Combining identity federation with Payment: The SAML-based Payment Protocol

The management of services offered within identity federations comprises not only the traditional service elements but also those management requirements derived from the federation´s specification. However, since a discrepancy between the management needs related to payment and the capabilities offered by the federation´s protocols can be observed, this paper aims to provide a solution to bridge this gap. SAML is currently used in many identity federations as a language and protocol for transmitting critical data about a participant´s authentication and his/her attributes. Authorization based upon attributes often fulfils the requirements within a non-commercial context. However, whenever payment is required, federation partners have to establish a solution to handle it. Whilst commercial service providers may often use their already established payment solutions, for semi-commercial providers as well as for micropayments and niche-providers, a new approach may be required. Therefore, this paper proposes to use the identity federation language SAML to build such a new solution. Using the novel designed SAML Payment Assertion, SAML is able to handle all the payment-related processes without compromising security. These benefits provided by the protocol and the language would raise the interests for new service providers to join federations that are built upon SAML.