Payment systems: the return of the Trusted Third Party
The concept of the Trusted Third Party (TTP) for online payments was flavour of the month in the late 1990s. Then, as a talked-about-topic, it fell by the wayside. It never really went away as a concept but similarly, it never had a major advocate that the public accepted en masse, other than PayPal. But Amazon.com's "Checkout By Amazon" might just be the impetus that the concept needs to at last bring it to full fruition. If it can be trusted: there is one niggling question.
The whole idea of a trusted third party is that it facilitates internet trade by creating what amounts to a stakeholder for information.
For example, purchasers are worried about handing their credit card - and in some cases other personal information - to an on-line retailer. The retailer is worried that the customer may be a fraudster and arranging for delivery to a fictitious address, may seek unjustified chargebacks (e.g. someone in the habit of buying clothes and then returning them as "unsuitable" after wearing them) or even using stolen credit card information.
A TTP stands between these two opposing ends, conducting the necessary anti-fraud checks on both parties. But the arrangement is not similar to a letter of credit - the TTP does not wait for the purchaser to confirm delivery before releasing payment.
So far, there have been two real success stories in this field: RBS Worldpay and PayPal. PayPal has its opponents because it insists on account opening and is not a true payment system. It is certainly not transparent in operation and nor are its imitators.
RBS Worldpay is not a true TTP because it does not hold the customer's information other than so far as is necessary for immediate validation.
Where Checkout by Amazon scores is because of its phenomenally large customer base - all of whom have already given Amazon their credit card and delivery details.
Amazon.com already allows third parties to sell things off its website: this was seen, at one time, as a competing service to that provided by eBay but in truth it's a concept that eBay has adopted as its original auction-style business has seen slowing growth. Amazon.Com provides the payment mechanism through which those merchants receive their proceeds of sale (less, of course, Amazon.Com's commissions and fees).
Checkout by Amazon goes one stage further: anyone (well, not actually "anyone", obviously) with a website can now use Amazon's payment system for goods and services sold of their own site. it is not, therefore, necessary for them to integrate their web presence with that of Amazon.Com.
Anyone who has ordered directly from Amazon or from a supplier advertising on the Amazon.Com site can buy using something similar to the "one-click" ordering system on Amazon's own site using the customer's data stored in Amazon's payment system.
So there it is: ordering information passed to Amazon.com, payment information held by it and an immediate and simple payment system.
So it's all good news, right?
Not necessarily. Amazon.Com has a business practice which is beginning to rankle with its advertising "associates" and if the same practice is applied to websites using its payment services, then there is a serious question mark as to whether websites should accept the scheme.
Advertising associates have found that Amazon.Com is cutting the ground from under their feet by frequent, direct, targeted mail shots to customers that have been introduced by associates. When customers click on the links in the e-mails, they become direct customers of Amazon.com. The advertisers complain that they give up "real estate" on a contingency basis (i.e. they get paid if an order results, not just because a click is made) and that they do so in part because they have repeat visitors. The advertisers maintain their own advertising display - costing them time - although Amazon.com does have a fairly rudimentary analysis tool that will, if the website owner wishes, deliver what Amazon thinks the site's visitors will want to see. But, if Amazon.com mails customer's direct, then the loyal readership that websites build will be less likely to click on ads on the site.
If Amazon.Com adds sales from third party websites into that analysis, it can directly mail the customer with relevant offers, some of which may be in direct competition with the site that made the original sale. Think, for example, of filters for an air purifier.
Amazon.Com will no doubt take the view that the customer information belongs to Amazon.Com.
But in providing services to third parties, Amazon.Com is in effect setting itself up as a financial institution. The passing of customer data (including that as to what products have been purchased from third parties) to its retail arm must be made subject to the same conditions as it would be for e.g. RBS Worldpay ( which has, in recent weeks, been sold and lost the RBS prefix).
So far, the scheme is available only in the USA and therefore subject to the USA's lax data protection laws.
But should the service be expanded to Europe or Hong Kong, for example, stronger data protection laws would apply.
That leaves open the question as to who consents to what in the long terms and conditions. Even if the website owner says that data relating to its sales must not be released, customers are much less likely to read the terms and are likely to agree - without realising the specifics - to the release of information relating to their purchases.
And so the retail arm will be in a position to analyse the purchases of its customers made from third party sites - and, as it does with customers introduced from websites - begin to market directly to them.
And that may cause serious commercial harm to businesses that rely on internet sales for their livelihoods.
Download PDF version of this page