Lessons from Bitcoin: Push versus Pull

Bitcoin is going to change the world – but not for the reasons we commonly assume. One subtle way in which it will change the world is through its influence on other players in the payment ecosystem.

At the heart of the Bitcoin system is the idea of a transaction: at its simplest, this is a transfer of value from one Bitcoin user to another – a credit transfer, if you like.

Consider what this isn’t. This isn’t a direct debit. It isn’t a credit card authorisation. Nor is it the creation of a debt or a precursor to a subsequent billing cycle.  Is is the closest thing we have in the digital world to a person-to-person cash payment.

In this way, we can think of a Bitcoin payment as analagous to a SEPA Credit Transfer, a UK Faster Payments transaction or, more generally, a wire transfer.   Push, not pull.

Graphically, we could depict this as the consumer pushing value directly to the merchant, just like with cash:


Now, consider how that differs to most other forms of electronic payments in the retail space.  They are, almost invariably, achieved through the use of one or more card schemes.

But think about how they work…

The customer thinks they’re paying.  But, really, they’re not. Instead, when they sign the chitty or enter their PIN, they are initiating a supremely sophisticated choreography of immense complexity.

They are, in reality, authorising the merchant to pull the payment from their account, with the request being routed through several intermediaries.

Graphically, it looks something like this:


This model has its advantages but it also suffers from severe problems: the most obvious of which is that if you’re moving payment authorisations around, you need to be maniacally focussed on security: there’s a reason why PCI-DSS exists.

It’s easy to understand why the system was built the way:  what else would you have done with 1960s technology?  The pull model employed by the card processors is a wonder of the world.  But it’s also an artefact of its time.  Would you design it that way if you were starting from scratch today?  I would contend that a system that doesn’t need PCI-DSS, doesn’t need acquirers, doesn’t need issuers, doesn’t need switches and doesn’t require you to trust any third parties has much to commend it.

For this reason, I use this “Push versus Pull” metaphor as a quick heuristic for evaluating payments startups I come across in my day job…