In TV commercials for a financial services company, Bill Cosby used to look at the viewer and intone, "Because ... its my money." That message must be understood whenever the Net is propounded as a forum for payment processing. When money is involved, the minimum standard of service is high—but events of the past few weeks demonstrate that the robustness of electronic payment networks, and the certainty of punishment for those who attack them, are less than they should be.
Problems have been pervasive. PayPal users suffered through five days of outages early this month. The PSIGate service experienced two extended interruptions in that same week. The Royal Bank of Scotland Groups WorldPay appeared to be the target of a distributed-denial-of-service attack Oct. 4, and Authorize.Net endured similar abuse near the end of last month. Some of these disruptions were due to accident and incompetence, but racketeers attempting extortion caused others.
These warnings of vulnerability come at an awkward time, in view of this weeks planned beginning of the virtual-payment era defined by the Check Clearing for the 21st Century Act—known for short as Check 21. Ironically, Check 21s vision of replacing paper checks with electronically transmitted images had its genesis in post-9/11 attention to systemic vulnerabilities. It was recognized that a stoppage of air transportation, such as the one that followed the terrorist attacks of 2001, inflicts damage on financial operations that depend on moving pieces of paper. Its no improvement, though, to transfer transactors dependence on physical documents to digital networks not ready to bear the responsibility.
Existing regulations and laws, and their enforcement agencies, are the best means of addressing new versions of old problems. We resist the notion that theres anything fundamentally new here: There are centuries of experience embodied in our definitions of a bank or a brokerage firm or other fiduciary institution. When such institutions fail in their duty to operate in a professional manner, or when criminals attack those institutions, we rely on experienced regulators and lawmen to track their moving targets.
Whats needed, we believe, is the cooperation of all in making that job easier. In particular, we urge that electronic payment services accept the necessity of scrutiny and regulation rather than seeking to avoid those burdens in ill-advised pursuit of short-lived competitive advantage. Its not for us to say, for example, whether PayPal is a bank, but neither can we hail the kind of practices that led to that companys paying a $150,000 penalty to New York state in March following charges that it misrepresented the protections enjoyed by its users.
In the long run, there can be little competitive advantage in offering an inexpensive means of uncertain access to funds. If Net-based services want to handle our money, they must rise to the level of trust the job demands.
Were interested in your Opinion. Send your views to eWEEK@ziffdavis.com.