[Openid-specs-fapi] External : The NextGenPSD2 Hotel Reservation Scheme

Chris Michael Chris.Michael at openbanking.org.uk
Fri Apr 3 13:41:32 UTC 2020


Regarding your last sentence, I think you guess wrong Anders. Variable Recurring Payments is a much more flexible alternative to enable such functionality.


Chris Michael
Head of Technology
Open Banking Limited
https://www.openbanking.org.uk
+44 (0)7767 372277
________________________________
From: Openid-specs-fapi <openid-specs-fapi-bounces at lists.openid.net> on behalf of Anders Rundgren via Openid-specs-fapi <openid-specs-fapi at lists.openid.net>
Sent: Friday, April 3, 2020 2:36:56 PM
To: Financial API Working Group List <Openid-specs-fapi at lists.openid.net>
Cc: Anders Rundgren <anders.rundgren.net at gmail.com>
Subject: External : [Openid-specs-fapi] The NextGenPSD2 Hotel Reservation Scheme

The NextGenPSD2 folks recently did a presentation at a W3C (virtual) conference.

This slide particularly caught my interest:
https://www.w3.org/2020/Talks/berlin-20200402.pdf#page=9

Although not accompanied by any text, it seems that the reservation is made through the Merchant's(Hotel's) Bank.

I don't think this is how card schemes deal with this scenario but I could be wrong.

The Saturn/OpenBankingWallet makes reservations an entirely local affair between the User, User's Bank and Merchant where the result is:
- Reservation/Blocking of money in the User's Bank
- A "receipt" signed by the User's Bank given to the Merchant who can verify that it is signed by a Bank (through PKI) belonging to the associated payment network.

The "receipt" is counter-signed by the Merchant when the payment is to be resolved.  As far as I can tell the User is seldom or never involved in this part.  "Express checkout" reigns.

Anyway, I don't see a need to involve the Merchant's Bank although the Merchant may of course check if the payment has arrived.

This (again) shows that security models may have way more impact on system architecture and flows than most people are aware of.

I guess FAPI/OBIE will follow the (quite difficult) path of NextGenPSD2?

Thanx,
Anders


_______________________________________________
Openid-specs-fapi mailing list
Openid-specs-fapi at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-fapi


Please consider the environment before printing this email.

This email is from Open Banking Limited, Company Number 10440081. Our registered and postal address is 2 Thomas More Square, London, E1W 1YN. Any views or opinions are solely those of the author and do not necessarily represent those of Open Banking Limited.

This email and any attachments are confidential and are intended for the above named only. They may also be legally privileged or covered by other legal rights and rules. Unauthorised dissemination or copying of this email and any attachments, and any use or disclosure of them, is strictly prohibited and may be illegal. If you have received them in error, please delete them and all copies from your system and notify the sender immediately by return email. You can also view our privacy policy (https://www.openbanking.org.uk/privacy-policy).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20200403/deaea094/attachment.html>


More information about the Openid-specs-fapi mailing list