WWW http://www.smart-accounts.org

APPENDIX -- Automated Money for Independent Artists:
Online "Smart-Accounts" That Reproduce, Inherit, & Evolve

Smart-Account Details

We made some unusual design choices for our smart-accounts design. These could be done differently for other systems reproducing accounts:

1. By default, the account name is also the password: Instead of a separate user name and password, smart-accounts have just the account name, which can serve as its own password -- like a numbered bank account. We chose this system to avoid the hassles and security risks of managing passwords when new accounts are created in bulk -- and also to make both automated and manual account use easier, since only one string must be supplied to one field to authorize an account. Mathematically, a longer name alone can be just as hard to guess as a name and password combination. (Conventional passwords can be added as a feature, if owners want them for ultra-high-security accounts.)

   Of course passwords also have other purposes -- for example, allowing the account name to be revealed for business or other reasons, without also giving out owner access. We used account reproduction to provide an alternative, which we call "public accounts" (explained below).

2. Account-name formats: The name of each new smart-account should be usable in a URL, in the form www.the-smart-accounts-server.com/name (where the "name" is not already in use on that server). So numbers, letters, and some other characters can be included. Account owners can either choose their own names for their new accounts, or let the system provide default names (perhaps 12-digit random numbers, since numeric names are handy for telephone entry and/or international use -- and 12 digits allows up to a million random account names to be given out, with the chance of a guess reaching any valid name being less than a million to one, and no way to tell if a guess is good except by submitting it to the server).

   Note that an account name can be in Chinese, for example, and still be compatible with smart-accounts in other servers that use English (by "compatible" we mean that a seller on one and a buyer on the other can do business). This works because charging an account requires delivery of the name to the server that issued it. No other server or network software needs to process the name in any other way; it will only communicate the name unchanged, to its server for payment.

3. The control center: Each smart-account will have a control center (dashboard) where the owner can change most of the account's options -- and also tell the account to reproduce. The owner will reach this control center by visiting the server, which will provide a secure form that has a box where the owner enters the account name. For security reasons, in general only the "public accounts" will actually be used in the form of a URL; other smart-accounts, which must be kept secret, generally will only be used to let the owner access the control center, through the secure Web form. (The URL format would work to reach the control center, but would ruin security by transmitting the unencrypted account number through the Web.) When it's done right, through the secure Web page, no one in the world except the owner will have the account name (not even the server, which will have an encrypted version). All communication between the owner and the control center will be encrypted.
4. Public accounts: If the account name must be secret, how can the owner have other parties pay money into it? One way is to allow smart-accounts to reproduce special, restricted new accounts (which we call "public accounts") with an irrevocable limitation: they can take money in, but can never hold money or give money out (they can give out valuable content, however). Instead, money taken into a public account goes immediately to the parent, or to some other specified, secret account. Once set, not even the owner can ever see or change this information (since someone could steal owner's access).

   The "smart URLs" discussed above will usually (with rare exceptions) be public accounts.

   A (minimal) control center for a public account appears when an end user clicks that account (in the form of a smart URL). If the account is selling a song, video, poem, or other content, those who click may reach a download-payment page, which allows anyone to download free if any sponsored copies are currently available, and allows anyone to sponsor more downloads at any time.

   If the account is running a fundraising campaign, those who click may get a real-time report of what is happening -- not only how much money has been raised and what it will be used for, but also perhaps a status report on two or more competing teams, a separate display of each recent donation, or a list of all messages that donors chose to publish (perhaps sorted by amount to encourage larger donations). The account owner has back-door access to the real control center, in order to change the features and public permissions -- probably through the owner's (secret) account that receives the money paid into any of the public accounts that descended from it.

5. Compatibility with all computers: An implementation of smart-accounts will run entirely on a server (which we call the account server). No client software is necessary, though browser extensions may be used for convenience. Otherwise there is no need to support different operating systems for the accounts (some features, such as uploading and downloading specialized content, might need client support if no standard software will work). For some uses of smart-accounts an ordinary telephone will be enough, and the users will not need to be online.
6. Cost: We expect that the processing cost per financial transaction will be less than a tenth of a cent, regardless of amount -- and the ideas behind this system are not patented but open to all. So the cost of using smart-accounts should be low. Independent artists, educators, and others should be able to keep almost all the money paid for their work. Maybe a percent or less of financial transactions as they occur will pay for the smart-accounts system that keeps track of the money and the downloads, with high-bandwidth usage such as video downloads charged separately -- and otherwise with no upfront cost until sales occur.
7. What if an account gets lost? Owners are responsible for having a way to kill any account with significant money in it, and return that money to the owner, in a way set up in advance -- just in case the account is lost or stolen, or has irrevocable settings that have become obsolete. There are many ways this can be done. For example, the owner might ask the account for a kill code -- and if necessary later, telephone or log in to the server and enter the code. Or the owner might set up the account to self-destruct after a certain interval with no usage, or after a certain date. Note that if criminals manage to kill the account, little harm will be done, as the money still goes to the legitimate owner. That setting (once set) is irrevocable, so even someone who steals owner access cannot redirect the money.

   Note that someone who steals an account (perhaps without the owner's knowledge -- or who quickly changes the account name to assure exclusive access, cutting out the owner) cannot necessarily take the money out -- but only do what that account allows. The owner may have provided for a PIN to withdraw money, or may not allow withdrawal at all (only payment to certain specified, possibly secret accounts). These actions (like other account settings and properties) are inherited from the parent -- or set by the owner at the account's control center.

8. Avoiding DRM: Smart-accounts neither provide nor prevent DRM (the notoriously inconvenient digital rights management, meaning copy protection) -- but should often make it unnecessary. Provided that enough sponsorship can be found, pirate copies will have to compete against legitimate free copies that do pay the artists, which most friends of the artists will choose. And people will have many different motivations to sponsor popular music or art (only some of which are noted above; also see list of 16 incentives for sponsors).

   Note that sponsorships can be large without limit -- and an average (not median -- the average is easier to reach) of 50 downloads per sponsorship would mean that only 2% of all users will need to be sponsors and help pay for the music or other art. This average should be obtainable -- especially since the artists only need to lower their price to make the sponsorships they do get go further in paying for all the free downloads people want, therefore keeping piracy of their work at bay. And sponsors can avoid fraudulent sites that just keep the money, by making sure that they are paying through an account server recommended by the artists. Since the address of the server is necessarily part of the smart URL, this is easy to check.

   Of course this system will not work for all content; for example, if professional software costs several hundred dollars a copy, who would sponsor bulk downloads for the public? But when there is potential public interest in art or entertainment, it may be easier to set a low per-copy price and get the money from a small percentage of the audience who can afford to pay for bulk sponsorships and are motivated to do so, instead of asking all end users to pay individually.

9. Freeloaders? Achieving the goal of 2% or fewer sponsors for art distribution means that at least 98% of users will pay nothing; they will just click to download free. These so-called "freeloaders," dispised by entertainment corporations, are totally welcome here. They are essential, because they create the context and social scenes that make sponsorships meaningful. Though they bring no money to the table themselves, their free downloads do affect the income of the artists. In addition, they will do most of the promotion, bringing the art to the attention of new groups likely to be interested, resulting in new sponsors as well. Everyone can have a place: rich and poor alike, in rich and poor nations around the world.

Smart-Account Scenario: How the Process Begins

Assume that smart-account services are available, and a band wants to sell a song this way. Here is how the process might work.

(1) The band could select a service that has a good reputation for selling music, visit its (secure) server, and ask for and receive a new smart-account -- either requesting a particular account name, or receiving a random name. Probably opening the account will be free, since smart-account services will be competitive, and the serious money will come from a proportion of sales (assume 1% for this example, leaving 99% of sales for the artists -- after the credit-card or whatever charges to pay for the sponsorships). This new account name will need to be kept secret, since it will hold the money received from sales (sponsorships). No setup will need to be done when the account is created, since the account will already have its inherited setup, and the owner can make changes any time. So getting one's first smart-account may take a minute or less.

Alternatively, the band might get an account from friends who already have one that they are using for a similar purpose. The friends would have their account reproduce a new, empty account -- with no money in it, and no personal or proprietary information (they could mark such information in their account so that it would not be inherited). The advantage of getting an account this way is that much of the setup could already be done (for example, generic graphics and look-and-feel options for end users) -- and have a successful track record for selling similar music. Or the band might buy an account, from an artist or broker who sells accounts professionally designed for particular businesses or other purposes. Either way, the band would visit the control center and change the account name, to assure exclusive access.

(2) Once the band or other owner has its original account, it can reach the account's control center at any time, by entering the account name is a (secure) Web form on the server. Then the owner will request the creation of one or more public accounts (usually requesting a name it wants). Public-account names do not need to be hard to guess (for example, a single letter or digit will be OK -- though the smart-account service might reserve certain prestige or other desirable names and charge a fee for them). If the artists get the account named "A21" (for example) on that server (we recommend NOT using case-sensitive names, since case is harder for users to remember than it's worth), then the smart URL they will circulate will be www.the-smart-accounts-server.com/A21 (of course the real domain name of the server will replace "the-smart-accounts-server.com" ).

(3) Once the artists have a public account, they will upload their song to it, and do any final customization (such as entering the price per download, and additional graphics of their own), through their original account's control center. The band might decide to start off the public account with a number of downloads (say 100 of them) that nobody has to pay for; this way the public account will have value to recipients as soon as the artists circulate it, since it will deliver free what otherwise would cost money to buy. Or they may circulate the public account to potential sponsors first, hoping that friends will help them "prime the pump." There should be at least a few copies for potential sponsors, so that they can hear the work free before purchasing any downloads. Purchasing a single download to listen to would require just as much effort with a credit card, etc., as purchasing thousands.

(4) Anyone who gets the public account can sponsor (purchase) any number of prepaid downloads he or she wants, with no upper limit. There are two ways the money could be handled. First, the 99% or whatever due to the artist could be paid immediately (along with the 1% due to the smart-account service). The alternative is that the smart-account service would hold onto the money, which would remain the property of the sponsor, and pay the artist as the free downloads were used (if they never were, there would be some default arrangement, which the sponsor could control). Sponsors could take back any unused money at any time (using a password they provided when they purchased the sponsorship). The advantages of this system are that sponsors can change their minds, so they can be more generous; also, end users will know that their free click itself, and their friends' free clicks, immediately pay the artist, which will help with promotion; and both the artists and the smart-accounts service will have an ongoing incentive to generate downloads to use the music (as well as sponsorships to fund it), also helping toward successful promotion. On the other hand, the advantages of paying the artists immediately are that it gives them quicker use of the money -- and letting them take it out immediately helps safeguards the system against fraud. The sponsors should be allowed to choose which option they want for their money.

(5) Any number of copies of the public account can now circulate through social networks or otherwise, with or without any prepaid downloads being available. And anyone who gets the URL can add a sponsorship to it, with an optional sponsor's message that will reach the communities where that URL is in use.

Also, anyone why buys a sponsorship can also have the URL reproduce -- creating a new public account that holds the sponsorship, and also can circulate indefinitely, and pay the artist just like the original URL. The difference is that the sponsor can use the new account (the new URL) to deliver his or her prepaid downloads exclusively to networks of his or her choice.

And note that anyone who buys a sponsorship (in an existing or a new smart URL) will by default have a button to repeat the purchase by generating a new credit-card or whatever transaction -- as many times as desired, especially while the music plays. No need to interrupt the mood by re-entering the payment information. This should be technically easy -- since ecommerce sites often warn their users against clicking again and repeating the payment accidentally.

(6) So depending on demand, any number of copies of any number of public accounts can grow out of the artists' original public account. Any or all of them can circulate indefinitely, paying the artists as sponsorships and downloads occur. And consistent with privacy, artists will be able to use their original (non-public) smart-account to track the data, whenever they want -- seeing the trees formed if their accounts reproduce, the sizes of the different sponsorships, their sponsors' messages if any, the languages used for sponsorship and for downloading (a surrogate for the country, which will not usually be available), how long it takes for various sponsorships to be used, etc.

(7) Whenever the artists want to take money out of their account, they can visit the control center to see how much is available -- then click a button to receive some or all of it by check (minus a small fee to cover the printing, mailing, and processing of the check).