National Payment System and Horse Ass Width

The sudden disconnection of Russian banks from international payment systems fell unexpectedly than snow in December. It suddenly turned out that the use of payment systems of a potential adversary can cause side effects such as currency constipation or remote destruction of banks. You know, there is such a phobia - Gymnophobia, which means "fear of being naked in public." Apparently, our government does not suffer from it (which could please, but no). As a result, we all found ourselves in that situation.

There is a reasonable way out of this situation - it will switch to the National Payment System instead of the enemy visa / mastercard. But it does not exist even in the form of a project. There is only legislative initiative and vague desires caused by this very initiative. And so a huge number of people in suits are now nervous and demand to begin its immediate development. Meetings are gathering, where they suddenly invite not only people in plaid shirts, but even one or two elected in stretched sweaters. They order to start development right now. Well, or Monday. Well, we didn’t have time for this - start with the following. Better yet, start immediately the introduction of a system and at the same time conduct its development. It wouldn’t happen that some kind of no-name company will receive the order on the state tender, which will take, say, Cyber-board, repaint, call SUPERVISA,

“Who will design it and what tasks of which users will it solve?” - this is an order of magnitude more important question than it seems. If it will be developed by people from the banking sector, then it will be aimed at creating convenience for banks, and for people and business - how it will turn out (hello, Sberbank!). If people from online systems will do it, then it will first of all solve the problems of online business (they are interested in banking tasks in the last place). If accountants will do it, then it will be cloud 1C. If Erlang programmers do it, the task will be to show its advantages over other dull languages. If lovers of short-haired terriers will do it, then ... no, I don’t even want to look for an answer to this question.


Perhaps many remember this wonderful myth of the spaceship and horse's ass:

On the sides of the Kennedy spacecraft are two engines 5 feet wide. The ship's designers would like to make these engines even wider, but could not. Why?

The fact is that these engines were delivered by rail, which runs through a narrow tunnel. The distance between the rails is standard: 4 feet 8.5 inches, so designers could only make engines 5 feet wide. The question is: why is the distance between the rails 4 feet 8.5 inches?

It turns out that the railways in the States were made the same as in England, and in England they made railway cars on the same principle as the tram cars, and the first trams were produced in England in the image of a horse tram. And the length of the axle axis was just 4 feet 8.5 inches! But why?

Because the skates were made with the expectation that their axles fell into ruts on English roads, that the wheels wore out less, and the distance between the ruts in England was just 4 feet 8.5 inches! Why so?

Yes, it’s just that the Romans began to make roads in the UK, bringing them to the size of their war chariots, and the axis length of a standard Roman chariot was ... right, 4 feet 8.5 inches! Well, now we’ve got to the bottom of where this size came from, but still why did the Romans decide to make their chariots with axles of exactly this length? And here's why: usually two horses were harnessed to such a chariot. And 4 feet 8.5 inches - it was just the size of two horse asses! To make the axis of the chariot longer was inconvenient, as this would upset the balance of the chariot.

Therefore, here is the answer to the very first question: even now, when a person has gone into space, his highest technical achievements directly depend on the HORSE SIZE size of TWO THOUSAND YEARS BACK.

The fact is that our banking and financial system is also based on a similar horse ass of past centuries.

Remember how banking started? It began in the 12th century with trading houses (and later the Templars), who created the first payment system on the basis of many of their branches in different cities and countries. Any merchant or traveler could donate their valuables to one branch, and then receive them (upon presentation of a written document) in another country at a branch of this trading house. What was incredibly convenient and safe during the time of the activity of road robbers.

Then, in the 17th century, money was invented in the form in which we now have it. And also a great many different financial instruments (stocks, futures, insurance) have arisen. A large number of banks arose that began to interact with each other. A typical interbank transaction of the time looked like an equestrian wagon with armed guards, in which valuables were transported in physical form.

The emergence of more advanced means of communication (radio, telephone, and even the Internet) accelerated interbank interaction, but did not change it. Instead of a van with two horse asses, SWIFT (international interbank information transfer and payment system) is now used, but it performs exactly the same functions. Client interaction remains the same ancient, only checks and letters of credit are used instead of receipts. Relatively recent credit cards are a kind of “instantly cashable check”.

In other words, modern banking systems are OFFLINE systems that require documentary evidence for every action. And a huge number of offices, which are actually interfaces for access to them. Perhaps this is specifically for the case of nuclear war. But even in this case, in peacetime, you can do everything electronically, just print reports somewhere in the basement. In any case, some banks are trying to get rid of hereditary imperfections and become online systems at least for interacting with their customers (hi, Tinkov!).

Each money transfer item looks like a “letter to the grandfather’s village”. You indicate the postal code and address, but the bank cannot verify their correctness. In the column “To:” - indicate that the letter should be given to “grandfather Petrovich, who is a caretaker in the collective farm garden”, but the bank cannot confirm in advance its existence and the identity of the connection of the address with a specific person. The bank takes your letter, attaches a safe with money to it and sends it in the evening “horse ass” on the messenger. What happens to the letter after that - you cannot find out. Wait for a reply from grandfather.

The transfers between legal entities look exactly the same: payment, signature, stamp, power of attorney, visit to the bank, waiting for a few days, terrorizing accounting with the questions “Has it come ?!”. And about the procedure for tracing a payment that has not reached a payment, you better not know at all. It turns out that money falls out of the economy on average for three days. Without research, it’s hard for me to say how much we lose on this. But it feels like somewhere around 20% of GDP and 50% of GDP growth.

And now we have a choice: continue to accelerate the horse's ass or do something new, comfortable and unlike an ass? The difference in labor costs between these options is not too high. But her great efficiency will be a multiplier of GDP. And this is not only money, but also the saved lives of people, and an increase in wealth, and an increase in the country's competitiveness. If all this is still interesting to anyone, then it is worth at least thinking about such an option.

Payment system or payment platform?

And this is not only a linguistic question. What is the difference? Let me give an analogy: imagine that you need to build a road connection throughout the country.

If it suddenly turns out that only VAZ 2108 and only cherry blossoms can drive along these roads, and only to the north, and to the south only the yellow GAZel in which the chanson plays - this is a “payment system” with strict regulations and predefined entities.

And if any transport that obeys traffic rules and has passed vehicle inspection can drive on roads, then this is a payment platform that performs transport and service functions for various entities. Such a platform allows developing and improving the financial system to all interested parties. This is similar to what Internet technologies and open standards are now implemented. You can use them or offer your industry solution and use it together with industry partners.

Platform benefits

• Validation of all transaction parameters before sending it;
• Instant sending and receiving a response from the recipient (status and data);
• Using dedicated authorization centers that confirm you in front of other system entities;
• The emergence of new types of transactions and types of interactions. The emergence of new services and business models;
• Cheap transactions
• State control (fixing transactions), there is no need for fiscal memory of cash registers;
• Transparent procedures for contesting transactions, legal significance of the history of transactions in court;
• Great opportunities for integration and interaction with other systems;

Login

Any request in the system begins with authorization in a special center. After that, the center reports (via a secure channel) the authorization results to the service with which the user begins to interact. You can use various authorization centers:

• For authorization of a citizen of the Russian Federation, a state authorization center is used (“electronic passport” as in UEC). This is convenient for those services where the first thing they ask for is a passport. All government agencies, banks, ticket offices and others;
• To authorize citizens of other states, the FMS center is used. The police will check the legality of stay in one second using a mobile scanner;
• For the police, the authorization center of the Ministry of Internal Affairs is used. There you can control the levels of access to information, to rooms, to weapons. And having authorized (to sign) protocols and documents;
• For drivers the center of GAI is used;
• Legal entities are authorized by the center of the Federal Tax Service;
• Any organization can make its own center and use it locally, for example, as a throughput system in the office.

Authorization can be of any type and multifactorial.

• The simplest is just by id;
• By pin-code or password;
• By generated codes;
• By fingerprints (of an important business and the Ministry of Internal Affairs);
• By voice, by iris, by a grid of capillaries (for secretaries).

The authorization center is also involved in security. By geolocation (and other factors), requests determine possible security breaches and, in which case, raises security factors and informs the user about access attempts. In such circumstances, the complexity of fraud grows by orders of magnitude.

Card

The physical authorization tool can be a smart card with a contact and non-contact nfc interface. Each authorization center can record its id on it. Moreover, each center can overwrite only its data - for this there should be cryptographic protection in the card itself.

The ubiquity of contactless nfc interfaces. Instead of having to enter a card number and a pin code, it will be enough to bring the card to the keyboard (PC) or screen (tablets and phones).

A lot of accounts in various banks can be attached to a card (that is, to a user). When paying, you can choose which account in which bank to use for payment (if the payment interface supports it) or use the default main account (if it does not support).

In principle, you can write the same thing on any nfc-carrier, for example a smartphone. To increase the level of security, an activation button can be made on the nfc card to avoid hidden scanning. To emulate visa / mastercard, you can make a magnetic strip. But it is better to connect the proxies of these systems to the system as authorization centers.

Transactions

They can be multilateral and multi-format. Formats are available internally and any application or service can use them.

• You want to pay your electricity bill. Log in to the system. EnergoSbyt requests the meter readings directly through the payment interface (such as the Islands from Yandex) and reports the date, amount and readings of the last payment. You enter new readings and submit. EnergySales calculates the amount payable and shows you. Choose an account (if you have several), a request is sent to the bank about the sufficiency of money in the account, and click [Pay];
• You pay utility bills on a single receipt. Log in to the system. Indicate the month and current meter readings. You pay. And the system automatically parses your payment into several, each of which goes to a specific organization for specific services;
• You pay for purchases in the store. When paying, a list of your purchases is added to the transaction and you can see the list of paid goods and services in your account. This will be a kind of “electronic check” confirming the fact of purchase and a guarantee for the goods. Perhaps you will use some third-party service to conduct your home accounting (which will use this data). Which will group your expenses, take into account your goals, automatically make monthly payments.

In other words, you can build a full-fledged interaction between the client and the services.

By default, the authorization center returns anonymous user data to the services, which does not allow to know his identity, but makes it possible to identify him (such as 223b73d55ff0009). But this id is relevant only for the operations of this particular service with this particular user. Various services can be combined into one program and use one user id at all.

In other cases, approved by the management of authorization centers, they may report more information about the user.

Use cases

The shops

Imagine that the X5 retail chain is starting to support payment through this system. She installs certified payment devices (cheap and without fiscal memory) and connects her loyalty program to the system.

An anonymous user pays for the purchase with a card. The bank receives a request from the store (with the amount and list of purchases) and transfers the money to the store’s account. The store saves an anonymous user id and a list of its purchases (for analytics). If X5 analytics decides to reward the user (knowing the history of his purchases) - she can do it while he is at the checkout.

If the user was tempted by the X5 loyalty program, then he allowed the authorization center to tell X5 his real data (basic) and X5 can track his activity, earn points, give gifts, send notifications to email / sms (without auto subscription, strict spam control , disconnecting from the system for spammers).

Affiliate systems and airline tickets

Situations similar to the situation with Eviterra can be avoided. In general, there is no need for intermediate centers and difficulties with cash deposits of intermediaries. The client pays the bill generated by OTA and its payment goes mostly directly to the airline, and in smaller installments to the accounts of intermediaries. It can be OTA, meta-search engines, and partner traffic providers (lead generators).

The system of receiving money for all types of partner systems will also be simplified. No need to wait for the end of the period to receive money. If the payment was withdrawn by the user (for consumer rights), then all commissions are returned automatically.

Banks

Reducing the cost of services, offices, bureaucracy (and hence a significant increase in revenue on the same customer base). Integration into the common system gives them great opportunities to create new services. The best banks of the future will be successful IT companies, and not dull cash repositories (as of now).

In addition, banks can use one database of credit histories. Together with it, you can implement the basic functionality of credit risks for quick scoring.

Insurance companies

You can make an analog CarFax. A single database where information about all incidents will be collected and where the Ministry of Internal Affairs, insurance and car owners themselves will have access.

Transport

Using the card as a ticket in any public transport without special preparations (the amount is immediately debited). To receive discounts or subscriptions - they must be purchased at full cost.

Tickets

The card can be used as an entrance ticket with instant payment (per person). Or as a pass ticket with advance payment / booking. In this case, an electronic ticket is bought in advance, and the card is used as a pass at the entrance to the event. Also suitable for hotel reservations and car / bike / equipment rental.

Social card and electronic passport

The authorization center may indicate additional user statuses: Senior citizen, Student, Serviceman, Honorary donor and so on. When applying to government agencies, the card will serve as an electronic passport.

Schoolboy

Access to school, to sports sections, to a locker in a locker room, to an online diary, an electronic signature for passing tests and control. Parents can know where the child is at school or left school.

Medical record

Medical history, analyzes, diagnostics - all this can be stored centrally and doctors can have access there, including from mobile devices. The user card can serve as an electronic prescription in pharmacies (integration with pharmacy systems is required) with the possibility of choosing interchangeable medicines. There remains the difficult ethical issue of the availability of prescription statistics for pharmaceutical companies. Here it is necessary to find some compromise between “yes” and “no”.

Acceptance of payment

Ease of connecting companies to the system and ease of automation (api and web widgets). You can start accepting money for services immediately after connecting to the system. No intermediaries and additional interest. You can make payments in favor of third parties without the need to conclude additional agreements (for example, your service can transfer money to the client’s mobile account, without having to have an agreement between your service and the mobile operator). If the system becomes truly National, then you can accept payment immediately after the registration of the company.

Online authorization

It would be nice to make the possibility of web authorization similar to login-with-facebook. Moreover, transmit only basic information, the availability of which can be set by the user (you can hide everything at all).

Taxes

Almost the entire tax sphere can be automated. Tax will automatically receive all statistics of payments (in both directions) and automatically determine the amount of taxes. For accurate tax calculation, you must correctly specify the types of transactions. The result is a combination of transactions and accounting entries (transactions from customers as “revenues”, transactions to suppliers as “expenses”, if simplified for example). And also automatic control over activities (“retail” cannot receive transactions “construction work”, for example).

Electronic key

It can be used as an electronic key to the apartment and from the car. You must understand that this is an auxiliary device, not a physical key. In the absence of electricity, the lock must remain physically closed and require a physical key.

User account

For security management, viewing statistics and management - each authorization center has its own personal account. You can go further and make an extensible system, where each service used is represented by a separate application in the ecosystem of your personal account (this is a difficult task).

Company personal account

In fact, this is an office for interaction with the bank, tax and state authorities. As well as statistics and security issues.

For legal entities

• Integration with popular business management systems and 1C;
• Instant payments, scheduled automatic payments;
• Validation of payment details;
• Various types of transactions (prepayment, installment, commission, fines, ..) for semantics to help automate the business;
• Transaction insurance, warranty and arbitration services;
• Deposit and registration of contracts;
• Electronic route sheets, rights, powers of attorney, admissions;
• Access control (login to the system by card, electronic signature of documents) and access control for employees;
• Online interaction with government agencies. For example with customs. With tax. Full-fledged two-way interaction;
• Transfer of wages to employees to any of their accounts.

For individuals

• Universal ID. Electronic passport. One card for all occasions;
• Security. Now citizens have a lot of things, the loss of which will be unpleasant. And so there will be only one card, the safety of which will be monitored by automatic systems. A lost card is automatically blocked everywhere and immediately;
• Instant money transfers;
• Easy payment acceptance in your favor (via mobile devices or via the Internet). Transfers, donations, Like & Pay, joint purchases and more;

Creating such a system

There are no technical barriers to its implementation. Almost all popular services have similar or even greater implementation complexity. We smile and program.

The real barrier to such a system is organizational. In our country, there is one unpleasant cultural feature - it is difficult for us to negotiate and interact on equal terms. And to create such a system will require the joint participation of many state entities, banks and businesses. We must somehow make several thousands of these “kings with their kingdoms” agree among themselves. If someone wins, then the whole system will be made for him, to the detriment of others.

Before moving on to direct implementation, you will need to organize a large structure that will deal with design.

• Project management and main project office;
• Interdepartmental project commissions;
• Project Commission of financial organizations;
• Project committee of business companies;
• Public project association and citizens.

Together, you need to prepare a set of Terms of Reference and Standards, on the basis of which you can develop the entire system. This is the right approach, which in itself is the hope of the right result.

The wrong approach, in my opinion, is to give away the implementation of the National Payment System to someone's pocket company, which will make it like a proprietary (closed) system. In our case, it may turn out to be UEC, which has already made a payment system integrated with the electronic passport system.

To be honest, I have a strong prejudice towards UEC and here's why:

1. УЭК создана тремя крупными банками и поэтому обречена реализовывать проект в их интересах (видел информацию, что все инициативы УЭК вне банковской сферы были заморожены акционерами). Часть их проекта под названием “Электронный паспорт” является требованием государства и логично предположить, что они будут делать его с минимальным приоритетом и без инициативы.
2. К УЭК могут подключиться только банки с капиталом больше 3 миллиардов рублей. Остальные 80% банков в пролёте. Нет ли тут расизма?;
3. Названия “УЭК” и “ПРО100” весьма унылы. На их сайтах царит информационный бардак, что означает: либо низкий уровень мотивации, либо отсутствие профессионализма. Сходите на их сайты и посмотрите. Вы не захотите этим пользоваться, если вас не заставят силой;
4. Это закрытая система. Её развитие ограничено возможностями и желаниями УЭК;
5. Кто разработчики? Сколько их? Какой у них опыт? Какие известные люди там работают? На каких конференциях они выступали? Я не смог найти информацию о них. Платёжная система такого уровня довольно сложный проект. Если измерять его в Яндексах, то это примерно 0,4 Яндекса. Значит и группа разработчиков должна соответствовать такому соотношению. У Яндекса 6000+ сотрудников и 150 активных вакансий только в Москве. У УЭК неизвестно сколько сотрудников и 2 вакансии, обе менеджерские. Либо у них работает секретная бригада программистов-ниндзя, либо это маленькая команда, от которой хотят невозможного каждый день.

Заключение

It is more correct to call the resulting system the National Information System, because in it there are protected interactions of many entities: the state, banks, business and citizens. The payment system is its important function, but not the only one.

I did not try to describe in detail the technical details of the implementation, because first we need to interest those who are now discussing the creation of a national payment system at the highest level. I’m not sure that this will work to the full, but if they get the idea that the modern design of the information system bodes more for the country than the modernization and “plugging of holes” of the ancient design systems, I’ll be happy even with that.

I do not know in which Sportloto you can send a similar article, therefore I publish on Habré. If this concept of the project relates to your work, please discuss this article with colleagues and management.

If your imagination already draws you ways to implement such a project - do not restrain yourself, publish your proposals on Habré!

I really want our country to receive the best payment and document management system in the world. And you?