In August this year 1, China Industrial and Commercial Bank, which has the largest number of users, lowered the debit card payment limit again, and the upper limit of a single transaction was lowered from 500 yuan to 300 yuan. Moreover, the upper limit of this 300 yuan can only be obtained if users go to the ICBC counter to open business. If you don't handle it, you won't be able to make online payment.
This move made many agents and third-party payment companies deeply embarrassed. "If the limit of bank debit card is below 1000 yuan, we can't do it. Because our annual average order is 1240 yuan. If the user can't even buy a ticket, who will pay online? " Wang Yili of Youyi.com said.
"Now all payment companies are competing with banks for high quotas. Consumers are individuals, and some round-trip air tickets cost 1 10,000 yuan. Originally, I hoped that online payment of bank cards could automate the whole e-ticket process. If there are such restrictions, users still have to buy air tickets in the traditional mode, which is equivalent to reducing the cost of printing an air ticket in industrial processes, and the significance of e-tickets is not so great. " Wang Yun Qiao Yang said.
But there is nothing the bank can do. Everything is for safety. According to international practice, the risk of credit card is borne by consumers, while the risk of debit card is entirely borne by banks, which is also to reduce their own capital risk. For them, they not only bear economic responsibilities, but also bear a lot of social responsibilities. If something really goes wrong with the system, it will have a negative impact on the industry and people's livelihood. The security of third-party payment is a star issue that has been debated since the emergence of e-commerce. Safe, how to solve it? On this topic, the newspaper had in-depth and concrete discussions with Qiao Yang, sales manager of Wang Yun, Bo Shengchun, deputy director of the marketing department of the electronic banking center of China Industrial and Commercial Bank of China, and Wang Yili, marketing director of Youyi Air Travel Network.
A third party has sufficient conditions to abscond with money.
When third-party payment companies talk about cooperation with banks or agents, they will always be questioned from all sides. Air ticket industry is a big and fast industry, with tens of millions of funds flowing every day, and the registered capital of many third-party payment companies is less than 1 million. How can the bank believe it? The fund settlement cycle of the third-party payment company is often very long, and sometimes it is settled with the agent only once every month/kloc-0. In the meantime, a lot of money will stay in the previous account. If they misappropriate funds or abscond with money, who will guarantee the safety of the bank?
Reporter: Is there any way to solve the problem of long checkout period of third-party payment enterprises?
Qiao Yang: This is really a personalized problem in our industry. For banks, they will pay great attention to the safety of funds when they cooperate with us. The current situation is that after we receive the money from users, we often have a billing cycle of two to three days. If the partner is a small merchant, it is normal once a week and once a month. But this does not mean that the checkout cycle cannot be accelerated.
We can take the billing cycle by day, or close it in two days under special circumstances. This is a question of industry trust. If you have just cooperated, you can choose to reconcile with the other party without establishing a strong trust relationship.
Reporter: What are the agents most dissatisfied with the third-party payment companies now?
Wang Yili: It is very bad if the third party does not manage the user's funds separately from its inherent funds. Now many third parties have not done so. Merchants' money and their own money are put together, which always leads to money to spend, and the safety of funds is a problem.
But some companies are very advanced in this respect, such as Alipay, and we hope all third parties can do the same. Alipay completely separates these two funds, and entrusts the merchant's money to China Industrial and Commercial Bank for custody. Every transaction must be approved by ICBC. But we can't just cooperate with Alipay, because Alipay's model is not suitable for the electronic ticket industry. So we hope other companies can manage these two funds separately.
Relaxing the payment ceiling requires careful review.
/10 2005 On June 26th, 2005, the People's Bank of China issued the Guidelines for Electronic Payment (No.1) (Announcement No.23 of the People's Bank of China, hereinafter referred to as the Guidelines), which put forward guiding requirements for banks to engage in electronic payment activities. It is stipulated that when a bank handles electronic payment services for individual customers through the Internet, the single amount shall not exceed 1 000 RMB, except for security authentication methods such as digital certificates and electronic signatures.
300 yuan's payment ceiling is basically equivalent to giving up online payment for agents and third-party payment companies. So this year, people have been looking for banks to apply for relaxing the payment ceiling.
Reporter: How do banks consider relaxing the payment ceiling?
Bo Shengchun: Not long ago, someone forged the website of ICBC. Many hackers attack customers' computers and steal customer information. We have taken various measures to this end. Reducing the quota is not the main purpose, but safety is the most important. We have always regarded it as a high-level, and we have always taken a more cautious attitude in security control. Even so, our current system is tilted, and the quota has been increased for some industries that can be pursued, such as electronic tickets and college students' fees. Because these payments are made in the real-name registration system, just like air tickets, if you use someone else's credit card to buy air tickets for yourself, your identity information will be recorded at the time of purchase, which is easy to trace.
So we will choose some third-party payment companies and agents to relax the quota. At present, many third-party payment companies and agents have submitted applications to relax the quota, and we are also reviewing them.
Reporter: What problems will banks assess when they apply to relax the payment ceiling?
Wang Yili: Our company has applied for this policy at the end of August this year. First of all, you need to submit information, first to the bank, then to the E-commerce Center of ICBC Beijing Branch, and then to the E-commerce Center of China Industrial and Commercial Head Office.
Among them, it is necessary to explain in detail why electronic tickets can be called recourse industry, what kind of process users will take when placing orders with us, how to pay, what page the payment links to, how to deal with it in the background, whether the phone calls are recorded, whether the transactions are recorded, whether the operations of each salesman are recorded, and so on. During this period, ICBC came to check about four or five times, mainly depending on our risk prevention process. How to solve the system security problem, what kind of technical means and measures to solve it, and so on.
Reporter: Banks really want users to pay online, but the safety of funds is really important. Has ICBC taken any measures or developed new technologies?
Bo Shengchun: Our bank is prepared for this problem. ICBC's B2C technology is relatively advanced, and one account can connect multiple shopping malls. In other words, for the third-party enterprises that cooperate with us, we will open a separate mall for the air ticket business, and other businesses will take other interfaces and settle with one account. In this way, for those enterprises that have obtained the policy of relaxing the payment ceiling, we can only raise the payment ceiling for the interface that sells air tickets. This ensures the safety of funds to a great extent.
Leave the security issue to the bank?
At the e-commerce conferences over the years, the issue of payment security will always be repeatedly mentioned as the top priority. In today's era of underdeveloped credit card culture and imperfect insurance system, users will always have a sense of distrust of online payment. After electronic tickets replaced paper tickets, security was repeatedly mentioned, which also made the majority of third-party enterprises scratch their heads. If the user's machine is infected with Trojan virus and the data is stolen, who will be responsible? The superb technology of third-party enterprises seems out of reach. However, Bo Shengchun of ICBC confidently said: Payment security is no longer a problem!
Reporter: We know that agents like Ctrip and eLong actually receive more than 80% of their booking business through their call centers. In Youyi.com, 80% of the business is booked and paid by users online, so the payment security problem should be more urgent for Youyi.com. How do you solve this problem?
Wang Yili: It is true that 80% of Ctrip's business is telephone booking, and some users will report their card numbers to the other salesman through credit card authorization. In fact, this kind of remote credit card payment is not particularly safe. Even if I believe in Ctrip's credit, after all, I told a person the card number. Who can guarantee that the employees of Ctrip are trustworthy?
In fact, it shields us from security risks, because the card number and password paid online through our website are left in the bank, not in Youyi. Users will automatically jump to the bank's website after clicking Pay.
Reporter: How do banks solve security problems?
Bo Shengchun: Actually, we have solved this problem very well now. We launched a free electronic bank password card in August this year. In the past, customers used static passwords to log in, which was easy to be stolen. The password card adopts the coordinate password method. After the user enters the registration information, the system will prompt you which line numbers and column numbers need to be displayed. Find the corresponding location on the password card and fill it in to enter. The password location will change accordingly the next time you log in, and it will be different every time. The digital content of each password card is different, and each card can be used 1000 times due to the strong array. In this way, even if the password is stolen, the hacker cannot commit the crime, because the password will change when logging in again.
In addition, we also have a permanent safety certificate, that is, U shield, which has obtained a national patent. U shield is a kind of physical medium, which was jointly developed by us and Microsoft. It looks like a USB flash drive, but it can't be copied, so the virus can't invade. Each U-Shield will be set with a password, which cannot be used even if it is lost. Since the introduction of U-Shield, there has been no security accident in online payment using U-Shield for security protection. Moreover, for users who use U shield, there is no problem of payment ceiling, and they can pay any amount.
Reporter: Are other banks also implementing such security certificates?
Bo Shengchun: China Merchants Bank is also implementing it. It is actually much easier for banks to solve security problems. Now the People's Bank of China is vigorously developing safety certificates. They hope to introduce a security certificate that all banks can achieve. If this project is successful, it will be good news for consumers and the e-commerce industry.