The Bitcoin Payment Protocol is a protocol for communication between a merchant and their customer. It is designed to enable a better customer experience as well as improved protection against man-in-the-middle attacks on the payment process.
Coinbase now supports the protocol for both merchants and wallet users. Wallet users who have the Bitcoin URL handler functionality enabled for their browsers via the advanced user settings can now make use of the protocol. Merchants will have the protocol automatically enabled for their payment pages.
The Bitcoin Payment Protocol extends the core Bitcoin protocol to support several new features. Citing directly from the specification, this includes:
- Human-readable, secure payment destinations— customers will be asked to authorize payment to a payment processor identified as “example.com” (or “Example, Inc.” if an extended validation certificate is used) instead of an inscrutable, 34-character Bitcoin address.
- Secure proof of payment, which the customer can use in case of a dispute with the merchant.
- Resistance from man-in-the-middle attacks that replace a merchant’s Bitcoin address with an attacker’s address before a transaction is authorized with a hardware wallet.
- Payment received messages, so the customer knows immediately that the merchant has received, and has processed (or is processing) their payment.
- Refund addresses, automatically given to the merchant by the customer’s wallet software, so merchants do not have to contact customers before refunding overpayments or orders that cannot be fulfilled for some reason.
And here is what it looks like when used from the Coinbase wallet:
The above example shows a Coinbase user paying to a Coinbase customer but the Coinbase wallet is compatible with all payment processors that support the payment protocol.
For more information on the Bitcoin Payment Protocol please see BIP 70.