For the past few days, I have been thinking about Doug Kaye's Consumer-Centric Form-Fill and Sign-on post.  There was really nothing new to Doug's proposal, but his post made me fall back into thinking about authentication, privacy, payment, and user experience; things I used to spend great deal of time thinking about while working for Arcot Systems.

Doug's solution centers around client-based form-filler like RoboForm and server-based storage of encrypted profile, meaning the user needs to download and install a form-filling software and somehow negotiate a remote storage.  The main problem with this approach is that people rarely take actions to overcome non-accumulative inconveniences. 

Forms are incidental, meaning one runs into them while trying to do something, and form related inconveniences are amply rewarded by completing the form (otherwise the user would not have completed the form in the first place).  Unless the task is as painful as filling out tax forms, people won't bother to install software especially if they have to pay for it.

Luckly, I expect Microsoft to add form-filling feature into Internet Explorer.  But I expect it to work only with Passport and MSN until people have gotten used to them.

Rising another 1000 feet and looking down on Bill Me Later and credit card-based online payment, I found little difference between the two from the customer's point of view.  A credit card is essentially an aggregated billing service.  Instead of receiving bills from all the merchants, the customer receive one bill from the card issuer.  One key difference is that  Bill Me Later doesn't use a shared secret (credit card number) as account ID.  With credit cards, you are forced to share that secret on every purchase with the merchant.

Technically, not much change is needed to adapt 3D-Secure to work with Bill Me Later.  With Bill Me Later, the ACS can handle payment on top of authentication and authorization, increasing throughput as well as making merchant side simpler.

Bill Me Later should take a serious look at 3D-Secure for several reasons:

1. Look and Feel – 3D-Secure UI will be what users will be expecting to see when they make online purchases.  With both Visa and MasterCard making efforts to make this happen, alternative payment methods should adopt similar look and feel to avoid startling the customers.
2. Merchant Adoption – Merchants have either installed 3D-Secure merchant plugin already or have plans to do so in the near future.  Slipping in Bill Me Later support into those merchant plugin will be simpler than asking merchants to install yet another software their servers.

Bill Me Later should work with 3D-Secure vendors such as Arcot Systems which currently has the largest 3D-Secure merchant installation base.

A News.com article provides further details on Bill Me Later, an alternative online payment service previously mentioned by "Scott" in conjunction with my Market-based Credit Card idea.

I finally get it.  Psychologically, deferred payment is a great gimick, almost as great as xx% off sale.

Two concerns raised by the News.com article were the potentially large cost and difficulty of managing authentication and transaction liability.  One possible way to address both concerns is to offer aggregated billing service with an eye toward lowering cost of billing for companies that have existing trust relationships with customers.

For example, I have been paying PG&E, my gas and electricity company, for ages.  Politics aside, there is no reason for PG&E not to use Bill Me Later to collect payment if the cost of billing is lower.  The key point here is that my PG&E acccount can be used as a basis of trust for my Bill Me Later account.  Compared to using an e-mail address as the primary basis of trust, which is what Passport does, my PG&E account is more trustworthy.