Rethinking Digital Payments

Addressing offline payments is essential for solving the fundamental problems within digital payment systems. Traditional payment infrastructures are designed primarily for smooth operations, often resulting in a heavy reliance on ideal conditions, or the “happy flow.” When failures occur, such as backend server outages or network connectivity issues, transaction processes come to a halt, leading to user dissatisfaction and translates into lost revenues for merchants.

In the 1990s, circuit-switched communication was rendered obsolete by the introduction of the packet-switched protocols. This shift allowed for more resilient and efficient data transmission across networks, paving the way for the internet as we know it today. Similarly, the digital payments landscape is overdue for a similar transformative upgrade towards a more adaptable and resilient architecture.

A public good such as digital payments should have more built-in resilience than only working when everything works. It is the duty of financial regulators or central banks to demand better resilience. The technology that delivers it is already available. Crunchfish’s Trusted Application Protocol (TAP) generalizes the communication protocols of the internet by enabling any application to function anytime and interact using both remote and short-range protocol in proximity. This is not just about rethinking offline payments; it’s about fundamentally rethinking digital payments.

The need for a complete rethink of offline payments is evident, as the industry has taken wrong turns on so many dimensions that hinders the deployment of wide-scale offline payment solutions. Previous approaches have had myopic security thinking and prioritized short-sighted gains over holistic, robust, scalable implementations, maintaining a fragile and fragmented payment landscape with compromised service availability. By addressing the critical challenges correctly by redesigning the fundamental framework for offline payments, it is possible to pave the way for a more resilient digital payments ecosystem, that operates seamlessly, even in environments with inconsistent network connectivity or temporary server outrages.

Rethinking Offline Payments

In the evolving landscape of offline payments, it is crucial to delineate and understand the roles played by two key stakeholders, namely payment networks and payment service providers. By allowing them to assume their natural roles also for offline payments, it ensures that digital as well as offline payments are delivered efficiently and effectively, contributing to ecosystem robustness, overall payment service availability, and at the same time fostering market innovation and competition.

A successful deployment of offline payment solutions requires a clear understanding of the distinct responsibilities of payment network providers and payment service providers. Payment network providers should focus on creating the necessary infrastructure to support terminals that facilitate the reception of offline payments for all participants. In contrast, payment service providers are tasked with deploying offline wallets, empowering end users to make payments without relying on online connections. This clear delineation of roles fosters a dynamic and interoperable market that drives innovation in offline payments.

To set up an offline payment ecosystem, the initial focus should be on establishing the ability to receive offline payments as widely as possible in the market. This task belongs to the payment network provider. The software-based offline terminals can be deployed as part of the payment rail’s common library deployed in all payment service providers’ payment applications, which immediately enables all end-users on various payment applications to receive offline payments. The offline terminal software may also be integrated in various business apps for merchants and existing POS terminals for wider reach. With the acquiring side in place, it is now possible to interest payment service providers to integrate offline wallets into their applications.

It is important to note that there is a security asymmetry between offline terminals and offline wallets as compared to the peer-to-peer payments between offline wallets. Whereas it is imperative to ensure an isolated runtime execution environment for offline wallets to avoid multiple attack vectors leading to double spending, the security requirements for offline terminals are not as strict. The role of the offline terminal, like the role of a card terminal, is to issue a payment request in proximity to an offline wallet, validate the incoming offline payment, store the offline payment, and then forward it for settlement when online connectivity is available. Hence, the offline terminal is only a relay station for offline payments that can validate, store, and forward a cryptographically signed offline payment from an offline wallet. The offline payment cannot be altered in any way, without making the offline payment invalid.

In terms of offline payments in proximity NFC (Near Field Communication) has been a popular choice. However, it has significant limitations, particularly in low-end smartphones that often do not support this interaction technology. Additionally, using NFC can complicate interactions between devices because users must align their devices precisely to initiate a transaction. As such, a more flexible approach to proximity interactions is necessary. Crunchfish is adopting an agnostic proximity interaction framework and can leverage various other proximity interaction methods as well — such as QR codes, Bluetooth, and ultrasonic signals — ensuring reliable and user-friendly payment experiences across a broader range of devices. This flexibility enhances accessibility and supports a wider demographic, enabling seamless transactions in any environment.

To summarize, the payment network should focus on deploying offline terminals as widely as possible in the market to enable to ability to receive offline payments and it is the role of the payment service provider to integrate offline wallets, with high security requirements, into their payment’s applications for end users. It is important to enable payments between offline wallets and offline terminals as well as peer to peer payments between offline wallets. After the payment network have established the ability to receive offline payments, it is possible to onboard payments service providers and as well as end users for offline payments incrementally. In terms of proximity interaction method between wallets or wallets to terminals it should be agnostic to enable as many payment interactions as possible.

In the context of offline payments, it is essential to differentiate between digital banknotes and digital IOUs. The widespread card payment model operates on the principle of digital IOUs, albeit without any stored value in the offline wallet of the payer. It is beneficial to model offline payments as digital IOU checks as well, benefiting from many years of experience from payments on the legacy card rails, facilitating a more fluid and flexible transaction process compared to unproven digital banknotes.

The successful card payment model relies on online settlement of transactions between the user and the card terminal. This should also be the norm for offline payments with the main difference that the user has stored values on their devices to avoid any credit risks. The correct offline payment paradigm Is a Reserve, Pay, and Settle approach, where offline payments are digital IOU checks.

The Reserve, Pay, and Settle approach is superior to the Fund, Pay, and Defund approach which is common in many CBDC implementations. Whereas Fund, Pay, and Defund is working fine for online wallets as it mimics Pre-Paid Instruments, it introduces significant double spending risks in an offline mode. The fundamental problem of having a payee having a claim on the payment network, e.g. a central bank, after having received value from potentially many consecutive offline payments, is that there is no way of detecting from a payment network perspective if there has been any fraudulent offline wallets involved in the chain of transactions leading up to this claim.

Transferring digital banknotes offline with instant finality, without any subsequent online settlement, has no benefits whatsoever from security and efficiency perspectives, compared to implementing an approach with offline payment with online settlement. Offline payment with instant finality requires an extreme focus on device security with hardware-based secure elements, which leads to scalability challenges as no ecosystems exist to deploy and upgrade offline wallets on hardware-based secure elements.

Traditional hardware-based security solutions impose significant challenges in scalability and deployment, particularly considering the fragmented landscape of mobile devices. 

Instead, a much better approach is to deploy offline wallets on app-integrated virtual secure elements as they do provide the isolated runtime execution environments necessary from a security perspective, without the scalability and upgradability issues as well as costly downsides of hardware-based deployments.

Having offline payments without settlement provides no chance for the payment network in discovering fraudulent offline wallets, unless centralized reconciliation systems are put in place. But these brings no value compared to leveraging the security readily available in the distributed core banking systems.

It is crucial to focus on privacy for both online as well as offline payments, rather than just having full anonymity for low-value, and therefore less-important, offline payments. The goal should be to ensure that payment details are kept confidential for the whole payment ecosystem; save for the user’s trusted bank that may have exclusive access to the payer’s transactional information. This approach to privacy goes hand in hand with having offline payments with online settlement and ensures that online as well as offline payments maintain equally high privacy standards.

To summarize, there are significant differences between the superior Reserve, Pay, and Settle and the cumbersome Fund, Pay, and Defund approach for offline payments. The latter emphasizes maximum device security but introduces complexities and risks associated with hardware dependence. Relying on centralized surveillance for payment security is increasingly viewed as inefficient and it comes with unwanted privacy issues with the payment network. In contrast, leveraging distributed core banking systems allows for enhanced security checks, efficiency, and privacy, creating a more resilient system that protects user data and promotes user trust in both online and offline payment processes.

Generalizing Foundational Pillars of Payments

Crunchfish’s deep fintech advancements offer an opportunity to generalize four foundational pillars of payments all at once:

• The Internet TCP/IP protocols,

• Real-Time Payment eWallets,

• Card Payments, and

• Conditional Payments.

That Crunchfish deep fintech is so versatile provides an incredible flexibility as it provides enhanced interoperability, higher security and more resilience for any type of digital payment. Below is a brief overview of how Crunchfish’s patented, and patent-pending technology generalizes four foundational pillars of digital payments.