Looking for some pointers on an idea I had whilst bored at work

I came up with an idea at work the other week to make online card payments more secure, easier and faster the other week. Not wanting to reveal too much right now, but not having a business/finance background (I work in electronics and program as a hobby) I could do with some pointers on where to go for advice and support on the Fintech side of things.

The programming bit I’ve got pretty much nailed down, spent today starting work on an acquirer/payment processor simulated back-end and hope to have a complete card payment simulator by the end of the week.

If it works it would make services like PayPal obsolete for single purchases where a buyer funds direct from card and the seller withdraws all funds, whilst being more secure from a customers data point of view. It would most likely be cheaper for sellers too.

Until I have a working prototype/demo ready to show I’ll be keeping most of the details close.

Any tips or pointers are appreciated

Not sure I can give any pointers of thoughts on what you’re hoping to achieve when you’re being so vague.

I can see your enthusiasm though so good luck!

The reason why merchants accept and customers use PayPal is for the peace of mind for the customer that PayPal offers,

Without the PayPal ‘brand’ why wouldn’t the merchant just take card payments direct

Without giving too much away it would work like Curve does, service attempts to take payment from customer and if auth’d, it authorizes the merchants payment. The difference is how the back-end works and also how the user and merchants interact with it. No way to re-use card details, but not a one time use or prepaid card. Any payment details stolen from a merchant would be worthless. A dodgy/compromised merchant has no way to charge a random amount as the response to a payment request would be a polite “do one”.

This would offer the same peace of mind that PayPal does as you never need to give your card details to a merchant. It’s not inteded to be competition for PayPal, but rather a way to take direct card payments whilst the customer never needs to give out their details. It would actually provide better protection and cost for sellers than PayPal does, especially now they are keeping fees in the event of a refund. This service would cost them no more than a regular card refund.

Personally I wouldn’t accept PayPal as payment for any amount I couldn’t afford to loose, been stung by buyers that make false claims even when I used tracked postage at my own cost (buyer insisted on the cheapest postage option). Apparently that’s still not enough proof that the item was posted as buyer insisted they didn’t recieve it.

Have you checked that you’re idea is compatible with Visa and Mastercard rules? I know very little about it except they have huge manuals of what’s allowed and what isn’t

Mastercard seem to be a bit tight lipped on things until you start the onboarding process, which is obviously a bit firther down the line. Not checked Visa yet although I do have same old documentation from another project that may contain useful information.

Until I have a working prototype and simulated system ready to test out I’m reluctant to be too forthcoming with exactly what it is. Wouldn’t be too hard for an established Fintech to implement this, nor time consuming assuming they already have the infrastructure in place.

I suppose it depends on what you want to do.

If you want to develop your idea into a business, I’d google for “early stage entrepreneur fintech basecamps” or something. Ideally you’re looking for a scheme that would support you from idea to reality. You might need to pay, though.

Alternatively, I think there are potential entrepreneur meet ups where prospective founders can find each other and (professionally) “date”.

If you want to sell your idea, or get employed to build it, I’d make a short list of companies that might be interested and see if you can find any contacts there (or friends or a friend) who’d be willing to have a coffee and a chat.

Otherwise, I suppose it’s build the demo and hawk it around a bit until someone notices.

(All a bit of a brain dump there - I’m sure others will be along with better ideas!)

Good luck!

Bit of a late reply, had a lot of other things going on recently and I’ve been working on an industrial control project.

My idea is a pretty simple one, it allows you to make card payments online without sharing your card details, and the merchant can use their existing card processing service to make the transaction. The merchant would need to add some extra code to the website back-end for it to work, not a major task.

A user would add their card(s) to the service via an app. When buying online, you enter the amount payable on the app, choose the card you want to pay with, and it gives you a short code to give to the merchant.

On the back-end the amount, code and card chosen to pay with are assigned to a virtual Mastercard.

The merchant sends a request containing the amount payable and the code provided by the user, and in response recieves the number, expiry date and CVV of the assigned Mastercard. Also provided is the amount the merchant should request (the total minus a small fee). The merchant’s website then processes this as a normal card transaction, and the back-end service takes payment from the customers card. If customers bank auth’s the payment, the virtual Mastercard payment is auth’d too. Kind of like Curve but without the physical card.

Once the transaction is completed, the same amount, code and virtual card cannot be used together again.

Customers are protected from card details being stolen either by malware, MITM attacks or a compromised merchants website. Merchants are protected from chargebacks as the customer has no way to make one.

It could also offer a top-up service where a user tops up the account and can make payments from that, even a credit facility in the future.

The concept is simple, but the implimentation is the tricky part. Also my experiance in the financial industry is less than zero, I’m an engineer not a financial wizard!

And if there is a legitimate reason for a chargeback?

It all sounds eerily similar to Apple/Google Pay to me.

They can do a chargeback if this happens

Then there would be a dispute process to follow rather than just being able to ask the bank for the money back. Curve works in the same way, Im sure they have a dispute team as if a customer makes a charge back they are the ones that pay for it (initially anyway), not the merchant.

Google/Apple pay works differently. They work with the banks and the bank creates a virtual debit card for Google/Apple to use which debits your account the same as any “normal” card. Plus you can’t use *Pay online on any website that accepts cards, it’s yet another payment system the merchant needs to implement. Fine for mobile apps, not even sure if you can use it on a website to be honest.

This would be pretty much the online version of Curve where you don’t share your card details, and only need to enter a 5 or so digit code to make a payment. I could have a keylogger installed on your machine and still have no useful information to steal your money with. It’s a 1 time use code and without also having access to the merchants API keys, there is no way to retreieve the virtual card details from the back-end.