A Survey of Payment Approaches for Identity Federations in Focus of the SAML Technology

Identity Federations are increasingly being used to establish convenient and secure attribute-based authentication and authorization systems. Whilst this process began mainly in the academic sector, it is assumed that over the next few years more and more commercial Service Providers will join Identity Federations in order to offer their services and products to federated customers. However, the introduction of commercial Service Providers demands a solution for payment, which has not been deployed during the early years of Identity Federations. Thus, Service Providers have to implement not only the federation application, but also additional payment solutions; a problem, by which the federation may appear unattractive for Service Providers, especially semi-commercial or those requiring micropayments. Even for large commercial providers entering a federation, the lack of payment support is a major disadvantage that may lead to either customer or profit loss. Thus, although a combination of electronic Payment solutions and Identity Federation approaches would provide several benefits to its participants, there has not been much investigation of such combinations. Therefore, this paper analyses electronic payment approaches as well as Identity Federation mechanisms and focuses on a solution to bridge these two aspects. Besides early stages of identity-based payments, final full integrated SAML-based payment approaches, which merge payments and Identity Federation into a powerful business solution, are also highlighted. However, since security is a major concern when focusing on payment solutions, several approaches have been investigated, including security and privacy evaluations, and, within this survey, only those solutions providing a sufficient level of security and privacy have been taken into consideration.