From Zeamster
Cloud Based Payment Gateway Features From ZeamsterCloud Based Payment Gateway Features From Zeamster
Cloud Based Payment Gateway Features From Zeamster
Zeamster
 
eZ Publish Workflows and Payment Gateways
eZ Publish Workflows and Payment GatewayseZ Publish Workflows and Payment Gateways
eZ Publish Workflows and Payment Gateways
Graham Brookins
 
Payments primer
Payments primerPayments primer
Payments primer
Sumeet Maniar
 
Accepting Online Payment for Your Library and ‘Stripe’ as an Example
Accepting Online Payment for Your Library and ‘Stripe’ as an ExampleAccepting Online Payment for Your Library and ‘Stripe’ as an Example
Accepting Online Payment for Your Library and ‘Stripe’ as an Example
Bohyun Kim
 
Real Time Everything - Thoughtworks Chicago Tech Talk 2018
Real Time Everything  - Thoughtworks Chicago Tech Talk 2018Real Time Everything  - Thoughtworks Chicago Tech Talk 2018
Real Time Everything - Thoughtworks Chicago Tech Talk 2018
PaulaPaulSlides
 
Payment Integration A Comprehensive Guide to Payment Gateway
Payment Integration A Comprehensive Guide to Payment GatewayPayment Integration A Comprehensive Guide to Payment Gateway
Payment Integration A Comprehensive Guide to Payment Gateway
Inexture Solutions
 
E-Wallet Platform 2017
E-Wallet Platform 2017E-Wallet Platform 2017
E-Wallet Platform 2017
Mikhail Miroshnichenko
 
Get Paid presentation_20190123
Get Paid presentation_20190123Get Paid presentation_20190123
Get Paid presentation_20190123
Peter Walker
 
Payment gateway testing
Payment gateway testingPayment gateway testing
Payment gateway testingAtul Pant
 
Active Merchant
Active MerchantActive Merchant
Active Merchant
John Ward
 
Introducing safexpay smart NBFC solution
Introducing safexpay smart NBFC solutionIntroducing safexpay smart NBFC solution
Introducing safexpay smart NBFC solution
Neha Sahay
 
How Do You Define A Merchant Account
How Do You Define A Merchant AccountHow Do You Define A Merchant Account
How Do You Define A Merchant Account
Paycron
 
BA 65 Hour 5 ~ Creating an Ecommerce Site
BA 65 Hour 5 ~ Creating an Ecommerce SiteBA 65 Hour 5 ~ Creating an Ecommerce Site
BA 65 Hour 5 ~ Creating an Ecommerce Sitedpd
 

Similar to Open web payments (20)

Monetize with PayPal X Payments Platform
Monetize with PayPal X Payments PlatformMonetize with PayPal X Payments Platform
Monetize with PayPal X Payments Platform
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
 
SMA Online
SMA OnlineSMA Online
SMA Online
 
Integration of payment gateways using Paypal account
Integration of payment gateways using Paypal account Integration of payment gateways using Paypal account
Integration of payment gateways using Paypal account
 
Payment Processor vs Payment Geteway The Biggest Difference.pptx
Payment Processor vs Payment Geteway The Biggest Difference.pptxPayment Processor vs Payment Geteway The Biggest Difference.pptx
Payment Processor vs Payment Geteway The Biggest Difference.pptx
 
Monetizing your Applications with PayPal X Payments Platform
Monetizing your Applications withPayPal X Payments PlatformMonetizing your Applications withPayPal X Payments Platform
Monetizing your Applications with PayPal X Payments Platform
 
Monetizing your Applications with PayPal X Payments Platform
Monetizing your Applications withPayPal X Payments PlatformMonetizing your Applications withPayPal X Payments Platform
Monetizing your Applications with PayPal X Payments Platform
 
Cloud Based Payment Gateway Features From Zeamster
Cloud Based Payment Gateway Features From ZeamsterCloud Based Payment Gateway Features From Zeamster
Cloud Based Payment Gateway Features From Zeamster
 
eZ Publish Workflows and Payment Gateways
eZ Publish Workflows and Payment GatewayseZ Publish Workflows and Payment Gateways
eZ Publish Workflows and Payment Gateways
 
Payments primer
Payments primerPayments primer
Payments primer
 
Accepting Online Payment for Your Library and ‘Stripe’ as an Example
Accepting Online Payment for Your Library and ‘Stripe’ as an ExampleAccepting Online Payment for Your Library and ‘Stripe’ as an Example
Accepting Online Payment for Your Library and ‘Stripe’ as an Example
 
Real Time Everything - Thoughtworks Chicago Tech Talk 2018
Real Time Everything  - Thoughtworks Chicago Tech Talk 2018Real Time Everything  - Thoughtworks Chicago Tech Talk 2018
Real Time Everything - Thoughtworks Chicago Tech Talk 2018
 
Payment Integration A Comprehensive Guide to Payment Gateway
Payment Integration A Comprehensive Guide to Payment GatewayPayment Integration A Comprehensive Guide to Payment Gateway
Payment Integration A Comprehensive Guide to Payment Gateway
 
E-Wallet Platform 2017
E-Wallet Platform 2017E-Wallet Platform 2017
E-Wallet Platform 2017
 
Get Paid presentation_20190123
Get Paid presentation_20190123Get Paid presentation_20190123
Get Paid presentation_20190123
 
Payment gateway testing
Payment gateway testingPayment gateway testing
Payment gateway testing
 
Active Merchant
Active MerchantActive Merchant
Active Merchant
 
Introducing safexpay smart NBFC solution
Introducing safexpay smart NBFC solutionIntroducing safexpay smart NBFC solution
Introducing safexpay smart NBFC solution
 
How Do You Define A Merchant Account
How Do You Define A Merchant AccountHow Do You Define A Merchant Account
How Do You Define A Merchant Account
 
BA 65 Hour 5 ~ Creating an Ecommerce Site
BA 65 Hour 5 ~ Creating an Ecommerce SiteBA 65 Hour 5 ~ Creating an Ecommerce Site
BA 65 Hour 5 ~ Creating an Ecommerce Site
 

Recently uploaded

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 

Recently uploaded (20)

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 

Open web payments

  • 1. Open Stack For Open Web Payments Praveen Alavilli Ray Tanaka
  • 2.
  • 3. State of the Online Payments
  • 6. A Case for Open Web Payments
  • 7. Open Stack for Open Web Payments
  • 8.
  • 9. There are many players…
  • 11.
  • 13. Essential components of Online Payments Authentication – Who are you? Authorization – How much do you want to charge? Payment Instrument – What are you using to pay?
  • 14. Motivation Reduce Friction Interoperability across multiple payment platforms PCI Compliance
  • 15. Open Web Payments Consistency APIs across platforms Single model for authorization, payments and transactions Support for real and virtual currencies Single, extensible document model
  • 16. What we’re not covering (for now) Payment data portability (Merchant + Consumer) Client, user and receiver account management Direct integration with financial institutions
  • 18.
  • 19.
  • 20. The closest sibling on the web !
  • 21. Feeds – web resources
  • 22. Feeds – A closer Look <entry> <id>tag:blogger.com,1999:blog-754260340057137512.post-2123024611142172293</id> <published>2010-03-11T13:46:00.001-05:00</published> <updated>2010-03-11T13:46:50.788-05:00</updated> <category scheme='http://www.blogger.com/atom/ns#' term='wallet'/> <title type='text'>Fueling the Wallet.Next</title> <content type='html'>……</content> <link rel='alternate' type='text/html' href='http://whyidentity.blogspot.com/2010/03/fueling-walletnext.html' title='Fueling the Wallet.Next'/> <link rel='replies' type='text/html' href='https://www.blogger.com/comment.g?blogID=754260340057137512&amp;postID=2123024611142172293' title='0 Comments'/> <author> <name>Praveen</name> <uri>http://www.blogger.com/profile/10778095038892167017</uri> <email>noreply@blogger.com</email> </author> </entry>
  • 23.
  • 24. Sender – Payer, Buyer, Customer
  • 25. Receiver - Friend, Merchant, Seller, Some Service Provider)
  • 26. Type of Payment – instant, subscription, pre-pay, post-pay, refund, agreement to pay in future
  • 27. Reason for payment – purchase, personal, gift, etc.
  • 28. Category – Restaurant, Merchandise, Travel, etc.
  • 32.
  • 33. Open Web Payments Extensions Filling in the missing pieces in the puzzle
  • 34. ATOM An XML-based Web Content and metadata syndication format
  • 35. POCO Simple, Portable and Standard Contact schema Shipping & Billing Address -- poco:address
  • 36. OAUth 2.0 Request (Client) Authentication End User Authorization (Transaction Approval) Little sketchy !
  • 37. ATOMPub Application level protocol for publishing and editing web resources
  • 38. So what’s our open stack ? Transaction History Application Consumer Application Merchant Application PoCo Open Web Payment OpenSearch Open Web Payments Stack Atom AtomPub OAuth host-meta/WebFinger Payments Provider
  • 39. How does this work ?
  • 40. Transactions represented by an Entry <entry> <id> -unique-transaction-id- </id> <title type=“text”> -short desc of transaction- </title> <published> -transaction creation date- </published> <author> <name>-name of the app-</name> <uri>-app url-</uri> <id>-unique-app-identifier-</id> <OWP:consumer_id>-id-</OWP:consumer_id> <OWP:consumer_transaction_id>-txn-id-</OWP:consumer_transaction_id> </author> <category scheme=“-iri-” term=“-category-” label=“-label-”/> <link rel=“alternate” type=“text/html” href=“-url-to-receipt-”> <content type=“xhtml”>-detailed-desc-</content> <OWP:transaction>…</OWP:transaction> </entry>
  • 41. OWP:transaction <OWP:action></OWP:action> <OWP:status-type></OWP:status-type> <OWP:start-date/> <OWP:end-date/> <OWP:entity> <name/><uri/><email/><id/> <OWP:entity-type></OWP:entity-type> <OWP:amount currency=“”></OWP:amount> <OWP:fundingType></OWP:fundingType> <OWP:securePin></OWP:securePin> <OWP:refTransactionId></OWP:refTransactionId> <OWP:payment-type></OWP:payment-type> <OWP:status-type></OWP:status-type> <poco:address/> </OWP:entity>
  • 42. OWP:transaction OWP:action: http:/owp-api.net/schema/1.0/verbs/Pay http://owp-api.net/schema/1.0/verbs/PrePay http://owp-api.net/schema/1.0/verbs/PostPay http://owp-api.net/schema/1.0/verbs/PrePayAgreement http://owp-api.net/schema/1.0/verbs/PostPayAgreement http://owp-api.net/schema/1.0/verbs/DelegatedPaymentAgreement http://owp-api.net/schema/1.0/verbs/HoldFunds OWP:entity-type: http://owp-api.net/schema/1.0/entity-types/Sender http://owp-api.net/schema/1.0/entity-types/Receiver http://owp-api.net/schema/1.0/entity-types/PrimaryReceiver http://owp-api.net/schema/1.0/entity-types/SecondaryReceiver OWP:payment-type:http://owp-api.net/schema/1.0/payment-types/Personal http://owp-api.net/schema/1.0/payment-types/Goods http://owp-api.net/schema/1.0/payment-types/Services http://owp-api.net/schema/1.0/payment-types/Donations OWP:funding-type: http://owp-api.net/schema/1.0/funding-types/Bank http://owp-api.net/schema/1.0/funding-types/Card http://owp-api.net/schema/1.0/funding-types/Gold OWP:status-type:http://owp-api.net/schema/1.0/status-types/Created http://owp-api.net/schema/1.0/status-types/Pending http://owp-api.net/schema/1.0/status-types/Complete http://owp-api.net/schema/1.0/status-types/Canceled
  • 43. http://owp-api.net/schema/1.0/actions/PrePayAgreementhttp://owp-api.net/schema/1.0/actions/PostPayAgreement Prior agreement between Sender and Receiver PrePay Agreement results in money movement PostPay Agreement results in no money movement Requires end user authorization
  • 44. http://owp-api.net/schema/1.0/actions/PrePayhttp://owp-api.net/schema/1.0/actions/PostPay PrePay is for transaction recording purposes – no money movement PostPay is for merchant credit functionality – no money movement
  • 45. http://owp-api.net/schema/1.0/actions/DelegatedPaymentAgreement Delegate access to the application to make Payments on behalf of the user Requires end user authorization. Allows to set max amount allowed, max number of payments, frequency, start/end dates, and receivers.
  • 46. http://owp-api.net/schema/1.0/actions/HoldFunds No money movement but funds are held in for a specific receiver Requires end user authorization Allows to set amount, and expiry.
  • 47. http://owp-api.net/schema/1.0/actions/Pay For money movement from sender to receiver. In most cases requires end user authorization. No explicit user authorization required when used with a TransactionId for previously held funds or Delegated Payment access or when sender is same as Client
  • 48.
  • 51. How to do dynamic user approvals ?
  • 52.
  • 53. API
  • 54. Putting this all together – a grocery app <entry> <id>https://paymentsservice.com/owp/transaction/id/12345678</id> <published>2010-07-15T01:46:00.001-05:00</published> <updated>2010-07-14T08:00:50.788-05:00</updated> <category scheme='http://openpayment.org/atom/ns#' term='groceries' label="Groceries"/> <category scheme='http://www.blogger.com/atom/ns#' term='store' lavel="Safeway"/> <title type='text'>Groceries from Safeway</title> <content type='html'> <ul><li>2% Milk</li><li>2 Gallons Water</li><li>2lb Tomatos</li></ul> </content> <link rel='alternate' type='text/html' href='http://www.safeway.com/order-status' title='Safeway online Store'/> <author> <name>Your Grocery App</name> <uri>http://your-grocery-app.com</uri> <email>support@yourgroceryapp.com</email> <OWP:consumer_id>api-caller:1234</OWP:consumer_id> </author>
  • 55. Putting this all together – a grocery app <OWP:transaction> <OWP:action>http://owp-api.net/schema/1.0/object-types/Pay</OWP:action> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Sender</OWP:entity-type> <name>Praveen Alavilli</name><uri>https://me.paypal.com/id/1234567</uri><email>praveen@x.com</email> <OWP:funding-type>http://owp-api.net/schema/1.0/funding-types/Bank</OWP:funding-type> <OWP:funding-type>http://owp-api.net/schema/1.0/funding-types/CreditCard</OWP:funding-type> <OWP:funding-type>http://owp-api.net/schema/1.0/funding-types/DebitCard</OWP:funding-type> </OWP:entity> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Receiver</OWP:entity-type> <name>Safeway Store</name><uri>https://biz.paypal.com/id/7654321</uri><email>support@safeway.com</email> <OWP:amount currency="USD">25.50</OWP:amount> <OWP:payment-type>http://owp-api.net/schema/1.0/payment-types/Goods</OWP:payment-type> </OWP:entity> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Receiver</OWP:entity-type> <name>Your Grocery App</name><uri>https://biz.paypal.com/id/432156</uri><email>support@yourgroceryapp.com</email> <OWP:amount currency="USD">2.00</OWP:amount> <OWP:payment-type>http://owp-api.net/schema/1.0/payment-types/Services</OWP:payment-type> </OWP:entity> </OWP:transaction> </entry>
  • 56. Digital Goods app – using Pre-Pay <entry> <id>https://paymentsservice.com/owp/tranaction/id/2123024611142172293</id> <published>2010-07-15T01:46:00.001-05:00</published> <updated>2010-07-14T08:00:50.788-05:00</updated> <category scheme='http://owp-api.net/atom/ns#' term=’coins' label=”Coinsville Coins"/> <title type='text'>Buying coins on Coinsville</title> <content type='html’>PrePay for Coinsville</content> <link rel='alternate' type='text/html' href='http://coinsville.com/account' title=’Coinsville Account Page'/> <author> <name>Digital Goods App</name><uri>http://digitalgoodsapp.com</uri> <email>support@digitalgoodsapp.com</email> <OWP:consumer_id>api-caller:654321</OWP:consumer_id> </author> <OWP:transaction> <OWP:action>http://owp-api.net/schema/1.0/object-types/PrePayAgreement</OWP:action> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Sender</OWP:entity-type> <name>Praveen Alavilli</name><uri>https://me.paypal.com/id/1234567</uri><email>praveen@x.com</email> <OWP:funding-type>http://owp-api.net/schema/1.0/funding-types/Gold</OWP:funding-type> <OWP:amount currency=”bar">2</OWP:amount> </OWP:entity> </OWP:transaction> </entry>
  • 57. Digital Goods app – recording payment <entry> <id>https://paymentsservice.com/owp/tranaction/id/45402461154323434234</id> <published>2010-07-15T01:46:00.001-05:00</published> <updated>2010-07-14T08:00:50.788-05:00</updated> <category scheme='http://owp-api.net/atom/ns#' term=’coins' label=”Coinsville Coins"/> <title type='text'>Purchase digital sword</title> <content type='html’>Blazing sword</content> <link rel='alternate' type='text/html' href='http://coinsville.com/order' title=’Coinsville Order Portal'/> <author> <name>Digital Goods App</name><uri>http://digitalgoodsapp.com</uri> <email>support@digitalgoodsapp.com</email> <OWP:consumer_id>api-caller:654321</OWP:consumer_id> </author> <OWP:transaction> <OWP:action>http://owp-api.net/schema/1.0/object-types/Pay</OWP:action> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Sender</OWP:entity-type> <name>Praveen Alavilli</name><uri>https://me.paypal.com/id/1234567</uri><email>praveen@x.com</email> <OWP:refTransactionId>https://paymentsservice.com/owp/tranaction/id/2123024611142172293</OWP:refTransactionId> </OWP:entity> <OWP:entity> <OWP:entity-type>http://owp-api.net/schema/1.0/entity-types/Receiver</OWP:entity-type> <name>Digital Sword Seller</name><uri>https://biz.paymentprovider.com/id/9832434</uri><email>support@sword.com</email> <OWP:amount currency=”bars”>0.25</OWP:amount> <OWP:payment-type>http://owp-api.net/schema/1.0/payment-types/Services</OWP:payment-type> </OWP:entity> </OWP:transaction> </entry>
  • 58.
  • 65.

Editor's Notes

  1. A very important result of this is that a developer has to learn, code and deploy different integrations with each and everyone separately. It’s just painful.