Online Payment Systems For E-Commerce
Online Payment Systems For E-Commerce
Online Payment Systems For E-Commerce
OECD
Unclassified DSTI/ICCP/IE(2004)18/FINAL
Organisation de Coopération et de Développement Economiques
Organisation for Economic Co-operation and Development 18-Apr-2006
___________________________________________________________________________________________
English - Or. English
DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY
COMMITTEE FOR INFORMATION, COMPUTER AND COMMUNICATIONS POLICY
Unclassified
DSTI/ICCP/IE(2004)18/FINAL
JT03207630
FOREWORD
In June 2005 this report was presented to the Working Party on the Information Economy as part of
its work on factors affecting the development of e-business and digital delivery. It was recommended to be
made public by the Committee for Information, Computer and Communications Policy in October 2005.
The report was prepared by Caroline Paunov (consultant) and Graham Vickery of the OECD
Secretariat. The series of reports on the development of e-business and e-commerce and the restructuring
of global value chains is co-ordinated by Graham Vickery. It is published under the responsibility of the
Secretary-General of the OECD.
© OECD/OCDE 2006
2
DSTI/ICCP/IE(2004)18/REV1
TABLE OF CONTENTS
FOREWORD .................................................................................................................................................. 2
SUMMARY.................................................................................................................................................... 5
INTRODUCTION .......................................................................................................................................... 6
Scope of the report ...................................................................................................................................... 7
E-commerce development........................................................................................................................... 7
Items purchased ....................................................................................................................................... 9
ONLINE PAYMENT SYSTEMS ................................................................................................................ 12
The uptake of online payments ................................................................................................................. 12
Uptake in selected countries and regions .................................................................................................. 12
Characteristics of online payment systems ............................................................................................... 15
Account-based systems ............................................................................................................................. 16
Credit cards............................................................................................................................................ 16
Debit cards............................................................................................................................................. 19
Mediating services..................................................................................................................................... 20
Mobile payment and telephony account systems....................................................................................... 21
Payment via online banking ...................................................................................................................... 23
Electronic currency systems...................................................................................................................... 24
Smart card systems ................................................................................................................................ 24
Online cash systems............................................................................................................................... 24
Micropayments.......................................................................................................................................... 25
Different micropayment systems........................................................................................................... 26
Prospects................................................................................................................................................ 26
International electronic payments ............................................................................................................. 27
Additional services offered by payment providers.................................................................................... 27
Security for online payments..................................................................................................................... 28
Secure Socket Layer (SSL).................................................................................................................... 28
Secure Electronic Transaction (SET) .................................................................................................... 29
Provision of security information .......................................................................................................... 29
Summary ................................................................................................................................................... 30
THE ONLINE PAYMENT INDUSTRY AND NETWORK EFFECTS ..................................................... 32
Industry characteristics.............................................................................................................................. 32
Actors..................................................................................................................................................... 32
Unbundling of financial services ........................................................................................................... 32
Lock-in effects....................................................................................................................................... 33
The role of banks....................................................................................................................................... 33
The role of “new” institutions................................................................................................................ 34
Trends and new roles............................................................................................................................. 34
Summary ................................................................................................................................................... 34
DRIVERS AND IMPEDIMENTS TO DEVELOPMENT OF ONLINE PAYMENT SYSTEMS.............. 35
Supply side drivers and impediments........................................................................................................ 35
Network effects...................................................................................................................................... 35
Costs ...................................................................................................................................................... 35
Standards and co-ordination .................................................................................................................. 35
3
DSTI/ICCP/IE(2004)18/REV1
Regulations ............................................................................................................................................ 36
Demand side drivers and impediments ..................................................................................................... 36
Consumers and online payments ........................................................................................................... 36
Merchant demand for alternative payment means................................................................................. 38
EMERGING ISSUES ................................................................................................................................... 39
Standards and co-ordination...................................................................................................................... 39
Industry initiatives ................................................................................................................................. 39
Phishing and related issues .................................................................................................................... 40
The payments framework ...................................................................................................................... 41
Competition and regulatory issues......................................................................................................... 41
Payment systems and e-commerce facilitation ......................................................................................... 42
Assistance to small business.................................................................................................................. 42
Certificates and awards.......................................................................................................................... 42
Improving merchant Web sites.............................................................................................................. 43
Tax issues .............................................................................................................................................. 43
Education and Internet experience......................................................................................................... 44
Measuring online payments ...................................................................................................................... 44
ANNEX 1 GOVERNMENT INITIATIVES RELATED TO ELECTRONIC PAYMENTS AND
SETTLEMENT............................................................................................................................................. 45
BIBLIOGRAPHY......................................................................................................................................... 46
NOTES ......................................................................................................................................................... 52
4
DSTI/ICCP/IE(2004)18/REV1
SUMMARY
This report analyses the recent development of online payment systems for e-commerce, covering
different payment mechanisms, the extent to which these different systems are used and the implications of
industry characteristics and network effects. It discusses drivers and impediments to the uptake of payment
systems and identifies some policy issues for further examination.
With the development of the Internet in the 1990s there were high expectations for its widespread
commercial use and for rapid growth in e-commerce. Early predictions were over-optimistic, and attention
shifted to identifying various barriers to the widespread development of e-commerce. Specifically for
business-to-consumer (B2C) transactions the development and use of online payment systems were
identified as important concerns. Nonetheless B2C e-commerce is currently growing at around 25% per
year and growth has been much higher in some segments (e.g. travel). International transactions have
become more important, and much of the initially predicted growth has been attained if not surpassed. This
report analyses the development of online payments systems from the viewpoint of their contribution to the
development of online transactions, and identifies current issues and future challenges.
By far the major international online payment means are credit cards, which are also dominant in
many national transaction markets. Some estimates put their use at over 90% of all e-commerce
transactions. In some countries debit cards and payments via online banking are widely used alternatives to
credit cards. There is also a large diversity of other payment means such as mediating services, mobile
payment systems and electronic currency which may be appropriate for different transactions. However,
with the exception of the mediating service PayPal, the majority of alternative online payment means have
not yet gained the necessary wide user base of both merchants and consumers. For micropayments, which
are of increasing importance for digital content industries, one-off payments are not yet widely developed
as alternatives and complements to subscription payment models or cumulative systems.
The introduction of new payment systems faces significant barriers given infrastructure market
characteristics, with high initial investment costs and positive network externalities favouring established
incumbents with a wide user base. These characteristics strengthen the market position of traditional
payment system providers - credit card institutions and banks - and associated lock-in to established and/or
well-known systems and standards.
Earlier perceived transaction security problems using credit cards and online banking have been
addressed by providers. Payment mechanisms such as MasterCard SecureCode and Verified by Visa have
been developed and implemented and banking systems' security addressed. Other systems (notably
mediating services and mobile telephony systems) have the potential to address specific markets, such as
person-to-person transactions and micropayments. The development of mobile payments may also allow
greater payment convenience. Micropayments are increasingly important with the rapid growth of digital
content markets, although total transaction values are low in comparison with the volume of transactions.
Cost-effective international payment systems for very small payments are still to be developed.
A set of emerging issues and barriers to the uptake of online payment systems is briefly listed,
covering standards and co-ordination challenges, network and competition issues, and improving statistical
information.
5
DSTI/ICCP/IE(2004)18/REV1
INTRODUCTION
With the initial widespread uptake of the Internet, there were high expectations of its potential for
commercial use and especially for e-commerce. As these predictions were too optimistic in the short run,
commercial and policy focus turned to barriers to e-commerce development. Household surveys in OECD
countries emphasised a range of barriers to business-to-consumer (B2C) transactions, among them
consumer resistance to paying on line figured prominently. A number of issues around online payment
systems were often used as one of several key factors to explain slower than predicted e-commerce growth.
According to these arguments, the lack of appropriate online payment mechanisms, consumer confidence
in electronic payments and/or issues with the perceived security of payment mechanisms partly explained
the weak uptake of online shopping. In other words, payment-related difficulties were seen as one key
explanation together with other factors such as products not being appropriate, sellers being unknown,
delivery being uncertain, and consumers not being interested.
However there has been solid growth in B2C transactions (OECD, 2004a, 2004b), and many of the
high expectations formed during the technology bubble are progressively coming true (The Economist,
2004a). An increasing range of products including various types of digital content is becoming available
online, new platforms such as mobile devices are increasingly used for purchasing (OECD, 2004e), and
whole new applications and markets are developing. However a number of questions still arise. Have
online payment systems adjusted to challenges such as the trade-offs between costs versus convenience,
ease of use and transaction security, and contributed to the growth of e-commerce? How are they adapting
to the new forms of e-commerce? In 2002, consumer concern about safety of using payment cards was
identified as key barrier to online purchases (OECD, 2002a). Is this still the case or is customer “terror of
launching their financial details into cyberspace” (The Economist, 2000) still prevalent?
This report analyses the development of online payments and evidence on their use across OECD
countries (see also Paunov and Vickery, 2004). It reviews characteristics of online payment means, and
discusses the structure of this industry. The report identifies impediments to growth and emerging issues
related to further developments and structure of online payments.
The main role of a payment system is to provide a way of transferring value between different parties
in the economy. As such, it determines partly economic transaction costs. Its design will be optimal if
organised to allow quick and effective value transfers while imposing a minimum of additional costs and
risks. High costs of the payment process may seriously affect economic activity in that transactions are
rendered too expensive and, as a consequence, reduced. Conversely, lower costs through efficient payment
systems could have a positive impact on economic growth.
The use of any payment system involves direct and indirect costs. Direct costs are the fees charged by
financial payment service providers. Indirect costs include those related to the complexity of transaction
processes, speed of transactions, risk and uncertainty, and opportunity costs for the buyers and sellers
involved. The modalities of the payment system also affect the cost structure as they determine the
financial loss to both parties in case either one of them defaults on the terms of the contract.
For the reasons described above, online payment services involve a complex set of practical and
analytical challenges. These include the technological capabilities of service providers, commercial
relationships, issues of regulation and law (buyer and seller protection), security considerations including
identification issues, such as authentication and verification, and co-ordination among a variety of parties
with different and sometimes competing interests.
6
DSTI/ICCP/IE(2004)18/REV1
• Which are commonly used online payment mechanisms? How do they differ across countries?
Which payments systems are prevalent in national markets and for cross-border payments?
• What are the main features of the market for online payments? Who are the market participants?
What are the consequences of network externalities and infrastructure costs?
• What are the drivers and impediments to development of efficient online payment systems?
• What are the emerging issues to be addressed on the industry supply and user demand sides?
This report discusses various modes of online payment that are used to purchase items on the Internet.
The main focus is on online payment means (such as credit card, debit card, online banking and e-money),
and these are set in the context of traditional payment options as many on-line payment systems are
extensions of off-line systems. Mobile payments, defined as payments using wireless devices such as
mobile phones and personal digital assistants (PDAs), wireless tablets and mobile computers, are also
examined. The report concentrates on business-to-consumer online payments rather than on business-to-
business (B2B) financial transactions. With the success of online auctions person-to-person markets have
gained in importance and are also considered. The various offline payment options available for buying on
line are not dealt with.
E-commerce development
7
DSTI/ICCP/IE(2004)18/REV1
%
2.5
2.0
1.5
1.0
0.5
0.0
1998 1999 2000 2001 2002 2003
%
2.5
2.0
1.5
1.0
0.5
0.0
Q 0
Q 4
tQ 9
tQ 1
tQ 3
Q 0
Q 0
tQ 0
Q 1
Q 1
Q 1
Q 2
Q 2
Q 2
tQ 2
Q 3
Q 3
Q 3
Q 4
Q 4
04
2n 200
1s 199
3r 200
1s 200
1s 200
2n 200
3r 200
4t 200
1s 200
2n 200
4t 200
2n 200
3r 200
4t 200
1s 200
2n 200
3r 200
4t 200
3r 200
4t 200
)
ry
20
ina
Q
lim
h
h
d
h
d
4t
re
(p
05
20
tQ
1s
• Larger firms are more frequently involved in online sales (whether B2B or B2C) than smaller
ones. (Table 1, Figure 3, OECD, 2004a).
• The use of broadband has had positive impacts on the volume and structure of online shopping
and information search (OECD, 2004a).
• As experience with selling online grows, understanding of online consumer spending patterns
2
and barriers are increasing.
Table 1. Online buying and selling by size of firm in Canada 2002
percent
8
DSTI/ICCP/IE(2004)18/REV1
Figure 3. Businesses using the Internet and businesses receiving orders over the Internet
Percentage of businesses with ten or more employees, 2003 or latest available year (1)
Businesses using the Internet 2002 Businesses using the Internet 2003
% Businesses receiving orders over the Internet in 2002
100
80
60
40
20
Netherlands
Switzerland
Zealand (4)
Republic
Italy
Norway
Finland
Iceland
Ireland
Luxembourg
Germany
Belgium
Australia
Sweden
Japan (2)
Kingdom
Denmark
Austria
Canada
Spain
Greece
Portugal
Czech
United
New
(5)
(3)
1. In European countries, enterprises with 10 or more employees in the business sector, excluding NACE activity E (electricity, gas
and water supply), NACE activity F (construction) and NACE activity J (financial intermediation). Eurostat Community Survey on
enterprise use of ICT, at least 1% threshold for the enterprises having received orders via Internet.
2. Data refer to enterprises with 100 or more employees. Agriculture, forestry, fisheries and mining are excluded.
3. Use, orders received and placed refer to Internet and other computer-mediated networks.
4. Data refer to 2001 and include enterprises with more than ten employees in all industries except electricity, gas and water;
government administration and defence; and personal and other services.
5. Data refer to industry, construction and services. 2003 estimates. Businesses receiving orders over Internet refer to 2001.
Source: OECD, ICT database and Eurostat, Community Survey on ICT usage in enterprises 2002 and 2003, October 2004.
Items purchased
The Internet has been most frequently used for e-mail exchange and as a source of information
(OECD, 2004b). For example over half of all adults in the United States used e-mail in 2003 and 40%
searched the Net for news, weather or sports information (Figure 4). About one in three US adults bought
services or goods on line, and nearly half used the Internet to gather information on products and services,
while over one in five adults played games on the Internet, and some 12.5% listened to music or watched
movies, and online banking had shown rapid growth. The data also show that for all purposes the Internet
has become more important since 1996 (U.S. Census Bureau, 2005).
9
DSTI/ICCP/IE(2004)18/REV1
Figure 4. Share of population aged 18 or older using the Internet for a specific task: 1997, 2001 and 2003
Note: Information on government/health services data from 1997 derive from the answer: “search for information such as government,
business, health and education.”
Purchase products and services data from 1997 derive from the answer “Shopping”
Source: U.S. Census Bureau, Current Population Survey, October 1997, September 2001, October 2003.
Travel is the most important category in B2C e-commerce and it represents about one-third of online
consumer spending For example, according to comScore online travel spending by Canadian residents
represented 46% of total consumer e-commerce sales excluding auctions by the end of 2003 (OECD,
2005a; OECD, 2004b). Information in the form of reading materials such as books, magazines and
newspapers are also important among purchased e-commerce items. This category constituted 27% of
e-commerce purchased items in Canada (Statistics Canada, 2003). Furthermore, the increasing uptake of
banking services in Nordic countries is noteworthy.
Products whose characteristics render them especially suitable for e-commerce are those that can be
digitally delivered. Physical products, by contrast, require physical delivery (and potentially face-to-face
purchase), which adds another challenge to e-commerce. Examples of digital products are newspaper
articles, and digital content such as software, games, and music, as well as services such as banking, travel
and tourism which can be digitally delivered.3 Figures 4 and 5 illustrate the growing importance of
downloading games and music across OECD countries.
The importance of digital content in e-commerce is likely to grow further with the increasing
development of content for mobile platforms. This trend may be further enhanced by increased co-
operation between mobile operators and content providers, as for example in the music industry (OECD,
2004e). The growing prominence of this type of product raises specific issues for online payments, most
importantly suitable micropayment options for low value access and downloads.
10
DSTI/ICCP/IE(2004)18/REV1
1
Figure 5. Internet use by type of activity, 2002 or latest available year
Percentage of individuals using the Internet
75
50
25
0
ico
ce
d
n
n
l
nd
)
y
)
om
)
ga
(3
(2
an
tri
(4
ar
n
pa
e
an
ex
la
la
ed
es
s
tu
d
l ic
Ja
s
Au
n
er
M
Fr
ng
nd
r
Sw
en
at
er
Fi
Po
ub
itz
St
Ki
la
G
D
ep
Sw
r
d
he
R
te
te
et
ch
ni
ni
N
U
U
ze
C
1. 2001 for France, Mexico, Netherlands, Portugal, Switzerland and the United States. Beginning of 2002 for Austria, Denmark,
Finland, Germany, Sweden, the United Kingdom, and 2002 for Japan.
2. Playing games only instead of downloading games and music.
3. Banking services relate to year 2003 (Czech Statistical Office Survey).
4. Downloading music only instead of games and music.
Source: OECD, ICT database and Eurostat, Community survey on ICT usage in households 2002, June 2003, OECD Information
Technology Outlook 2004, Chapter 3.
11
DSTI/ICCP/IE(2004)18/REV1
A wide variety of payment mechanisms as well as related services is currently available. This section
provides a summary of the uptake of online payments, and is followed by a brief account of common
payment systems.4
The use of online payments varies widely across countries. The Nordic countries (e.g. Sweden5,
Finland6) are notable users of online payments; and in Australia and New Zealand there has been an
important trend towards adopting online payments (BIS, 2004). In contrast, there are markets where online
payments have struggled to capture market share; for example in Japan online payments are still low
despite important e-commerce growth.7 Also in Germany offline payment methods such as cash on
delivery have been frequently used for online purchase.
In the absence of official statistics on the use of different kinds of Internet payment instruments, data
provided by payment service providers such as the European group Pago, provide useful estimates. In
2003, 94% of the total number of worldwide e-commerce transactions carried out via Pago used credit
cards (Pago, 2003). Evidence from other sources confirms this dominance: For instance, Visa European
online sales for 2003 were EUR 12.6 billion doubling 2002 results (Visa, 2004b). VisaNet shows
increasing use of credit cards particularly for airlines, catalogue ordering and travel (Visa, 2004c).
However, for 2004 Pago data found credit card dominance decreased somewhat to 81%. Much of this drop
in share was due to a significant increase in the use of electronic direct debit especially by German
consumers who have been increasing online purchases and payments, and their direct debit payments rose
from 6.5% to 17% in 2004 (Pago, 2005). The emergence of credit cards as the major payment system has
been relatively rapid considering that in 1999 the market was still dominated by traditional financial
intermediaries which offered conventional electronic payment services. However, national habits and
specific industry characteristics matter for the use of online payment systems and there are significant
differences in payment markets by country and payment types. For example, in Germany and some
Northern European countries the share of credit cards in online payments is significantly lower, and in
markets such as online auctions credit cards have a smaller market share.
Mobile payment methods are increasing in number, and in 2002 a third of the new payment schemes
recorded by the Electronic Payment Systems Observatory (ePSO), used the mobile platform (Carat, 2002).
In some countries, as for example Japan, mobile phones are used more frequently for payment than PCs
and they are also used in some other countries including Finland and Korea although other payment
methods are preferred (OECD, 2004e). But not all mobile payment systems have been successful and there
have been challenges to establish independent mobile phone payment systems.8
European Union. Across the European Union, the most commonly accepted online payment
instruments are credit cards, direct debit cards and e-banking. A 2003 study of European Web sites found
that 78% of Web sites in the sample studied accept classic credit cards, 51% direct debit and 9% e-banking
(Figure 6, PwC, 2003).9 Some evidence suggests that in Europe as a whole the share of credit cards in
online payments is lower compared to non-European countries and direct debit and online banking higher
12
DSTI/ICCP/IE(2004)18/REV1
(Pago, 2005). However, there were significant differences across countries. Credit cards and direct debit
payments were the primary options in all countries but e-banking was a fairly common option in some
countries (Finland, the Netherlands and Portugal) and is being increasingly offered, notably in Northern
Europe and higher income countries where banks have co-ordinated their online payment systems. Mobile
payments or electronic cheques were less frequently provided. Instruments such as debit cards have grown,
with a surge in offerings from 2001 (BIS, 2004).
100%
90%
80%
70%
60%
50%
40%
30%
20%
10%
0%
Sweden
Denmark
Finland
Austria
Spain
Netherlands
Portugal
Belgium
Italy
Greece
France
Luxemburg
Ireland
Kingdom
United
The
Finland. In Finland credit and debit cards and online banking payments are important for financial
transactions on the Internet. Online payments have a favourable environment and approximately 91% of
payment transactions are electronic (Finnish Bankers Association). However more innovative payment
means are not frequently used for online payments. The results of a 2003 survey suggested that less than
7% of mobile phone users have used their phone for ordering or purchasing online (Statistics Finland,
2003).
Germany. Online debit and online transfer were most frequently used for Internet purchases by
respondents of a recent online survey (Table 2).10 Credit cards were also important but less frequently used
(Krueger, 2004). According to data from payment provider Pago, in 2005 only 29% of German online
transactions were made using credit cards. The statistics also confirm the importance of direct debit; nearly
64% of all payments used this method (Pago, 2005). For purchases of digital content only, the results are
similar; and mobile phones were not used frequently for any type of purchase - including for digital
content.
13
DSTI/ICCP/IE(2004)18/REV1
Table 2. Survey Result: Payment methods used when shopping on line, Germany
Australia. According to the Australian Bureau of Statistics in 2002, 23% of all adults used the
Internet to pay bills or transfer funds. There has been a continuing positive trend in online payments usage,
with a tenfold increase from 1999 to 2002 in Australian users of the Internet for payments, and this trend
has continued. Although these are not necessarily payments for e-commerce transactions, the high levels of
use suggest familiarity with online payment systems for e-commerce.
Figure 7. Australian households paying bills or transferring funds via the Internet
Korea. Online banking is commonly used in Korea and has grown very rapidly (Table 3). If
familiarity with online banking is used as a proxy for possible uses of online payments for e-commerce,
then this suggests that online payments are likely to grow. Household surveys show that 25% claimed to
use e-commerce transactions in 2002 - an increase from 15% in 2001, with credit cards taking an
increasing share of transactions (67% in 2002 compared with 54% in 2001) and wire transfers decreasing
proportionately (Korean Statistical Office).
14
DSTI/ICCP/IE(2004)18/REV1
United States. Credit card payments are the most common payment option for online purchases in the
United States. Among new payment systems, the mediating service PayPal has been very successful for
person-to-person payments and moderately successful for some other payments. According to PayPal, one
in three online buyers has an account with them, and by the fourth quarter of 2004, PayPal had 45.6 million
accounts, an increase of 67% over 2003, with revenues and profits growing rapidly.
A wide range of systems has been developed for online payments. The analysis of online payment
systems in this report follows the scheme in Figure 8. It is divided into account-based and electronic
currency systems. Account-based systems allow payment via an existing personalised account (usually a
bank account), whereas electronic currency systems allow payment simply if the payer has an appropriate
amount of electronic currency. Five different forms of account-based systems are described: i) credit cards,
ii) debit cards, iii) mediating systems, iv) mobile payment and telephony account systems, and v) payments
via online banking. Electronic currency systems can be divided into i) smart card and ii) online cash
systems. As the focus of this work is upon recent trends in online payments, the scope of this overview
does not cover offline payment mechanisms such as cash on delivery. Also, certain aspects including
aggregation are not covered in detail.
This section gives an overview of the characteristics of different online payment systems, briefly
describing their features and initial comparisons among the systems. The discussion covers selected
characteristics summarised in Box 1 focusing on applicability, ease to obtain, ease of use, and cost. Table 5
provides a summary of these characteristics for different payment systems.
*
There has been a great deal of innovation and turbulence in the provision of online payment systems and
many of the early examples mentioned in the following text are no longer operational or have changed their
operating strategies.
15
DSTI/ICCP/IE(2004)18/REV1
Source: OECD.
Account-based systems
Credit cards
Credit cards are widely used to pay on line. Initially there was relatively little adaptation of credit
cards to online payments apart from additional security codes. But new, more secure features have been
added to protect transactions. A major difference between online and offline payments is that in online
purchases a physical copy of the card is not provided and the merchant does not obtain a signed, or similar,
confirmation from the customer. Also, whereas all offline transactions are authorised this is not the case for
all online purchases (especially with small businesses,) although authentication and verification
technologies have increased the ability of accurately authorising transactions.
Characteristics
Applicability. The credit card system has a long-established network of users and merchants ensuring
widespread applicability and a large user base for transactions of most kinds. However, fees for credit card
operations for small payments are relatively high; a fact that makes credit cards a less-suitable payment
system for micropayments. A potential way of adapting credit cards to micropayments is by using
cumulative or aggregation payment solutions (see discussion on micropayments). Another limitation arises
for person-to-person payments as a seller needs a merchant account with the credit card company to accept
payment and this option may not be feasible for occasional transactions or small businesses.
Ease to obtain. One of the main advantages of using credit cards for online payment is that the
customer does not need to obtain any additional hardware or software and there is no need for further
registration with third parties. However, some segments of potential buyers may not be eligible for this
payment method. For example, in the rapidly growing online games market, one third of game players are
less than 18 years old. They may not have a credit card because minimum financial conditions have to be
fulfilled (OECD, 2004d).11 More importantly, in some emerging economies where credit cards are not
widespread, the system may not be most suitable for online payments.
Reliability/ease of use. Payment systems are relatively easy to use provided users have experience
with online transactions. The frequency of uncompleted transactions may serve as an indicator of ease of
use. Some illustrative evidence comes from the Pago Platform that processed around 90 million
16
DSTI/ICCP/IE(2004)18/REV1
transactions in 2004. In their 2003 analysis of a large sample of their 2002 transactions one in three credit
card transactions (32.5%) did not end in payment, and a main cause was the rejection of credit card
information by the authorisation system (56% of failures). Possible reasons for a large share of these non-
completions include mistakes in entering information, credit card number not existing, verification number
incorrect, an un-issued number, unfamiliarity with verification numbers, and insufficient account funds, as
well as a relatively small share of rejections due to possible fraud (9%). German online purchasers had a
much lower rate of unsuccessful transactions (12.6%), but the distribution of reasons for non-completion is
similar to the overall sample. These results are based on analysis of 3.67 million transactions that include
representative online sellers from 29 different countries and buyers from 198 countries (Pago, 2003).12
There were no major changes in 2003; analysis of 16.5 million transactions showed that 34.5% of
worldwide credit card transactions did not end in payment (Pago, 2004).
Cost. The fee charged by the credit card company to the merchant ranges from 2-6% depending on
geographical location, issuing bank, merchant category and sales characteristics (including size, the
importance of national and international sales) (Pago, 2003), and there is usually a certain fixed fee for
opening and maintaining a credit card account. Further, as non-completion of credit card payments appears
to be relatively high, there may be additional costs (perhaps up to one third higher) for online stores. Even
when the credit card transaction is authorised and concluded, the merchant may have to cover costs for
payment reversals. Merchants generally bear the cost of “chargeback” if they do not have a customer
transaction signature and these costs could prove onerous for smaller merchants.
Since credit cards were not specifically designed as online payment systems, there are inherent risks
associated with their use as such. Cardholder authentication has usually been handled through the provision
of name, credit card number and expiration dates without further authentication.13 In giving this
information the online customer provides the merchant with information that could be used by others for
online purchase if intercepted. Hence this information needs to be secured during transmission and on the
receiving server. Moreover, an important share of online sellers store credit card information (Figure 9
gives a picture of the minimum share that store information for some time). To the extent that they keep
financial data on their servers, additional requirements for secure Web site information storage arise to
prevent misuse of financial information.
To prevent information interception during the transmission of credit card information, secure socket
layer (SSL) service, which is widely used for a variety of security applications, is commonly used. SSL
also allows verification of merchant identity via the SSL server certificate (see description of SSL below).
Despite the availability of tools to verify and secure online transactions, a significant share of e-commerce
sites (10%) may still lack protection mechanisms for the transmission of information (PwC, 2003), and
some industries have significantly lower levels of implementation. Although these are general problems
that apply also to other payments, they will largely affect credit card payments because of their very high
use for online transactions.
Enhancing security. Credit card companies have taken numerous steps to address security concerns,
and a number of complementary systems have been developed. Some such as SET14 have not had a wide
take-up, and currently the most important systems are one-off credit card numbers, MasterCard
SecureCode and “Verified by Visa”. The latter two protect an existing credit card with a password created
by the user, assuring the user that only they can use their credit card when shopping online. The idea is to
progressively have these more secure payments substitute simple credit card payments. An important step
in this direction has been taken with the industry adoption of this payment technology as a standard. One-
off numbers provide increased security, as any interception of information is rendered useless by once-only
use. Although there may be extra costs, there are no significant network limitations as the credit card
17
DSTI/ICCP/IE(2004)18/REV1
network is used. An application is the ABN-AMRO e-wallet, which generates one-time credit card
numbers. This is a special and not a general characteristic for e-wallets, which are encrypted storage
mediums holding financial information; they make payment easier as data do not have to be re-entered (see
PwC, 2003).
Figure 9. E-commerce Web sites storing customer credit card numbers in Europe
percent
Verified by Visa is a system that connects the card owner for each transaction directly with the bank
by using a personal password and a personal message verifies the bank connection. This double
authentication increases payment security. Inscription for customers at their bank is relatively easy.
Another important characteristic of the system is its payment guarantee: The higher frequency of payment
cancellation in online payments often represents a significant cost to merchants.15 With Verified by Visa
the entire cost is borne by the credit card company, addressing merchant concerns over accepting credit
cards. But at the same time, limitations for charge-backs mean that consumers face less favourable
conditions under this system in comparison to simple credit card payments and lower costs for merchants
is balanced against less flexibility for customers.
The programme has experienced a successful initial merchant uptake across all regions, although
uptake on the consumer side has been weaker. In Canada all banks support Verified by Visa, and in Korea
the programme has received official supported by the government, which selected it as a secure payment
option. By 2004, more than 10 000 Internet sellers in Europe had subscribed to the system. Well-known
businesses using the Verified by Visa system include flight operator British Airways, the major German
mail-order house Otto, British food supplier Tesco, Spanish newspapers El Pais and La Vanguardia, and
the European flight operator RyanAir. In Australia, South-East Asia and North America some important
online sellers have subscribed to the service, and in the United States these included Walmart, Sony’s
Playstation and flight operator Northwest Airlines, although major online sellers such as Amazon had not.
18
DSTI/ICCP/IE(2004)18/REV1
Liability. The range of payment systems falling under legislative protection differs widely across
countries. In Denmark, for example, legislation covers all payment cards; in comparison, in the United
States the most important protection is for credit cards, as risk is carried by card providers (OECD, 2002a).
Hence, in some countries consumers wishing to use alternative payment means to avoid transferring credit
card information over the Internet may give up considerable credit card-related consumer protection
guarantees by using these means. According to various industry specialists, the chargeback option is one of
the key advantages of credit cards over other payment systems, and alternative payments often do not
provide it. On the other hand, many of the alternative payments are offered by third parties, who may
provide strong protection of consumer information, and are becoming more competitive in their
chargeback strategies for both consumers and merchants.
Anonymity. Generally, using a credit card means paying via an identifiable account and thus losing
anonymity. However, credit card payment schemes exist where the client receives “virtual” credit card
account numbers, which are specific to individual transactions. In this payment process, the identity of the
buyer is hidden from the seller and only the buyer’s bank retains a record of the buyer. As the buyer’s
customary credit card number is not given to the merchant this provides an additional level of security.
Citibank US offers this service free to its customers and additionally offers USD 0 liabilities on
unauthorised charges for consumers if they pay via this service.16
Debit cards
Debit card payments are directly withdrawn from the bank account and not from an intermediary
account in contrast to credit cards. This can make it difficult for consumers to handle a dispute/charge-
back, since there is typically no extra protection of the funds in a debit account. Once the funds have been
withdrawn, they are harder to refund than with a credit card. Also, for debit payments a physical card
and/or providing a card number is often not necessary; an account number may be enough. Apart from
these differences, the payment mechanism is comparable with credit card transactions.
Characteristics
Debit cards have a significant user spread, which in most countries is higher than the number of credit
card users depending on financial regulation and conditions attached to credit card issuance. However,
debit card payment is generally not as widespread on merchant Web sites as credit card payment, their
application is mostly limited to national payments, due to the national structures, operations and regulation
of banking systems, and they do not address the demand for international payments. Furthermore their cost
structure (as for credit cards) is not most suitable for realising one-off micropayments. It is again essential
to provide SSL for the transaction as well as for merchants and consumers to take the necessary security
precautions (see details above). Banks frequently impose stronger identification requirements for debit
payments and their overall security has been found to be higher than for ordinary credit card payments (see
e.g. PwC, 2003).
Debit card holders are less well protected in terms of legislation than credit card holders (OECD,
2002a). For example, there is a lack of specific protection in case of un-delivered goods or services,
19
DSTI/ICCP/IE(2004)18/REV1
notably in the United States, Austria, Canada, Greece and the United Kingdom. Furthermore, as this is an
account-based payment card, it does not usually allow for anonymous payments.
Mediating services
These mechanisms employ traditional payment means and add a further layer to it. To be able to use
the service, it is necessary to register providing credit card or bank account details as the source of
payments. A very successful mediating service for online transactions, beginning in the United States, is
the PayPal payment option. To pay, buyers only need to know the seller’s e-mail address, which is verified
and linked to a PayPal account. The payment will be debited from the buyer’s personal PayPal account. No
further financial information is transmitted to the seller. Another mediating service is the German
FIRSTGATE Click&Buy. By 2005, more than 3 500 industry content providers of media, publishing,
research, music, and online games with more than 5 million customers used the payment system. Further,
the payment system has become increasingly internationalised, notably with the development of the Click
& Buy Alliance that connects major telecommunications providers, ISPs and financial institutions.17
Click&Buy has been licensed by British Telecom in the United Kingdom and Ireland, and by SWISSCOM
in Switzerland and TelMex in Mexico. In March 2003 FIRSTGATE Click&Buy was introduced to the US
market. Other important mediating payments options are offered by mobile service providers (see below).
There are differences in pricing structure, in whether or not both parties have to sign up for the service
and other such characteristics across providers. Some systems allow paying from the personal bank
account and are bank-related offerings (e.g. Italian Bankpass Web18 or Japanese Inter Debit and Net
Debit19), whereas others may require pre-funding an account with the service provider. For example, the
United Kingdom has several online account-based e-payment services, used for person-to-person payments
and sometimes by businesses to offer customers a means to pay online. Examples are Moneybookers,
NatWest FastPay, NOCHEX, PayHound and Yahoo! PayPal launched UK service in early 2004.
Characteristics
Applicability. Mediating services provide satisfactory payment methods for purposes such as online
auctions; they allow person-to-person transfers without the seller having to register as a merchant (as
required for accepting credit card payments). As mediating services rely on established payment networks,
they benefit from an already existing network. The payment function can also increasingly be used in other
areas, e.g. for some dotcoms, to pay taxes in certain countries, to provide gift vouchers, online music sales,
etc.20 In the example of PayPal both seller and buyer require an account with the service, and the size of the
user network is important. Only a few mediating services seem to have overcome this obstacle, for many
providers it persists; even PayPal faces a restricted network outside auction-related (i.e. eBay) payments
and outside of the United States.
Ease to obtain. Consumers have to sign up for the service, but charging the account does not involve
major efforts as existing credit cards can be used. However, it means establishing an extra relation with an
additional provider and can be used only after registration for online purchase. But a key advantage for
sellers is that they can obtain an account easily and do not need to create a merchant account. This is the
essential feature of the PayPal payment option that explains much of its success. It renders the service
particularly attractive to small and medium sellers; the payment system is thus capturing a niche market
rather than providing a general payment option.
Cost. The PayPal system is free of charge for buyers and earns revenue from charging merchants. It
charges a rate of 2.2-2.9% and a flat fee of USD 0.30 per transaction. To make its cost structure more
attractive for micropayments in the digital music sector, the company charges a rate of 2.5% plus
20
DSTI/ICCP/IE(2004)18/REV1
USD 0.09 per transaction (Navraine, 2003). However, the fixed component in the payment structure is a
major cost disadvantage for competition in the micropayments sector.
Security. Centralised account systems can, in principle, support only limited technical security above
that of the established payment networks on which they are based, because their advantage over other
payment instruments (easy registration procedures) may be lost if stronger security measures (strong
authentication) were implemented on top of the established payment networks. In order to enhance security
and be able to deal with “phishing”, identity theft and other criminal activity, providers have planned two-
factor authentication at the domain level, i.e. authentication methods that include a hardware token. It
depends on the exact features whether this will render the payment process more complicated.
The main security features of the system are the following: In contrast to debit and credit card
payment, financial information stays with the service provider and is not transmitted to every seller.
Because both buyers and sellers have frequent transactions with PayPal rather than with individual
merchants or buyers there are incentives on both sides not to defraud, to ensure future benefits of
making/accepting payments through the service. This, however, supposes in particular that sellers cannot
create multiple identities.21
Anonymity. As the buyer has to register with the service there is no inherent anonymity in the service.
The provider may be storing and using the information provided, for example if there are close relations
between the mediating service and a merchant site.
Mobile payments are payments conducted through wireless devices. They may be used to conduct
payments for example via a bank account or via the telephone bill.
Mobile banking. GSM/SMS systems are used for contacting and effecting payments with the bank
(m-banking) as alternatives to PC-based systems. A further method is to make use of WAP for e-banking
applications. In the Postbank-O2 mobile banking payment Postbank customers are provided with WAP
telephones based on pre-paid subscription to access an m-banking application.
Bank-based mobile mediation services. An example of a mass-market mobile phone payment method
is Paybox using GSM phones.22 Internet transactions and payments to other GSM phones are possible. The
client enters the mobile number together with the amount to be paid and confirmation takes place with a
personal Paybox PIN. An automatic reply from Paybox acknowledges the payment. The amount is debited
from the customer’s bank account.
Telephony for payment. There are two different ways in which telephony accounts are used for
payment: i) “premium rate” models and ii) “direct transfer” models. In the “premium rate” model the
customer pays a higher rate for the service, which is then passed on to the merchant by the telephony
operator. Payment occurs by phoning a special number the merchant has installed with an operator, by
sending a particular code by SMS, by voice contact, or by dialup to access content on a site and the user is
charged by the minute for using the site. The direct transfer models consist in charging the telephony
account directly for payment. This is often done by installation of specific software by the operator that
offers the payment option. It can be used to debit the consumer’s account to pay another account (see PwC,
2003).
Characteristics
Applicability: mobile payments. These systems may be widely applicable due to the very impressive
growth and high penetration of wireless access compared to other telecommunication infrastructure
21
DSTI/ICCP/IE(2004)18/REV1
(OECD, 2004a). Mobile device systems are being developed for small offline payments (transport tickets,
parking fees) as well as for online e-commerce purchases. Mobile payments are potentially attractive for e-
commerce merchants because of the large mobile phone user base and installed billing and payment
systems. An example of a mobile payment means is Paybox in Austria, which provides a variety of
services ranging from secure Internet shopping, to paying for hotels, to purchasing parking tickets. Mobile
payments are also becoming increasingly common for buying mobile content. Additionally, young people,
who are important purchasers of digital content (e.g. ringtones and games), may not have a credit card. So
paying via the mobile phone bill or prepaid cards may be their only available payment option (OECD,
2004e). However, mobile payment systems have encountered difficulties gaining a sufficient user mass for
a variety of reasons. Paybox, for example, now only operates in Austria, and has discontinued attempts to
operate in other countries.
International mobile payments remain a challenge, and it is currently uncertain whether such payment
options will be available in the near future. Simpay, a payment service association set up by Orange,
Telefónica Moviles, T-Mobile and Vodafone in 2003, was an attempt to create a unified European m-
payment system for micropayments and international payments (OECD, 2004e). However, the venture
failed as intense competitive rivalry among founding companies resulted in disagreements on the scope
and applicability of a common system and members started to develop individual systems. As a result, a
possible future outcome may be separate, more complicated and costly m-payment options. Alternatively,
other payment options may substitute this option altogether (EurActiv, 2005).
Applicability: telephony systems: To take one example, the T-Pay system of Deutsche Telekom
provides different payment possibilities for consumers: Internet payments can be undertaken by charging
the phone bill or by phoning a special number; additionally it is possible to pay by credit card or debit card
and with MicroMoney, an electronic money card that allows anonymous payments. With this business
approach the telephony account system widens potential applicability provided that it receives wide
merchant adoption.
Ease to obtain. The ease of obtaining mobile payment systems differs. Ringtones or online games can
often be downloaded and paid for via premium SMS or premium call. However consumers may not know
how to use mobile phones for online payments, and easy processes and detailed explanations may be
important for widespread adoption. For specialised payment services that are separate from the mobile
operator (e.g. Paybox), prior registration is necessary.
Cost. Costs differ across telecommunication service providers and systems. Mobile payment options
are still emerging so current cost structures are not good indicators of actual prices especially as scale
economies are likely with further developments.
Security. Security characteristics differ across services. As a general aspect for mobile phones, they
offer additional possibilities for customer authentication, specifically SIM and PIN. For specialised
payment services, security is assured via multiple measures; a personal PIN, the phone number and the
mobile phone (i.e. the SIM card) itself – are all necessary for payment. Furthermore, the connection
between the handset and the base transceiver station (BTS) is encrypted.
Anonymity. Payment takes place either via the telephony or another account. Storing and tracing
consumer information and spending is thus possible. Mobile phones with pre-paid accounts may offer
greater anonymity. However, in many countries users are required to register to use pre-paid accounts.
22
DSTI/ICCP/IE(2004)18/REV1
Use of e-banking for online payments is not widespread across OECD countries. However, for three
EU countries (Finland, Portugal and the Netherlands) online banking payment appears to be important
according to their Web site availability (see Figure 6) and it appears to be growing in availability and use
in Northern Europe particularly. A number of Electronic Bill Presentment and Payment (EBPP) systems
are available; examples are Nordea Solo (Finland) and Telecast (France). However, apart from adoption in
Nordic countries, in most countries they are only marginally used. E-banking enjoys widespread use in the
United States, in particular among early adopters of the Internet and online services.
A number of online payment systems have been developed in Europe, especially where offline bank
transfers are already well established. The most common and easy to use include: online banking transfers
where the account holder is redirected to the bank’s Web site by the merchant site to effect payment. Other
options are: i) electronic and mobile banking which have more advanced features, for example, schedule
payments and ii) EBPP, where instead of having to enter all transaction details manually, these are
automatically entered from the electronic bill and the payer only authorises. The EBPP provider (either
bank or third party) establishes contracts with the organisations whose bills it can present electronically
(e.g. utility companies) and will send in the bills the buyer has authorised.
Characteristics
Applicability. Online banking has grown rapidly in some countries as payment systems are in place
and familiarity is very high so that there is potential for further applications and merchant use. However
not all countries have frequently provided online banking options (see Figure 6). This suggests that other
factors such as industry co-operation, privacy and security concerns, and cost-benefit analysis as well as
payment habits have to be favourable for widespread use. An important issue is whether merchant and
customer banks need to be the same, a fact that would require merchants to have accounts with a range of
banks. Cross-border payments and micropayment are challenges to established banking payment systems,
an important reason being the large overhead and transaction costs that are charged.
Ease to obtain. Obtaining the online payment option via online banking is straightforward as the
possession of a customer account and subscription to online banking automatically allows use for on-line
payments provided that merchants accept them.
Cost. For merchants setup costs are relatively low as the payment is effected via the bank’s payment
facilities and they do not need to install particular payment services and security devices. Also, the system
allows existing networks to be used and does not require the creation of a new one. Important merchant
costs may be entailed if merchants need to set up arrangements with a wide range of banks, but costs can
be contained if banks co-operate or provide similar systems to allow scale economies.
Security. Banks have frequently implemented supplementary security provisions beyond the standard
use of a password and PIN. One development is the use of one-off passwords for authentication, which
cannot be re-used. E-banking also often applies multiple authentications to improve payment security – the
consumer has to provide several confidential pass codes to access a personal account. Compared with
alternative hardware systems, these are relatively low cost solutions.
The online payment option may be integrated into the shopping process, but it may also be used to
pay after the purchased item has been received. This provides additional security to buyers and its
availability may encourage consumers who distrust online shopping to purchase on the Internet.
23
DSTI/ICCP/IE(2004)18/REV1
In the early stages of the online payment market new products such as Cybercash or DigiCash, were
proposed (OECD, 2000). However, they had little success and most of these instruments have disappeared.
Currently, smart card-based systems are most commonly used to pay small amounts within organisations
(e.g. vending or copying machines). They usually rely on specialised hardware and dedicated smartcard
readers for authentication.
A number of online cash systems designed for online purchases such as Virtual BBVA clic-e23
(Spain) have been implemented, and there are similar payment mechanisms in Italy,24 Austria25 and
Australia (e.g. PAY offered by SNAP). Online cash systems are software-only electronic money
instruments based on “signed” money. They usually work via prepaid cards, and arrangements differ
although most require merchant subscriptions. Electronic tokens representing a certain value are exchanged
in a similar way to cash.
Characteristics
Applicability. The user base for new electronic currency systems is initially necessarily small. Often
only a few merchants accept the new payment means so that it is not perceived by consumers to be a
payment option. However, these systems can be built on widely available networks. For example, the
prepaid cash system of the Italian Moneta Online offers a temporary Visa card that permits buyers to pay
on merchant Web sites where there is Visa card acceptance. The question is, however, whether this is a
feasible business model for new payment system providers. Consumers have to perceive an advantage in
this system over available alternative options.
Cost. There are different costs for prepaid card and smart card systems. Prepaid accounts such as
scratch-cards have physical card and distribution costs as well retailer commissions. For smart cards there
are additional installation costs for consumers, as specific software and hardware are generally necessary
for online use. Both electronic currency systems may also require large databases to prevent abuse such as
double spending, adding a further overhead cost. Overall, these systems potentially have large transaction
costs that may limit their use in some applications.
Anonymity. Electronic currency systems potentially allow anonymity in the same way as paper
currency in offline transfers. However, providers may require consumer registration and undermine the
potential for anonymous payment of these systems.
24
DSTI/ICCP/IE(2004)18/REV1
However, a series of German surveys based on a large number of online respondents provide a detailed overview of
26
online payment behaviour and consumer attitudes in Germany (Krueger, 2004). Survey results include:
Mobile payments: In the experience of respondents, mobile payments were not generally available at merchant sites.
Not all respondents were fully convinced of the security of this payment method. However, the possibility to use the
payment from anywhere was considered important, and many respondents saw the payment process as simple and
fast and found it useful.
Online banking: Many respondents found this a widely applicable payment option, and emphasised that online banking
enables more control of transactions. For non-users, some respondents mentioned perceived lack of security as a
factor.
Credit cards: A large majority of consumers found this method to have wide applicability providing an easy payment
option. Various respondents who had not used credit cards said that the timing of account debiting and security
concerns were major reasons for non-use.
Billing system: Consumers did not find this payment option on many websites. Many who said they did not use these
systems mentioned that they would need to invest time to consider the advantages among other reasons.
Prepaid systems: Limited availability of this payment option was an issue. There was also uncertainty with respect to
the security of this payment option and many found they were not financially secured with the payment method.
Consumers preferred using the payment option they had already adopted to trying other payment options. Reasons
may be that they were unwilling to invest time to consider other payment systems or that they simply did not find any
inconvenience with the payment system they were using.
The timing of payment compared with receipt of goods seems to be an important factor, explaining the success of
offline systems such as cash on delivery.
Consumers did not find the possibility to pay large/small amounts was a major problem for any payment system.
When asked what should be done to make Internet payments more attractive, respondents most frequently mentioned
legal safeguards and more information on liability in case of product damage, suggesting that consumer protection
issues are important. Other aspects mentioned were standardisation and simplification of Internet payment methods.
Source: Section for Money and Currency, Institute for Economic Policy Research, University of Karlsruhe.
Micropayments
Micropayments for transactions under EUR 5 are of growing importance for purchase of low price
items, and small payments of less than EUR 1 for instance for newspaper articles, are currently
increasing.27 Other examples include digital content such as single music tracks, single games play, press
articles and academic papers. There is evidence of a rise in supply of low-priced online content, and
according to Gartner, 44% of retailers affirm they have goods and services to sell if micropayment systems
existed, and users are increasingly willing to pay for low-cost Internet content.28 However, this is still a
developing market.
25
DSTI/ICCP/IE(2004)18/REV1
A central issue in developing micropayments is that traditional systems were originally designed for
relatively large payments. For example, credit cards have a fixed transaction fee combined with a
percentage of the transaction cost and are expensive for micropayments. Typically, the costs of
micropayments are in the range of 30-40% of the purchase value. New mediating services are beginning to
recognise the potential importance of micropayments, and specific tariffs are offered for digital content
(e.g. PayPal tariffs for individual music downloads). PayPal is one of the leading micropayment firms
together with Bitpass, Peppercoin, Opass and Payment One.
Direct-to-bill. A proposed payment solution is direct-to-bill payment via telephony. An example is the
Vodafone/T-Mobile m-Pay Bill, which is intended for small transfers. It allows either to charge the
telephony bill or to debit from pre-paid credit. Another system is the Coinlet system by Portalify (Finland),
which provides for premium-rate SMS and voice. Such payment systems are not widely offered as yet and
frequently do not permit international payments.
Prepayment. Prepaid systems also have potential for micropayments (e.g. Paysafecard30 and
Micromoney in Germany). The card is for one time use only and contains no other information than a
16-digit PIN concealed under scratch foil. New Zealand with Payex has also developed these kinds of
instruments. However none of these payment mechanisms have been widely taken up.
Prospects
There are challenges for the future development of micropayment systems. So far, the two major
online payment system providers, credit card companies and banks, have not identified this market as a
priority and profit margins are generally low. For payment provider Visa, existing aggregation models
provide a micropayment solution and so far no alternative business model to support investments in
micropayments systems has been developed. According to the company, aggregation models present an
optimal solution to consumer demands.31
Other established providers, including telecommunication service companies, may become more
involved. They have long-standing experience in micropayments, as phone calls in essence are
micropayments. Some (e.g. Deutsche Telekom) have decided to become providers of online payment
systems (see T-Pay discussion above). However, other mobile telecommunications providers are still
exploring the role they want to play in this market. For European companies, this may partly be related to
the direction of the E-Money Directive (see below). Another challenge is that it has been difficult for
payment system providers to gain a wide user spread and a number of systems have failed.32 Finally, there
are no common micropayment platforms that allow interoperability of different systems across national
borders; the failure of Simpay (see above) suggests that for m-payment solutions this will persist.
26
DSTI/ICCP/IE(2004)18/REV1
Further, there is an advantage for merchants to have consumer subscriptions rather than one-off
payments. These provide more stable income flows to merchants and increase knowledge of customers and
their purchasing habits. Consumers could benefit potentially if the result is more customised offers. At the
same time, privacy issues arise. The advantages of aggregation services for payment providers (e.g. credit
card systems) and merchants mean that there is less market pressure to develop alternative micropayment
options.
It is projected that the “direct-to-bill” option via mobile phones will grow rapidly. For Internet-based
solutions it is expected that aggregation-based systems will grow in importance along with prepaid
payment options (see Figure 10 for the United States). However, given the current weakness of prepaid
solutions (apart from mobile prepaid payments), it remains to be seen whether these will develop.
Aggregation/cumulative account systems and mobile solutions33 may become dominant systems.
Figure 10. Evolution of Internet and mobile micropayment revenues in the United States
Credit cards are the almost exclusive payment mechanism for international payments. Many
alternative payment systems are not usable across borders. A recent US study found that end users and
financial service providers consider cross-border payments to be costly and cumbersome and that there are
few incentives to develop faster and lower cost systems. Moreover, the small volume (1-2%) of US
cross-border payments relative to domestic payments is a significant challenge to establishing a critical
mass that will lead to decreasing marginal costs for such services (Federal Reserve Bank of Chicago,
2004). However B2C (and particularly B2B) cross-border payments are relatively more important in
smaller national markets and recent evidence suggests that international e-commerce is growing.
27
DSTI/ICCP/IE(2004)18/REV1
ensuring transaction security, and also providing services so that smaller merchants can accept a variety of
payment systems.
Some payment systems also offer consumer protection. Mediating service provider PayPal offers a
Money Back Guarantee that allows buyers to return merchandise and be reimbursed. Online payment
services may give buyers an option to have additional protection in the event of dispute, reimburse
dissatisfied buyers or provide insurance against fraud, and it has been suggested that mediating services
may have a relative advantage to resolve disputes between buyer and seller (Sorkin, 2001).
There are two main systems for transaction security, secure socket layer and secure electronic
transaction (OECD, 2000).
SSL is the widely used secure service system and is an important measure to establish trust between
online seller and buyer (OECD, 2005b). Encryption and decryption allow secure transfer of information
between an Internet browser and server (i.e. between buyer and seller). Data cannot be intercepted or
changed during transmission. SSL also permits merchant identification through SSL server certificates.
The SSL standard has been widely adopted because it is relatively simple and easy to use and does not
place excessive demands on the average consumer’s home PC, while at the same time reducing major
concerns about the public nature of the communication infrastructure.
SSL has an over 90% share of security measures, about the same as credit cards among online
payment systems. According to Netcraft’s SSL survey, in July 2004 there were 305 000 secure servers in
the OECD area (Table 4), an increase of about 47% since 2002. The data have been weighted by
population in order to facilitate cross-country comparisons. However, there are limitations to comparability
as there is a higher degree of centralised use of secure servers in some countries than in others (OECD,
2005b). Until recently, SSL provided services exclusively for fixed networks. But as mobile networks are
increasingly important e-commerce markets, SSL services for wireless devices have been developed. For
example, since July 2004, GeoTrust offers SSL certification to ensure secure access to Web-based
applications from mobile wireless devices (OECD, 2005b).
28
DSTI/ICCP/IE(2004)18/REV1
SET is an alternative, more complex security system based on digital certificates and signatures.35
SET needs specific software and is more difficult for cardholders to obtain and use, and despite the high
level of security offered it has not gained widespread use.
In contrast to offline transactions, online commerce does not involve personal contact during the
payment transaction, and the quality and level of information provided to consumers matter to a greater
extent. However a recent survey of European Web sites found significant information shortcomings for
e-commerce Web sites, and a significant number of them did not provide comprehensive information on
transaction security measures adopted, nor measures to educate consumers (PwC, 2003).
29
DSTI/ICCP/IE(2004)18/REV1
Network security
More generally regarding network security, because of the ubiquitous nature of the Internet and
potential threats to and vulnerabilities of the networked world, governments and businesses have become
increasingly aware of the need for a culture of security among all participants to protect national and
international systems and networks. The 2002 OECD Guidelines for the Security of Information Systems
and Networks is one example of these concerns and the response suggests nine principles for participants:
i) awareness, ii) responsibility, iii) response, iv) ethics, v) democracy, vi) risk assessment, vii) security
design and viii) implementation, ix) security management and reassessment. The role of private industry is
critical to promote this culture of security, as they build, maintain and use the networks upon which
information is shared and used, such as payment systems (OECD, 2002b).
Summary
Although there is a large range of online payment systems, credit cards for payment and SSL for
security are dominant. However, there are significant differences across OECD countries, and other
payment methods are of importance in some countries. Innovative new payment options have not often
succeeded in replacing established ones. Particular niche markets are also the exceptions, most notably the
auction market where mediating service provider PayPal established itself. The area of micropayments has
seen a range of developments but none has achieved sufficient reach and practicality to substitute the more
prevalent subscription systems as the payment option.
A central challenge for payment methods is to provide authentication mechanisms that allow both
secure payments and convenience of the transaction process. A number of new solutions, such as Verified
by Visa have been proposed or are being developed (e.g. by PayPal). As mobile phones provide additional
authentication possibilities without the need for additional hardware, this gives them some advantage in
developing secure and convenient payment systems.
Credit cards for online payments have a large user-base and benefit from familiarity and simplicity of
use and also allow international payments. Security is being addressed via new modified credit card
payment solutions. Micropayments have not been extensively addressed, in part due to potentially high
transaction volumes compared with low cash value. Debit cards are an alternative payment system,
especially where they previously enjoyed popularity for offline payments and where they enjoy a broader
user-base on the consumer side. However, they cannot be used in international payments in the majority of
cases. Further, debit cards are not currently suitable for micropayments. Mediating services can be used for
person-to-person payments, and cost savings in clearing processes may allow them to become a cost-
efficient payment means.
Using mobile devices for payments has major potential due to the very large user base and familiarity
with mobile phones and billing systems. Costs are potentially low (payments added onto an established
payment system), security can be established with extra personal pin-numbers, and micropayments can
simply be aggregated into overall payments. Challenges exist in relation to international payments and
there is the question to what extent new intermediaries (mobile operators) can act as financial
intermediaries. Electronic banking systems have a large user base and established network, and banks have
well-established procedures and security systems for online banking. International payments and
micropayments remain challenges and the relatively low offer of e-banking for online purchase in several
countries suggests that these systems still need further development to become widespread payment
options. Electronic currency systems have not had high levels of uptake despite their potential for small
and varied payments and anonymity; however, overcoming network and cost constraints pose significant
challenges.
30
DSTI/ICCP/IE(2004)18/REV1
Table 5. Summary of selected characteristics of online payment systems
Applicability Ease to obtain Reliability/ease of use Cost
Credit Widespread user base given long- Easy to obtain and no additional Relatively easy to use given wide Fee for merchants between 2-6% plus
cards established network. Not developed expenses required to use credit experience with credit card monthly fee plus “chargeback”, but
for micropayments (except for cards on line. Some groups payments. Analysis shows up to differences across countries, banks
aggregation systems) or person-to- (young, those not qualifying) may one third of transactions do not end and contracts. Consumers pay for
person payments not have access to credit cards in payment, possibly mostly due to (existing) card.
incorrect information entry. A small
share of rejections (around 3% of
total) due to possible fraud (Pago)
Debit Wide user base among buyers, but Easy to obtain and no additional Experience with debit card for cash Differences across banks and
cards country-specific spread among expenses to use on line. Often withdrawing and other payments countries. Consumers pay for
merchants. Limited to national less requirements to obtain debit suggests easy to use on line. No (existing) card.
payments, not yet developed for than credit cards data available on
micropayments or person-to-person reliability/rejection rates
payments
Mediating New services appearing. PayPal has Consumers have to sign up with Easy to use, but difficulties include Fee for merchants 2.2-2.9% and
services already wide user spread particularly the service, but use is then easy frozen accounts and sales through USD 0.30 per transaction. Free for
for auctions, and person-to-person by charging account through multiple identities. No data on consumers apart from basic payment
payments. Being developed for credit or debit card system reliability/rejection rates for (existing) card.
micropayments
Mobile Potential of greater applicability Easy to obtain for systems such Some uncertainty among Variable across systems, and cost
payments given widespread use of mobile as Premium SMS, registration consumers, and often lack structures not yet clearly established.
phones, high potential for required and more difficult to knowledge of how to use mobile For Paybox merchant and consumer
micropayments but development of obtain for payment services such devices for payment. No data on are charged
international system represents a as Paybox reliability/rejection rates
challenge
Payment Widespread user base on consumer Straightforward provided the Longer experience with online Usually few extra costs for merchants
via online and merchant side, but only consumer bank has an online banking suggests that users will and no extra security
banking established for online sellers in a banking facility find payments familiar and easy to screening/systems necessary. Maybe
few countries. Usually limited to use. No data available on consumer charges
national payments, not ideal for reliability/rejection rates
micropayments (except for
aggregation systems)
Electronic Wide user base not yet attained for Only a card or similar instrument Consumers may lack knowledge of Substantial costs involved with
currency the wide variety of mechanisms. is purchased. Usually need to how to use. No data on distributing pre-paid cards and setting
Potential usefulness for purchase at points of sale. No reliability/rejection rates given up monitoring systems For smart
micropayments account has to be built up. May limited usage cards, merchant and consumer face
require special readers and cost to install hardware
software for smart cards
Source: OECD.
31
DSTI/ICCP/IE(2004)18/REV1
This section analyses the payment systems industry focusing on network effects and their impacts on
the successful introduction of new payment options. Online payment systems are platforms that are most
useful when they have very wide coverage and preferably high interoperability among competing systems,
similar to other network industries. This suggests that beneficial competition will not arise through
building different incompatible systems but rather through the provision of different kinds of services over
common networked platforms.
Industry characteristics
Actors
The main actors in the online payment industry are: i) banks, ii) credit card companies,
iii) telecommunication providers, and iv) new entrants to online financial services. Traditionally, banks and
since the 1960s, credit card companies have dealt with the provision of payment systems. These two are
established insiders. Telecommunication providers have shown increased interest in the area of mobile
payment means. There are other new entrants into the financial services industry often providing novel
systems and new services have been set up to provide innovative means of payment (sometimes as
subsidiaries of established actors). This diversity, with long-established companies and new entrants,
creates a heterogeneous market environment.
Moreover, merchants and consumers have certain impacts on the payment industry. Small and large
online merchants have different requirements and make different uses of payment systems. There is a
tendency for smaller (but also other) merchants to purchase payment services from specialised firms,
outsourcing the payment side of e-commerce. This has lead to the emergence of new providers. In contrast,
larger e-commerce sellers such as Amazon have been internalising payment functions. However, the basic
payment operations are usually handled by banks. Similarly, consumer use of other payment systems such
as online banking or mobile systems will affect the development of the online payment industry both
nationally and internationally.
Finally, the payment systems industry involves governments, standard-setting organisations and
industry co-ordination groups that have direct impacts on industry structure and competition.
In parallel with development of online payment systems, related financial services are being offered
by different actors. Banks traditionally provided all aspects of financial intermediation but now there is
some “unbundling” of transaction services by third-party providers, introducing an additional layer into the
payment process. These third parties often deal with consumer authorisation, customer service and
merchant enrolment, and only the traditional clearing role remains with the financial institution (Mantel,
2002). Further services include administration of online pricing, billing and payment platforms (e.g. All
Charge36).
32
DSTI/ICCP/IE(2004)18/REV1
Lock-in effects
Online payment systems provide a payment platform allowing financial transactions between buyer
and seller. The number of buyers and sellers using a payment system determines its value. For example,
cardholders value credit or debit cards to the extent that merchants accept them and merchants will accept
them to the extent that buyers use them. Larger numbers of users may in turn engender better legislative
protection and further enhance the value of the widely used system. The existence of such positive network
effects is likely to lead to “winner-take-most” markets, creating powerful incumbents and tending away
from perfectly competitive markets (Economides, 2003).
In such a two-sided platform market, buyers and sellers interact through a common platform. Success
for new platform entrants depends on getting both sides of the market to participate – the traditional
“chicken-and-egg problem”. New entrants may also adopt a variety of pricing strategies and pricing levels
to optimise revenues (see e.g. Rochet and Tirole, 2001), and these may also determine uptake and structure
of the new payment system.37 Furthermore, there can be resistance to change in the supporting
infrastructure network because large, long-term investments and sunk costs are necessary for a stable and
reliable infrastructure.
One consequence of these characteristics is that a new network is of little benefit if few adopt it, and
there is the possibility that a less-efficient network standard may be adopted (see e.g. the QWERTY
standard, David, 1985). However competition from new entrants may allow switching to new standards
(Liebowitz and Magolis, 1990) depending on the intensity of lock-in effects.
Recent evidence on the strength of payment network effects shows that merchant acceptance of a
system and consumer use are correlated so that low merchant adoption hampers consumer use (Rysman,
2004).38 On the side of merchants lock-in seems to be decreasing slightly as data suggest that currently
about 45% of all North American e-commerce sites offer two or more payment methods, which may be
interpreted as lessened lock-in to specific systems (Saunders, 2004). On the other hand, there is also some
evidence that a single unified payment means is seen as important by consumers and that they may prefer
lock-in to unified systems.39
The success of new payment systems in attracting users may also suggest that lock-in is not
insurmountable. The mediating payment service PayPal has successfully expanded despite the availability
of established payment systems. However it relies on the credit card network, and whether its service can
develop and rely less on the credit card network is an open question. In general, new payment systems
superposed on existing networks40 may provide a rival to existing networks or may further strengthen them
(see Mantel, 2002).
The key asset for banks in the online payments business is that consumers often have relatively high
trust in their banks. This is a valuable advantage over other providers.41 Banks have developed online
banking services to take advantage of the widespread availability of ICTs and the Internet to lower their
costs and expand their reach. For some countries, these services have been extended to permit online
purchase. In others, debit payment options are increasingly available for buyers for online purchase and
banks have shown an interest in providing related services.42 Also, traditional bank-based means of
payment – that is forms of offline payments – often permit consumers to buy online. The importance of
banks in providing online payments differs across countries and depends partly on specific market
characteristics. For instance, whereas in some countries (e.g. Germany) non-banks play an active role in
providing online payment solutions; in others (such as Italy) banks have taken the lead in providing online
33
DSTI/ICCP/IE(2004)18/REV1
payment solutions. However this does not mean that in terms of absolute importance these measures are
likely to become as important as the leading system, credit card payments.
PayPal is an example of a successful payment service provider although the company does not aim to
become a bank. With 45 million account holders, and growing internationally, it has the equivalent of one
fourth of the number of Citigroup account holders (The Economist, 2004b). But with the growth of
mediating services banks have also strengthened their involvement in this market segment.43 In some
countries business associations are active in providing online payment systems. For example, the online
real-time debit transfer scheme proposed by the Japanese Inter Debit is operated by the Japan Internet
Promotion Association, as of end-2004 an alliance of 183 institutions of which 94 are financial institutions.
In other countries non-financial institutions have become important providers of online payment
solutions (e.g. Banksys in Belgium). Non-financial institutions are particularly important in developing
innovative payment solutions. In a sample of 100 schemes reviewed in 2002, the ePSO ePayment Systems
Database found that non-banks were often involved in more innovative projects than banks (Carat, 2002).
But this does not necessarily translate into success, which depends more on an established broad user base
and network effects.
With the importance of account-based payment systems, banks will remain important market
participants. However, they have not always succeeded as direct service provider for online payments.
Certain functions in the value chain have seen a substantial rise in alternative providers, particularly
functions most directly related with customers including the payment system interface or customer support
systems (Kaufmann-Winn, 1999, Chicago Fed Letter, 2001). In the unbundling of financial intermediation,
some industry analysts suggest that banks may be losing out, and that non-financial institutions have taken
the lead in providing new services such as administrating online payment platforms (Carat, 2002).
In the developing mobile payments markets banks may face important challenges from telecom
operators, depending on national banking regulation. A potential development is co-operation in joint
projects, e.g. providing banks with the ability to have their online information on the mobile device, and
competition will not necessarily lead to banks losing out to telecommunication service companies.
Summary
Payment systems are provided by the traditional market participants, banks and credit card companies,
and by telecommunications firms and new financial services providers. These face an evolving merchant
demand side ranging from increased internalisation of payment service functions to their complete
outsourcing. Further, governments, regulatory agencies and industry associations are important factors in
the market. The two-sided platform market has positive network effects and significant infrastructure
investment costs. As a result there is a likelihood of lock-in to established dominant networks. A number of
market characteristics support lock-in although this is not the case for all payment systems and mobile
payments are emerging as a viable alternative payment option. Banks retain an important position in the
market, credit card companies have a very high share of transactions and new actors are challenging banks
in providing services especially in those parts of the value chain directly related to consumer services.
34
DSTI/ICCP/IE(2004)18/REV1
This section discusses some of the drivers and impediments to the development of new online
payment systems and identifies some of the main issues to be discussed in the last section. Three different
approaches can be taken to the development of consumer online payment markets (Mantel and McHugh,
2001). One approach emphasises that there are significant institutional, design, competition and/or
customer irrationality challenges that may require public sector involvement. A second suggests that
market forces will allow development of an optimal payment market as long as efficient solutions are
identified by consumers, merchants and financial providers and steps towards their implementation clearly
planned, i.e. efficient co-ordination among all market participants is necessary (see Caskey and Sellon,
1994). A third approach argues that markets are efficient and that as a consequence optimal results can be
achieved even without co-ordination, despite network effects. Aspects of these three different approaches
are discussed in this and the next section.
Network effects
The established financial institutions, credit card companies and banks, have significant market
position due to the advantages they derive from their established networks. The mediating service PayPal
has successfully challenged this position in the auction market, but many new entrants have failed because
of their inability to establish an equivalent user base. Telecommunications companies are interesting new
participants, provided that they succeed in developing payment options and to the extent that regulations
allow them to operate as payment intermediaries.
Costs
Use and interoperability of systems across borders is an important driver for successful payment
systems, and a major impediment for new methods. Difficulty in establishing cross-border payments via
mobile devices is a major challenge; national differences and competition among providers are likely to
retard the process and to significantly increase the cost for payments. Various firm-specific standards may
act as obstacles to adoption, rendering the m-payment option less attractive than would be the case if a
common system was agreed on.
35
DSTI/ICCP/IE(2004)18/REV1
Standardisation can be important to achieve high levels of uptake. The experience with payment via
online banking in Finland illustrates this. The co-ordination efforts of Finnish banks gave the key for
success of this payment method, even though the payment model in general has significant capabilities.
Banks agreed on operational rules and standards and arranged to provide a unified interface for Finnish e-
banking, which seems to be a major reason for its success (Kallio, 2003).
However despite the positive results from co-ordination and standard-setting for e-banking payment
systems in Finland and similar examples, banks (and other actors) do not always co-operate, often due to
free-rider concerns. Banks may be unwilling to invest if there is uncertainty that others will also invest.
This may be a particular impediment if only joint bank investment will achieve a critical mass of
consumers, for example in international payments, which may not be profitable for single company
investment (Federal Reserve Bank of Chicago, 2004). In general, co-ordination involving many
participants involves significant costs. The success of Finland’s online banking was facilitated by only a
few banks having to co-ordinate activities. Further, if different systems are already in place, this creates
additional problems, including adequate compensation for past investments in separate systems.
Regulations
A range of regulations affect the development of payment systems, and which institutions can enter
different markets. For example, can only banks issue electronic currency? Can non-banks offer mediating
payment services? What regulation applies to those providing online payment services only? Answers to
these questions play an important role in shaping conditions for entry and the power of established banks
and credit card institutions.
There have been continuing consumer concerns over online payments and especially online credit
card payments. This has been consistently raised as one of the main reasons for consumers not buying on
line. Some of these concerns refer specifically to online payments whereas there are also more general
concerns related to e-commerce and the Internet in general. Surveys confirm that many consumers are
preoccupied with fraud when it comes to online payments; this is revealed by surveys of US consumers
(Ipsos Insights, January 2004) and similar surveys in Australia, Canada and the United Kingdom. Privacy
and security issues also explain why consumers do not pay onl ine. For example Korean consumer surveys
found that these concerns as well as fear of possible fraud were important reasons not to purchase (Korean
Statistical Office, 2003). There are also other worries such as distrust in the confidentiality and security of
personal information provided (Ipsos Public Affairs, December 2003). For a recent overview of various
aspects of indicators, on-line trust, including measurement issues and the need for more reliable and
comparable surveys, see OECD 2005b.
However, whereas the surveys identify consumer concerns over security; the total number of online
shoppers and purchase values has increased rapidly and various payment systems have improved security
features. There is also increasing trust in online payments, especially among younger people and
experienced Internet users. The limited time series data and other evidence support the idea that experience
with the Internet and other specific e-systems reduces consumer preoccupations over security. In the case
of credit cards, the development of new alternative secure payment methods (one-off credit card numbers,
“Verified by Visa” and similar systems) has contributed to reducing security concerns. However, there are
new challenges to Internet security and they have to be dealt with as they arise to further reduce security
concerns.44
36
DSTI/ICCP/IE(2004)18/REV1
Consumer attitudes
Lack of trust in the Internet is an important factor to explain why consumers do not purchase on line.
For example in the European Union in 2003, 25% of those surveyed did not use e-commerce for that
reason (Table 6). The economic benefit of trust comes from reduction in transaction costs, including those
associated with information asymmetries. The adoption and increasing usage of ICTs and subsequent
emergence of global electronic commerce heightens the importance of trust mechanisms45 (Guerra and
Zizzo, 2003, Alessina and La Ferrara, 2000).
Security of online payments is not exogenous to consumer behaviour. For example password selection
is essential, as easy words are often chosen (e.g. related words or easy combinations) and this weakens the
security of password authentication. Further, with the increasing ubiquity of the Internet the growing
incidence of “phishing”, 46 malware and other criminal activity heightens the importance of consumer
awareness. In very large part, the security of the consumer and consumer computer systems depends on the
consumer, as banks and other financial intermediaries can only secure information transfer and their own
systems. The consumer has to ensure that they behave responsibly, no dangerous programmes are
downloaded, new software versions are used, and anti-virus programmes and firewalls are installed and
properly configured and maintained (BdB, 2004).
Table 6. Reasons for not buying over the Internet in EU countries, 2003
percent
You do
You are
Buying not
You do You do Using not
anything Internet is You have understan
not have not Internet is interested Other Don't
over Internet too no credit d the
access to trust too in buying reasons know
is too complicated cards language
Internet Internet expensive anything
complicated well
on the Net
enough
Austria 58 20 7 34 8 7 10 4 9 0
Belgium 55 31 4 35 5 6 8 2 7 1
Denmark 46 31 4 34 9 8 9 3 7 1
Finland 46 22 3 41 10 6 12 7 8 3
France 66 31 8 22 8 7 5 2 5 2
Germany 64 20 9 36 10 9 7 3 3 2
Greece 56 27 3 29 4 4 5 5 6 3
Ireland 50 16 4 24 6 5 14 2 5 8
Italy 47 26 3 23 3 4 8 1 5 1
Luxembourg 42 34 3 28 5 7 7 1 8 2
Netherlands 36 32 7 33 7 6 16 4 11 1
Portugal 57 20 7 29 6 9 3 3 11 2
Spain 56 24 3 21 5 5 3 3 4 1
Sweden 33 37 4 45 13 6 6 5 7 4
UK 58 22 2 25 5 7 8 2 9 2
EU15 57 25 5 28 7 7 7 2 6 2
Note: This question was asked of the 83% of EU citizens responding to the survey who had not used Internet to make purchases.
Source: European Commission, Special Eurobarometer survey on European Union public opinion on issues relating to business to
consumer e-commerce (Reference: 201 EB60.0), March 2004.
Consumer awareness of theft and other criminal behaviour associated with e-commerce has
sharpened, and consumers are taking more precautions when buying on line. For example, according to
research by the Consumer Reports WebWatch coalition, 86% of Americans surveyed said they changed
online behaviour because they were more aware of identity theft and credit card fraud (as quoted in BBC,
2005). There is also some scattered evidence that some consumers may cut online spending as a result. The
same survey found that 29% of those interviewed purchased less on line because they know more about
37
DSTI/ICCP/IE(2004)18/REV1
risks associated with e-commerce. With steadily rising e-commerce sales and increasing e-banking, online
payment systems have to be continually adjusted and developed to ensure adequate transaction security
while providing ease of use, and consumer awareness of their own responsibilities is a necessary condition
to limit theft and fraud.
Familiarity
There is evidence that those paying on line are often more experienced Internet users and generally
have specific socio-economic characteristics such as higher incomes, suggesting that experience and
familiarity with the Internet do have an impact on using online payments. Familiarity with payment
systems is a further challenge for methods other than credit and debit cards.
Payment alternatives
There is some evidence that consumers prefer to be offered a variety of payment options on merchant
sites. For example a study by Quality Research Associates finds that sellers accepting four types of
payment have more buyers than those offering fewer payment options. Furthermore low cost and
convenience of payment are important. Consumers want an easy-to-use means of payment rather than
complicated options, and are less likely to use more difficult payment systems. They also want to be fully
informed about payment systems (Princeton, 2002). This suggests that convenience and knowledge are
important drivers for established methods such as credit cards and impediments for new systems.
Costs
In terms of costs for consumers of the payment schemes analysed by ePSO, only a third of the
sampled systems charged the customer. Most significant costs for consumers are for hardware (card reader
or SIM card) rather than subscriptions or per-transaction fees. For schemes other than smart cards, costs do
not seem to constitute a major impediment to payment systems for consumers (for ePSO see Carat, 2002).
Merchants may also prefer to have other payment means than traditional credit card systems because
of liability, reliability and cost concerns. However there is no clear evidence that payment system issues
are significant deterrents to merchants offering products on line. The main reasons usually given by firms
for not selling on line are the unsuitability of products to be sold on line, unwillingness to change their
existing business strategy, concerns particular to firm size (unfamiliarity, delivery, etc.), rather than issues
related to payment systems. An exception may be digital content as there is some evidence that effective
online payment solutions may lead to a greater supply of products online.
38
DSTI/ICCP/IE(2004)18/REV1
EMERGING ISSUES
Payment systems are an essential part of the infrastructure for e-business and e-commerce, and there
is considerable policy focus on ensuring that payment systems and electronic payment and settlements
function appropriately. Electronic settlement and payment issues are among the group of policy areas
commonly identified in the Information Technology Outlook 2004 as being important to enhance the
infrastructure for ICT applications, and this is a continuation of the earlier high priority given to this area
as reported in the 2002 edition of the Information Technology Outlook. A summary list of national
electronic payment and settlement initiatives is given in Annex 1. Three areas are discussed in this section,
standards and co-ordination challenges, network and competition issues, and better statistical evidence.
Trust-enhancing measures and consumer policies - although of major importance for users of payment
systems - are not considered in this section. The following discusses some potential topics, but does not
provide a list of policy priorities.
Industry co-ordination and standards issues cover a range of interrelated topics. Agreements on
standards establish common technical rules for payment information exchange and interoperability
conditions to allow for the reciprocal use of payment instruments.
Common standards allow economies of scale that lower the cost of payment means. The cost structure
for payment systems is such that they generally require significant initial investment but low marginal
costs for additional users, and economic viability requires a critical mass of users. A variety of different
payment systems and intermediaries and lack of standardisation, especially in international payments, may
result in higher transaction costs and make it more difficult to reach this critical mass without
co-ordination. Standards and co-ordination issues may become important in the area of micropayments
where the usual co-ordination and standardisation by the major banks and credit card companies has not
yet occurred. But against these advantages, they may also result in lock-in to established systems and
higher costs if they unnecessarily protect higher cost incumbents.
Industry initiatives
There have been a number of industry initiatives to promote the development of payment systems, for
example in the area of mobile payments. The Mobile Payment Forum47 (including American Express,
MasterCard and Visa) was created to standardise features and functions to enable secure m-payments.
There have also been efforts at the national level. For example, in Austria four of the five national
operators joined forces to offer a single m-payment interface to merchants (One, Hutchison 3G, T-Mobile,
Telering). A further interoperability initiative was the formation of the Mobile Payment Services
Association (MPSA) in March 2003.
Industry initiatives will not always result in solutions for online payments. For example
fragmentation, competitive rivalry and lack of international co-ordination are challenges for developing
systems for international transactions and micropayments (OECD, 2004e). There is a clear need for
interoperable solutions for electronic payment systems/platforms and the roles of industry in the design,
development and implementation of solutions, and of government in setting broader frameworks has been
consistently raised (see e.g. PwC, 2004).
39
DSTI/ICCP/IE(2004)18/REV1
Industry initiatives may also serve to improve the working of online payments. With rapidly
increasing online payments and financial transactions, the associated rise of “phishing” and other
fraudulent and criminal activity has led the payment industry to co-operate in programmes to raise
consumer awareness and address their security concerns. For example a recent Gartner survey of 5 000
online consumers estimated that between May 2004 and May 2005 73 million Internet users received
“phishing” e-mails, and although most consumers did not have financial losses, 75% of respondents said
they would select online shops more carefully and one in three planned to buy fewer items on line (cited in
Cosgrove Ware, 2005). To address this challenge, the Anti-Phishing Working Group,48 a joint industry
association, was created to work with major e-mail providers to impede delivery of phishing-related e-
mails. There is also close co-operation between government agencies, enforcement bodies and private
industry.
Security more generally is an important factor for e-commerce and online payment systems. Although
many incidences of e-crime, computer viruses and auction fraud are not primarily related to payment
systems, some are, and they need to be addressed (Figures 11 and 12). A recent OECD publication on trust
in the online environment concluded that: “The available evidence all points toward a large increase in
e-crime, such as identity theft or online fraud, as being inextricably linked to the rise in ICT use (OECD,
2005b).”
Figure 11. Share of individual Internet users having encountered security problems in 2004
Percentage of individuals who used the Internet within the last year
50
40
30
20
10
0
%
l ic
om
g
y
ry
en
k
ay
d
e
a
nd
ey
in
ga
ur
an
ar
ec
tr i
an
an
an
ub
ga
pa
w
ed
rk
la
gd
bo
tu
m
us
re
nl
el
ol
or
ep
un
Ir e
Tu
S
or
Sw
en
in
er
Fi
m
Ic
A
P
G
N
R
K
H
P
xe
G
D
ch
d
Lu
te
ze
ni
C
Source: Eurostat, Community Survey on ICT Usage in Households and by Individuals, 2004, February 2005.
40
DSTI/ICCP/IE(2004)18/REV1
Auction fraud
Non-delivery
Credit/debit card fraud
Invest ment fraud
Business fraud
Confidence fraud
Identity theft
Check fraud
Nigerian letter fraud
Communications fraud
% 0 10 20 30 40 50
Percentages based on the total number of Internet-related complaints (75 063) received January-December, 2002.
Source: IFCC, http://www.consumer.gov/sentinel/states03/internet_related_trends.pdf, September, 2004.
Analysis and experience suggest that government involvement is most important in setting the general
framework for development, that it be technically neutral and aim at ensuring competition, avoid
unnecessary regulation of individual payment systems and not inhibit innovation (PwC, 2004). For the
Finnish payment system example, security features were developed by service providers and the Financial
Supervision Authority only provided guidelines and standards for IT security and continuity plans.
Regulatory questions arise regarding whether and to what extent non-financial institutions
(e.g. telecommunication service providers) can become involved in providing payment systems, and to
what extent these institutions have to then comply with financial institutions regulations. This has direct
impacts on competition in the online payments market.49 Legislative frameworks can also have important
side-effects on the development of new payment systems. For example, definitions of micro-payments
differ across EU Member States resulting in different legislative or supervisory bodies applying them,
which may have a negative effect on the development of inter-European micropayment services (PwC,
2004).
In the European Union the E-Money Directive was introduced in October 2000 to offer protective
regulation that would not inhibit market competition (Directive 2000/46/EU). The original objective was to
encourage innovation and allow non-banks to enter the e-money market, particularly with the emergence of
early e-money systems. For this purpose, the regulation allowed the creation of new institutions, called
“electronic money institutions” (ELMI) with lighter regulation than credit institutions. Under the Directive,
electronic money must be redeemable for cash at equal value. Also, issuers of electronic money are
required to implement safeguards against money laundering (Krueger, 2002). However early systems did
not have extensive uptake (most e-money providers remain below the threshold stipulated in the Directive)
and a range of different providers including prepaid card providers, mobile operators and payments
services providers have entered this rapidly changing market.
The challenge in applying this regulation is to establish what kind of activity qualifies a business to be
an ELMI. This led to different applications across the European Union. Especially the question arose with
41
DSTI/ICCP/IE(2004)18/REV1
respect to mobile operators, and whether their payment services qualify them as ELMIs. In April 2004, the
Commission launched a consultation to look into how the E-Money Directive should be applied to mobile
operators, whether the Directive covers risks appropriately and if it is conducive to the industry’s
competitiveness (DG Internal Market, 2004). The consultation closed in October 2005 and a report
containing recommendations was expected in Spring 2006.
The E-Money Directive provides a common regulatory approach to e-money providers for European
countries. However it is an exception, and there is little uniformity in payments across countries. For
example, in the United States legislation differs across states, and in other countries, there is not yet a
system to regulate online payments. Japan previously adopted stored-value card legislation, but it is not
clear how this would deal with electronic money providers such as, e.g. PayPal. In other countries
legislation is currently being considered.
Despite the desirability of appropriate regulatory standards, in some circumstances the risk of
overregulation through duplicative regulatory structures and multiple regulators may be greater than the
prudential risks posed by payment facilities (BIS, 2004 report for Australia).
Some member countries have paid particular attention to assisting small merchants in building up
secure online shops including online payment systems. For example, the German Bundesministerium für
Wirtschaft und Arbeit sponsored regional-level information centres to assist small and medium enterprises,
such as the regional Beratungs-und Informationszentrum Elektronischer Geschäftsverkehr (BIEG)
(http://www.bieg-hessen.de). This institution provides a free information platform where online sellers can
register and find other companies for online projects. This is part of the government “Information Society
Germany 2006” plan (BMWI, 2003).
Online merchants can help promote online payment by obtaining and displaying certificates and
awards. However proliferation of awards and certificates may not add particular value.50 A smaller number
of widely recognised certificates is important to make them work. Certification does not have to be directly
provided by national governments. An example is the Better Business Bureau with 300 000 business
members in Canada and the United States, which seeks to foster fair relationships between businesses and
consumers. The institution’s program, BBBOnLine, identifies good-practice merchants to consumers
notably through the Reliability and Privacy “trustmark” programmes. The same group has created the
Global Trustmark Alliance with international partners, which has the same goals.
Following the OECD Guidelines for Consumer Protection in the Context of Electronic Commerce
(1999) and their recommendation of trust-enhancement through trust marks, the UK government worked
with the Electronic Business Alliance and Consumers Association to develop a non-profit organisation,
TrustUK, to accredit codes of conduct for electronic commerce (OECD, 2003b). There have also been
efforts at the level of the European Union towards the development of trust marks.51 Further action is
necessary to raise consumer awareness of these; according to a 2003 Eurobarometer survey, in the EU
more than four in five consumers had not heard of Internet trust marks (Table 7).
42
DSTI/ICCP/IE(2004)18/REV1
Note: In the context of the Internet, have you ever heard of Internet trust marks? This question was asked to all respondents.
Source: European Commission, Special Eurobarometer survey on European Union public opinion on issues relating to business to
consumer e-commerce (Reference: 201 EB60.0), March 2004.
An important step for further online payment uptake is to ensure merchants apply adequate security
protection measures and invest to enhance security. These initiatives do not necessarily have to come from
the public sector. For example Visa and MasterCard have established standards to prevent fraud in online
payment via credit cards. The Visa Account Information Security (AIS) and MasterCard’s SDP
programmes have been specifically developed to improve data security against risk of unauthorised
interception of financial information.52 Such steps are designed to ensure greater security for online sales.
Tax issues
Issues arising with regards to consumption taxation of cross-border electronic commerce have been
addressed by the OECD. The 1998 Ottawa Taxation Framework Condition provides that consumption
taxation of cross-border electronic commerce should result in taxation in the jurisdiction where the
consumption takes place This, whilst preserving tax neutrality, raises practical difficulties in ensuring
collection of consumption taxes on cross-border business-to-consumer transactions of electronic services
and intangible products (OECD, 2001 and 2003c). Collecting consumption taxes directly from the
consumer is not efficient given the administrative difficulties. For cross-border supplies of goods (a far
greater trade than for services and intangibles,) the problems are much reduced as Customs administrations
are able to ensure collection of any consumption tax due on line, before releasing the goods to the
customer.
The European Union implemented a VAT Directive in July 2003, removing tax on exports of
electronic services from the EU and, at the same time, requiring collection of VAT on electronic services
imported into the EU by consumers from suppliers outside. In order to facilitate collection of VAT on
these imports the EU followed a recommendation in a 2001 OECD report by allowing overseas suppliers
to use a simplified on-line system of registration, reporting and payment. Unaccounted
(i.e. untraceable/anonymous) payment systems could pose even greater problems for tax administrations.
43
DSTI/ICCP/IE(2004)18/REV1
Online payments have only recently received attention for their importance in the development of
e-business and e-commerce. There is rather little official statistical information on them especially for
cross-country comparisons and time series analysis to better identify uptake of different kinds of payment
systems, impediments and related issues. Comparable household and enterprise surveys are now carried
out regularly in some countries (e.g. the Eurostat model surveys undertaken in EU countries, although the
question on whether the individual or business made a payment on-line has been removed from the
Eurostat and OECD household model surveys and OECD has removed the question from the business
model survey, but whether a mobile phone has been used to make a payment has been added). There are
some questions regarding perceptions of barriers to payment and security concerns, and these could
usefully be extended to help analyse the drivers and impediments to the use of on line payment systems
(for a first overview of measuring on line trust issues see OECD, 2005b). Related initiatives investigating
payment systems, for example, the Electronic Payment Systems Observatory, have provided a useful
information-sharing infrastructure on electronic payments (Carat, 2002). Initiatives that analyse individual
payment systems (Krueger, 2004) are useful steps towards detailed analysis of online payment markets.
More detailed information for OECD countries would allow a better understanding of differences and
common challenges for online payments.
44
DSTI/ICCP/IE(2004)18/REV1
ANNEX 1
GOVERNMENT INITIATIVES RELATED TO ELECTRONIC PAYMENTS AND
SETTLEMENT
Austria E-Payment modules for income taxes and e-government transactions, online banking, using
XML standard and electronic signatures.
Australia Australian businesses employing electronic payments. Other initiatives in place.
Belgium Law governing electronic payments to instil trust among consumers and merchants.
Czech Republic Electronic signature to enable communications with public administration.
Finland Paperless accounting project for government agencies, with 70% participating by end 2004.
Effort to standardise electronic invoices and payments with local and private sectors.
France Basic security rules for safety of online payments and payment security observatory to monitor
progress.
Greece Legal framework for digital certificates and signatures. National certification scheme under
development for electronic transactions. Banks, stock market and tax authorities implementing
secure environments for transactions.
Hungary Efforts to initiate electronic payments for business, but still requires changes in legal framework.
Italy Initiative to automate payments in public administration. Implementation of access card for public
services and payments. Italian banking association endorsing BANKPASS Web for secure
online purchases and payments.
Korea Expanding e-payment infrastructure in public and private transactions. Interoperability of
payment card systems in public transportation.
Mexico Bank of Mexico programme for secure electronic payment systems. Development of eSAT
system for electronic transactions between companies and public authorities.
The Netherlands Study of payment systems for internet and mobile phones and search for ways to accelerate
development.
New Zealand Act protecting electronic transactions. Strong presence of electronic banking.
Poland Framework established for electronic payments and customs.
Portugal e-Procurement seen as tool for development of electronic payments in setting example, building
trust, stimulating private sector development, and laying legal groundwork.
Sweden Ties into work on government procurement and electronic signatures.
Switzerland Exchange of information for VAT calculation, but requires certified data. E-government
transactions used to develop PKI and e-payment systems.
Turkey Electronic signature law discussed. Articles regarding electronic contracts added to code of
obligations. Banks conducting pilot projects. Electronic corporate document submission in
development.
United Kingdom Improving e-payment environment through pilot programmes, government use, trust building
initiatives.
Source: OECD. Summary responses to the OECD Information Technology Outlook 2004 Policy Questionnaire: Electronic settlement /
payments.
45
DSTI/ICCP/IE(2004)18/REV1
BIBLIOGRAPHY
Abrazhevich, D. (2001b), A Survey of User Attitudes towards Electronic Payment Systems, IPO, Centre
for User-System Interaction, Technical University of Eindhoven (TUE).
Alessina, A. and E. La Ferrara (2000), The Determinants of Trust, NBER Working Paper No. 7621.
Australian Bureau of Statistics (ABS) (2001), Household Use of Information Technology – Australia 2000.
Australian Bureau of Statistics (ABS) (2003), Household Use of Information Technology – Australia
2001-2002.
Bank for International Settlements (2004), Survey of Developments in Electronic Money and Internet and
Mobile Payments, Committee on Payment and Settlement Systems.
BBC News (2005), US internet use rises as do fears, 28 October, available at:
http://news.bbc.co.uk/1/hi/technology/4384482.stm
Beales, H., R. Craswell and S. Salop (1981), Information Remedies for Consumer Protection, American
Economic Review, Volume 71, No. 2.
Ben-Ner, A. and L. Putterman (2002), Trust in the New Economy, HRRI Working Paper 11-02, Industrial
Relations Centre, University of Minnesota.
Bundesverband deutscher Banken (BdB), (2003a), Warum Offliner Offline sind – Zugangsbarrieren bei
der Online-Nutzung, available at: http://www.bdb.de
Bundesverband deutscher Banken (BdB) (2003b), Online Nutzung bei Jugendlichen, Ergebnisse einer
repräsentativen Umfrage, available at: http://www.bdb.de
Bundesverband deutscher Banken (BdB) (2004), Informationen für Online-Banking-Nutzer, Berlin, July.
Cailland, B. and B. Jullien (2001), Chicken and Egg: Competing Match-Makers, Centre for Economic
Policy Research, Discussion Paper Number 2885, July.
Carat, G. (2002), ePayment Systems Database – Trends and Analysis, electronic Payment Systems
Observatory (ePSO).
Centeno, C. (2002), Building Security and Consumer Trust in Internet Payments – The Potential of “Soft”
Measures, Institute for Prospective Technological studies, Background Paper No. 7, April.
Chakravorti, S. and R. Rosen (2004), Platform Competition in Two-Sided Markets: The case of Payment
Networks, Federal Reserve Bank of Chicago.
46
DSTI/ICCP/IE(2004)18/REV1
Chakravorti, B. (2003), “The More Things Change, the More (and Less) They Stay the Same, Ubiquity,
Vol. 4, No. 28”.
Costello, D. (2003), “Mobility & Micropayment, Zafion Mobile Payment Consultancy, June”.
David, P. (1985), “Clio and the Economics of QWERTY”, American Economic Review, May, pp. 332-37.
De Geest, K. (2001), Interview: “The Directive on Electronic Money Institutions – A View From the
European Central Bank”, Malte Krueger interviews Koenraad De Geest, ePSO-Newsletter, Number
7, May, available at: http://epso.jrc.es/newsletter/vol07/3.html
DG Internal Market (2004), “Application of the E-money Directive to mobile operators”, European
Commission, May.
Directive 2000/46/EC of the European Parliament and of the Council of 18 September 2000, Official
Journal of the European Communities of 27 October, L 275, 39/ 43. available at:
http://europa.eu.int/eur-lex/en/lif/dat/2000/en_300L0046.html
The Daily (2004), Electronic Commerce and Technology, 16 April at: http://www.statcan.ca/daily.
EBay (2004), EBay First Quarter 2004 Financial Results, Press Release at: http://www.ebay.com
Economides, N. (2003), Competition Policy in Network Industries: an Introduction, June 2003, AEI-
Brookings Joint Centre for Regulatory Studies at: http://www.aei.brookings.org
The Economist (2000), “Making Online Payments More Secure”, 26 October, p. 107.
The Economist (2004b), “Online Payments – Paying Through the Mouse”, 20 May.
Egger, F. and D. Abrazhevich (2000), Security and Trust: Taking Care of the Human Factor.
European Commission (1998), Explanatory Memorandum: Proposal for a European Parliament and
Council Directive on the taking up, the pursuit and the prudential supervision of the business of
electronic money institutions. http://www.systemics.com/docs/papers/1085en.html
FiCom (2004), Comment to the European Commission on the Communication from the Commission
Concerning a New Legal Framework for Payments in the Internal Market.
Goldfinger, C. (2003), “Secure Electronic Payment on the Internet”, prepared for the EC workshop on
building technologies for next generation electronic exchanges infrastructures and related
applications deployment at: http://europa.eu.int/ISPO/ifwg/payments/epayments_sept11999.html
47
DSTI/ICCP/IE(2004)18/REV1
Forrester Research and Shop.Org (2004), The State of Retailing Online 7.0, May. available at:
http://www.shop.org/research/SRO7/SRO7ExecSumm.asp
Greenspan, R. (2004), “Consumers Trust eBay, 16” June, available at: http://ecommerce.internet.com
Guerra, G and D. Zizzo (2003), Economics of Trust in the Information Economy: Issues of Identity,
Privacy and Security, April, Oxford Internet Institute (OII), University of Oxford.
Heise (2004), IT-Erweiterung Spioniert Homebanking Aus, 1 July at: News, http://www.heise.de
Isaac, M. and J. Walker (1998), Communication and Free-Riding Behaviour: The Voluntary Contribution
Mechanism, Economic Inquiry 26, pp. 585-608.
Kallio, J., N. Mallat, T. Riipinen and M. Tinnila (2003), Trust in the New Economy – The Case of Finnish
Banks, LTT Research Ltd. At: http://www.ltt-tutkimus.fi
Katz, M. and C. Shapiro (1985), Network Externalities, Competition, and Compatibility, American
Economic Review, Vol. 75, No. 3, June, pp. 424-440.
Koch, W. (2002), ePaymentsysteme – Bezahlen Im Internet, Band 35, Hessisches Ministerium für
Wirtschaft, Verkehr und Landesentwicklung.
Krueger, M. (2002), E-money regulation in the EU, in R. Pringle and M. Robinson (eds.), E-Money and
Payment Systems Review, London: Centralbanking, pp. 239 – 251.
Krueger, M. and K. Leibold (2004), Internet Payment Systems: The Consumers’ View – Results of the
Online-Survey IZV7, Section for Money and Currency, Institute for Economic Policy Research,
University of Karlsruhe.
Liebowitz, S. J. and S. Margolis (1990), The Fable of the Keys, Journal of Law and Economics, 33, April,
pp. 1-25.
Mantel, B. (2000), Why Don’t Consumers Use Electronic Banking Products? Towards a Theory of
Obstacles, Incentives, and Opportunities, Policy Studies, September.
Mantel, B. (2001), E-Money and E-Commerce: Two Alternative Views of Future Innovations, Chicago
Fed Letter, March.
Mantel, B. (2002), Changing E-Payment: Payment Networks in the United States: The Strategic,
Competitive and Innovative Implications, Emerging Payment Studies Department, Federal Reserve
Bank of Chicago.
Mantel, B. and T. McHugh (2001), “Competition and Innovation in the Consumer E-Payment Market?
Considering the Demand, Supply and Policy Issues”, Federal Reserve Bank of Chicago, Occasional
Paper.
48
DSTI/ICCP/IE(2004)18/REV1
MasterCard (2003), “MasterCard Security Standard Applicable to Merchants and Member Service
Providers”, available at: https://sdp.mastercardintl.com/security/index.shtml
McHugh, T. (2002), “The Growth of Person-to-Person Electronic Payments”, Chicago Fed. Letter, August,
Number 180.
Ministry of Public Management, Home Affairs, Posts and Telecommunications Japan (2002), Information
and Communications in Japan, White Paper 2002.
National White Collar Crime Center and Federal Bureau of Investigation (2003), IFCC 2002 Internet Fraud
Report – January 1 – December 31, 2002, http://www.nw3c.org/
OECD (1980), OECD Guidelines Governing the Protection of Privacy and Transborder Flows of Personal
Data, Paris.
OECD (1998), OECD Ministerial Declaration on the Protection of Privacy on Global Networks, Paris.
OECD (1999), OECD Guidelines for Consumer Protection in the Context of Electronic Commerce, Paris.
OECD (2000), OECD Information Technology Outlook 2000, Chapter 4, “Overview of issues in electronic
settlement of payments”, Paris.
OECD, (2001), Taxation and Electronic Commerce - Implementing the Ottawa Taxation Framework
Conditions - 2001 Report.
OECD (2002b), OECD Guidelines for the Security of Information Systems and Networks: Towards a
Culture of Security, Paris, available at:
http://www.oecd.org/document/42/0,2340,en_2649_34255_15582250_1_1_1_1,00.html
OECD (2003a), OECD Guidelines for Protecting Consumers from Fraudulent and Deceptive Commercial
Practices across Borders, Paris.
OECD (2003b), Consumers in the Online Marketplace: The OECD Guidelines Three Years Later, Paris.
OECD (2003c), Taxation and Electronic Commerce – Implementing the Ottawa Taxation Framework
Conditions – 2003 Report, available at: http://www.oecd.org/dataoecd/45/19/20499630.pdf
OECD (2004a), OECD Information Technology Outlook 2004, Chapter 3, “E-business developments”,
Paris.
OECD (2004b), OECD Information Technology Outlook 2004, Chapter 4, “Use of ICTs by individuals and
households”, Paris.
OECD (2004c), OECD Information Technology Outlook 2004, Chapter 5, “Digital delivery”, Paris.
OECD (2004d), Digital Broadband Content: The Online Computer and Video Game Industry, available at:
http://www.oecd.org/dataoecd/19/5/34884414.pdf
49
DSTI/ICCP/IE(2004)18/REV1
OECD (2004e), Digital Broadband Content: Mobile Content - New Content for New Platforms, available
at: http://www.oecd.org/dataoecd/19/7/34884388.pdf
OECD (2004f), OECD Information Technology Outlook 2004, Chapter 8, “ICT Policy Developments”,
Paris.
OECD (2005b), Scoping study for the measurement of trust in the online environment,
DSTI/ICCP/IIS(2005)1/FINAL.
Pago, (2003), Pago Survey 2003: Credit Card Payment, Pago eTransaction Services GmbH.
Pago (2004), Pago Studie 2004: Status Quo des E-Retail in Deutschland und Europa.
Pago (2005), Pago Report 2005: Success and risk factors in international E-payment - Recommendations
on real purchasing transactions in 2004.
Paunov, C. and G. Vickery (2004), “Online Payments Systems for E-commerce”, Journal of Financial
Transformation, Capco, Vol. 12, December.
Paybox (2003b), Paybox Signs Contract with M-Net to Launch Mobile Payment in the Middle East, Public
Relations, 30 September, http://www.paybox.net
Peppercoin (2004), More Than 10 Million Americans Have Purchased Items Online for Less Than Two
Dollars in the Past Year, Press Release, 13 July.
PricewaterhouseCoopers (PwC) (2003), Study on the Security of Payment Products and Systems in the
15 Member States, Final Report, 16 June.
PricewaterhouseCoopers (PwC) (2004), Rethinking the European ICT Agenda, Ten ICT-Breakthroughs for
Reaching Lisbon Goals, for the Ministry of Economic Affairs, The Netherlands, Directorate-General
Telecommunications and Post, August.
Princeton Survey Research Associates (2002), A Matter of Trust: What Users Want From Web Sites.
Rochet, J.C. and J. Tirole (2001), Platform Competition in Two-Sided Markets, May.
Rysman, M. (2004), An Empirical Analysis of Payment Card Usage, Conference on Two-Sided Markets,
IDEI, Toulouse, January.
Sorkin, D. (2001), Payment Methods for Customer-to-Customer Online Transactions, 35 AKRON Law
Review, 1.
50
DSTI/ICCP/IE(2004)18/REV1
TowerGroup (2004), “Making Sense from Cents: Trends in the Rebirth of Electronic Micropayments”,
July.
U.S. Census Bureau (2005), “Computer and Internet Use in the United States: 2003”, Special Studies,
October, available at: http://www.census.gov/prod/2005pubs/p23-208.pdf
Visa (2001b), Account Information Security, 15 November, accessed via Web site above.
Visa (2004a), Internet Treibt Umsätze Mit Visa Karten In Die Höhe, Pressemitteilungen, 10 March.
Visa (2004c), Einsatz Von Visa Karten Im Internet Verbreitet Sich, Pressemitteilungen, 15 June.
Walczuch, R and R. Duppen (2003), “Payment Systems for the Internet – Consumer Requirements”,
Department of Accounting and Information Management, Faculty of Economics and Business
Administration, University of Maastricht, The Netherlands.
51
DSTI/ICCP/IE(2004)18/REV1
NOTES
1 US retail e-commerce sales have increased at around 25% annually since official data was first collected in
1999, with average growth of 32.6%. Fourth quarter 2005 adjusted retail e-commerce sales were up 23%
year-on-year, to make up 2.4% of US retail sales and growth shows no signs of slackening. The lowest
growth was in 2001 after the collapse of the dot.com boom (US Department of Commerce
http://www.census.gov/mrts/www/mrts.html). Total e-commerce sales for 2005 were estimated at
USD 86.3 billion. Note that travel services, financial brokers and dealers, and ticket sales agencies are not
included in either the total retail or retail e-commerce sales. Private sector estimates (based on wider
definitions) showed similar results. For example the Shop.org annual retailing study of 150 retailers
projected 2004 online sales (including travel) to grow 27% over 2003 to USD 144 billion (Forrester
Research and Shop.org, 2004).
2 According to the American Customer Satisfaction Index (ACSI), in the fourth quarter of 2004 online
retailers had a score for e-commerce of 80.8 out of 100, a rise of 4% over the same period in 2003.
3
See OECD (2004c and 2004f) for a detailed discussion of the digital music and games industries.
4 For a detailed survey of online and mobile payments see the Survey of Developments in Electronic Money
and Internet and Mobile Payments, Bank for International Settlements (BIS, 2004).
5 High levels of Internet penetration have led to rapid adoption of Internet banking and associated online
payments. In 2002 there were over 4 million e-banking customers in a population of below 9 million. Some
banks provide access to digital marketplaces in connection with their Internet services (BIS, 2004).
6 Almost all banking services are available via the Internet, and Internet-based transactions are around 25%
of all credit transactions (BIS, 2004).
7 In 2002 Internet-based business-to-consumer transactions were JPY 1.6 trillion. Most e-commerce
payments still use methods such as credit transfers through ATMs and cash on delivery.
8 For example, in January 2003 Paybox discontinued services in the UK, Sweden and Germany due to slow
development of the mobile payment market (Paybox, 2003a). At the same time it expanded in other
countries, signing a licence agreement with M-Net KSCC, a Kuwaiti Consortium for Automated Banking
Service, to implement mobile payment services in 10 Middle East countries (Paybox, 2003b).
9 Results based on an analysis of more than 500 Web sites across EU Member States. Given the small
sample size and selection of Web sites, the data for individual countries should be treated as indicative
only.
52
DSTI/ICCP/IE(2004)18/REV1
12 The survey defines a “failed credit” card transaction as “any transaction in which the shopper has entered
credit card number, card verification number (CVV2/CVC2), credit cardholder’s name and expiry date, but
which does not lead to payment of the purchase transaction because it is aborted for any reason”.
13 The Finnish credit card service company Luottokunta instructed consumers not to give credit card numbers
in Internet transactions and wait for more secure payment services (Kallio et al. 2003).
14 SET makes use of public key cryptography to authenticate buyer and seller and the confidentiality of buyer
payment information is maintained. However, for a number of reasons including complexity and large
investment requirements, this system has failed to gain widespread acceptance.
15 According to Visa, payment cancelling is 15-20 times more frequent in online than in offline payment,
with 80% of cancellation being related to customer denial of authorisation.
18 Bankpass Web is an electronic wallet promoted within the Italian Banking Association. It allows use of
different Internet payment instruments (bank debit and credit cards). The user communicates to the bank
the data of preferred payment instruments. The bank provides an identification code and password.
19 Inter Debit (Japan Internet Promotion Association – 183 institutions including 94 financial institutions
launched 2003) and Net Debit (launched 2000, commercial banks), have real-time debit transfer schemes.
The consumer obtains authorisation by inputting information preregistered with the bank, such as customer
ID codes and passwords, and the account is debited immediately.
20 For example, the online media seller Musicbrigade offers the possibility of payment with PayPal.
21 For example, the United States v. Teresa Smith is a case where repeated fraud was possible by use of
different identities. Also, PayPal payments that verified the seller still led to significant customer fraud e.g.
Commonwealth of Virginia v. Matthew William Tynan (National White Collar Crime Center, 2002).
22 Paybox was founded in 1999, and is owned by Deutsche Bank AG and Debitel AG.
23 The consumer receives a card of up to EUR 600 value and via a digital code can use this for online
purchases.
24 Moneta Online is a scheme issued by a major Italian bank. It provides a scratch card (up to EUR 250),
which can be used at merchants subscribing to the MONETA and Visa circuits. When paying, the user
connects to the Moneta online Web site and gets a temporary, disposable virtual Visa card to be used in the
payment transaction on the merchant Web site. CartaFacile is an anonymous prepaid instrument issued by
a bank that sets up and operates an account related to a card number; funds are available via a PIN code.
26 Results from an open online-survey, based on 13 186 replies collected from March-May 2004. The survey
emphasised that there is an over-representation of men, and young, well-educated and technology-using
people, but that this may be an advantage in indicating attitudes of early movers and emerging trends.
27 In October 2004, more than 14 million US people from 12 upwards had purchased digital content for less
than USD 2 in the prior year, an increase of over 10 million since October 2003 (Peppercoin, 2004).
53
DSTI/ICCP/IE(2004)18/REV1
28 A 2004 German market study by Fittkau & Maaß found that more than half of Internet users are willing to
pay for digital Internet content, a considerable increase from 2000 (quoted in Brandstetter, 2004).
29 In Denmark, PBS provides three micropayment systems: i) Valus, ii) EWire, iii) CoinClick. Internet
merchants make an agreement with one of micropayment operators. A customer pays a relatively small
amount in advance to the operator using ordinary payment solutions such as credit or debit cards.
30 Paysafecard is a prepaid payment service that can be used for micropayments. Card values are between
EUR 25-100 and contain a 16-digit PIN.
31 Timothy Lee, Vice President for E-Commerce, Visa International, telephone interview 24 January 2005.
32 In the German market some 60 providers are no longer operating and the three big providers, T-Pay,
FIRSTGATE and Webcents, are taking market share (Brandstetter, 2004).
33 Mobile penetration and use in different markets will also be an important factor in relative uptake.
34 For example the Belgian Ogone provides a secure electronic payments Internet platform for sales
applications and Web sites of electronic commerce shops. The German-based Pago offers similar services.
35 In a SET transaction the customer, retailer and bank mutually prove their identity with digital certificates
and digital signatures and all security-relevant transaction data are secured by encryption. The merchant
does not receive any financial information and the bank does not receive any on the purchase or the seller.
36 AllCharge provides services to online digital content merchants including micropayments, and an ASP
model with outsourced pricing, billing and payment that allows rapid merchant start-up. The system
supports all payment methods -- smart cards, prepaid cards, credit cards, telecom and other monthly bills.
37 Platforms often treat one side as a profit centre and the other as a loss leader. Computer game platform
providers treat hardware sales as loss leaders (they sell games platforms at a loss); profits come from
royalties from game developers. In contrast, providers of operating system platforms for PCs do the
opposite, and charge consumers appropriately for their platforms (Rochet and Tirole, 2001). Person-to-
person payment providers must determine who to charge transaction fees, as revenues from float no longer
provide the majority of their revenue.
38 Rysman’s approach is to analyse whether consumers rely on one payment instrument or on several, in
which case the potential for lock-in would be weaker. He finds that consumers concentrate their payment
on a single payment network (single homing), but that a great number own a variety of unused cards that
allow use of multiple networks (multi-homing). The level of multi-homing affects the market power a
network has over merchants. Rysman established a positive and significant network correlation between
merchant acceptance and consumer usage. This suggested there may be a positive feedback loop between
consumer usage and merchant acceptance. It is unclear which effect dominates from the perspective of
merchants, and if the merchant dropped a network affiliation this would lead to loss of consumer sales.
39 In a German survey 72.7% of consumers replied that greater unification of payment systems would make
online payments easier (University of Karlsruhe in Brandstetter, 2004).
40 Companies such as PayPal or Citibank use the ACH, credit card and EFT network to provide electronic
person-to-person payments. The clearing and settling of funds takes place over traditional payment
networks. Further, in some services recipients do not need to join to receive funds e.g. Egg Pay.
41 Survey results for Germany indicate that banks have a considerable advantage in trust over other payment
providers including credit card companies. Internet service providers and telecommunications companies
are considerably behind both of these traditional payment providers (Krueger, 2004).
54
DSTI/ICCP/IE(2004)18/REV1
42 For example Isabel, the specialised business-to-business Internet payment service provider, is owned by the
four largest Belgian banks (Fortis Bank, KBC, ING Belgium and Dexia). Banks have also shown interest in
mobile payment solutions. An example is the Italian Omnipay Prepagato scheme developed by the
telecommunications company, managed by a financial intermediary and issued by a bank. The user buys a
telephone card and the telephone credit (provided it is still intact) can be converted into a bank credit.
43 Almost half (48%) of mediating service providers have been initiated by non-banks, but banks were
involved in the other half, either directly (22%) or in partnerships (30%). These services have been
positioned between bank and the merchant in areas where traditional banks are generally weak, such as
integration into online-shopping (especially online auctions), or online person-to-person payments. All of
the announced or piloted mediating service systems are offered by banks or mixed partners (Carat, 2002).
44 The rise in problems related to “phishing”, spyware and malware has become a source of concern with
regards to costs and ensuring consumer confidence in Internet security in general. See also OECD 2005b.
45 Less face-to-face contact decreases the level of trust. Moreover, the increase in the size of the market
implies encounters with more firms. This potentially means fewer repeated interactions, fewer face-to-face,
and a lower probability that members of the same community interact with the same firms. Greater
mobility decreases the strength of traditional networks whose members transmit information from one to
another and over time (Ben-Ner and Putterman, 2002; Isaac and Walker, 1998).
46 The customer is asked via e-mail to get in contact with the customer’s bank. If the customer follows this
link, they will not get to the bank Web page but to a faked Web site. In this way it is hoped to get
confidential information such as passwords and other financial information.
47 http://www.mobilepaymentforum.org.
49 As part of the eEurope 2005 action plan, the e-Money Licensed Issuer (EMLI) directive was drafted and
implemented as in 2002. The requirements are less strong than those for acquiring a full banking license
and also have certain restrictions, e.g. in terms of credit issuance.
50 Princeton Associates (2002) found no evidence that a Web site’s possession and display of awards and
certificates significantly increased consumer confidence. They found that only 9% of those surveyed saw
this of importance whereas more than half found the display of awards of no significance. This does not
mean that certificates and awards are of no help to provide stronger consumer confidence.
51 In December 2001, as part of the e-confidence strategy, the EU began to develop a European trust mark
scheme, elaborated by UNICE (Union of Industrial and Employer Confederations of Europe) and BEUC
(European Consumers Organisation). This initiative to establish a single trust mark was designed to
facilitate consumer recognition, associate good business practice principles, as well as mechanisms to
ensure that those principles are applied in practice by companies subscribing to the trust mark.
52 These programmes are largely setting worldwide minimum standards for security certification particularly
for MasterCard. For Visa different regional requirements apply. Merchants are required certification that
security measures are in accordance with credit card organisation requirements. Since 2001 Visa merchants
and Acquirers have an obligation to abide by these rules with no exception for smaller merchants. For
MasterCard, requirements to obtain certification were to be adopted by 2005, however, adoption is
obligatory only for merchants processing more than USD 125 000 and remains recommended for others. If
security standards are not adopted merchants may face financial penalties and have card payment revoked.
Required security standards as stipulated from Visa and MasterCard cover a range of domains such as the
prescription of secure transmission of information, ensuring data security through efficient firewalls, to
adopting the newest security software for firewalls (Visa, 2001a, b; MasterCard, 2003).
55
DSTI/ICCP/IE(2004)18/REV1
53 In Finland, regular Internet bill payment is well-established and most bank customers pay bills at least
several times a month. As bank customers use electronic services for routine bill payment, they learn to use
new payment technology and associated electronic services (Kallio et al. 2003).
56