[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Taler] A hybrid approach to allow Taler payments at an EMV payment
From: |
Jaap-Henk Hoepman |
Subject: |
Re: [Taler] A hybrid approach to allow Taler payments at an EMV payment terminal |
Date: |
Tue, 18 Jun 2024 08:36:57 +0200 |
User-agent: |
Mozilla Thunderbird |
Hi Marc, all
See some comments inline below.
On 18/06/2024 07:54, Marc Stibane via Taler wrote:
Hi guys,
> [...]
>
No more. Apple introduced a protocol named “CardSession” that does this:
https://developer.apple.com/documentation/corenfc/cardsession
<https://developer.apple.com/documentation/corenfc/cardsession>
Cool, didn't know this. Thanks for pointing this out.
1) What are the fees that the card industry would charge you to
create such one-time EMV payment tokens? One key argument for
merchants to adopt GNU Taler is that it is cheaper. If the fees
become higher instead, that could be an issue. Now, in good news, the
fees would only be higher for merchants that accept Taler via
'legacy' mechanisms, so maybe that's OK. I'd still like to know how
insanely high the fees would be, and if it would be possible to pass
_all_ of them onto the merchant. Because a customer probably won't
put 10 EUR into their Taler wallet to then buy an EMV token for 6 EUR
to buy a coffee for 5 EUR with the merchant still paying 50 cents in
fees. So I would really like to understand the economics of the
approach. Do you have numbers?
No, I don't have numbers, unfortunately.
P.S.: Regarding fees, there are already some services that offer virtual
credit cards (https://www.cardrates.com/advice/virtual-credit-cards/)
for online shopping. They are typically free for customers as they get a
portion of the interchange fee paid by merchants. AN incentive for such
a financial service provider to join a scheme like Taler + EMV is that a
fraction of the payment card transactions (and thus the interchange
fees) are diverted to them.
[...]
and the wallet can be programmed to enforce a maximum balance, to
address AML concerns.
Nope. Open source, anyone could remove the limit.
In general, yes. But if such a wallet enforced limit was deemed
important for AML, some kind of software attestation could be
implemented (on smartphone platforms that support it) to only accept
'approved' wallets with untampered limits.
The main problem with CardSession is that on iOS the “slot” for opening
the wallet with a double-click on the (hardware) sleep button (Apple
nowadays sometimes calls this "side button" but that’s ambiguous since
the louder / softer buttons are also on the (other) side of the iPhone)
can only be used by ONE app. Most, if not all iPhone users probably want
to continue to launch the Apple Wallet with this double-click, thus we
cannot use this. Our users would need to manually launch the Taler
Wallet app, which then could use CardSession for HCE.
The DMA forces Apple to provide a “choice” dialog for this double-click,
where the user can choose which app will be launched, but this doesn’t
exist yet since there are no alternative wallets, yet - AFAIK. Maybe
later in autumn when iOS 18 ships...
Once that is the case, it would be a no-brainer to write a small wallet
select app that is triggered by the 'side-button' that allows the user
to select the specific wallet to open; or the taler wallet could offer
the user to open another wallet at start-up.
Marc
--
Jaap-Henk Hoepman | I've got sunshine in my pockets
iHub | Brought it back to spray the day
Radboud University Nijmegen | Gry "Rocket"
(w) www.cs.ru.nl/~jhh | (w) www.ru.nl/ihub
(e) jhh@cs.ru.nl | (p) +31 6 20619554
PGP id: 895311AD | (m) @xot@someone.elses.computer
PGP fingerprint : BAB7 1CBA 261F A867 DF38 1F21 1863 2788 8953 11AD