Versions Compared

Old Version 8

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Keith Hazelton (wisc.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

Publicly Discoverable ePayment Address(es)

Publicly Discoverable ePayment Address(es) Part 1, ENROLLMENT:

...

Contributors : Richard O'Brien - Payment Pathways, Inc., Peter Tapling - Authentify, Inc., and Peter Gordon - FISGlobal & PayNet

Use Case Details

Actors: 1) Authoritative Parties – Operators of Registries containing Personally Identifying Information (PII) linked to publicly discoverable account identifiers supplied by an accredited registrar on behalf of registrants who have enrolled in highest level of privacy protection for financial account identifiers.

Wiki Markup2) Financial institutions are accredited as Identity Attribute Providers \ [Note 1\] upon their acceptance of liability for the binding of PII to ePayment Address(es). FIs trust and stand behind their own KYC \own KYC [Note 2\] process.

Note
iconfalse
titleNote 1:

A full solution will need to specify the trust framework and attribute query protocol, define the supported attributes and stand up the technology to support queries for the defined attributes via the specified protocol.

...

4) Both the Authoritative Party and the Identity Providers share in transaction-based service fee revenue paid by relying parties. [Note 3]

Note
iconfalse
titleNote 3:

This model presupposes that the Authoritative Party registry is not co-located with the FI Identity Provider. Both components come into play when a user authorizes his/her FI to publish PII to the registry. The user will need to be informed about which PII attributes are being published to the registry.

Requirements: Internet access device, portal software, identity information for the authorizing user.

...

4) Registry affirms that requested unique identifier is indeed unique. If not, user re-submits the request. [Note 4]

Note
iconfalse
titleNote 4:
  • The Registry at the Authoritative Party (or the FI) will need to provide functionality for the user to recover his/her chosen identifier if they forget it.  If this is done at the Registry, it will necessitate an authentication step (user to Registry) which is not otherwise identified in this use case.
  • The Registry will have to pass the final unique identifier to the FI so that the FI can associate account numbers with that Registry entry.

5) FI obtains a "mask" for an RT/ACH bank account number (a.k.a.: "UPIC") and/or a debit card’s Personal Account Number (a.k.a.: “Tokenized PAN”).

...