Digital Transactions Authoritative, insightful and timely information for payments professionals
Gideon Samid • Gideon@AGSgo.com
We are so used to it that we no longer realize that there is no natural bond between a credit offering and a dispute resolution. If I get a $1,000 loan from my bank, and I use the money to buy a television set at Wal-Mart, and the set is not what I expected, then I have an issue with the merchant. My bank should have nothing to do with it.
But in our present ecosystem, my complaint is automatically directed to the bank that extended the credit. On one hand, my bank is imposed upon, being dragged into a dispute not its own, but on the other hand, my credit vendor is exploiting my complaint to slap all sort of surcharges on the merchant, whether the merchant has any fault or not. In other words, the deal is not done after the merchandise is delivered.
On its face the only losers are the merchants, but in reality the only winners are the hackers.
It does not require mastery of the art of war to realize that the more entry points into your treasure, the greater your vulnerability to attack, and the thinner your defense. The settlement cycle today is a long stretch of entry point after entry point, handover after handover, with a change of custody again and again. The hackers swim around this long front that stretches from the point where the customer runs his card through the reader all the way through the front-end processing cycle. Then they sniff around the back-end, and hang on until any pending dispute is finally resolved.
It does not have to be this way. Suppose my bank checks me out and determines that I am a good risk for a $1,000 credit. This determination is digitally expressed. I walk around with this digital authentication, say, in my phone, and I stumble across a nice television set that sells for, say, $600. My phone then connects to my bank, requesting that it actualize my credit arrangement to the tune of $600.
The bank should now execute some security protocols to verify that I am myself and that the request is bona fide. Being so satisfied, the bank extends the actual loan. Suppose it materializes as cash in my corresponding debit account. When I approach the cash register, I present my cash. The vendor doesn’t care whether this is money I owe, or money I own: cash is cash. I walk away with the big-screen TV, just in time for the Super Bowl.
If it turns out that the picture is blurry, or the colors are not sharp, then I have an issue to resolve with the vendor. But I can no longer enlist my bank to squeeze the vendor.
What happened? We have simply decoupled the credit extension from the dispute resolution. Instead of exercising a prolonged front-end, back-end payment cycle, we are now exercising two short cycles: I interact with my bank to receive the cash, and separately I interact with the vendor to pay the cash. The vendor—again, separately—will pass the cash into its bank account. Because these payment cycles are decoupled, hackers cannot exploit a break-in at one cycle to compromise the others.
In today’s extended cycle with so many players, each player is vulnerable to the weaknesses of all the other players, and the weakest link determines the security of all the participants. As I said, the hackers are the only big winners. Merchants are the big losers, but the banks and the brands are not in a very good position, either. The government today uses the brands as law-enforcement agents, requiring them to decline charges from vendors or from charity recipients the government does not like. Decoupling will relieve this burden.
The big idea of modern credit is that, unlike a regular bank loan, the obligation to repay kicks in only after a purchase is made (with a regular bank loan, of course, interest is computed from the moment the money is available). This big idea is preserved in the decoupling mode. The consumer, the borrower, prearranges his or her credit limit, but his or her obligations kick in only when the money is actually used.
This decoupling solution is only one option. BitMint Ltd. and other such companies have come to realize that the payment ecosystem needs a fundamental overhaul so that security and convenience are no longer a zero-sum game, but rather a win-win configuration.
