Periodical Payment Model Using Restricted Proxy Certificates

In this paper we shall introduce a new electronic payment concept based on the popular direct debit payment model, entitled periodical payments. The direct debit model currently in use online is neither secure nor flexible, and requires a leap of faith by the customer who must trust the merchant to behave honestly. Electronic direct debit request (DDR) forms are not signed by both parties in a binding manner, which means that merchants can change the terms of DDR agreements post-fact. Unsigned DDR agreements give the merchant unprecedented power over customer accounts with little recourse for dispute. In this paper we shall demonstrate how the use of restricted proxy certificates with cryptographic signatures can be adopted to support a new periodical payment model. A payment policy language is presented that is tailored towards specifying rules that govern precisely how and when merchants can access and transfer funds from customer accounts into their own. Using this model will ensure that mutually signed policies are instantly enforceable on every transaction within a payment period. There is a fundamental difference between this proposal and other electronic payment schemes. Most such schemes attempt to replicate the features of physical cash such as anonymity, and therefore focus on single payment transactions that simulate cash changing hands. Since direct debit is a popular payment choice, our proposal provides significant improvement to this essentially paper-based payment model that currently does not integrate well in a purely electronic world.