1. Patent Search
  2. Details

FEDERATED ARCHITECTURE FOR ELECTRONIC PAYMENTS USING A PAYMENT BUS

20210383337 · 2021-12-09

    Inventors

    Cpc classification

    International classification

    Abstract

    Described herein is an Internet of payments, i.e., a loosely coupled, federated architecture for electronic payment in which payers and payees interact through an Internet-based store-and-forward payment bus to complete an electronic payment. Merchants may use any payment service or gateway and any device to place a payment request on the payment bus; similarly, payers may use any payment service or gateway from any device to make a payment toward the payment request. Embodiments describe how this invention addresses different types of payments including contactless physical payments, online payments and vending machine and kiosk payments, with scenarios illustrating voluntary donations, paying a restaurant check with tips from a mobile device, automated actions at the completion of a payment (e.g., issuing a ticket by a ticketing kiosk) etc.

    Claims

    1. A federated architecture for facilitating electronic payment for commercial and/or financial transactions between merchants and payers, the federated architecture comprising: a network address space configured such that: merchants, payers, and payment records created by merchants and payers in the process of completing electronic payments all have unique public identities (ID) by which they can be identified by each other; a computer-readable payment repository that stores the said payment records; and a payment bus comprising one or more non-transitory computer-readable media tangibly storing computer program instructions, wherein the instructions, when executed by one or more online processors, cause the one or more online processors to perform a payment bus process comprising: receiving from a merchant, via an authenticated network connection, a payment request for a commercial and/or financial transaction involving the merchant, wherein the payment request specifies the merchant as the payee of the payment request, and in response: storing the payment request in the payment repository; and sending the payment request, via an authenticated network connection, to any payer specified in the payment request; and receiving from a payer, via an authenticated network connection, a payment transaction record comprising the unique ID of the payment request and a payment confirmation, wherein the payment confirmation confirms a payment by the payer in favor of the merchant who is specified as the payee of the payment request, and in response: storing the payment transaction record in the payment repository; and sending the payment transaction record, via an authenticated network connection, to the merchant specified as the payee of the payment request.

    2. The federated architecture of claim 1, wherein the payment bus process further comprises: receiving from a merchant or a payer, via an authenticated network connection, a retrieval request for a payment record in the payment repository, wherein the retrieval request specifies the unique ID of the payment record, and in response: retrieving the payment record with the specified unique ID from the payment repository; and sending, via the authenticated network connection, the retrieved payment record to the sender of the retrieval request.

    3. The federated architecture of claim 1, wherein the payment bus process further comprises: receiving from a payer, via an authenticated network connection, a retrieval request for a payment record in the payment repository, wherein the retrieval request specifies the unique ID of a merchant, and in response: retrieving the most recent payment request that specifies the merchant with the said unique ID as the payee of the payment request; and sending, via the authenticated network connection, the retrieved payment request to the payer.

    4. The federated architecture of claim 1, wherein, to request payment from a payer for a commercial and/or financial transaction with the payer, the merchant performs a billing method comprising: creating a payment request for the transaction; sending the payment request to the payment bus via an authenticated network connection; establishing, through a transfer of identifying information between the payer and the merchant, an association between the payer and the unique ID of the payment request; receiving from the payment bus, via an authenticated network connection, a payment transaction record that comprises the ID of the payment request and a payment confirmation that confirms a payment by the payer in favor of the merchant; and modifying the payment request to indicate that the payment request has been paid.

    5. The federated architecture of claim 4, wherein the transfer of identifying information between the payer and the merchant comprises: the payer communicating information that identifies the payer; and the merchant capturing the information communicated by the payer.

    6. The federated architecture of claim 4, wherein the transfer of identifying information between the payer and the merchant comprises: the merchant communicating information that identifies the merchant or the payment request or both; and the payer capturing the information communicated by the merchant.

    7. The federated architecture of claim 1, wherein, to pay a payment request from a merchant for a commercial and/or financial transaction between the merchant and a payer, the payer performs a payment method comprising: establishing, through a transfer of identifying information between the payer and the merchant, an association between the payer and the unique ID of the payment request; receiving a payment request from the payment bus via an authenticated network connection; sending a payment directive to an online payment gateway, wherein the directive causes the gateway to make a payment to the payee of the payment request using a payer-specified payment credential; receiving, from the payment gateway, a payment confirmation that the payment to the payee has been successfully completed; creating a payment transaction record that includes the unique ID of the payment request and the payment confirmation received from the payment gateway; and sending the payment transaction record to the payment bus via an authenticated network connection.

    8. The federated architecture of claim 7, wherein the payer performs at least a part of the payment method from a personal mobile device.

    9. The federated architecture of claim 7 further comprising: sending a retrieval request to the payment bus via an authenticated network connection, wherein the retrieval request is based, at least partly, on the content of the identifying information transferred by the merchant to the payer.

    10. The federated architecture of claim 1, wherein the address space has a hierarchical structure.

    11. The federated architecture of claim 1, wherein the payment transaction record specifies a payment amount that includes a tip amount.

    12. The federated architecture of claim 1, wherein the merchant comprises an entity selected from the group consisting of an individual, a physical store, an online store, a vending machine, a kiosk, an institution, and any commercial outfit.

    13. The federated architecture of claim 1, wherein the merchant is represented by a computer-implemented merchant agent that performs one or more actions on behalf of the merchant and the payer is represented by a computer-implemented payer agent that performs one or more actions on behalf of the payer.

    14. The federated architecture of claim 13, wherein the payment bus functions substantially as only the repository if all merchants are represented by the same merchant agent and all payers are represented by the same payer agent.

    15. The federated architecture of claim 1, wherein the merchant includes any designated agent of the merchant and the payer includes any designated agent of the payer.

    16. The federated architecture of claim 1 further comprising: upon the merchant receiving a payment transaction record that confirms a payment by a payer to the merchant, the merchant executes at least one predetermined action in favor of the payer.

    17. The federated architecture of claim 16, wherein the at least one predetermined action executed by the merchant comprises an action selected from the group consisting of: modifying the status of the payment request, generating a receipt, printing a receipt, emailing a receipt, issuing a ticket, generating one or more coupons, sending a command to a vending machine, and activating a device.

    18. The federated architecture of claim 1, wherein the payment record includes additional information for sharing between the merchant and the payer.

    19. A federated method for electronic payment for commercial and/or financial transactions between merchants and payers, the federated method comprising: a payment bus process having authenticated network connection to: a network address space configured such that: merchants, payers, and payment records created by merchants and payers in the process of completing electronic payments all have unique public identities (ID) by which they can be identified by each other; a computer-readable payment repository that stores the said payment records; and wherein the payment bus process comprises: receiving from a merchant, via an authenticated network connection, a payment request for a commercial and/or financial transaction involving the merchant, wherein the payment request specifies the merchant as the payee of the payment request, and in response: storing the payment request in the payment repository; and sending the payment request, via an authenticated network connection, to any payer specified in the payment request; and receiving from a payer, via an authenticated network connection, a payment transaction record comprising the unique ID of the payment request and a payment confirmation, wherein the payment confirmation confirms a payment by the payer in favor of the merchant who is specified as the payee of the payment request, and in response: storing the payment transaction record in the payment repository; and sending the payment transaction record, via an authenticated network connection, to the merchant specified as the payee of the payment request.

    20. The federated method of claim 19, wherein the merchant is represented by a computer-implemented merchant agent that performs one or more actions on behalf of the merchant and the payer is represented by a computer-implemented payer agent that performs one or more actions on behalf of the payer.

    21. The federated method of claim 19, wherein the merchant includes any designated agent of the merchant and the payer includes any designated agent of the payer.

    Description

    LIST OF FIGURES

    [0019] FIG. 01 provides a high-level pictorial view of the Merchant-Centric Payment paradigm.

    [0020] FIG. 02 provides a high-level overview of this invention.

    [0021] FIG. 03 is a schematic that shows the structure of our invention and its major components.

    [0022] FIG. 04 depicts different technical architectures for Payer Agent as used in some embodiments.

    [0023] FIG. 05 is a schematic of the Payer Identity Manager PIM.

    [0024] FIG. 06 provides a summary of the of the payment method described in this invention.

    [0025] FIG. 07 depicts different architectures for Payment Presenter used in some embodiments

    [0026] FIG. 08 depicts different technical architectures for Merchant Agent.

    [0027] FIG. 09 is a schematic of the Merchant Identity Manager MIM.

    [0028] FIG. 10 is a screenshot of the Merchant Profile Manager MPM from an embodiment.

    [0029] FIG. 12 depicts a Payment Bus implementation using webhooks.

    [0030] FIG. 13 depicts many payer and merchant agents in a single address space.

    [0031] FIG. 14 is a screenshot of a merchant creating a payment request and its JSON representation.

    [0032] FIG. 15 is a screenshot from E0 of a payment request and its payment transaction record PTR.

    [0033] FIG. 16A depicts the steps that subsystems of E0 go through to execute a payment process.

    [0034] FIG. 16B depicts the dataflow of embodiment E0 as it executes the steps of a payment.

    [0035] FIG. 16C depicts the dataflow of E0 from the point of view of MA 302, PA 300 and PB 312.

    [0036] FIG. 17 contains screenshots of the payment screen from E1.

    [0037] FIG. 18 shows different scenarios for an infrastructure-less cash register.

    [0038] FIG. 19 shows the process flow for the infrastructure-less cash register.

    [0039] FIG. 20 shows a restaurant creating a payment request for a customer and the printed check.

    [0040] FIG. 21 shows the payment and payment acknowledgment screens from E2.

    [0041] FIG. 22 shows the shopping cart from E3.

    [0042] FIG. 23 shows the JSON representation of payment request for E3 and E4.

    [0043] FIG. 24 shows the shopping cart from E4.

    [0044] FIG. 25 is a schematic of PayPal payment model for comparison with our invention.

    [0045] FIG. 26 shows the claim screen and the payment screen of payment app of embodiment E4.

    [0046] FIG. 27 shows a regular and a modified vending machine that can accept payment from E4.

    [0047] FIG. 30 shows a bus company using a poster as a ticket vending kiosk (scenario for E5).

    [0048] FIG. 31 shows the JSON for a payment request and the payment screen for a ticket.

    [0049] FIG. 32 depicts the delivered tickets and the app for their verification.

    [0050] FIG. 33 depicts the process flow in E5.

    DETAILED DESCRIPTION

    Structure of the Invention

    [0051] Our invention, embodiments of which we refer to as a Payer-centric Payment Systems or PCPS, comprises the following subsystems as depicted in FIG. 03:

    [0052] 1. one or more Payer Agents PA 300, where a given PA 300 acts as an agent for one or more payers and manages all aspects of a payer's interaction with the PCPS,

    [0053] 2. one or more Merchant Agents MA 302, where a given MA 302 acts as an agent for one or more merchants and manages all aspects of a merchant's interaction with the PCPS,

    [0054] 3. a Payment Bus PB 312 that acts as a store-and-forward conduit and enables parties connected to the PCPS to exchange payment-related messages with each other,

    [0055] 4. a Payment Repository PR 314 that acts as the storage cache of the PB 312 and stores active payment requests, resolved payment requests, and payment transaction records. Some embodiments store the pending and resolved payments in physically separate databases, Pending Payment Repository and Resolved Payment Repository, while others may store them as different tables in the same database,

    [0056] 5. a logical Payer Directory PD 316 is simply a directory of the identities of all payers recognized by a PCPS embodiment. In some embodiments it may be physical and explicit, whereas in others, it may be implicit and defined by routing tables and payer identities maintained inside payer agents, and

    [0057] 6. a logical Merchant Directory MD 318 is simply a directory of the identities of all merchants recognized by a PCPS embodiment. Much like the payer directory, a merchant directory may be explicit or implicit and we will discuss them both when we discuss the address space of a PCPS.

    Payer Agent

    [0058] A payer registers with a PCPS through a Payer Agent PA 300 of his or her choice and the agent is responsible for providing all capabilities that enable that payer to conduct payments through the PCPS. These capabilities include, but are not limited to, registering, and authenticating the payer, presenting payment requests directed to that payer, managing, and monitoring that payer's payment sources (such as credit cards, bank accounts etc.), completing payments for that payer, and depositing that payer's payment transactions into PB 312.

    [0059] In one embodiment, the PA 300 comprises a web server and several different types of clients (see FIG. 04). A PA server serves a browser client 402, a mobile client or app 404, an API endpoint for programmatic access 406, and also a mailer 408 to email (or SMS) a link to a webpage that displays a payment request. As an example, assume that a customer, angela@elfpoint.com, has just shopped at Franks Store. To charge her, the store would place a payment request addressed to her in the payment bus. Her PA 300 can deliver the payment request to her through a browser client 402 on a PC, through an app 404 on her mobile device, or can deliver it as JSON through an API endpoint 406 (to, say, her spreadsheet or accounting software). Based on Angela's preferences, it can also use the mailer 408 to send her an email with a link to a webpage that displays the payment request.

    [0060] The Payer Identity Manager PIM 322, a subcomponent of PA 300, is responsible for managing the identity of the payers registered with that PA. Besides well-known processes of registration, login and multi-factor authentication, a given PIM may also provide auxiliary identities (e.g., phone number) and aliases for its customers. In one embodiment, a PIM 322 uses passwords and session cookies to authenticate session-based access, and OpenID Connect with OAuth 2.0 for registering API clients for programmatic access with API tokens. Payer accounts may have roles with specific access privileges. For example, payers can authorize their auditors and tax preparation software to access a part of their data. The PIM is responsible for managing payer accounts and roles, and imposing authorization rules when anyone accesses PA 300.

    [0061] FIG. 05 is a schematic of a PIM 322 from one of the PCPS embodiments. All accesses to the PA 300—whether through a user interface or through APIs—go through the PIM which checks the access credentials against a database of Payer Accounts 508 and a database of Access Policies 510. If improper or no credentials are presented, the user is directed to the Signup Manager 504 or Login Manager 506 or presented with an appropriate error message.

    [0062] The Payer Profile Manager PPM 324 is responsible for collecting and managing the customer's profile. The customer profile includes basic information about the customer including but not limited to name, phone numbers, aliases, shipping addresses, payment sources such as cards and bank accounts, as well of customer preferences including, but not limited to, where to deliver what types of payment requests, what types of payment alerts to provide, when to inform or warn of impending payments and so forth.

    [0063] The Payment Presenter PP 326 is responsible for formatting and presenting a payment to a payer. Unlike the MCP paradigm where a merchant may implement a specific payment interface, the PCP paradigm must cater to many different types of merchants. For example, a restaurant may want the payment request to include a field for its customers to add tips; an eCommerce vendor may need the payment request to prompt customers for a shipping address; or a store may want the payment request to include a field where the customer can provide feedback about their shopping experience. To cater to all these cases, PP 326 depends on both the merchant profile (discussed below) as well as the payer's profile. For example, a payer's profile may direct that all payments be presented in Canadian dollars; a merchant profile may direct that all payment requests include an extra field for payers to add a tip to the payment.

    [0064] FIG. 07 is a schematic showing some architectures for PP 326 to obtain directives from a merchant or merchant Agent in presenting its payment requests to payers. The approaches shown are illustrative, not exhaustive. The simplest approach is 700 where the payment request itself includes merchant directives in its body. 704 depicts a flexible but more complex approach where the request includes an API-endpoint that PP 326 can call in order to render parts of the payment screen. 702 is another approach where PP 326 retains control but takes directions in real-time from the MA 302. Embodiments provide examples.

    [0065] Payment Bridge PB 328 is an abstraction layer between PCPS and third-party Payment Gateways PG 310, so that a PCPS is loosely coupled to the internal details of payment gateways. In some embodiments, the PB 328 is implemented as a set of drivers for a range of payment gateways such as Stripe, PayPal, Payment Tech etc.

    Merchant Agent

    [0066] A merchant registers with a PCPS embodiment through a Merchant Agent MA 302 and the agent is responsible for providing all capabilities that enable that merchant to accept payer-centric payments through the PCPS. Such capabilities include but are not limited to authenticating the merchant, placing the merchant's payment requests into the Payment Bus PB 312, providing the merchant with information about active and resolved payment requests, and managing the merchant's account with the PCPS. In some embodiments, the MA 302 provides sophisticated data analysis tools such as charts, reports, seasonal sales analysis, predictions and so forth. An embodiment may also provide tools to export data to third-party packages.

    [0067] In one embodiment, the MA 302 comprises a web server and several types of clients as depicted in FIG. 08. The MA server serves a browser client 802, a mobile client or app 804 and an API endpoint 806 that accepts payment requests programmatically from merchants. The web client 802 and mobile client 804 enable small merchants to manually create payment requests such as the ones in 1402 (FIG. 14) and 2002 (FIG. 20). The API endpoint 806 enables larger and eCommerce merchants to create payment requests such as the ones in FIG. 23 and FIG. 28.

    [0068] The Merchant Identity Manager MIM 332 is responsible for managing the identity and login credentials of a merchant. A merchant may own multiple accounts with different roles and privileges. For example, a small merchant may have a simple username and password with all privileges, whereas a chain store with several outlets as well as a website may have accounts with many roles such as store manager, branch manager, checkout clerk, website manager etc., who may not only have passwords for login and session-level authentication, but also API tokens for programmatic access. The MIM 332 is responsible for creating and managing merchant accounts and imposing authentication and authorization rules across all merchant access to a PCPS. In one embodiment, MIM 332 uses OpenID Connect with OAuth 2.0 for managing merchant accounts and distributing API access tokens.

    [0069] FIG. 09 is a schematic of a MIM 332 from one of the PCPS embodiments. All accesses to the MA 302—whether through a user interface or through API—go through the MIM 332 which checks the access credentials against a database of Merchant Accounts 908 and a database of Access Policies 910. If improper or no credentials are presented, the merchant is directed to the Signup Manager 904 or Login Manager 906 or presented with an appropriate error message.

    [0070] As mentioned earlier during our discussion on Payment Presenter PP 326, unlike the MCP payments where the merchant controls how the payment is presented to the payer, with our invention, the merchant depends on PP 326 for how the payment request is presented to the payer. For this, the PP 326 depends on both the payer's preferences (managed by Payer Profile Manager PPM 324) and the merchant's profile, managed by the Merchant Profile Manager 334. The Merchant Profile Manager MPM 334 is responsible for collecting the merchant profile information. It uses a question-answer paradigm to help the merchant specify the customizations that the merchant needs in how the PCPS embodiment manages the payment process for that merchant. Further, the merchant profile may also provide input to the Payment Presenter PP 326 on how to display payment requests from that merchant. FIG. 10 is a screenshot of a merchant profile from an embodiment called Elfpoint which we will revisit later.

    The Payment Bus

    [0071] The Payment Bus PB 312 serves four functions that are critical for a robust and scalable payer-centric payment system. First, it acts as a data conduit across different parties within a well-defined name or address space so that payers, merchants, and payment messages all have unique identities with which they can be referenced and retrieved. As such, it creates a loosely-coupled, fully federated payment system: merchants—operating through different merchant agents, possibly controlled by different organizations—can request payment and obtain payment confirmation from payers—operating through different payer agents, possibly controlled by different organizations. A merchant or payer can switch agents—and new agents can join a PCPS embodiment—without affecting the payment flow.

    [0072] Second, the payment bus externalizes a payment request as a persistent object in Payment Repository PR 314, so the payment request is no longer dependent on the merchant's cash register or website for its fulfillment. The request can be accessed and paid from anywhere.

    [0073] Third, PB 312 acts as an event and data bus that delivers payment messages to concerned parties as and when the messages arrive. This helps maintain a synchronous payment flow across the PCPS, without the agents polling a central repository or maintaining point-to-point contact.

    [0074] Fourth, PB 312 is a store-and-forward pipe that delivers payment messages on demand. Hence it is tolerant of system and network failures; further, externalization with persistence means that a payment request can be created by a PA and (later) “claimed” by a payer. Contrast this with today's Internet payments where a network failure can result in the failure of a transaction or can result in duplicate transactions. We are all familiar with messages such as “this action may make take a long time. Please do not close the browser or press the browser's back button” when we click the “pay” button for an eCommerce transaction.

    [0075] As such, the payment bus provides an open infrastructure for an “internet of payments” as opposed to walled-garden payment systems of today. The payment bus provides a loosely coupled federated architecture for merchants to request payment from payers and payers to fulfill these payment requests. We have kept the payment bus intentionally simple so it can be a very general: it acts as a synchronous store-and-forward and as an (asynchronous) on-demand retrieval mechanism for payment messages. It is stateless, so agents have to manage state through their payment records.

    Payment Messages

    [0076] PB 312 stores and transmits discrete pieces of information that are interchangeably called payment messages or payment records. One PCPS embodiment implements two types of records: Payment Requests PR and Payment Transaction Records PTR. While these records are structured objects within PA 300 and MA 302, they may be serialized with respect to PB 312. We note that serialization refers to the conversion of a structured object into a standards-based representation so that it can be transmitted from one system to another. In some embodiments, payment records are serialized into JSON (JavaScript Object Notation, an established standard), though other embodiments may serialize them to other standards. PRs are used by merchants to request a payment, and PTRs are used by payers or payer agents to confirm a payment.

    [0077] PRs and PTRs are important but not exhaustive of the kinds of information that need to flow through a payment bus to support payment-centric payments. With our embodiments we show how a number of scenarios can be supported with just these two. Other embodiments may use additional types of records to handle scenarios such as refunds, deposits, credit holds etc. We expect a wide range of payment record types to emerge as new types of financial instruments are introduced by banks, credit card companies and other players in the financial services industry.

    [0078] Payment Requests or PRs have a header and a body. The fields and values in the header are unrestricted though many embodiments of this invention recognize the following fields and their associated semantics: type, request ID, merchant ID, customer ID, requested amount, currency unit, expiration date, transaction ID, status, add tips, taxes, information request, tax deductibility and fulfillment count. The body is meant for the merchant or merchant agent to provide information to the payer or payer agent and is not processed by PB 312.

    [0079] As an example, let's consider a payment request PR 1404 (FIG. 14) in JSON representation from a PCPS embodiment. It has the following semantics: this is a payment request from the merchant whose identity is Frank's Store to customer angela@elfpoint.com for an amount of 29.95 USD, the request is currently active. The payment can be fulfilled when paid once, it is not tax deductible and does not expect a tip. The body of the payment request can contain additional information (e.g., a bill of sale) for the payer.

    [0080] When a payment request PR is paid by the payer, PA 300 creates a Payment Transaction Record PTR, adds the PR's ID to the PTR and sends both the PR and the PTR to the payment bus PB 312. The purpose of the PTR includes but not limited to (a) providing the Merchant Agent MA 302 a confirmation of the payment, (b) enabling the Payer Agent PA 300 keep track of the details of the transaction, and (c) exchanging any information with the merchant (e.g., a shipping address). In one embodiment, a PTR has three main parts—a header, a tracker, and a body. The header is not encrypted, the tracker is typically encrypted so that it is only intelligible to the Payer Agent PA 300, and the body is for information exchange between the payer and the merchant and could be encrypted. 1504 (FIG. 15) shows a PTR. The header says that it is a transaction record confirming the payment for a specific payment request with an ID of 1127745653 from a merchant called Franks Store to a customer called angela@elfpoint.com for a payment amount of 29.95 USD incurring a transaction commission of 1.21 USD. Further, the transaction is confirmed by the PCPS embodiment with a confirmation number and a timestamp.

    [0081] When Merchant Agent MA 302 for Franks Store sees this PTR, it would consider the payment request with the ID 1127745653 paid and credit Franks Store's account for the payment. It is worth noting that neither Franks Store nor its Merchant Agent has any knowledge of the payment source (credit card, bank account or whatever) that was used by the payer as that information is not in the header but in the tracker field that is encrypted for and by the PA 300.

    [0082] The body of the PTR in 1504 (FIG. 15) is empty, but its tracker tracks or contains information about how the payment request was paid and is intelligible only to the Payer Agent PA 300 because it is encrypted. It may be created by the PA 300 itself or by the Payment Bridge PB 328. It specifies that the name of payment gateway PG 310 that was used for completing the payment, the confirmation code provided by the payment gateway, the internal token for the payment source used, and the nickname by which the payment source is known to the payer.

    [0083] A payment request that does not have the status of “active” is considered “resolved.” Either it has been paid, declined, canceled by the merchant, expired, abandoned, or has some other status. In some embodiments (e.g., E1 and E5), the “fulfillment count” parameter may control when a payment request is considered resolved. In some embodiments, the payment repository PR 314 comprises two logically and/or physically separate repositories called Active Payment Repository and Resolved Payment Repository for more efficient processing. In others, they may be simply different tables in the same physical repository.

    Implementing the Payment Bus

    [0084] In a simple embodiment with just one PA 300 and just one MA 302 residing on the same server, the PB 312 can be implemented as a relational database for the payment messages and an event bus that broadcasts database events. PA 300 and MA 302 can subscribe to the event bus as listeners and be notified of database events and respond only to events that concern them. While not very scalable or secure, this may be adequate for a simple PCPS.

    [0085] For an embodiment that has several PAs 300 and MAs 302 spanning hundreds of servers across the Internet, PB 312 can be implemented as a distributed, NOSQL database for resolved payment messages, and an in-memory database cache for pending payment requests, and webhooks to send specific PAs or MAs of fine-grained events and data. FIG. 12 depicts a payment bus using webhooks. In this embodiment, the PB 312 comprises an Internet server 1200 that has an in-memory database 1202 for pending payment requests, and a distributed NOSQL database 1204 for resolved payment requests and payment transaction records. Merchant Agents and Payer Agents register specific webhooks—i.e., URLs that accept HTTP POST messages—for events that concern them. On the arrival of a payment message, server 1200 first stores the message, looks up what event the message triggers, and then sends a HTTP POST to the webhook registered for that event in the Webhook Directory 1206. While we have described two solutions, many other technologies can support an Internet-wide payment bus PB 312. REST hooks, Websockets, Pub-Sub, Server Sent etc. are some possibilities.

    Address Space

    [0086] An address space or namespace defines the context within which the identity of some entity is defined and where the entity is uniquely addressable. For example, a filesystem in a computer is an address space that uniquely qualifies each file within a hierarchical directory structure; the Domain Name Service (DNS) of the Internet defines a highly distributed and hierarchical address space, in which any domain, subdomain or a webpage is uniquely addressable. For smooth payment flow in a PCPS embodiment, it is necessary that a PCPS provide an address space in which payers and merchants can clearly identify each other by their public identities. In simple embodiments, the address space may be nothing more than a flat, PCPS-wide directory of payers and merchants, ensuring that their IDs are unique at the time of registration. If the embodiment has only one Payer Agent PA 300 and only one Merchant Agent MA 302, their respective identity managers PIM 322 and MIM 332 would also be the logical Payer Directory 316 and the logical Merchant Directory 318 respectively. If there are multiple payer agents and merchant agents, then the union of their respective PIMs and MIMs would constitute the logical payer and merchant directories with an additional check at the time of registration to ensure that payers or merchants do not have duplicate registrations across agents.

    [0087] A hierarchically organized address space is more common and scalable. In the address space shown in FIG. 13, merchant agents and payer agents are trusted entities, and their identities are simply their IP addresses maintained by the payment bus in a routing table. The merchants are identified by domain names, which are by definition unique. A payer is assigned an email ID at registration where the email ID is part of the domain of the payer agent that registers the payer and is therefore unique. In this case, the naming convention used by domain names and email IDs constitute implicit merchant and payer directories PD 316 and MD 318.

    [0088] Although a simple embodiment could just inform all agents whenever a new payment message arrives at PB 312 and let an agent determine if the message concerns that agent, that would be neither secure not efficient. Most embodiments maintain an association list specifying which payer or merchant is associated with which agent, though in an address space such as the hierarchical one shown in FIG. 13, no such list is necessary for payers since the structure of an email ID automatically specifies its agent association. Note that, strictly speaking, such association lists are a matter of efficiency and not an integral part of an address space per se.

    [0089] In our invention, it is not just the payers and merchants who are uniquely identifiable, but also payment messages that they send to each other. Since all payment messages pass through the Payment Bus 312, in some embodiments, it is most efficient to assign an ID to payment messages when they are first reach the Payment Bus 312. In other embodiments, each merchant agent and payer agent may assign an ID that is unique within that agent's address space, and prefix it with that agent's own ID, so that the message's ID is unique across the PCPS.

    [0090] Why have many PAs and MAs? Our invention aims to provide an open and federated infrastructure for payments and does not subsume any particular business model. We imagine that different agents will cater to different market niches, geographies or different class of payers and machines. For example, one merchant agent could cater to merchants of a certain type while another may cater to only payers in a certain geography. Similarly, one PA may cater to payers paying with prepaid credit, another to payers paying with PayPal, and another may specialize in discounts and coupons. This invention is agnostic about the underlying business model.

    Embodiments of the Invention

    Embodiment E0

    A Prototypical Payment Scenario at a Store

    [0091] Assume that embodiment E0 is offered as a service at the fictitious domain e0.com. Assume that a payer, Angela, has signed up with e0.com, through one of E0's payer agents called elfpoint.com and is assigned an email ID angela@elfpoint.com. Assume that she has added two cards as her payment credentials to her profile. Let us also assume that a merchant, a small convenience store called Franks Store, has signed up with e0.com through one of its merchant agents MA 302. The Merchant Profile Manager MPM 334 will obtain the merchant's name, logo, bank account, and other information through a dialog similar to the one in FIG. 10.

    [0092] Assume that Angela is at Franks Store's cash register to check out. The merchant logs into e0.com via a browser, uses the MA 302's browser interface 802 to create a payment request 1402 as shown in FIG. 14. 1404 is the JSON representation of the payment request. In other embodiments, the customer ID may be scanned from the customer's mobile device as a barcode or entered by the customer through a keypad device.

    [0093] MA 302 now places the payment request PR in the E0's Payment Bus PB 312, which delivers it to Angela's payer agent PA 300. PA 300 consults Angela's profile and finds that her delivery preference is her mobile app, so the PR is delivered to her mobile app 404. The Payment Presenter PP 326 presents a payment request based on both merchant's and payer's respective profiles. PP 326 consults Payer Profile Manager PPM 324 to obtain the two cards stored by Angela in her profile; it also consults the Merchant Profile Manager MPM 334 to get Franks Store's logo. 1502 (FIG. 15) is the screenshot of the PR as presented to Angela.

    [0094] To fulfill the payment request PR, Angela can choose a card from her profile or enter a new card. Her payment source and authorization are delivered by Angela's app 404 to PA 300. PA 300 sends the merchant ID and the payment source to a Payment Gateway 310 through its Payment Bridge PB 328. If the payment is successfully completed, PG 310 returns a payment confirmation and PA 300 creates a Payment Transaction Record PTR with a reference to the payment request ID and merchant ID, the transaction amount, and the confirmation code provided by PG 310. 1504 in FIG. 15 shows the PTR. PA 300 deposits the PTR in the Payment Bus PB 312 which PB 312 routes to Merchant Agent MA 302. Now MA 302 verifies that the payment amount in the PTR matches the amount billed in the PR and that PTR has a confirmation code. Satisfied, MA 302 changes the status of PR as from “active” to “paid.”

    [0095] FIG. 16A depicts the steps that E0 goes through in the above scenario. FIG. 16B provides an alternate depiction in terms of process flow: MA 302, PB 312 and PA 300 are shown left to right and the sequence of the process steps from top to bottom. FIG. 16C provides yet another view of the process and data flow as seen by MA 302, PB 312, and PA 300. Each arrow represents the direction of data flow or an action, and the steps are numbered. “APR.Math.RPR” stands for the modification of the status field of a payment record from “active” to “paid.”

    Embodiment E1

    Tipping a Street Performer

    [0096] Imagine tipping a street performer, a waiter in a food kiosk, or making a charitable donation to a roadside volunteer. In such scenarios, there is no formal payment request, and the payee and the payer typically do not know each other's identity. Assume that embodiment E1 is offered as a service at the fictitious domain e1.com. Payees register with e1.com as merchants and are provided a URL and a corresponding QR code that identifies them. A payee is free to display the QR code in any location. For such payees, E1 creates a persistent payment request which has the payee's identity, but no payment amount.

    [0097] When a payer—who may or may not be registered with a PA 300 of the E1—scans the QR code from a mobile device, the payer is directed to the webpage or app location specified by the QR code and unique to that payee. If the payer is registered and logged in, the Payment Presenter PP 326 will retrieve the payer's stored payment sources and the payee's profile; if the payer is unknown, then he or she is simply shown the merchant's page, and the payer can pay by entering a credit/debit card or with the device supported payment system such as Apple Pay or Google Pay. FIG. 17 depicts screenshots from E1 and shows the payment request from a street performer as it is shown to an unknown payer (1702) and a logged-in payer (1704).

    [0098] How does Embodiment E1 work? Shown below is the JSON representation of the payment request PR created by E1's Payer Agent PA 300 for the street performer.

    TABLE-US-00001   {″header″: {   ″request_id″: 4014605071,   ″merchant_id″: ″Street Comedian Joe″,   ″fulfillment_count″: ″unlimited″}  {″body″: {″ack″: ″You made my day!″} }

    [0099] Notice that, besides the payee's identity, this payment request has very little. With no amount requested and no designated payer, this request can be captured by anyone. Note that the PR specifies that the “fulfillment count” is ‘unlimited’. This means that PR will stay persistent in PR 314 so that any number of payers can fulfill the same PR. However, each payment will create a new Payment Transaction Record PTR that references the same PR For each new PTR, the MA 302 will simply credit the payee's account with the amount in the PTR but leave the status field of PR as ‘active’ because the “fulfillment_count” is ‘unlimited.’

    [0100] Although very simple, this scenario illustrates one of the advantages of this invention. The street performer is able to accept electronic payment from an unknown passerby without possessing or operating any payment infrastructure and without interrupting his performance. Being payer-centric, once the performer sets up the payment request, payments are initiated and orchestrated by the payer with no overhead for the payee. Note that there is nothing special about the QR code itself—it is simply an easier-to-read version of the payee's URL.

    E0 and E1 Combined

    An Infrastructure-Less, Payer-Centric Cash Register

    [0101] Embodiment E0 illustrated how a merchant can create a payment request for a specific amount directed to a specific payer. Embodiment E1 illustrated a payer identifying a merchant by their ID to make a payment. A trivial combination of E0 and E1 can be used as a simple cash register where a merchant can create a payment request as in E0 but without knowing the payer's ID and a payer can scan the (static) QR code of the merchant to retrieve the merchant's most recent payment request. Scenario 1804 (FIG. 18) shows a vendor displaying a QR code on a sheet of paper that simply identifies the merchant as in E1. The merchant creates a payment request for a specific amount as in E0, but with no payer ID. When a payer scans the merchant's QR code—a static ID—the payer agent retrieves and displays the most recent payment request by that merchant (the typical scenario for a cash register), thereby using a static merchant ID as a proxy for a dynamic payment request. FIG. 19 depicts the process flow.

    [0102] This is another example of how payer-centric payments are advantageous to both customers and merchants. In the scenario described, a small merchant is able to transmit a payment request for a specific amount and accept an electronic payment from an anonymous payer without needing any payment infrastructure; the customer is able to pay a fly-by-night street vendor electronically without revealing his or her identity or payment credentials.

    Embodiment E2

    Paying at a Restaurant, Tips Included

    [0103] Embodiment E2 supports restaurant payments: a scenario in which the payment amount is known, the payer's identity may not be known, and the payer may modify the payment request by adding a tip. Assume that our restaurant has integrated its cash register with Merchant Agent MA 302 through the latter's API interface 806 so that when a check is rung up, the cash register automatically generates a payment request PR which is placed in E2's PB 312. Now the restaurant can print the check with a QR code that identifies the PR In FIG. 20, 2002 shows the restaurant's MA 302; 2004 shows the printed check for our customer Angela.

    [0104] To pay, Angela scans her check with her app 404 of E2 and her app 404 retrieves the PR from PB 312. PP 326 that serves her app 404 retrieves her stored cards from her profile; it also retrieves the restaurant's logo from Topaz Café's profile and notes that tips are applicable to its payment requests (see FIG. 10). Based on all this data, PP 326 generates a visual representation 2102 (FIG. 21) of the PR. When Angela adds a tip, chooses a card, and authorizes the payment, PA 300 completes the payment process depicted in FIG. 16A. PP 326 of Angela's PA 300 now confirms the payment, and—as instructed by the Topaz Café's profile (see FIG. 10)—prompts Angela to review the restaurant and accept coupons as shown in 2104.

    [0105] This embodiment is an illustration of a much more flexible payment scenario where the customer does not just fulfill a payment request as given but modifies it by adding a tip from her own device. Note that Angela's identity and payment credentials were not shared with the restaurant, she did not have to wait for a waiter to swipe a card and bring her an invoice for her to add tips and the restaurant did not need any payment infrastructure such as card readers.

    Embodiment E3

    Paying for an Online Purchase

    [0106] Imagine our customer Angela visiting a fictitious eCommerce website, kids-casuals.com, adding several items to her shopping cart and checking out. FIG. 22 is a screenshot of Angela's shopping cart. Imagine that kids-casuals.com accepts E3.com as one of its payment options. Instead of entering her credit card number and shipping address, Angela can check out by entering her E3.com ID and by ticking the box that allows E3.com to provide her shipping address to the website. When Angela checks out, the website creates a PR via E3's Merchant Agent's API-endpoint 806. The JSON representation of the PR 2302 is shown in FIG. 23. E3's MA 302 deposits the PR into E3's PB 312 which delivers it to Angela's Payer Agent PA 300 and Angela's PA 300 displays it on her mobile app 404. Angela would pay this payment request from her mobile app 404 much the same way she would pay any other merchant.

    [0107] Practitioners familiar with the state of the art might see some functional similarities between our invention and other commercially available systems like PayPal. Our invention as well as PayPal hide the payment source from the payee. However, the similarities end there. Structurally and architecturally, as a payment system, PayPal is analogous to a computer whereas our invention is analogous to the Internet. First, the former creates a proverbial “walled garden” and requires both the merchant and the payer to be inside the walled garden as its clients. Second, when a payer initiates a payment from an eCommerce website, the eCommerce website invokes PayPal for the customer to authorize the payment. At that point, the only glue that holds the eCommerce website, the customer's website session and the PayPal session are transient website cookies. As such, all these actions have to take place on the same device and within the same browser almost synchronously (or within a cookie timeout period).

    [0108] In contrast, our invention externalizes a payment request with a unique ID as a persistent, first-class object through its payment bus. And the technical architecture of our invention enables multiple merchant agents and payment agents that can post and retrieve payment messages from anywhere on the Internet. This means that a merchant can create a payment request from one device through MA 302; the request can either be sent to the payer (via the payer's ID) or retrieved by the payer (via the payment request ID) from another device through Payer Agent PA 300. As such, our invention creates what might be seen as an Internet for payments where merchants, payers and payment requests can be uniquely addressed, where many merchant agents and payer agents can coexist, where any payer can pay any merchant through the payment bus without requiring both parties to be inside a proprietary walled garden. Compare FIG. 25—a schematic of PayPal—with FIG. 02, a schematic of our invention.

    Embodiment E4

    Claiming a Payment from a Website, Vending Machine or Retail Store

    [0109] In embodiment E4, we focus on several payment scenarios that become possible when a payment request is externalized so that the payer can pay by claiming the request. FIG. 24 is a screenshot of Angela's shopping cart from E3 but adapted for E4. Unlike in E3 where Angela had to enter her ID to receive the payment request, E4 shares the ID of the shopping cart with the customer. Much like in E3, the merchant's website creates a payment request PR via E4's API-endpoint 806. FIG. 23 (2304) shows the JSON representation of the PR. Note that the PR's request id (“KC-22847”) is the same as the shopping cart ID that E4 shared with Angela in FIG. 24. E4's MA 302 deposits the PR into E4's payment bus PB 312. However, unlike with E3, this PR is not directed to any payer (the customer_id is null), so the PB 312 simply saves it in the payment repository PR 314 but has no payer to forward it to.

    [0110] How does Angela pay? FIG. 26 shows screens 2602 and 2604 of E4's payment app 404. Since the merchant has shared Angela's shopping cart ID, she can simply enter or scan the cart ID through 2602 and have her Payer Agent PA 300 retrieve it and present it to her with the Payment Presenter PP 326 as in 2604. As noted earlier, the merchant can provide input to PP 326 on how to present a payment request to a customer. In FIG. 07, we presented different architectures for how PP 326 and the merchant could interact. Embodiment E4's PR 2304 (FIG. 23) specifies an API endpoint for PP 326 for getting merchant input for presenting this PR to the customer. PP 326 uses the architecture shown in 704 to obtain the content and formatting instructions for Angela's cart by calling this API endpoint (with the cart_id as a parameter). It is as if Angela's cart has jumped off the merchant's webpage into Angela's mobile app 404. In this scenario, the eCommerce site and the cart could be on one device (say, a PC) and Angela could retrieve the cart on another device and pay for it without involving the merchant at all.

    [0111] E4 caters to a very general scenario where a payer claims a payment request and pays for it in any manner the payer chooses. We now illustrate how E4 caters to other scenarios. Imagine a vending machine that enables customers to select multiple items and then pay with a card. Much like the payment machinery at a store, such vending machines need a card reader and a wide-area data connection to contact a payment gateway. With our invention, a vending machine can eliminate the card reader and act more like a website where the customer's snack selection is tantamount to a shopping cart that can be claimed and paid for from a mobile device as in E4.

    [0112] FIG. 27 shows a conventional vending machine 2702 with a built-in card reader 2704. It also shows a modified version 2712 where the card reader has been replaced by a display 2714 and/or a cheap LED counter 2716 and/or a contactless NFC output device 2718. When the customer has made her snack selection, instead of expecting a payment through a card reader 2704, the modified machine 2712 does exactly what the eCommerce website did in embodiment E4. The machine creates a payment request PR for the customer's snack selection via E4's Merchant Agent's API-endpoint 806 and provides the ID of the payment request as a QR code on the display 2714, and/or as a character string on the LED counter 2716 and/or as an electronic signal that can be picked up by a customer's mobile device from the NFC output device 2718. This enables the customer to claim the payment request with her app 404 and pay from the app (as in FIG. 26). When the customer pays, the customer's payment transaction record is deposited by the customer's PA 300 into PB 312 which routes it to the vending machine's MA 302. After MA 302 verifies the payment, it informs the vending machine, which dispenses the snacks.

    [0113] Consider a retail scenario shown in FIG. 18. At present, stores use merchant-centric payments: once a sale is rung up, the payer would swipe her card through a card reader 1824, an input device that reads the customer's credentials to complete the transaction through the store's payment infrastructure. With E4, the store would replace the card reader with an output device, a display 1834. When a sale is rung up, much like the website or the vending machine, the store's cash register creates a payment request PR and provides its ID as a QR code or NFC output on the display 1834. The customer scans this code and pays from her own app 404.

    [0114] The above scenarios show the flexibility of our invention. When a payment transaction is externalized, it is no longer coupled to a transient internal record belonging to a cash register, vending machine or an eCommerce database, but is turned into a first-class object with a unique ID that can be accessed and fulfilled from anywhere through any payment service. E4 shows that a customer-centric payment system is more convenient and secure for the customer and is also cheaper for the merchant. For example, a vending machine operator no longer needs a card reader and the security related to taking payments through unattended machines in remote places.

    Embodiment E5

    An Automated Ticket Kiosk

    [0115] Imagine a bus company that operates buses between two cities. FIG. 30 shows the bus company's ticket vending kiosk which is just a poster at the bus station. When a customer scans the poster, E5 will vend individually verifiable tickets for a given trip. FIG. 33 shows a pictorial representation of the ticket vending process.

    [0116] In FIG. 10, we showed how merchants can choose various parameters pertaining to their business, including the payment model. One of the payment models they can specify is “tickets for events”. Our bus company, Pegasus, registers as a ticket vendor and creates a payment request for tickets with its Merchant Agent MA 302 and generates a poster with a QR code identifying the payment request. FIG. 30 shows the poster and 3102 of FIG. 31 shows the JSON representation of Pegasus's payment request. This request specifies that a customer can buy multiple tickets up to a maximum of 6 per customer, up to a maximum of 62 tickets until 11:40 am on the specified day. Further, the bus company requests tickets be issued in PDF417 code—the code typically used for tickets and boarding passes—with a unique ID for each ticket. It also provides an image for a human identifiable stub.

    [0117] To buy a ticket, a customer scans the QR code from the company's poster (3302). In response, the customer's Payer Agent PA 300 retrieves the payment request, recognizes that the request is for a ticket, verifies that the number of tickets that have been fulfilled thus far is less than the maximum specified (3304), and sends the payment request to the Payment Presenter PP 326. 3104 of FIG. 31 shows PP 326's rendition of Pegasus' payment request. The customer can pay as described in earlier embodiments (3306). When the customer pays, PA 300 performs three actions: (a) it increments the number of tickets fulfilled, (b) it generates random serial numbers for the tickets (3310), creates a PTR (3308) and attaches the ticket numbers to the body of the PTR and sends it to the Payment Bus PB 312, and (c) passes the serial numbers to the Payment Presenter 326 which generates the tickets in the PDF417 format requested by the merchant (3312). See 3202 (FIG. 32) for a screenshot from E5 where the payer is provided two tickets in both human-readable and PDF417 format with unique serial numbers. If the number of sold tickets has not reached the specified maximum in the payment request, E5 retains the payment request in Payment Repository PR 314 so E5 can continue to vend more tickets.

    [0118] How can Pegasus validate the tickets? Since the ticket numbers were attached to the body of the corresponding PTRs (3310), Pegasus has access to the ticket numbers. 3204 (FIG. 32) is a screenshot of Pegasus' ticket validation app. When a customer presents a ticket, this app scans the ticket (3314) for its serial number; it then looks for an associated PTR that has the said serial number in its body (3316); if so, the ticket is verified to be genuine (3318).

    [0119] Embodiment E5 underscores several advantages of our invention. First, by co-opting customers' devices for payment, the merchant has completely eliminated the need for a ticket vending infrastructure. Second, the merchant now has an elastic ticketing infrastructure whose capacity expands to accommodate as many payers who want to purchase tickets so there isn't a last-minute rush at one or two ticket vending machines or ticket counters. Third, payers did not have to visit yet another website and share payment information with the merchant, but simply go to their payment app which not only vends the ticket, but also stores the ticket and receipt with the payer's account rather than send them to the payer via another channel like email. Finally, this scenario also indicates that our invention can cater not just to a payment transaction but can invoke follow-up actions triggered by the completion of a payment.

    [0120] In summary, this invention describes a system and method for electronic payments centered on a payment bus that provides an open, loosely coupled and federated infrastructure in which merchants can request payment from any customer and any customer can pay any merchant through any payment gateway. This results in lower costs for merchants and better security and privacy for customers. The many embodiments of this invention catering to widely differing payment scenarios attest to the generality, usefulness, and originality of this invention.

    GLOSSARY

    [0121]

    TABLE-US-00002 Active payment request A payment request whose status is “active.” Same as pending payment request. API Application Programming Interface. APIs enable computer programs to interact and exchange data with each other. API endpoint A named or addressable API that has a specific purpose. Automatic payment Used interchangeably, a more accurate term for recurring payments: multiple and/or periodic payments against a payment source based on a one-time authorization by the payer. Customer Same as payer. HTTP POST One of the methods of the HTTP protocol used to submit data to a web server. JSON JavaScript Object Notation: A data interchange standard from European Computer Manufacturer's Association (ECMA). The standard is also known as ECMA-404. Merchant Same as payee. NFC Near Field Communications is a technology for very-short distance wireless, typically used in contactless payments. Payee Same as merchant. Payer Same as customer. Payment credential A credit card number, bank account number etc. along with information such as expiration date, a CVC code or any other data needed to authorize a payment using that payment source. Payment message Same as payment record. Payment request Abbreviated PR, a request for a payment, typically sent by a merchant to a payer. Payment Transaction Abbreviated PTR, a record typically created by a payer or payer Record agent to confirm a payment in response to a payment request. PCPS or PCPS Refers to any embodiment of this invention and stands for Payer- embodiment Centric Payment System. Payment Gateway A third-party service that clears card and back transactions with financial institutions, transfers money, and confirms a transaction. PR Without any other qualification, PR stands for payment request. References to Payment Repository are always qualified as PR 314. PR 314 Payment Repository 314. PTR Same as Payment Transaction Record. QR code Quick Response code, also called 2-dimensional bar code. QR codes can be used to transmit up to 4K of data visually. Resolved payment A payment request that is no longer active either because it has request been paid, withdrawn, past its expiry date or any other reason. Session cookie Same as website cookie, but the term is often used to refer to a cookie that tracks a specific user's browsing session. .tld Tld stands for top-level domain and is a common convention used to represent some random domain, as in p1.tld. Webhook A website URL that accepts a POST request in the HTTP or HTTPS protocol. Webhooks are typically used to inform a web server of an event and/or pass data to a web server. Website cookie Cookies are codes that a website stores inside a user's browser and enable a website to keep track of the state of a browser session.