Open in app

Sign in

Write

Sign in

Identity Evolution of Payments

Dassana Wijesekara
5 min readJul 27, 2020

An identity is made up of many different pieces of information, also called attributes. The more attributes there are, the stronger the identity. That’s true even if an attribute is unique.

For example, the state can issue someone a unique number. But the number tells you almost nothing by itself. If you also have the person’s name and date of birth, you know a bit more. Add a photo, mobile number, residential address, school records and work history, and suddenly you know quite a bit more.

People aren’t the only ones who have identities. So do legal entities (such as corporations and trusts) and assets (property). The attributes that go into your identity help others decide whether to engage in a transaction with you — accept your vote, open a savings account, sell you a bottle of wine and so forth. The same is true for legal entities and assets. Their identities, or rather certain attributes of them, help others decide whether to do business with the appropriate owner, representative or custodian.

Assurance is a key factor in identity transactions. It refers to the degree of certainty that the identity is real and belongs to the person using it. Some transactions, like registering on a news site or paying a parking ticket, might not be worth all the work it takes to authenticate an identity to a high degree of certainty. The opposite is true for transactions like using an online brokerage account or receiving certain government services. Those must be high assurance transactions.

Payments are a highly sensitive area which depends on identities of two parties that gets involved in the transaction. Please find types of identities listed below that is being used in payment industry today.

Identity on Bill Pay

BPAY is an electronic bill payment system in Australia which enables payments to be made through a financial institution’s online, mobile or telephone banking facility to organisations which are registered BPAY billers. Service providers use an identity known as biller code to identify them selves and mask their actual business account number and the bank.

Identity on Cards

Cards use combination of multiple identity attributes that is stored and defined on the plastic card. Cards have two data storage areas : chip and magnetic strip. Identifiers are listed below.

  • Stored identifier on Chip or magnetic strip. It contains Primary Account Number (PAN), Name, expiration date and looks like below.
  • The card number and expiration date embossed on the card.
  • The first code, 3 numbers, called CVC1 or CVV1, is encoded on track one and two of the magnetic stripe of the card and used for card present transactions, with signature (second track also contains pin verification value, PVV, but now it is usually all zeroed out). The purpose of the code is to verify that a payment card is actually in the hand of the merchant (thus it should be different from CVV2). This code is automatically retrieved when the magnetic stripe of a card is read (swiped) on a point-of-sale (card present) device and is verified by the issuer.
  • The second code, and the most cited, is CVV2 or CVC2. This code is often used by merchants for card not present transactions including online purchases. In some countries in Western Europe, card issuers require a merchant to obtain the code when the cardholder is not present in person.
  • Contactless and/or chip EMV cards supply their own electronically generated codes, such as iCVV or a dynamic CVV. It is described in public standards from EMVCo.

EMV Cards with Biometrics

New breed of cards are emerging which can scan thumb print on a card and perform identity verfication on the fly. In 2018 Intesa Sanpaolo Bank in Italy did a trial with biomtric card. Royal Scotland Bank and NatWest started the same in 2019.

Identity on Electronic Payment Services

Electronic payment services use multiple digital identities in the form of following.

  • Mobile number : User is requested provide a local phone number and verified by sending an One Time Password (OTP).
  • Email address : User is asked to configure their email address which validated by sending a email verification link.
  • QR Code : A two dimensional signature that identify payer and payee identities. Invoices come with QR code which aggregate payee details. Amazon GO uses QR code to identify the customer at the store.
  • Username : A text identifier. (Used in combination with other identifiers)

Australian PayID

PayID is an identity based on phone number or email. Instead of sharing Australian BSB and account number customer can use PayID.

Australian New Payment Platform and TrustID

Australian government is working on a identity called “TrustID” which can be used agnostic of business domain to have a one single id across all channels on single unified system.

Payments
Identity

--

--

Dassana Wijesekara
Dassana Wijesekara

Written by Dassana Wijesekara

106 Followers
3 Following

Technology evangelist, enterprise software architect many years spent designing world class mission critical software. Pilot, artist, musician and photographer.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams