marketing

draft-dold-payto.xml (25390B)

---

 <?xml version="1.0" encoding="US-ASCII"?>
 <!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
 <!ENTITY RFC3986 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3986.xml">
 <!ENTITY RFC3629 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3629.xml">
 <!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
 <!ENTITY RFC5234 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5234.xml">
 <!ENTITY RFC8174 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8174.xml">
 <!ENTITY RFC8126 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.8126.xml">
 ]>
 <?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
 
 <?rfc strict="yes" ?>
 <?rfc toc="yes" ?>
 <?rfc symrefs="yes"?>
 <?rfc sortrefs="yes" ?>
 <?rfc compact="yes" ?>
 <?rfc subcompact="no" ?>
 
 <rfc category="info"
      docName="draft-dold-payto-14"
      ipr="trust200902">
 
   <front>
     <title abbrev="The 'payto' URI scheme">
       The 'payto' URI scheme for payments
     </title>
 
     <author fullname="Florian Dold" initials="F.D." surname="Dold">
       <organization>Taler Systems SA</organization>
       <address>
         <postal>
           <street>7, rue de Mondorf</street>
           <city>Erpeldange</city>
           <code>L-5421</code>
           <country>LU</country>
         </postal>
         <email>dold@taler.net</email>
       </address>
     </author>
 
     <author fullname="Christian Grothoff" initials="C.G." surname="Grothoff">
       <organization>BFH</organization>
       <address>
         <postal>
           <street>H&ouml;heweg 80</street>
           <street></street>
           <city>Biel/Bienne</city>
 	  <code>CH-2501</code>
           <country>CH</country>
         </postal>
         <email>christian.grothoff@bfh.ch</email>
       </address>
     </author>
 
     <date day="01" month="May" year="2020" />
 
     <!-- Meta-data Declarations -->
     <area>General</area>
     <workgroup>Independent Stream</workgroup>
     <keyword>payments</keyword>
 
     <abstract>
 
       <t>
         This document defines the 'payto' Uniform Resource Identifier (URI) scheme
         for designating targets for payments.
       </t>
 
       <t>
         A unified URI scheme for all payment target types
         allows applications to offer user interactions with URIs that represent payment targets,
         simplifying the introduction of new payment systems and applications.
       </t>
 
     </abstract>
 
   </front>
 
   <middle>
 
 <section anchor="introduction" title="Introduction">
 <t>
   This document defines the 'payto' Uniform Resource Identifier (URI) <xref target="RFC3986" /> scheme
   for designating transfer form data for payments.
 </t>
 
 <section title="Objective">
 <t>
   A 'payto' URI always identifies the target of a payment.
   A 'payto' URI consists of a payment target type, a target identifier and optional parameters
   such as an amount or a payment reference.
 </t>
 <t>
   The interpretation of the target identifier is defined by the payment target type, and typically
   represents either a bank account or an (unsettled) transaction.
 </t>
 <t>
   A unified URI scheme for all payment target types
   allows applications to offer user interactions with URIs that represent payment targets,
   simplifying the introduction of new payment systems and applications.
 </t>
 </section>
 <section title="Requirements Language">
 <t>
    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
    "OPTIONAL" in this document are to be interpreted as described in BCP 14
    <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when,
    they appear in all capitals, as shown here.
 </t>
 </section>
 
 </section>
 
 <section anchor="syntax"
   title="Syntax of a 'payto' URI">
   <t>
   This document uses the Augmented Backus-Naur Form (ABNF) of <xref target="RFC5234"/>.
   </t>
   <figure>
   <artwork type="abnf"><![CDATA[
   payto-URI = "payto://" authority path-abempty [ "?" opts ]
   opts = opt *( "&" opt )
   opt-name = generic-opt / authority-specific-opt
   opt-value = *pchar
   opt = opt-name "=" opt-value
   generic-opt = "amount" / "receiver-name" / "sender-name" /
                 "message" / "instruction"
   authority-specific-opt = ALPHA *( ALPHA / DIGIT / "-" / "." )
   authority = ALPHA *( ALPHA / DIGIT / "-" / "." )
 ]]>
   </artwork>
   </figure>
   <t>
     'path-abempty' is defined in <xref target="RFC3986" /> in Section 3.3.
     'pchar' is defined in <xref target="RFC3986" />, Appendix A.
   </t>
 </section>
 
 <section anchor="semantics" title="Semantics">
 <t>
   The authority component of a payment URI identifies the payment target type.  The
   payment target types are defined in the "Payment Target Types" sub-registry, see <xref
   target="payto-registry" />.
 
   The path component of the URI identifies the target for a payment as interpreted
   by the respective payment target type.
 
   The query component of the URI can provide additional parameters for a payment.
   Every payment target type SHOULD accept the options defined in generic-opt.
 
   The default operation of applications that invoke a URI with the payto scheme
   MUST be to launch an application (if available) associated with the payment
   target type that can initiate a payment.  If multiple handlers are registered for the same
   payment target type, the user SHOULD be able to choose which application to launch.
   This allows users with multiple bank accounts (each accessed the respective bank's
   banking application) to choose which account to pay with.
 
   An application SHOULD allow dereferencing a payto URI even
   if the payment target type of that URI is not registered in the "Payment Target Types" sub-registry.
 
   Details of the payment MUST be taken
   from the path and options given in the URI.  The user SHOULD be allowed to
   modify these details before confirming a payment.
 </t>
 </section>
 
 <section anchor="examples" title="Examples">
 <figure>
   <artwork><![CDATA[
   payto://iban/DE75512108001245126199?amount=EUR:200.0&message=hello
 
   INVALID (authority missing):  payto:iban/12345
 ]]>
   </artwork>
 </figure>
 
 </section>
 
 <section anchor="generic-options" title="Generic Options">
 <t>
   Applications MUST accept URIs with options in any order.  The
   "amount" option MUST NOT occur more than once.  Other options MAY be
   allowed multiple times, with further restrictions depending on the
   payment target type.
 
   The following options SHOULD be understood by every payment target type.
 </t>
 <t>
   amount: The amount to transfer.  The format MUST be:
 <figure>
   <artwork><![CDATA[
   amount = currency ":" unit [ "." fraction ]
   currency = 1*ALPHA
   unit = 1*(DIGIT / ",")
   fraction = 1*(DIGIT / ",")
  ]]>
   </artwork>
 </figure>
   If a 3-letter 'currency' is used, it MUST be an
   <xref target="ISO4217" />
   alphabetic code. A payment target type MAY define semantics beyond ISO 4217
   for currency codes that are not 3 characters. The 'unit' value MUST be smaller
   than 2^53. If present, the 'fraction' MUST consist of no more than 8 decimal
   digits.
   The use of commas is optional for readability and they MUST be ignored.
 </t>
 
 <t>
   receiver-name:  Name of the entity that receives the payment (creditor).
   The value of this option MAY
   be subject to lossy conversion, modification and truncation (for example, due to
   line wrapping or character set conversion).
 </t>
 
 <t>
   sender-name:  Name of the entity that makes the payment (debtor).
   The value of this option MAY
   be subject to lossy conversion, modification and truncation (for example, due to
   line wrapping or character set conversion).
 </t>
 
 <t>
   message:  A short message to identify the purpose of the payment.
   The value of this option MAY
   be subject to lossy conversion, modification and truncation (for example, due to
   line wrapping or character set conversion).
 </t>
 
 <t>
   instruction: A short message giving payment reconciliation instructions to
   the recipient.
   An instruction that follows the character set and length limitation defined by the
   respective payment target type SHOULD NOT be subject to lossy conversion.
 </t>
 </section>
 
 <section anchor="encoding" title="Internationalization and Character Encoding">
 <t>
   Various payment systems use restricted character sets.
   An application that processes 'payto' URIs MUST convert
   characters that are not allowed by the respective payment systems
   into allowable character using either an encoding or a replacement table.
   This conversion process MAY be lossy, except for the instruction field.
   If the value of the instruction field would be subject to lossy conversion,
   modification or truncation,
   the application SHOULD refuse further processing of the payment until a
   different value for the instruction is provided.
 </t>
 <t>
   To avoid special encoding rules for the payment target identifier, the userinfo component
   <xref target="RFC3986" /> is disallowed in payto URIs.  Instead, the payment target identifier is
   given as an option, where encoding rules are uniform for all options.
 </t>
 <t>
   Defining a generic way of tagging the language of option fields containing natural
   language text (such as "receiver-name", "sender-name" and "message)
   is out of the scope of this document, as internationalization must accomodate the restrictions
   and requirements of the underlying banking system of the payment target type.
 
   The internationalization concerns SHOULD be individually defined by each payment target type.
 </t>
 </section>
 <section anchor="tracking" title="Tracking Payment Target Types">
   <t>
     A registry of Payment Target Types is described in <xref target="payto-registry" />.
 
     The registration policy for this registry is "First Come First Served",
     as described in <xref target="RFC8126" />.
 When requesting new entries, careful consideration of the following criteria is strongly advised:
 <list style="numbers">
   <t>The description clearly defines the syntax and semantics of the payment target and optional parameters if applicable.</t>
   <t>Relevant references are provided if they are available.</t>
   <t>The chosen name is appropriate for the payment target type, does not conflict
     with well-known payment systems, and avoids potential to confuse users.</t>
   <t>The payment system underlying the payment target type is not fundamentally
     incompatible with the general options (such as positive decimal amounts) in this specification.</t>
   <t>The payment target type is not a vendor-specific version of a payment target type that
     could be described more generally by a vendor-neutral payment target type.</t>
   <t>The specification of the new payment target type remains within the scope of payment transfer form data.
     In particular specifying complete invoices is not in scope.  Neither are processing instructions to the
     payment processor or bank beyond a simple payment.</t>
   <t>The payment target and the options do not contain the payment sender's account details.</t>
 </list>
 </t>
 <t>
 Documents that support requests for new registry entries should
  provide the following information for each entry:
 <list style="symbols">
 <t>Name: The name of the payment target type (case insensitive ASCII string, restricted to alphanumeric characters,
 dots and dashes)</t>
 <t>Description: A description of the payment target type, including
       the semantics of the path in the URI if applicable.</t>
 <t>Example: At least one example URI to illustrate the payment target type.</t>
 <t>Contact: The contact information of a person to contact for further information</t>
 <t>References: Optionally, references describing the payment target type (such as an RFC) and target-specific options,
   or references describing the payment system underlying the payment target type.</t>
 </list>
 </t>
 <t>
 This document populates the registry with six entries as follows (see
 also <xref target="payto-registry" />).
 </t>
 
 <section anchor="registry-entry-ach" title="ACH Bank Account">
 <t>
 <list style="symbols">
 <t>Name: ach</t>
 <t>Description: Automated Clearing House.  The path consist of two components, the routing number and the account number.
   Limitations on the length and character set of option values are defined by the implementation
   of the handler.
   Language tagging and internationalization of options is not supported.
 </t>
 <t>Example: payto://ach/122000661/1234</t>
 <t>Contact: N/A</t>
 <t>References: <xref target="NACHA" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-bic" title="Business Identifier Code">
 <t>
 <list style="symbols">
 <t>Name: bic</t>
 <t>Description: Business Identifier Code. The path consist of just a BIC. This is used for wire transfers between banks. The registry for BICs is provided by SWIFT. The path does not allow specifying a bank account number.
   Limitations on the length and character set of option values are defined by the implementation
   of the handler.
   Language tagging and internationalization of options is not supported.
 </t>
 <t>Example: payto://bic/SOGEDEFFXXX</t>
 <t>Contact: N/A</t>
 <t>References: <xref target="BIC" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-iban" title="International Bank Account Number">
 <t>
 <list style="symbols">
 <t>Name: iban</t>
 <t>Description: International Bank Account Number (IBAN).  Generally the IBAN allows to unambiguously derive
   the the associated Business Identifier Code (BIC).  However, some legacy applications process payments to the same IBAN differently based on the
   specified BIC.  Thus the path can either consist of a single component (the IBAN) or two components
   (BIC followed by IBAN).  The "message" option of the payto URI corresponds to the "unstructured remittance information"
   of SEPA credit transfers and is thus limited to 140 characters with character set limitations that
   differ according to the countries of banks and payment processors involved in the payment.
   The "instruction" option of the payto URI corresponds to the "end to end identifier" of SEPA credit transfers
   and is thus limited to at most 35 characters that can be alphanumeric or from the allowed set
   of special characters "+?/-:().,'".
   Language tagging and internationalization of options is not supported.
 </t>
 <t>Example:
 
   payto://iban/DE75512108001245126199
 
   payto://iban/SOGEDEFFXXX/DE75512108001245126199
 </t>
 <t>Contact: N/A</t>
 <t>References: <xref target="ISO20022" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-upi" title="Unified Payments Interface">
 <t>
 <list style="symbols">
 <t>Name: upi</t>
 <t>Description: Unified Payment Interface. The path is an account alias.  The amount and receiver-name
   options are mandatory for this payment target.
   Limitations on the length and character set of option values are defined by the implementation
   of the handler.
   Language tags and internationalization of options are not supported.
   </t>
 <t>Example: payto://upi/alice@example.com?receiver-name=Alice&amp;amount=INR:200</t>
 <t>Contact: N/A</t>
 <t>References: <xref target="UPILinking" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-bitcoin" title="Bitcoin Address">
 <t>
 <list style="symbols">
 <t>Name: bitcoin</t>
 <t>Description: Bitcoin protocol. The path is a "bitcoinaddress" as per <xref target="BIP0021" />.
 Limitations on the length and character set of option values are defined by the implementation
 of the handler.
 Language tags and internationalization of options are not supported.
 </t>
 <t>Example: payto://bitcoin/12A1MyfXbW6RhdRAZEqofac5jCQQjwEPBu</t>
 <t>Contact: N/A</t>
 <t>References: <xref target="BIP0021" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-ilp" title="Interledger Protocol Address">
 <t>
 <list style="symbols">
 <t>Name: ilp</t>
 <t>Description: Interledger protocol. The path is an ILP address as per <xref target="ILP-ADDR" />.
 Limitations on the length and character set of option values are defined by the implementation
 of the handler.
 Language tagging and internationalization of options is not supported.
 </t>
 <t>Example: payto://ilp/g.acme.bob</t>
 <t>Contact: N/A</t>
 <t>References: <xref target="ILP-ADDR" />, [this.I-D]</t>
 </list>
 </t>
 </section>
 
 <section anchor="registry-entry-void" title="Void Payment Target">
 <t>
 <list style="symbols">
 <t>Name: void</t>
 <t>
   Description: The "void" payment target type allows specifying the parameters
   of an out-of-band payment (such as cash or other types of in-person
   transactions).  The path is optional and interpreted as a comment.
   Limitations on the length and character set of option values are defined by the implementation
   of the handler.
   Language tags and internationalization of options are not supported.
 </t>
 <t>Example: payto://void/?amount=EUR:10.5</t>
 <t>Contact: N/A</t>
 <t>References: [this.I-D]</t>
 </list>
 </t>
 </section>
 
 </section><!-- tracking -->
 
 <section anchor="security" title="Security Considerations">
 <t>
 Interactive applications handling the payto URI scheme MUST NOT initiate any
 financial transactions without prior review and confirmation from the user,
 and MUST take measures to prevent clickjacking <xref target="HMW12"/>.
 </t>
 <t>
 Unless a payto URI is received over a trusted, authenticated channel,
 a user might not be able to identify the target of a payment.  In particular
 due to homographs <xref target="unicode-tr36" />, a payment target type SHOULD NOT
 use human-readable names in combination with unicode in the target
 account specification, as it could give the user the illusion of being able
 to identify the target account from the URI.
 </t>
 <t>
 The authentication/authorization mechanisms and transport security services
 used to process a payment encoded in a payto URI
 are handled by the application and are not in scope of this document.
 </t>
 <t>
 To avoid unnecessary data collection, payment target types SHOULD NOT
 include personally identifying information about the sender of a payment that is not
 essential for an application to conduct a payment.
 </t>
 </section>
 
 <section anchor="iana" title="IANA Considerations">
 
 <t>
 IANA maintains a registry called the "Uniform Resource Identifier
 (URI) Schemes" registry.
 </t>
 
 <section anchor="payto-uri" title="URI Scheme Registration">
 <t>
   IANA maintains the "Uniform Resource Identifier (URI) Schemes"
   registry that contains an entry for the 'payto' URI scheme.  IANA is
   requested to update that entry to reference this document when
   published as an RFC.
 </t>
 </section>
 </section>
 
 <section anchor="payto-registry" title="Payment Target Types">
 <t>
    This document specifies a list of Payment Target Types.  It is
    possible that future work will need to specify additional payment
    target types.  The GNUnet Assigned Numbers Authority (GANA) <xref target="GANA" />
    operates the "payto-payment-target-types" registry to track
    the following information for each payment target type:
 <list style="symbols">
 <t>Name:  The name of the payment target type (case insensitive ASCII string, restricted to alphanumeric characters,
 dots and dashes)</t>
 <t>Contact: The contact information of a person to contact for further information</t>
 <t>References: Optionally, references describing the payment target type (such as an RFC) and target-specific options,
   or references describing the payment system underlying the payment target type.</t>
 </list>
 </t>
 <t>
   The entries that have been made for the "payto-payment-target-types"
   defined in this document are as follows:
 </t>
 <figure>
   <artwork>
     Name      | Contact                 | Reference
     ----------+-------------------------+------------
     ach       | N/A                     | [This.I-D]
     bic       | N/A                     | [This.I-D]
     iban      | N/A                     | [This.I-D]
     upi       | N/A                     | [This.I-D]
     bitcoin   | N/A                     | [This.I-D]
     ilp       | N/A                     | [This.I-D]
     void      | N/A                     | [This.I-D]
   </artwork>
 </figure>
 
 </section><!-- payto-registry -->
 
 </middle>
 
 <back>
 
   <references title="Normative References">
 
     &RFC2119;
 
     &RFC3986;
 
     &RFC5234;
 
     &RFC8126;
 
     &RFC8174;
 
 
     <reference anchor="ISO4217">
       <front>
         <title>ISO 4217 Currency Codes</title>
         <author>
           <organization>International Organization for Standardization</organization>
           <address>
             <uri>http://www.iso.ch</uri>
           </address>
         </author>
         <date month="August" year="2018"/>
       </front>
     </reference>
 
     <reference anchor="ISO20022">
       <front>
         <title>ISO 20022 Financial Services - Universal financial industry message scheme</title>
         <author>
           <organization>International Organization for Standardization</organization>
           <address>
             <uri>http://www.iso.ch</uri>
           </address>
         </author>
         <date month="May" year="2013"/>
       </front>
     </reference>
 
     <reference anchor="NACHA">
       <front>
         <title>NACHA Operating Rules &amp; Guidelines</title>
         <author>
           <organization>NACHA</organization>
           <address>
             <uri>https://www.nacha.org/</uri>
           </address>
         </author>
         <date month="January" year="2017"/>
       </front>
     </reference>
 
   <reference anchor="unicode-tr36">
     <front>
       <title abbrev="Unicode Security Considerations">Unicode Technical Report #36: Unicode Security Considerations</title>
       <author initials="M." surname="Davis" fullname="Mark Davis" role="editor">
         <address>
           <email>markdavis@google.com</email>
         </address>
       </author>
       <author initials="M." surname="Suignard" fullname="Michael Suignard">
         <address>
           <email>michel@suignard.com</email>
         </address>
       </author>
       <date month="September" year="2014"/>
     </front>
   </reference>
 
 
   </references>
 
   <references title="Informational References">
 
    <reference anchor="BIP0021" target="https://en.bitcoin.it/wiki/BIP_0021">
      <front>
          <title>Bitcoin Improvement Proposal 21</title>
          <author initials="N." surname="Schneider"
                  fullname="Nils Schneider">
          </author>
          <author initials="M." surname="Corallo"
                  fullname="Matt Corallo">
          </author>
 
          <date month="January" year="2012" />
      </front>
    </reference>
 
    <reference anchor="HMW12" target="https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf">
      <front>
          <title>Clickjacking: Attacks and Defenses</title>
          <author initials="L.S." surname="Huang"
                  fullname="Lin-Shung Huang">
          </author>
          <author initials="A." surname="Moshchuk"
                  fullname="Alexander, Moshchuk">
          </author>
          <author initials="H.J." surname="Wang"
                  fullname="Helen J. Wang">
          </author>
          <author initials="S." surname="Schecter"
                  fullname="Stuart Schecter">
          </author>
          <author initials="C." surname="Jackson"
                  fullname="Collin Jackson">
          </author>
 
          <date month="January" year="2012" />
      </front>
   </reference>
 
   <reference anchor="UPILinking" target="https://www.npci.org.in/sites/default/files/UPI%20Linking%20Specs_ver%201.6.pdf">
     <front>
       <title>Unified Payment Interface - Common URL Specifications For Deep
       Linking And Proximity Integration</title>
       <author><organization>National Payment Corporation of India</organization>
       </author>
       <date month="November" year="2017" />
     </front>
   </reference>
 
  <reference anchor="ILP-ADDR" target="https://interledger.org/rfcs/0015-ilp-addresses/">
    <front>
        <title>ILP Addresses - v2.0.0</title>
       <author><organization>Interledger Team</organization>
       </author>
        <date month="September" year="2018" />
    </front>
  </reference>
 
  <reference anchor="BIC" target="https://www.iso.org/standard/60390.html">
    <front>
        <title>ISO 9362:2014 Business Identifier Code (BIC)</title>
       <author><organization>International Organization for Standardization</organization>
       </author>
        <date month="March" year="2019" />
    </front>
  </reference>
 
  <reference anchor="GANA" target="https://gana.gnunet.org/">
    <front>
        <title>GNUnet Assigned Numbers Authority (GANA)</title>
       <author><organization>GNUnet e.V.</organization>
       </author>
        <date month="April" year="2020" />
    </front>
  </reference>
 
   </references>
 
 <!-- Change Log
 v11 2020-03-23  CG   Workaround IESG/IAB/IANA/ISE discussion on who gets to create IANA registries as suggested by Adrian Farrel
 v10 2019-11-14  CG   Address comments from Adrian Farrel
 v09 2019-11-04  CG   Reference ISO 4217 for currency codes, clean up ENBF syntax and language (based on feedback from Matthias Heckmann)
 v08 2019-09-27  CG   Clarify use of sub-registry as per draft-ise-iana-policy
 v05 2019-05-20  CG   Addressing coments, preparing for independent stream submission, adding BIC
 v01 2017-02-15  CG   References and formatting
 v01 2017-02-13  CG   Minimal clarifications
 v00 2017-01-17  FD   Initial version
   -->
 </back>
 </rfc>