> If Visa added that one detail, this would be a fantastic solution
Maybe I am understanding this incorrectly, but isn't that one detail the main value proposition. It almost sounds analogous to a Dropbox competitor offering a cloud storage API but the developer is responsible for handling syncing.
I am not saying it is totally worthless, maybe it has some value to big companies, but I am really failing to understand how this could be broadly useful.
"I am really failing to understand how this could be broadly useful."
For one, it is a huge step forward from existing payment processor communication. Most card acquirer software is vintage 1997, either by sending large amounts of unstructured text over the wire, or parsing through XML, or dealing with error codes that mean nothing from acquirer to acquirer. Switching banks, for example, is such a massive pain in the ass because you essentially have to rewrite your entire card processing code from scratch. Having this easy-to-use API will encourage competitors to play catch up, and it is a pretty good selling point for using Cybersource.
Second, and you can make an argument about monopolies or whatever, but PCI is essentially controlled by Visa and Mastercard. It is entirely possible for Visa to strongarm mom-and-pop-acquirer to play by this API, and then (hopefully) add the public tokenization later. For e-commerce, storing and transmitting only tokens is huge, and goes a long long way towards mitigating the severity of these massive retail breaches.
I apologize, but I still don't get it. Basically, this would allow someone to build software that physically can process credit cards? So basically, this is for companies that sell point of sale systems?
I am aware that credit card processing is quite poorly implemented, so it seems like they are:
* making it less bad
* further exercising their monopoly
* adding more security at the transmission level
so, like who would use this? Basically this is for something like square where you would actual take physical cards and process them? It seems like if a user has a debit card you can process a fee for like 5 basis points. So, Visa is offering a way for merchants and payment processors to improve the security of their (credit card companies) own product so feasibly, they could lower their fees in the future, because they wouldn't have to pass along the massive amount of costs fraud creates due to the systems insecurity.
So, like, who uses this? Just payment processors and companies big enough to have their own point of sale? It seems like a big bet to expend engineering resources on.
What is the upside? Security is priced in to the processing fee, right? So, basically there is no gain for someone who already has a working gateway unless they force them to use this. If you do that engineering spend and get it to work, it is a big bet that users will continue to use a fairly unsecured payment method and carry it around with them, and that mobile payments won't become normalized in the next few years.
Maybe I am understanding this incorrectly, but isn't that one detail the main value proposition. It almost sounds analogous to a Dropbox competitor offering a cloud storage API but the developer is responsible for handling syncing.
I am not saying it is totally worthless, maybe it has some value to big companies, but I am really failing to understand how this could be broadly useful.