Chapter 1.Introduction 1.1 Electronic payment systems and their place in electronic commerce 1.
1. 1 E-commerce and electronic payment systems 1. 1. 2 Limitations of traditional payment systems in the context of online payments 1. 1. 3 The need for new payment systems designed for e-commerce 1. 2 User acceptance: understanding and issues 1. 3 Research objectives 1. 4 Research scope 1. 4. The role of electronic payments in customer e-commerce activities 1. 4. 2 Approach and methodology Chapter 2. Classification and characteristics of electronic payment systems 2. 1 Classification of payment systems 2. 1. 1 Introduction 2. 1. 2 Primary classification of payment systems 2. 1. 3 Further classification of account-based systems 2. 1. 4 Further classification of electronic cash systems 2. 1. Payment mediation services vs. payment systems 2. 2 Identifying the characteristics of payment systems 2. 3 Advantages and limitations of payment models 2. 3. 1 Advantages and limitations of the electronic cash model 2. 3. 2 Advantages and limitations of the acount-based model 2. 5 Conclusions Chapter 3. User survey of electronic payment systems 3. 1 User acceptance of electronic payment systems 3. 2 Survey of users’ attitudes towards characteristics of payment systems 3. 2. 1 Survey participants . 2. 2 Questionnaire design and analysis 3. 2. 3 Survey results and discussion 3. 2. 4 Implications for user acceptanc Introduction 1. 1 Electronic payment systems and their place in electronic commerce In the early 1990s the business and consumer world encountered a new way of conducting trade business, which was named electronic commerce (e-commerce). Over the years electronic commerce has evolved into a popular and acknowledged way of conducting business.
While researchers are still trying to understand it and gauge its importance and turnover, e-commerce is changing and growing incredibly quickly, producing such extraordinary results from both business and customer perspective that its phenomenon cannot be overlooked by anyone who has ever thought of conducting business, whether in online or offline environments. With many organisations and people labouring in the field of e-commerce it has become very clear that ecommerce is here to stay and organisations and customers are trying to get maximum benefit from it.
E-commerce has become especially important in two interrelated dimensions, namely business-to-consumer (B2C) and business-to-business (B2B) e-commerce. Business to-consumer e-commerce is enabling customers to have an increasing influence on products created, how products are customised, and how services are delivered. Ecommerce offers customers convenient shopping methods for products, information and services, electronic banking, and personal finance management.
It is making it easier for consumers to find the desired products and services, match them more precisely to their requirements, and compare prices, (Vulkan, 2003). Several business models have been developed to support various customers’ needs, among them are online portals, content providers, transaction brokers and community creators. For business-to-business relations e-commerce facilitates the form of organisation where companies rely on suppliers and product distribution to respond more effectively to the changing market and customers demand and to achieve more efficient operation.
This type of e-commerce relationships offers organisations the possibility to work in the direct contact with producers, giving more room for customization and control over business activities. This helps to reduce the costs significantly by removing ‘middlemen’ from the supply chain. Good examples of companies that employ this business model are Dell and Cisco, (Guttmann, 2003; Laudon & Traver, 2002). Consequences that e-commerce brings for business-to-business relationships are eliminating inventory, and operational and distributional costs that indirectly provide customers with lower prices.
E-commerce can help businesses to increase production flexibility by ensuring timely availability of components from suppliers, to improve quality of the products by increasing cooperation between buyers and sellers and reducing quality issues, to increase opportunities for collaborating with suppliers and distributors, and to create greater price transparency — the ability to see the actual prices on the market, (Laudon & Traver, 2002). In this way e-commerce responses to the customer demand of lower prices and greater convenience. 1. 1. 1E-commerce and electronic payment systems
The most popular definition of e-commerce is based on the online perspective of the conducted business. E-commerce provides the capability of buying and selling products, information and services on the Internet and other online environments. As for any trading activity, the issue of safe and reliable money exchange between transacting parties is essential. In an e-commerce environment, payments take the form of money exchange in an electronic form, and are therefore called electronic payments. Electronic payments are an integral part of e-commerce and are one of its most critical as pects.
Generally defined, electronic payment is a form of a financial exchange that takes place between the buyer and seller facilitated by means of electronic communications. An e-commerce electronic payment is a financial exchange that takes place in an online environment, (Kalakota & Whinston, 1997). Electronic payment systems (EPSs) are summoned to facilitate the most important action after the customer’s decision to pay for a product or service – to deliver payments from customers to vendors in a most effective, efficient and problem-free way.
The role of e-commerce electronic payment systems is pivotal for future of ecommerce, whose further growth depends on the timely development of EPSs. The development of new types of e-commerce purchasing relationships and business models has created the need for new ways of money exchange and new EPSs. For instance, online auctions, (Ribbers & Heck, 2004), has spurred the necessity for personto- person payment systems to allow online money exchange between individuals. Certain types of information products and services require small payments and micropayments.
Businesses would like to sell information content that costs very little, accumulating revenues with high turnover. E-commerce EPSs can be designed for selling specific types of products, for example for trading copyrighted online content, such as music. Another unforeseen earlier requirement is conducting e-commerce using wireless mobile devices, such as mobile phones or personal digital assistants (PDA). The need for paying with mobile devices has urged the development of payment systems for mobile electronic commerce, (Laudon & Traver, 2002).
In addition, ecommerce provides the possibility to enhance current payment systems or substitute them with online variants. The need for online payments was first addressed by using extant payment methods of the offline world for online payments. For example credit cards, originally intended as an offline credit instrument, have become the major payment instrument for ecommerce. As e-commerce and online purchasing grows, the weaknesses of credit and debit cards, and cheques are becoming more apparent. These limitations are discussed in section 1. . 2. The lack of the fit-for purpose payment mechanisms and infrastructure is one of the main restricting factors that hold back the growth and evolution of ecommerce, (Guttmann, 2003; Laudon & Traver, 2002; O’Mahony, Peirce, & Tewari, 1997). 1. 1. 2 Limitations of traditional payment systems in the context of online payments Three factors are stimulating the development of electronic payment systems: reduced operational and payments processing costs, growing online commerce and decreasing the costs of technology, (Kalakota & Whinston, 1997).
Reduction of costs is one of the major reasons for research and development of EPSs. The central impetus for ecommerce and e-business is to provide a more efficient service, primarily in terms of costs. In this light, paying online with traditional payment systems such as credit cards is rather paradoxical, given that credit cards are one of the most expensive of all available mainstream payment means for both end consumers and merchants, defeated perhaps only by paper checks, (Lietaer, 2002; Laudon & Traver, 2002). Several limitations of traditional payment systems in the context of e-commerce can be outlined.
Existing payment systems, such as credit cards, are inadequate for retail customer digital business from the following viewpoints: Lack of usability. Existing payment systems for the Internet require from the end user to provide a large amount of information, or make payments using complex elaborated web site interfaces. E. g. credit card payments via a web site are not the easiest way to pay, as these require entering extensive amounts of personal data and contact details in a web form, (Kalakota & Whinston, 1997). Lack of security.
Existing payment systems for the Internet are an easy target for stealing money and personal information. Customers have to provide credit card or payment account details and other personal information online. This data is sometimes transmitted in an un-secured way, (Kalakota & Whinston, 1997). In practice this happens even in spite of introduction of secure transactions mechanisms, such as Secured Socket Layer. Providing these details by mail or over the telephone also entails security risks, (Guttmann, 2003; Laudon & Traver, 2002). Lack of trust.
Users tend not to trust existing systems with the long history of fraud, misuse or low reliability, as well as novel systems without established positive reputation. In the present situation, money loss by customers is quite possible when using existing payment systems, such as credit cards, for Internet payments. Potential customers often mention this risk as the key reason why they do not trust a payment service and therefore do not make Internet purchases, (Lietaer, 2002). Lack of applicability. Not all web sites support a particular payment method, thus limiting customers’ ability to pay.
Credit cards work only with merchants who have signed-up to the services of the corresponding credit card company, and do not support direct business-to-business or interpersonal payments, (Kalakota & Whinston, 1997). Lack of eligibility. Not every potential customer with money and intention to pay can make use of certain payment methods. Not all potential buyers can obtain credit cards due to credit history limitations, low income or other reasons, (ibid). Lack of efficiency. Some payments over the Internet can be too small to be handled by existing payment systems, because of overheads included in the processing of payments and transaction.
Credit cards are too expensive for effecting small payments and are unsuited for small transactions. The minimum fixed fee charged to the retailer for processing a transaction could even surpass the value of the goods sold, (Guttmann, 2003). High usage costs for customers and merchants. Existing payment systems use a rather expensive infrastructure to facilitate the payment process. Credit cards are very expensive for end users, not in the least because of the enormous and growing size of fraud, which amounts to billions dollars per year.
This loss is invisibly re-financed by users by the higher costs of credit card services. In addition, credit card payments are still heavily paper-dependent. Most credit card bills are sent in a paper form to customers by post, and the bills are mostly settled by posting paper documents, like checks of giro payments, which makes the whole cycle rather expensive. As mentioned above, this means that resources employed in processing of credit cards transactions render them rather ineffective for small payments, because the high overhead of credit cards, (Laudon & Traver, 2002; Guttmann, 2003).
In online credit card payments credit cards are not physically available for inspection by the payee, (this situation is referred as ‘card not present’). This imposes higher charges for merchants, because the chance of fraud is higher; see section 2. 1. 3 for more discussion. Credit cards have low finality of payments because users can refute or repudiate credit cards payments in certain situations. Moreover, financial regulations in certain countries, e. g. in the USA and the UK, place the risks of repudiation, fraud, or non-payment largely on the merchant and issuing banks, (Laudon & Traver, 2002; APACS, 2002).
These issues make credit cards less attractive to merchants. Certain authentication schemes, e. g. Verified by Visa and SecureCode from MasterCard allow to shit fraud liability from merchant to credit cards issuing banks, and can ease this burden for merchants, (see www. verifiedbyvisa. com and www. mastercard. com). However, end users can found themselves paying more for the cards issued by the banks to refinance bank’s losses due to fraud. There are more concerns related to the credit card use in online e-commerce that are responsible for reluctant users acceptance of credit cards and e-commerce.
According to the report published by marketing research firm IDC, (Asmussen, Raschke, & Arend, 2002), almost half of European users of the Internet do not buy goods online because they either do not trust the Web merchants or fear their credit card details will not be secure. According to analysts, total credit card fraud rose to $4 billion in 2002 (i. e. $2 for every card issued). Industry estimates that the amount of online credit card fraud could be in the $5oo million range, (Laudon & Traver, 2002).
Authorities believe that hackers have stolen more than one million credit card numbers from E-commerce sites. It would not be a surprise that many customers use their credit cards with reservations. A survey by Visa of 15 Banks from 12 EU countries in 2002 found that online credit card payments account for nearly half of all complaints. More than one in five of these came from people who had not even shopped on the Internet, but were billed for online transactions, (Philippsohn & Thomas, 2003). Privacy issues are also associated with the use of existing payment systems.
There are cases when users’ identities (i. e. personal data such as credit card numbers, names and addresses) were stolen when hackers break into websites’ databases and obtain personal information of the customers. Fraudsters then attempt to use this information to open new credit and bank accounts using the stolen identity, (Philippsohn & Thomas, 2003). These and other issues with existing payment systems such as credit cards render them not very suitable for online payments. 1. 1. 3 The need for new payment systems designed or e-commerce Despite that electronic commerce is a growing phenomenon, its future development is, to a large extent, hampered by the lack of appropriate payment systems. Since most of business-to-consumer payments over the Internet are performed currently via credit cards, an admittedly problematic payment medium due to costs, security and trust problems, the need for new payment systems clearly emerges from the existing situation, (Lynch & Lundquist, 1996; Wayner, 1997; Laudon & Traver, 2002; Guttmann, 2003).
Research and development in Internet-based payments tried to resolve this situation by conjuring numerous online EPSs, a good proportion of which has been put to use. This was possible due to the stimulating factors listed above, and in the first place due to the availability and reduced costs of the enabling technology. However, the new payment systems, purposely crafted for the Internet, also could not avoid their own share of problems. This has led to the reluctant use of new online electronic payment systems, i. e. esulted in low user acceptance of newly introduced payment systems by customers, (see section 1. 2). User acceptance of electronic payment systems At this stage the situation with the development of online EPSs is far from ideal. A survey on electronic money developments by the Bank for International Settlement reports a rather low level of EPSs use, even in the most advanced countries, (BIS, 2000). According to the European Central Bank, the proportion of online payments among cashless payment instruments in the European Union is rather low.
The report admits that although there has been a lot of discussion on the use of EPSs and their importance “it is still not a widely used medium”, (ECB, 2001). The lack of customer demand, the diversity of technological standards and the lack of support by financial institutions are mentioned among the reasons preventing the development of electronic payment systems, (ECB, 2003). Some experts estimate that about 85% of all Internet transactions are done with credit cards that were not originally designed for the Internet, (Philippsohn & Thomas, 2003).
According to a survey by marketing research firm Jupiter Research, credit cards are still the dominant payment method for online purchases, accounting up to 95% of online transactions in the United States, (Jupiter Media Metrix, 2000). This demonstrates still low user acceptance of alternative electronic payment systems, designed specifically for e-commerce. 1. 2User acceptance: understanding and issues End user acceptance of such sensitive technology as money-circulating payment systems is the critical key aspect of the whole path of payment systems’ establishment.
Without such acceptance no technology can successfully exist on the market, and payment systems are not an exception. According to Dillon & Morris (1996) user acceptance is “the demonstrable willingness within a user group to employ information technology for the tasks it is designed to support”. This definition can be enhanced with the understanding that the user perception of information technology (IT) can be influenced by objective characteristics of technology, as well as by human factors and interaction with other users and related parties.
For example, the social information processing model (SIPM), (Salancik & Pfeffer, 1978), suggests that attitudes towards technology are influenced by opinions, information, and behaviour of others. User acceptance is a pivotal factor determining the success or failure of any information system project, (Davis, 1993). Many studies on information technology report that user attitudes and human factors are important aspects affecting the success of an information system, (Davis, 1989, Burkhardt, 1994, Rice & Adyn, 1991). The arguments in section 1. and in the following paragraphs suggest that this is the case also with EPSs. Besides SIPM, a well-known approach to explaining and modelling user acceptance is the Technology Acceptance Model (TAM), (Davis, 1989). TAM suggests that users formulate attitudes toward the technology that depends on whether they perceive the IT to be useful and easy to use. However, TAM does not take into account other factors that may be critical to user acceptance or rejection of such specific technology as EPSs, such as security, trust, privacy and involved risks.
Extending the SIPM assumption, user acceptance of online EPSs could be affected by a number of factors and parties, creating a broader sense of the social context of EPSs in the Internet environment. User experience with an EPS can be influenced or manipulated by various aspects, such as marketing, publicity, the reputation of the bank behind the system, trust towards the company operating the system and technology behind the system, and convenience of the user interface, see also Guttmann (2003), Kalakota & Whinston (1997), Egger (2003). Figure 1. attempts to illustrate the social context in which parties and factors could possibly influence user perception and experience with electronic payment systems. These parties and factors should be taken into consideration when exploring issues of user acceptance of online EPSs. They are either required for a successful operation of a payment system (banks), its promotion (marketing organisations), or monitor and regulate its operation (government). For example, the company operating the payment service will have to address users’ concerns about security, privacy and trust.
Users can be influenced in their experience by other parties than the operator itself, e. g. the bank or financial institution that facilitates the payment transactions, see Figure 1. 1. Customers can be influenced by the user interface, or by other parties involved in the payment service, such as technical partners. Since e-commerce EPSs operate in the Internet environment, the reputation and impression of the system can be easily communicated to other users via online communities, creating yet another social impact on the system.
Therefore, social influences, e. g. opinions and behaviour of other users, like family and friends, and reputation of banks and the parties involved, should be taken into account for user acceptance of EPSs. This argument can be supported by above-mentioned SIPM, (Salancik & Pfeffer, 1978). Issues such as trust, usability, applicability, security, and convertibility are extremely important because they can influence subsequent decisions of people whether to use a payment system or not.
There are several obstacles to user acceptance of EPSs: developers not only have to sell the service to potential users, they also have to convince the users to entrust their money to a third party institution, to rely on the payment system in their business and personal finance, and to use it frequently for convenience, reliability, specific applications, services and for a variety of other reasons. To achieve this high standard of user acceptance, the creators of a payment system should bear in mind user-related factors from the very beginning of the conception of the payment system.
Designing for user acceptance of online electronic payment systems is thus the main issue put forward by research described in this thesis. An open challenge remains for designers and developers of novel Internet-based payment systems to meet user expectations, requirements, preferences and needs in design and operation of the systems. Resolving these issues is critical for the development and operation of new payment systems and future growth of e-commerce. 1. 2. 1User factors in payment technology The importance of user-related factors can be demonstrated in the example of the notorious problem of security of information systems.
There are thousands of security mechanisms, matched with a growing number of hacks and security breaches, (Flynn, 2001, p. 61). However, the nature of security issues is changing with the constant improvement of information technology. While security technology is becoming increasingly sophisticated and tamper-proof, experts in information security admit that user factors are the most important issues for security problems. The vast majority of all security issues in IT environments is caused or assisted by users inside organisations, rather than hackers and other utsiders. Security experts know many stories about people exchanging their passwords, or IT managers attaching notes with logins and passwords to their monitors, or about hackers finding these notes in the trash. To avoid this kind of mistakes, experts are talking about enforcing security policies in organisations, to be able to address user-related factors in security, (Flynn, 2001). Therefore, security practices have embraced user-related factors. This example helps to illustrate the importance of user-related factors in the design and operation of information systems.
The following example illustrates a failure of a payment system due to neglecting to focus on user and market needs. The Chipknip ™ and Chipper ™ smart card payment technologies, (Nannery, 1998), were introduced in the Netherlands in early 90s. Both systems were intended to provide a way of paying small amounts in everyday transactions, which people would normally pay with cash. However, these two systems competed with each other for some time, being incompatible, so customers could not pay with the competitor’s card at certain shops, (BIS, 2001).
Eventually, this created problems of interoperability and limited the user base for both systems. Another obstacle was that the card readers were installed in shops where people already had another method of payment – debit cards, which worked very effectively and efficiently and which were used by most people for all kinds of payments. In a way, Chipknip and Chipper duplicated the functions and applications of debit cards. On the other hand, the real need for Chipknip and Chipper for small payments at parking lots, vending, and public transport tickets machines was not met.
A serious situation arose regarding the high costs of accepting Chipknip for merchants. As the result, the union of Small and Medium Enterprises in the Netherlands threatened to boycott Chipknip, (Het Financieele Dagblad, 2001). In this case, an important factor stimulating the development of EPSs was not met, namely the reduced operational and processing costs. Despite of a certain potential for uses acceptance of e-purse technology (Van Hove, 2004), this situation is changing slowly.
All these issues led to a low acceptance of Chipper and Chipknip technologies. Chipper International decided to stop operations and support of Chipper in the Dutch market, (Libbenga, 2001; BIS, 2001); Chipper has fused with Chipknip, and while some issues have been addressed, the expected applications for this smart-card technology are yet to come. The example above helps to illustrate the complexity of human and marketing factors in the context of payment systems and their crucial influence on the eventual success of a payment system.
Therefore, for successful design of electronic payment systems from the user perspective it is important to find out what user-related factors and systems’ aspects have the most direct impact on user acceptance and which of them can cause problems when neglected in design. 1. 3Research objectives 1. 4Research scope 1. 4. 1 The role of electronic payments in customer e-commerce activities The process of paying is an essential part of customers’ online buying activities. These activities are well described by the Consumer Mercantile Activities Model, (Kalakota & Whinston, 1997).
The model comprises prepurchase interaction, purchase consummation and postpurchase interaction phases. The payment activity takes place within the purchase consummation phase, Figure 1. 2. “The purchase consummation phase specifies the flow of information and documents associated with purchasing and negotiating with merchants for suitable terms, such as price, availability, and delivery dates; and electronic payment mechanisms that integrate payment into the purchasing process”, (Kalakota & Whinston, 1997). The buyer arrives to payment activities after identifying products of services to be purchased.
The buyer and seller conduct then a mercantile transaction. In a mercantile transaction the buyer and the seller exchange information followed by the necessary payment. The payment methods they use should be mutually negotiated and agreed on (ibid). Therefore, in order to conduct a successful e-commerce mercantile transaction the buyer should at least be willing to use the payment method offered by merchants. From this viewpoint, user acceptance of e-commerce EPSs is critical for the completion of the purchase consummation phase and the whole purchasing process. It can be therefore bserved that the payment process and the user involvement in it are highly important for e-commerce activities. Scope of payment systems Business-to-consumer Payment Systems This research is focused on user acceptance of new payment systems in consumer ecommerceenvironments. The main focus of the presented work is therefore Businessto- Consumer e-commerce EPSs, which are designed with the main purpose to facilitate payments for consumer e-commerce. Taking into account the B2B systems would have made the scope too broad to handle within this research. Payment Systems designed for the Web
Currently, consumer e-commerce is done mainly via the WWW (Web) service of the Internet. The market for conducting e-commerce payments via wireless PDAs, mobile phones and other Internet services is still under development, (Bohle, 2001a), and therefore does not have a wide user basis and usage experience. Thus, in the scope are Web-oriented online e-commerce EPSs and Web e-commerce applications. Scope of payment tasks Because the scope of the defined business relations is Business-to-Consumer, the payment tasks in the focus of this thesis are related to consumer e-commerce and trade of goods and services.
In these tasks there should be at least one 1) business party involved and 2) one physical person, who is conducting purchasing activities in an ecommerce environment. Scope of target activities These activities include those that are related to buying goods and services, and essentially represent consumer e-commerce. The scope of these activities is embracing a significant and, arguably, the most important part of the consumer e-commerce represented by B2C relations. ??
Purchasing goods: tangible, require shipping, intermediated (by shipping companies). ?? Purchasing information and software: intangible, immediate, not intermediated (by shipping companies). ?? Purchasing services: intangible/tangible, not always immediate, can be intermediated (by service companies). The following activities are therefore excluded from the scope because they are not in line with the defined scope of electronic payment systems, namely B2C consumer ecommerce. ?? Consumer-to-Consumer (C2C) money payments and exchange.
C2C payments do not belong to B2C e-commerce, (Figure 1. 3), e. g. personal auctions payments, debt settlement. ?? Specific payment applications, for instance, gambling or adult-content sites. In this context the sites place specific requirements on B2C relations and userrelated factors, e. g. on privacy. Related activities Additional activities that have to be explored are the influence of pre- and postpurchase interaction phases, according to Kalakota and Winston (1997) on the user experience with a payment system on the whole.
It is very likely that correct introduction,application and follow up of payment products and services in retail e-commerce are important for user acceptance of EPSs, and therefore the pre- and post-purchase interaction phases cannot be reasonably disregarded when investigating the payment process. The user experience within these phases could affect their decision as to whether to use the e-commerce service at all, without even arriving at the payment process itself. Amount of money The minimum amount of money within the scope was chosen to be above €2.
This means excluding small and micropayments. The nature of payment tasks in case of micropayments is different from higher amounts. For instance, users may wish to automate this kind of payments to avoid the need to authorize a payment of €0. 01 every time, while with bigger amounts they are likely to have control over each transaction. Furthermore, different researches show that at this moment there is little market for services that support small and micropayments, (Bohle, 2001b). In the focus are therefore small to medium sized payments, e. g. from €2 to €1,000.
The upper payment limit is set to €1,000 to indicate that highest amount within the scope of this research. The suggested range of payment amounts is typical for the current status of the domain and is similar to range of payments with existing offline EPSs, like credit, debit and smart cards, (Lelieveldt, 2001; Bohle, 2001a). Larger payments can be expected to raise different user acceptance issues, because of more user attention to risks, security, efficiency and other aspects of transactions with such amounts, (Humphrey, 1995). 1. 4. 2 Approach and methodology
This research employs practices of the multidisciplinary scientific field of Human- Computer Interaction in order to research issues of user acceptance and user-related factors in online e-commerce electronic payment systems. Specifics of HCI research The nature of Human-Computer Interaction is such that it has to employ various scientific, research and design disciplines and cross borders between them for successful research. HCI is different from other disciplines in that it studies interaction between people and artificially created artefacts, and not an independent natural phenomenon, like in other disciplines.
This complex nature of HCI and its research goals compel researchers to adopt both inductive and deductive approaches to science, as described in Mackay & Fayard (1997). In the deductive approach the purpose is to generate a set of hypothesis that can explain real world phenomena. The scientist proposes a theory about a phenomenon, and formulates a hypothesis to be tested in an empirical research. In order to verify the hypothesis, an experiment is conducted, and with the revision of its results the theory is re-examined and an updated hypothesis is created.
This approach is employed by the experimental study of this thesis. The inductive model aims to construct the most precise description of the real world, as opposed to explanation. The scientist observes phenomena in the real world without having a preconception or theory of what they are looking for. Then the scientist attempts to create a model of the world that explains the phenomena. By returning to the real world the model can be validated and changed if there are contradictions between the model and the studied phenomena.
The qualitative study in this thesis employ this approach for requirements elicitation and creation of the design recommendations. The research process applied in this thesis, aimed to gain validated design knowledge, can be described as an iterative circular or spiral movement. This process is best described by Figure 1. 4, adapted from the work of Rauterberg (2000). This approach asserts to combine “analytical strength of empirical validation methods (e. g. , observation, experiment, inquiry, etc. with the synthetic strength of system design”. This triangle structure conceptualizes the three most important components of HCI research: “(1) the collection of ‘design relevant knowledge’, (2) the ‘interactive system’ in different possible representation forms, and (3) the several possibilities to represent a ‘user’ for (empirical) validation”, (ibid). The following sections describe how using diverse research activities helped to combine these components in the research reported in this thesis. Outline of the thesis The diagram in Figure 1. illustrates a combination of the research and design activities of this thesis. These activities included acquiring design knowledge on ecommerce EPSs, applying the knowledge to a commercial payment system designed by an industrial party, and empirical validation of the design knowledge. Chapter 2 presents a survey of literature on EPSs, which was necessary for understanding EPSs. The outcome this survey is a classification and a set of characteristics of EPSs. The importance of the characteristics of EPSs had to be confirmed with potential users of EPSs.
Chapter 3 describes an investigation into the importance of the characteristics of EPSs to end users by means of a survey of consumer attitudes towards EPSs. The user survey helped to identify what characteristics should be given more attention in the design of EPSs. However, the knowledge about the importance of the characteristics did not inform how they should be realised in design of EPSs. To acquire a deeper understanding of these issues, a qualitative research in the form of a diary study was conducted, Chapter 4.
The diary study aimed to understand how EPSs are experienced and perceived by users in the context of actual use and how EPSs can be designed to meet users’ needs. As the outcome of the diary study, implications for design of Internet-based payment systems have been derived and formulated as design recommendations. To ensure that the application of the design recommendations benefits user acceptance of EPSs, an experimental study was conducted, that is described in Chapter 5. This study helped to substantiate the validity of a subset of the design recommendations.
It was hoped to find the ideal situation where it is possible to apply the hypothesised design knowledge to a real-life system, rather than testing them in the laboratory, in order to achieve high realism of the results. Due to the participation of industrial parties, this situation has become available. The experimental study involved two parts: 1) a real-life EPS was redesigned in accordance with the proposed DRs, 2) an experimental comparison of the redesigned system with the old one has indicated improvements of user attitudes in several aspects, thus demonstrating the validity of the design recommendations.
Chapter 2 2. 1 Classification of payment systems 2. 1. 1 Introduction This chapter presents a framework for classification and characterising of electronic systems that facilitate paying in an e-commerce environment. This framework is an attempt to describe and to relate the wide variety of the payment systems, with more than 150 payment mechanisms invented worldwide. This chapter also presents a survey of literature on EPSs, which has been a necessary step for understanding payment systems. The outcome of this phase of the research is a classification and characterisation of electronic payment systems. . 1. 2 Primary classification of payment systems The principal classification of EPSs is based on the form of money representation and the principle of money transfer. Existing payment systems can be divided into two groups: electronic cash mechanisms (or electronic currency) and credit-debit systems, (Medvinsky & Neuman, 1993). Electronic cash resembles conventional cash, when parties exchange electronic tokens that represent value, just as banknotes and coins determine the nominal value of conventional cash money.
The credit-debit approach in the context of electronic payments means that money is represented by records in bank accounts, and this information is electronically transferred between parties over computer networks. Another terminological approach offered by Wayner (1997), based on the type of information that is exchanged, distinguishes between ‘account-based’ and ’token-based’ systems, which, respectively, corresponds to credit-debit systems and electronic cash in the definition of Medvinsky and Neuman. A similar distinction is found in Camp et al. 1995), who distinguish between notational and token forms of money. A different view on classification of EPSs is offered in Asokan et al. (1997), where payment mechanisms are classified based on the temporal sequence of money flows between the payer and receiver of the payments. Various attempts of classification of payment systems are also reported in Kuttner and McAndrews (2001), and Schreft (2002). These references are aggregated into the classification of electronic payment systems, illustrated in Figure 2. , which was first reported in Abrazhevich (2001b). The figure illustrates the further classification of EPSs, described in the following sections. It provides examples of EPSs in each subcategory; some of these systems are described further in the text. The figure illustrates if the systems are only theoretical developments, that were only tested as limited pilots, and that have never been implemented for the commercial use. Payment mediation services that aggregate various EPSs in one payment infrastructure are described in section 2. 1. 5. 2. . 3 Further classification of account-based systems In the group of account-based systems, one can distinguish between 1) generic online EPSs that use simple account-based model for serving Internet payments, 2) systems that use the debit and credit cards model, and 3) specialized payment systems that, for instance, were designed for trading content online such as music. Some researchers consider credit cards systems as a separate group of payment models, (Medvinsky and Neuman, 1993), others consider them to be a variant of the credit-debit type.
This classification adopts the latter distinction. The basic principle of account-based systems is that the exchange of money between accounts is maintained by a payment service provider. Users can authorize charges against their EPS accounts, as they would do with usual bank accounts, though the ways of authorization are different for various systems. With the debit approach, the customer maintains a positive balance of the account and money is subtracted when a debit transaction is performed.
With the credit approach, charges are posted against the customer’s account and the customer is billed for this amount later or subsequently pays the balance of the account to the payment service. One of the most widely used systems for electronic payments is the debit card, which as the name suggest, is a clear example of a debit system, (Evans & Schmalensee, 1999). Debit cards combine the service of Automatic Teller Machines (ATM) cards and cheques. When customers pay with a debit card, the money is automatically deducted from their checking bank account.
In contrast with the credit cards, the spent money comes from the bank account directly. Many banks issue a combined ATM/debit card that looks like a credit card and can be used in places where credit cards are accepted. In this case, when users pay with a debit card, the payment will still be processed as a debit transaction. Other payment mechanisms that use the credit-debit model are Yahoo PayDirect, Pay- Pal. com, and theoretical payment projects like NetBill (Sirbu and Tygar, 1995), and NetCheque (Medvinsky and Neuman, 1993).
A special group of account-based instruments that are currently in wide use are credit card systems. A great part of trade on the Internet is done using credit cards and these payment systems should not be overlooked. The biggest advantage of this approach is that the customers, who have already received credit cards offline, can use them directly for online payments. This also results in high scalability, as no additional installations are necessary. Credit cards provide a large customer base for merchants who accept them, thus their applicability is quite high.
There are critical security issues associated with the use of credit cards in an online environment. When using credit cards over open networks, encryption mechanisms, such as widely used Secure Socket Lauer (SSL), in principle can prevent a hacker or eavesdropper from intercepting the customer’s credit card number. There are some schemes that even hide card numbers from the merchant, providing protection against intercepting the card details from merchant databases or against fraud by the merchant. Nevertheless, these incidents happen regularly (Caunter, 2001; IFCC, 2003; Wales, 2003).
It is important to note, however, that without some form of customer registration with a payment service or substantial proofs of identity, credit cards can be very risky to pay with and can be easily abused. Even encrypted Internet credit card transactions do not include the owner’s signature, and anyone with knowledge of the customer’s credit card number and expiration date can create a payment order. An important aspect of credit card payments in the online world is referred to as card-not-present (CNP) transactions.
CNP transactions are those where neither the card, nor its holder are present at the point of sale, e. g. in orders by mail, telephone, fax or the Internet. The buyer does not have to demonstrate the physical presence of the card, or the card and the buyer do not have to be co-located. This imposes issues with card validation, security and fraud. CNP transactions are widely used in mail order/telephone order purchasing (MOTO) which also do not require co-location of buyer and seller. To secure transactions of this type, credit card companies ask for additional information, such as name, address, etc. that can be used to verify their identity, for instance, if the ordered goods should be mailed to the billing address associated with the credit card. Other information often required is the additional 3-4 digits code, printed on the back side of the card and not present in the credit card number. Merchants ask the customer to read this code from the card in a card-not-present order. The merchant then asks for verification during the authorization process. The issuer (or credit card processor) validates the code and relays the decision to decline or approve the transaction to the merchant.
Nevertheless, the MOTO transactions incorporate limited protection against credit card fraud. Credit card CNP transactions could sometimes employ even less identity verification information. Since no signature involved in CNP transactions, the buyers can opt out of any order, if they claim they did not agree with the purchase, (O’Mahony, Peirce, & Tewari, 1997). The charges for orders cancellation are borne by merchants in the form of the higher costs for processing of CNP transactions. In addition, merchants could be liable for the whole amount of the disputed order, (APACS, 2002).
Furthermore, because online payments are administered as standard credit card charges, the costs are too high to make this method unsuitable for payments below €1 and hence inefficient. Credit card companies are constantly lowering the minimum amount that can be paid to enable small payments, but charges for merchants still remain high. It should be also taken into account that cards are issued by banks and organisations, which after a screening, decide whether they can issue credit cards to certain customers.
Customers with a low income, an imperfect credit history, might not be eligible for a credit card. This may restrict the customer base to a certain degree and limit user and merchant acceptance of credit cards as a payment method. 2. 1. 4 Further classification of electronic cash systems Electronic cash is stored in a digital form and serves as a cash substitute for the Internet or other information systems. Electronic cash represents value in some form and can be spent with merchants, who deposit money in their own accounts or can spend it in other places.
It can be represented by electronic ‘bills’ and ‘coins’, certificates, packets of data, or electronic tokens in one form or another. When using electronic cash systems, customers purchase electronic digital tokens from the issuing company using a conventional payment system, e. g. credit cards, electronic checks, or even paper currency (for example, via a reverse automatic teller machine which accepts cash, or when purchasing prepaid cards). Some of the systems allow converting electronic cash back into another form of money (Medvinsky and Neuman, 1993), which is very important for convertibility of the systems.
Another distinction amongst electronic cash systems is between those that use smart cards for the storage of tokens and those where tokens reside only on user’s accounts and computer networks. The former are often called electronic purses (e-purses), the latter are sometimes addressed as ‘online cash’ or ‘Web cash’. Examples of e-purse electronic cash systems are CAFE project, (Boly et al. , 1994) and Mondex (Martin, 1994). Tokens in these systems exist and travel in the computer environment,for example, on a currency server or customers’ hard disk.
Mondex is a smart card payment system that was designed to enable person-to-person as well as Internet payments, (Van Hove, 1999, p. 141). The card can be used to make small payments, store personal and application-specific information, and serve as a telephone card. Web cash representatives are E-cash, E-gold, Millicent (Glassman & Manasse, 1995), PayWord and MicroMint (Rivest & Shamir, 1996), and NetCash system (Medvinsky and Neuman, 1993). It has to be noted that these systems are mostly theoretical work and have not been implemented on the market. Systems that employ smart cards e. g. Chipknip, Chipper in the Netherlands, Proton in Belgium, and Visa Cash can be also placed in the category of electronic cash and also called e-purses, however, in representing money they hardly use tokens. In this case, the numerical data stored on the card is changed when a payment takes place. Judged by the principle of the operation and use they act like electronic purses. The value is stored on a card and if the card is lost, the money is gone, in a fashion similar to cash. It has to be noted that smart cards like Chipknip are not principally designed for Internet payments and are used mainly at point-of-sale terminals.
There have been nevertheless pilot tests of facilitating paying over the Internet with Belgian Proton smart card EPS, but the use of Proton on the Internet is now discontinued. An important development towards standardisation of e-purses is establishing Common Electronic Purse Specifications with the goal to define requirements needed to implement a globally interoperable electronic purse program, while maintaining full accountability, (see www. cepsco. org). CEPS, which were made available in March of 1999, outline overall system security and certification.
Being established by the key parties in electronic purse cards, and supported by organisations from over 30 countries, CEPS paved the way for the creation of an open global electronic purse standard. For cardholders it means that they will be able to use their electronic purse cards domestically and internationally with the knowledge that the card will be accepted wherever the acceptance mark is displayed. Visa Cash is an example of CEPS implementation, (see www. visa. com). Prepaid card EPSs can be also included in the same category of electronic cash, because the principle of their work resembles the use of e-purses, such as Chipknip.
Users can buy a prepaid card for a specified amount. Prepaid card systems are specifically designed for Internet payments. Users can pay with a prepaid card by entering on merchant sites the card’s unique number, which corresponds to the card’s nominal. The value of the card is decreased by the amount paid to the merchant. To better understand what issues that surround electronic payment systems, it makes certain sense to introduce a definition of payment mediation services, which use existing payment systems as mediators to provide extra services. 2. 1. 5 Payment mediation services vs. payment systems
To further refine the focus of this research, we have to make one important distinction, which is between payment mediation services and payment systems. This distinction particularly makes sense in the context of electronic and Internet payment mechanisms. Payment mediating services have appeared as a response to the imperfection and inefficiency of current payment systems for the Internet. They extend the services of the existing systems and operate as mediators between merchant, payment systems and users. Their goal is to help merchants to accept as many payment systems users could possibly want to use when paying over the Internet.
In payment mediation services the existing payment infrastructure from many payments providers is aggregated to provide broader services, or to overcome shortcomings of the available payment options. Figure 2. 2 describes the relations between merchants, EPSs and payment mediation services. The difference between payment mediation services and payment systems can be summarized in that a payment mediation service is as an intermediary between payer, business, and payment system, while there is no such middle tire for payment systems. The payment process in this case is transparent to the users of a site.
A mediating service provider ‘intercepts’ payments from users, processes them, and credits the account of the owner of the site when the authorization and transactions are completed. For example, there are numerous companies among mediating services providers that facilitate acceptance and processing of various credit cards. A special class of payment mediation services has emerged, that provides convenience for paying bills for businesses and end users. An example of payment mediation services is providing bill payments for end users and companies, for instance, utilities or telephone bills.
Over a Web front-end provided by the billing systems, customers and companies can pay bills that are normally paid offline by paper cheques or bank transfers. Some systems even provide additional services such as automated accounting merged with online payment facilities. Syndication of payment services Another angle on payment mediating systems is viewing them as a form of syndication of payment services in an online environment. The notion of syndication originates from the entertainment world, where it forms the fundamental organizing principle.
With the advent of the ‘new economy’ and the use of the power of Internet distribution, syndication can be recognised as an emerging model for e-commerce. In this context syndication would mean selling the same information to many different customers, who render and integrate it with other information in various value-adding ways and then redistribute it. According to this principle, businesses involved can play three or more roles: originators who create original content; syndicators, who collect and package digital information to meet specific customers’ needs; and distributors who deliver digital content to customers, (Werbach, 2000).
In the context of online payments, payment mediation services can be seen as syndicators of the original services offered by payment systems. Payment mediation services syndicate e-commerce EPSs, offering merchants the way to accept a variety of payment systems. Examples of payment mediation services A good illustration a payment mediation service is Bibit Billing Services (www. bibit. com). This Dutch company specializes in Internet payment and billing services. The service supported about 70 payment methods from 18 countries by 2004.
When customers want to pay on a Web site of a Bibit’s client, they select one of the provided payment methods. The payment process goes as follows: 1. A customer selects products on sale in a virtual shop. 2. For payment, the customer is then redirected to Bibit Payment Service. 3. Within Bibit Payment Service, the customer can select a payment system he or she would like to pay with, provided it is supported by Bibit. The customer makes the payment with the system of his or her choice. 4. After a successful payment, Bibit notifies the merchant that the order can be shipped and transfers the money to the merchant.
The processing of the transactions, which is conducted entirely by Bibit, is therefore transparent to the customers of the site and the client company. The company business model, which utilizes a number of payment systems, relies on providing extra services to facilitate payments, and therefore it fits into the definition of a mediating system. It is interesting to note that the service allows the use of micropayments, by accumulating charges for products like news, articles, stock and research reports, online games and charging users on a subscription basis.
Examples of other payment mediation services are Orbiscom (www. orbiscom. com), iBill (Ibill. com), PayTrust, (www. paytrust. com), DataCash (www. datacash. com), PayNet (www. paynet. ch). Systems that conceal real customer’s credit card numbers by providing them a unique temporary card number for each transaction have gained certain popularity among payment mediation services. The customers can then use this unique number in a normal credit card transaction, and their real credit card will be charged.
This temporary card number expires after every transaction and would not be approved for the subsequent use. The data of real credit cards of customers is not exposed to parties online in online transactions. In this case the payment mediation services are using credit cards infrastructure to provide extra security and anonymity (ABN-Amro e-wallet, O-Card by Orbiscom. com). By using these measures merchants expect to accept more secured payments without changing the way shoppers pay and without changing existing payment processes or infrastructure.
The research summarized in this thesis is concerned mainly with payment systems and not with mediating solutions for existing payment infrastructure. Payment mediation services on the Internet emerged because of the absence of relevant payment solutions or have problems that prevent their successful use by merchants and users. Many of EPSs are probably transitory systems, unable to completely solve problems that appear in the context of the Internet paying process, because the problems originate in the payment systems they use; see discussion on PayPal. om in section 2. 4. While syndication of EPSs by payment mediation services provides in the end a better level of service than individual EPSs they use, it also places the payment mediation systems out of the scope of this research, which is exploring ways to design better individual EPSs. 2. 2 Identifying the characteristics of payment systems As observed in the example with Chipknip and Chipper in the previous chapter, there are a lot of factors that determine the success or failure of payment systems, and not all of them are of technical nature.
As mentioned already, user acceptance depends on many issues, such as consumer choice, preferences, advertisement, a state of the market, etc. The discussion of diverse aspects of electronic payment systems can be found in many works on development and research of payment systems. Attempts to classify and describe the requirements and characteristics of payment systems such as security, reliability, convertibility, efficiency, traceability, and others can be found, among others, in the works of Medvinsky & Neuman (1995), Langdon et al. (2000), Lynch & Lundquist (1996), Wayner (1997).
It has to be noted however, that these studies are mainly focused on technical aspects of electronic payment systems, which is not the only facet that is important in this field. Below the characteristics of payment systems are extended to account for user-related aspects of EPSs. These characteristics can be also used for assessment of payment systems, as described further. The list of characteristics of payment systems Anonymity, privacy This characteristic reflects the desire of users to protect their privacy, identity and personal information.
In some transactions, the identities of the parties could be protected by anonymity. Anonymity suggests that it is not possible to discover someone’s identity or to monitor an individual’s spending patterns. Where anonymity is important, the cost of tracking a transaction should outweigh the value of the information that can be obtained by doing so. As an illustration, when a customer pays with a debit card, the purchase is registered at the vendor and bank’s databases. It is possible to find out what amount was paid and what actually was purchased. Thus debit card payments are not anonymous.
On the contrary, when one pays with cash at a shop or in a marketplace, no one can say by examining the cash that money came from the payer, as there is no direct information about this payer’s personality associated with the banknotes. Thus, cash is an anonymous payment system. Currently, the right of users to choose how their personal information is disclosed is viewed as privacy. There are privacy laws in several countries that limit usage of personal information by banks, authorities and other parties, including online businesses and payment systems, like European privacy acts or similar directives, e. . European Commission Data Protection Directive. Applicability The added value of a payment mechanism is dependent upon how useful it is for buying something. Applicability (or acceptability, as it is often referred in literature, (Medvinsky & Neuman, 1995)) of a payment system is defined as the extent to which it is accepted for payments at points of sale, or at online e-commerce sites in this case. For instance, cash is accepted widely and virtually everywhere in the offline world and thus has a very high level of applicability.
Debit cards and credit cards have a very high applicability, as one can pay with them in a variety of places. The applicability of a payment system may vary from country to country. For example, in Germany and in the Netherlands cheques are no longer common due to the steady growth of other payment methods. However, in the UK and the USA cheques are still quite a common method of payment and the level of their applicability is quite high. Authorization type Authorization type is referred in the literature as the form of a control over the validity of transactions, (Lynch and Lundquist, 1996; Asokan et al. 1997). The authorization type can be offline or online. Offline authorization means that users of the system can exchange money while not connected to a network, without a third party mediating for the transaction. Paper cheques are an illustration of offli