Hi Marc, all
See some comments inline below.
On 18/06/2024 07:54, Marc Stibane via Taler wrote:
Hi guys,
> [...]
>
No more. Apple introduced a protocol named “CardSession” that does this:
https://developer.apple.com/documentation/corenfc/cardsession
<https://developer.apple.com/documentation/corenfc/cardsession>
Cool, didn't know this. Thanks for pointing this out.
1) What are the fees that the card industry would charge you to
create such one-time EMV payment tokens? One key argument for
merchants to adopt GNU Taler is that it is cheaper. If the fees
become higher instead, that could be an issue. Now, in good news,
the fees would only be higher for merchants that accept Taler via
'legacy' mechanisms, so maybe that's OK. I'd still like to know how
insanely high the fees would be, and if it would be possible to
pass _all_ of them onto the merchant. Because a customer probably
won't put 10 EUR into their Taler wallet to then buy an EMV token
for 6 EUR to buy a coffee for 5 EUR with the merchant still paying
50 cents in fees. So I would really like to understand the
economics of the approach. Do you have numbers?
No, I don't have numbers, unfortunately.
P.S.: Regarding fees, there are already some services that offer
virtual credit cards
(https://www.cardrates.com/advice/virtual-credit-cards/) for online
shopping. They are typically free for customers as they get a portion
of the interchange fee paid by merchants. AN incentive for such a
financial service provider to join a scheme like Taler + EMV is that a
fraction of the payment card transactions (and thus the interchange
fees) are diverted to them.
[...]
and the wallet can be programmed to enforce a maximum balance, to
address AML concerns.
Nope. Open source, anyone could remove the limit.
In general, yes. But if such a wallet enforced limit was deemed
important for AML, some kind of software attestation could be
implemented (on smartphone platforms that support it) to only accept
'approved' wallets with untampered limits.
The main problem with CardSession is that on iOS the “slot” for
opening the wallet with a double-click on the (hardware) sleep button
(Apple nowadays sometimes calls this "side button" but that’s
ambiguous since the louder / softer buttons are also on the (other)
side of the iPhone) can only be used by ONE app. Most, if not all
iPhone users probably want to continue to launch the Apple Wallet
with this double-click, thus we cannot use this. Our users would need
to manually launch the Taler Wallet app, which then could use
CardSession for HCE.
The DMA forces Apple to provide a “choice” dialog for this
double-click, where the user can choose which app will be launched,
but this doesn’t exist yet since there are no alternative wallets,
yet - AFAIK. Maybe later in autumn when iOS 18 ships...
Once that is the case, it would be a no-brainer to write a small
wallet select app that is triggered by the 'side-button' that allows
the user to select the specific wallet to open; or the taler wallet
could offer the user to open another wallet at start-up.
Marc