Thursday, 31 March 2016

Four Visions of the Future of Identity | Bank Think

xxx

Develop an OAuth-like solution for banking and an e-KYC API like the Aadhaar card. Impress upon regulators the need to expand the set of accepted documents for KYC to reflect changing times and to promote financial inclusion while preventing illicit activity. Things like verified social media accounts or, in the case of immigrants or refugees, foreign national IDs (even ones that have expired) may work as well as a utility bill.

From Four Visions of the Future of Identity | Bank Think

xxx

Four Visions of the Future of Identity | Bank Think

xxx

Today, AirBnB offers eight ways for members to verify aspects of their identity. These range from the basics, such as an email and phone number, to social media platform validations (Facebook, Google, LinkedIn) to traditional personal data (like the questions a credit card application asks) to previously verified identity – your American Express card, for example. AirBnB does the job of verifying the actual user data and then displays the verification token, so site users don't need access to one other's sensitive personal information. They only need to know the verification is valid.

From Four Visions of the Future of Identity | Bank Think

xxx

POST Request

The Payments UK report on “Request to Pay” deals with 

Monday, 28 March 2016

Thai e-payment system to use ‘any ID’ feature - The Nation

xxx

A NATIONAL e-payment system will advance Thailand’s financial infrastructure by another five to 10 years once it is fully implemented, a member of the national e-payment panel said. The first “any ID” service will be available around September… Each person will have a 13-digit ID number for money transfers, bill payments and other transactions.

From Thai e-payment system to use ‘any ID’ feature - The Nation

xxx

POST Disaster money

One of the bogus arguments deployed to argue in favour of cash is that it is somehow good for poor people. It really isn’t. The people trapped in a cash economy, who are generally the poorest, are the people who face the highest transactions costs. And when things go really wrong, it’s the people who are stuck with cash who have no back-up.

A trader has lost N300million cash in the inferno that destroyed Kano’s Sabon Gari market, overnight on Saturday… Over 3,800 shops were burnt in the inferno, described as the worst market fire disaster in Nigeria, with  chairman of Sabon Gari Market traders’ association, Alhaji Nafi’u Nuhu Indabo saying  over 75 per cent of the market was burnt down.

From Trader loses N300m cash in Kano’s market fire | The NEWS

Remember when the Japanese tsunami hit? The bank and ATM networks went down (for a while) but the mobile phone networks stayed up.All of those people who had prepared for disaster by tucking away cash at home? Their money was washed away and forgotten, whereas people using cards and mobile phones went about their business with minimal interruption. I wrote about this a few years back.

After the earthquake and tsunami, the offline electronic money systems (such as Edy and nanoco) carried on working so long as there was power and the backup battery systems or generators were working, so you could still pop round to 7-Eleven and buy your staples. In fact, it was people who kept their money in cash who suffered greatly.

From The disaster in Japan has lessons for payments | Consult Hyperion

xxx

xxx

But I doubt that cash is the solution, which I suspect will be more to do with distributed identity / reputation management. Why? Because if there are floods, fires, meteor strikes or a zombie apocalypse, there simply isn’t enough cash in circulation to support the economy

From Planning for the zombie apocalypse | Consult Hyperion

xxx

Friday, 25 March 2016

Privacy.com's virtual Visas are burner debit cards that keep online shoppers safe | PCWorld

xxx

Privacy.com lets you create “burner” cards that are valid only for one-time use.

From Privacy.com's virtual Visas are burner debit cards that keep online shoppers safe | PCWorld

This isn’t really a new idea, since the idea of single-use, disposable virtual cards has been around for ever. (I do like the idea of calling them “burner” cards, however as I think that’s a super bit of marketing.) Anyway, the scheme works by getting you to hand over your online banking username and password… wait, what?

Now imagine what this kind of service might look like in the UK in a couple of year’s time, post-PSD2. 

Tuesday, 22 March 2016

POST It doesn't get more personal than this

I had the great good fortune to be asked to chair Leadership Workshop on Personal Data at this year’s Mobile World Congress in Barcelona. We had presentations from the US and EU and a global panel to discuss the ways in which digital identity can contribute to a digital society. 

GSMA Ministerial Programme 2016

During the discussions, which obviously in the GSMA context touched on the role of mobile phones in digital identity infrastructure, I began to reflect on the extent to which privacy should be an emergent property of the chosen infrastructure. In other words, can we use the tolls that we have our disposal now (smart cards, biometrics, the internet and so on) to construct a digital identity infrastructure that delivers privacy to citizens in the same way that seat belts deliver safety to drivers: built in, not optional, unobtrusive, cost effective, sensible.

Personal Data Panel

Where’s the seat belt for my digital identity?

Now, I tend to have rather fixed views on this topic, because I’ma big fan of pseudonymity and identity partitioning.

Sunday, 20 March 2016

Using the/a blockchain/ledger for identity/attributes

There has been a lot of discussion recently about the idea of using the blockchain to “do something” about identity, so I thought I’d put together a few blog posts with some of our thoughts on the topic, gathered from a few of the different projects that we are involved with. Lots of people seem to think that putting identity on the blockchain is a good thing to. But, as many other people have pointed out, in order to come up with some kind of idea as to what exactly the blockchain is going to do is first necessary to come up with some idea about what the identity problem is and then come up with some more specific ideas about how exactly a blockchain (or, more generally, any other form of shared ledger) might solve them.

The idea for this blog post began when my colleagues were putting together some ideas to present at the Open Identity eXchange (OIX) meeting in London few weeks ago. I thought it might be useful to contribute some of our thoughts around that presentation, in their incomplete form, to structure further discussion around this topic. First, the identity problem. Actually there are lots of different identity problems so I thought I’d choose a specific one I’ve been working with recently. As the chair of the techUK payments group (techUK is the trade association for the British technology industry), I’ve been taking part in the Financial Services Passport Working Group that started discussing the issue a couple of years ago. This is a good example of a very specific identity problem and a community that is looking for solution.

Let me illustrate what the problem is with a personal example. I’ve been a customer of Barclays since 1977 and they know absolutely everything about me and my financial history. My salary has always been paid into the same Barclays current account. My mortgage is currently with Barclays and were I to have any savings they would probably be with Barclays to, since I’m extremely lazy. Now suppose I go to open account with the NatWest. The fact that I’ve had an account with Barclays the 40 odd years will count for absolutely nothing and they will treat me as if I’d just arrived as a refugee. I have to produce some form of identity documentation (which they might well be incapable of verifying: I have literally no idea how the counter staff at NatWest go about checking whether a Romanian passport is real or not) as well have some proof of address, which normally comes down to that well-known high security fundamentally British identification document, a gas bill.

Now suppose I go to get some pensions advice from a financial adviser or look into changing my mortgage to get a better deal or decide to open one of those ridiculous Individual Savings Accounts (ISAs) that the Chancellor of the Exchequer has created so that rich people can salt away tax-free money for their children and thus drive up house prices even further to no general economic benefit to the nation. In any of these cases I would be faced with the necessity to provide my financial identity all over again. So what can be done about this? It’s hardly a new problem.

"An adviser to a new charitable incorporated organisation that spent more than a year trying to open a bank account has blasted Barclays for its onerous demands and disproportionate due diligence."

Barclays slated after CIO takes a year to open a bank account

Well suppose when you open your first bank account and the bank goes through all of its complex know your customer (KYC), anti-money-laundering (AML), counter-terrorist financing (CTF), politically exposed person (PEP) checking and credit referencing and then decides to give you an account. Suppose at that point the bank gave you some kind of financial passport (put to one side what this actually is or what data it contains or where that data might be stored) that you could use to open accounts at the NatWest, change mortgages, open a savings account or obtain financial advice simply by proving that it is your financial passport. Then it becomes a simple problem of authentication and we have a variety of strong authentication mechanisms available to us (even without some proper National Entitlement Infrastructure as I have long called for). The cost savings to the industry from not having to continually repeat identification procedures would be substantial and the convenience afforded to the consumer notable.

So why doesn’t this happen? Well, that’s a good question. We started to look at it a generation ago and the assumption was, at that time, that we would use public key infrastructure (PKI) to solve the problem. I know, I know, people have been going on about this sort of thing for years (here, for example). So, I open a bank account and the bank generates a key pair. The private key is kept in tamper-resistant hardware (at the bank, so that I can’t lose it) and the public key is used to form a variety of public key certificates (PKCs) or what I prefer to call “virtual identities”. Each of these identities contains a number of different attributes that are attested to by whoever signed the certificate.

Now I wander into the NatWest and present my Barclays virtual identity, perhaps by using my mobile phone or smart card, and all NatWest have to do is to validate that I am rightful owner of the private key associated with the public key in the certificate. They can do this in a variety of ways, but let’s say for sake of argument they send a message to my phone that is encrypted using the public key in my Barclays virtual identity and my Barclays app on the phone demands strong authentication and gets it and reports back. NatWest would also have to check that the public key certificate I’m presenting to them hasn’t been revoked so this means they have to query the Barclays Certificate Revocation List (CRL) in some way either as part of the challenge to the app or in a separate step.

Problem solved.

Or a least it might have been, had anybody ever implemented any of this stuff. Identrust gave it a go in the corporate space, defining a complete set of standards and more importantly the business rules that go around them, but nothing ever happened in the customer space. I did think for a while that, because the cryptography used to support chip and PIN is the same as the cryptography needed to support this kind of PKI, it would be efficient to add something along the lines of the financial passport to the debit cards in widespread use. I have a vague memory of being involved in some discussions around this a decade or so ago and as I recall (and my memory may well be imperfect) that the reason for not doing it was that debit card production was outsourced to one particular supplier and they had no interest in raising the cost of the cards issued by a couple of pence in order to save the bank a ton of money in the branches or to combat fraud. I shouldn’t think things have changed much by now. And persons of a suspicious nature may well want to believe that banks don’t want to make identification easy and portable because they see it as a way of locking in customers, but I am sure that they would not engage in this kind of behaviour.

So if we’re not going to implement the financial services passport that way then how can we implement it? In the techUK working group that’s been looking at this we were really focusing on a couple of obvious architectures that all simplify down to the centralised architecture and the federated architecture. In the centralised architecture, the banks will all chip in to build a central database somewhere, perhaps run by BACS or some other industry body, and that would hold the details of the identity, the identity verification processes that had been completed and the relevant keys and certificates. So I go into NatWest to open accounts and I authenticate myself to the financial services passport database and Bob’s your uncle. This would have course require some coordination between banks and everybody else, and it would have to be pretty reliable otherwise it would turn into a honeypot for criminals and fraudsters, but it’s a plausible hypothesis.

Another way of doing it would be a federated solution where each bank holds its own database of the financial passports that it has issued and other banks can query that database using the normal protocols of federation in order to gain access to the data under controlled circumstances. I used to think that this would be the best of way of moving forward, decoupling the banks in this way, despite what it meant in terms of having to sort out liability agreements. I remember a survey for VocaLink a couple of years ago in which some two-thirds of respondents said that they saw value in the establishment of that centralised KYC utility, and I was sure they were wrong. There’s no need for a central KYC utility, I thought, when we could have a federated identity linked to verified attributes infrastructure (i.e., a reputation infrastructure).

There would be no need for NatWest to actually store my Barclays financial services passport, they would just need to store a pointer to with the records showing that they had checked. Then if I subsequently get arrested for fraud or Barclays closes my account because I turn out to be associated with money-laundering, we need some mechanism for informing all the other people who are depending on that passport that it is no longer but I’m sure it’s not beyond the wit of humanity to come up with some sort of semantic federation that could take care of this.

Now, of course, there is a new possibility that is under discussion.

What if we could use shared ledger technology to build this record of financial services passports but but in such a way that there was no central system to go down, that it could resist intrusion or attempts at fraud from compromised members of the network, and that it could provide a platform for new products and services that we can’t really imagine at the moment> Personally, I think the shared ledger may well a plausible solution to this problem and having chaired the panel on identity at Consenus 2016 in New York I’ve been thinking harder about what shared ledger technology could do for organisations in this field. If we take our layer-based model (the “consensus computer” and the applications that we are going to run on it) and begin to think what kinds of identity-related content might be useful, I think we can get somewhere.

Revised Four Layer Model (High Level)

So in this emerging paradigm, our thought processes then drift on toward the content of this ledger. I saw some interesting demos at Consensus. Deloitte and others had started to build blockchains with defined content assets and these were interesting. But let’s say for sake of argument that a ledger is a record of transactions. The ledger isn’t simply a write-only file containing copies of driving licences and passports and whatever else, it’s a record of transactions that link entities identified at the communications layer with a variety of identity attributes through transactions, developing a reputation associated with that identity. This, I think, is the kind of architecture that Cambridge Blockchain explained to me when I bumped in them last year and it seems a reasonable starting point.

Thus, a blockchain can act as a provenance protocol for data across disparate semi-trusting organizations.

From Will Provenance Be the Blockchain's Break Out Use Case in 2016? - CoinDesk

I’ve sketched out a quick example about how this might work with the financial passport example. Since I did this on a plane and didn’t go through it with colleagues, it might be a little wonky, but I think it communicates  useful thinking.

Revised Four Layer Model (KYC)

We have to be careful with what we are putting in the content layer, naturally. We don’t want to turn the shared ledger into a resources for despots and confidence tricksters. Hence it is reasonable to ask whether anyone should be able to look at my financial services passport or whether it should be encrypted in some way so that only “authorised” entities can decrypt it. I suspect we may want to go for something like this, which is why I prefer to call the Content Layer of our model translucent rather than transparent.

A distributed and irreversible system for trust management, which stores personal data, could offer a hotbed for doxing and identity theft – and even undermine an individual’s right to be forgotten.

From What Airbnb’s blockchain proposal means for privacy

Indeed it could, which is why it should not store personal data in the clear. So, to end this problem statement of our thought experiment, let’s assume that what we will be storing in the shared ledger is not identity itself but some kind of identity transaction. When you come and present your financial services passport to a bank, you will do it by proving that you have control of the private key that corresponds with the public key that is linked to the relevant identity transactions (e.g., Barclays KYCd Dave Birch). Let me sleep on it.

Will Provenance Be the Blockchain's Break Out Use Case in 2016? - CoinDesk

xxx

Thus, a blockchain can act as a provenance protocol for data across disparate semi-trusting organizations.

From Will Provenance Be the Blockchain's Break Out Use Case in 2016? - CoinDesk

xxx

Wednesday, 16 March 2016

Distributed Settlement: Distributed Ledgers for Real-Time Bank Settlements — SAMMANTICS

xxx

The point being that replacing legacy infrastructure with new technology that change how settlement and clearing is done is an inherently complex process (where everything depends on everything else and is what is known as tightly coupled. This means the tolerance for error is low, particularly in times of extreme financial stress. The goal for the finance industry with the help of distributed ledger technology, should be to reduce complexity, lower costs, and enhance stability. So while real time gross settlement is something that is desirable it must be implemented with caution to make sure the above goals are met.

From Distributed Settlement: Distributed Ledgers for Real-Time Bank Settlements — SAMMANTICS

xxx

Now, pay in your favorite apps with Venmo — The Venmo Blog

xxx

Now in limited release, select users can use Venmo to pay for event tickets on Gametime, and to have gourmet meals delivered on Munchery, with more merchants and additional functionality coming soon.

From Now, pay in your favorite apps with Venmo — The Venmo Blog

xxx

Can Banks Leverage the Bluetooth Beacons that Retailers Are Testing? | American Banker

xxx

"As long as our customers know that they had the control to turn the services off and on, our consensus was people really valued some of the services we were testing,"

From Can Banks Leverage the Bluetooth Beacons that Retailers Are Testing? | American Banker

xxx

Intel is Testing a Blockchain it Built With a Fantasy Sports Game - CoinDesk

xxx

IT giant Intel is running an internal blockchain trial centered on a fantasy sports market.

The proof of concept works by enabling the exchange of digitized assets that represent shares of different sports teams. Each contestant is given a set of shares, as well as a quantity of in-game currency called "mikels".

From Intel is Testing a Blockchain it Built With a Fantasy Sports Game - CoinDesk

xxx

Are Payment Card Contracts Unfair? | Bentham's Gaze

xxx

In our paper – “Are Payment Card Contracts Unfair?” – published at Financial Cryptography 2016 we show that customers have too many PINs to remember them unaided and therefore it is unrealistic to expect customers to comply with all the rules banks set: to choose unguessable PINs, not write them down, and not use them elsewhere (even with different banks).

From Are Payment Card Contracts Unfair? | Bentham's Gaze

To be honest, Stephen has got a point. I do everything that I’m not supposed to. I set all my credit cards to the same PIN as soon as I get them.

Bitcoin Futures Guide Markets Blog - Bitcoin Markets Guide - Top BTC Futures Exchanges

xxx

This is a totally bizarre story from Cryptsy. A PDF has been posted of a contract that Big Vern (Paul Vernon) signed, in Florida, for getting the 13,000 lost coins that were reported hacked. The deal is to pay 1750 BTC for that, with contingencies to get the lost LTC and other litecoins._

From Bitcoin Futures Guide Markets Blog - Bitcoin Markets Guide - Top BTC Futures Exchanges

xxx

Telling Personal Stories via Bank Transaction History - Finovate

xxx

All that info, and much more, is locked away in your credit/debit card transaction history. Just being able to search your transactions helps tremendously (thanks, Mint). But what if you had ready access to all the information on your receipt?

From Telling Personal Stories via Bank Transaction History - Finovate

xxx

Security standards being forgotten in IoT stampede, says expert | CRN

xxx

An ethical hacker has urged firms to implement network access control (NAC) as he warned of the growing security threat posed by the Internet of Things (IoT).

Speaking during a Q&A session for the upcoming CRN Security Summit, Ken Munro, founder of Pen Test Partners, claimed that security standards are being forgotten in the stampede to get IoT devices to market.

From Security standards being forgotten in IoT stampede, says expert | CRN

xxx

Tuesday, 15 March 2016

Bangladesh central bank governor quits over $81m heist | Inquirer News

xxx

Bangladesh’s central bank chief resigned on Tuesday, the finance minister said, after hackers stole $81 million from the nation’s foreign reserves in an audacious cyber-heist that has hugely embarrassed the government.

From Bangladesh central bank governor quits over $81m heist | Inquirer News

xxx

Monday, 14 March 2016

Vocalink blog version

 CEO of SWIFT speaking

Gottfried Leibbrandt, the CEO of SWIFT, gives the keynote speech at the European Payment Summit 2016.

I really like the annual European Payment Summit, which is why I’ve been going along to it for many years. It’s small scale, hype-free and attended by a lot of European payments practitioners that I respect. This year was the 15th summit and, just as last year, the topic of instant payments pervaded many of the sessions. Now, in the UK, we know all about the popularity of instant payments. We are all familiar with the steadily growing volumes for the U.K.’s Faster Payments Service (FPS), but I don’t think the experiences that we have had to date really illustrate where instant payments is going.

Having wandered in and out of a few of the sessions at the Summit and spent some time talking to people who are actual experts over coffee (and, I have to admit, a few glasses of Hoegaarden) I think that I detected a change in the focus of the thinking around instant payments. The emphasis had shifted from planning for instant payments as a new banking service to more practical discussions about instant payments in new products and services. I want to pick out two threads from these discussions to illustrate just how big the coming instant payments revolution will be: the use of data associated with payments and the linking of payments and data with social media.

 Wim Raymaekers

Wim Raymaekers of SWIFT explaining GPII.

Data first. In the session discussing the SWIFT Global Payments Innovation Initiative (GPII, or “Business class SWIFT” as some people call it), one of the most interesting topics of discussion was the use of ISO 20022. This is the new financial industry message scheme, the international standard that defines the ISO platform for the development of financial message standards. Its business modelling approach allows users and developers to represent financial business processes and underlying transactions in a formal but syntax-independent notation. There are now 45 banks signed up for GPII, and they will all implement the standard properly. One particularly interesting aspect of ISO 20022 is that it allows data relating to a payment to go in the message alongs with the payment data. The collection of fields carrying this payment-related data are collectively referred to as Extended Remittance Information (ERI). The use of ERI fields to carry detailed payment-related data with instant payments will have a huge impact on the business use of instant payments of all kinds.

Right now, we think of ERI in terms of our existing business processes for invoicing, payments and all of the other processes that go around them, such as trade finance. When we move to an instant payments infrastructure, there will be an opportunity to deliver even more sophisticated services into this space. Remember that remittance advice could include data such as cryptographic keys to allow the recipient to access certain data, application code for execution (maybe even shared ledger applications to run on the block chain!) and other possibilities that I can’t even imagine.

The second strand to the revolution will be “chat and pay”, or the integration of instant payments into social media. If you look at the use of instant payment applications in the UK (PingIt and PayM) it is far less than the use of, for example, Venmo in the USA. And Venmo doesn’t deliver immediate settlement (it works through the debit card networks). In the last quarter of 2015, Venmo transferred $2.5 billion. In January 2016 alone it transferred $1 billion. So why is it so popular? It’s the integration with social media. Just over half the users are 18-24 and half the payments relate to food and drink sharing! On a US college campus, “I’ll Venmo you” has entered the lexicon. In the UK, “I’ll PingIt you” has not. Paym is growing steadily, but it it still only transferring about £12 million per month.

So now imagine, post-PSD2, the best of both worlds. The immediate availability of funds of PingIt and Paym with the integration of Venmo. It will be a wholly different payment experience. I’ll give you an obvious example. My wife and some of her friends are planning a weekend break in August. They do this through a Facebook chat group. But when it comes to settling up for hotels and air fares, everyone has to log out, e-mail everyone for their bank details and log in to home banking and set them up as payees, then make the payments. Then everyone else has to log in to their bank accounts to see if the money has arrived and that it is the right amount.

In 2018, however, it will all be different. Facebook will be Integrated with instant payments through APIs so that it can function as a transaction initiation service provider (TISP). When my wife gets a message to say that she owes her friend £100 for her air ticket, or £25 for her share of the dinner, or £10 for the tickets to a show, then she will put money into her return message just as she adds emoticons today. Under the hood, Facebook (which of course knows the bank account of the person you are sending a message to) will initiate an instant payment and within a second or so her friend will get a message to tell that the money has arrived. Remember, Facebook already do this is in the US through debit cards (like Venmo).

In a relatively short time we’ve moved from thinking of instant payments as a bank service to instant payments as a platform for new services and now to instant payments as a layer integrated into business services. With remittance data set to transform the business use of instant payments and social media integration set to transform the personal use of instant payments, we really are moving into a new payments world.

Saturday, 12 March 2016

Brink's Worker Stole $200,000 in Quarters: FBI - NBC News

With unintentional hilarity, an FBI special agent said…

What Mr. Dennis may have thought was a nickel and dime theft was…

From Brink's Worker Stole $200,000 in Quarters: FBI - NBC News

xxx

China: banks lost USD 22 bln to Alibaba and Tencent businesses in 2015 | The Paypers

xxx

his led to a USD 23 billion (CNY 150 billion) ‘loss’ in potential transaction fees for China’s banks and UnionPay in 2015 as overall consumer spend continued to shift from traditional card payments where banks are strong, to online payments, where they are weak. This number is projected to increase to USD 61 billion (CNY 400 billion) by 2020.

From China: banks lost USD 22 bln to Alibaba and Tencent businesses in 2015 | The Paypers

xxx

Distributed Settlement: Distributed Ledgers for Real-Time Bank Settlements — SAMMANTICS

xxx

RTGS has certain perils that distributed ledgers may exacerbate particularly when it comes to implementing two new things (RTGS & Distributed Ledger Technology) at once in a highly complex system (which financial markets are).

From Distributed Settlement: Distributed Ledgers for Real-Time Bank Settlements — SAMMANTICS

xxx

Friday, 11 March 2016

EPC | Newsletter - Article

xxx

Blockchain: a short-lived illusion or a real game changer? Experts discuss if, and how, blockchain can revolutionise payments

From EPC | Newsletter - Article

I’m going to sound sound really mean now, and I don’t mean to offend, but I want to make a serious point: what is the point of articles like this? They suffer from two fundamental flaws

They lack a basic model to facilitate communication between business strategists and technologyist

They lack an understandable narrative about the use of the new technology.

xxx

Big U.S. banks to take on tech rivals with instant payments | Reuters

xxx

Depositors at some of the largest U.S. banks are finally going to get the chance to do something quick and simple: send money to another person's account instantaneously by mobile phone.

The idea has been in the works for at least five years, and in the meantime, Silicon Valley has made incursions into the industry's role as a payment intermediary. But now, big banks including JPMorgan Chase & Co, Bank of America Corp, Wells Fargo & Co and U.S. Bancorp are starting to plug into a system they jointly own, called clearXchange, that will allow each others' customers to transfer money in a flash when they split a dinner check, rent payment or vacation bill.

"What we are doing now is delivering payments in real time, which is what our customers have asked for," Mary Harman, managing director for payments at Bank of America, said in an interview. The bank is one of two that have started rolling out the system to customers.

While technology companies like PayPal Holdings and Facebook Inc already offer snazzy payment apps that appeal to young consumers, the banking industry has a crucial advantage because it controls how quickly money actually moves between bank accounts. Individuals transferred some $200 billion to one another using mobile phones and computers last year, according to Javelin Strategy & Research

From Big U.S. banks to take on tech rivals with instant payments | Reuters

xxx

Thursday, 10 March 2016

Paper money is unfit for a world of high crime and low inflation - FT.com

xxx

rue, it is likely that a significant share – perhaps half – of dollars and euros circulates internationally. Some portion of this is surely abetting illegal activity and tax evasion. (In arresting Joaquín “El Chapo” Guzmán, the Mexican drug lord, two months ago, authorities found a room containing more than $200m, and this was not a first.) Then again, dollars and euros, including large-denomination notes, are also used for legal purposes. Even so, there still appears to be a very large share circulating in domestic underground economies, estimated to be at least 7-8 per cent of gross domestic product for the USand considerably higher for Europe.

From Paper money is unfit for a world of high crime and low inflation - FT.com

xxx

Facebook Is Not The Great Predictor Of Creditworthiness It Was Hoped To Be – Consumerist

xxx

The Wall Street Journal reports that lenders who had once been keen on the concept of using Facebook data to evaluate borrowers have soured on the idea, thanks to regulatory restrictions, and recent changes in the data that Facebook shares with third parties.

From Facebook Is Not The Great Predictor Of Creditworthiness It Was Hoped To Be – Consumerist

Interesting that the headline implies that Facebook is not a predictor of creditworthiness, but that’s not what the article says. The article says that lenders have been pegged back by regulators and cut off by Facebook. This suggests to me that Facebook data is at worst unproved as a predictor and persons of a more conspiratorial bent might conjecture that Facebook knows this, which is why it is cutting off the data flow until such time as it develops its own products or partnerships.

Chase Pay Deal with Starbucks Strengthens the Bank s Mobile Muscle | PaymentsSource

xxx

The deal will incorporate Chase Pay into the Starbucks mobile app for payments at more than 7,500 Starbucks locations, starting in the fall. Starbucks' mobile app, which is largely developed and maintained in-house, is used for over 10% of its U.S. in-store sales.

From Chase Pay Deal with Starbucks Strengthens the Bank s Mobile Muscle | PaymentsSource

Integrating a new payment mechanism into physical stores is a hassle. POS systems need upgrading, staff need training, deals need making. But adding a new payment mechanism into a retailer’s app is, by comparison, trivial.

Speech by Ben Broadbent at the London School of Economics, London, on Wednesday 2 March 2016 - speech886.pdf

xxx

If all a CBDC did was to substitute for cash – if it bore no interest and came without any of the extra services we get with bank accounts – people would proba bly still want to keep most of their money in commercial banks

From Speech by Ben Broadbent at the London School of Economics, London, on Wednesday 2 March 2016 - speech886.pdf

xxx

POST Yes, but why use a blockchain

xxx

A distributed and irreversible system for trust management, which stores personal data, could offer a hotbed for doxing and identity theft – and even undermine an individual’s right to be forgotten.

From What Airbnb’s blockchain proposal means for privacy

Indeed it could, which is why it should not store personal data.

mBank cancels NFC SIM deals in favour of HCE and bank-backed Blik mobile payments • NFC World+

xxx

Poland’s mBank has withdrawn the facility for customers to add mobile versions of their debit cards to the NFC payments services offered by mobile network operators T-Mobile and Orange. Instead, the bank has told NFC World, it will focus on supporting bank-backed mobile payments service Blik and the launch of its own host card emulation (HCE) based service later this year.

From mBank cancels NFC SIM deals in favour of HCE and bank-backed Blik mobile payments • NFC World+

xxx

Wednesday, 9 March 2016

Uncertainty principles: ‘The End of Alchemy’, by Mervyn King - FT.com

xxx

In effect, he offers an elegant refinement of the concept of “narrow banking”, which seeks to ensure that all deposits are covered by safe, liquid assets.

From Uncertainty principles: ‘The End of Alchemy’, by Mervyn King - FT.com

xxx

Monday, 7 March 2016

EMV Chargebacks Proving To Be a Card-Present Merchant Problem

xxx

Chargebacks for card-present transactions increased 50% following the Oct. 1 EMV liability shift,

From EMV Chargebacks Proving To Be a Card-Present Merchant Problem

You understand why this, I assume. It’s because before 1st October, if you spotted a $3.95 charge at Starbucks on your statement and you knew that you couldn’t possibly have made that transaction, then you would call up your issuer and complain and they would just eat the charge because it would have been more trouble than it’s worth to go back to Starbucks, pull the receipt, check the signature if there was one etc etc. However, after 1st October, if you spot a bogus $3.95 charge on your account and call up, the issuer will check the transaction codes and, if you had a chip card but it was swiped by a merchant who didn’t have (or didn’t use) a chip reader, then the $3.95 is charged back to the merchant. The net result is — entirely as expected and as it should be — that merchants see big increases in card-present chargebacks as previously hidden magnetic stripe fraud is revealed.

Sunday, 6 March 2016

Banks taking liability for XS2A transactions: ‘Just because a TPP says so?’

xxx

Essential information for the ASPSP to make an informed authorisation decision when prompted with a payment or account information request from a TPP consists of:

What is the functional scope of the transaction? (what payment needs to be executed or what account information needs to be provided and to whom?); Did the person requesting the transaction, actually consent to exactly this functional scope? and Who is the person requesting this transaction? (and is he actually a mandated ‘controller’ of the respective account?)

Of

From Banks taking liability for XS2A transactions: ‘Just because a TPP says so?’

xxx

Saturday, 5 March 2016

The Bavarian Savings Bank Association and large-denomination banknotes

The European Central Bank (ECB) interest rate for bank deposits is currently minus 0.3% and economic theory would predict that at a minus rate, depositors (and this includes companies as well as banks and individuals) would prefer to hold cash rather than pay the central bank to look after their money for them. It has to be said that this doesn’t appear to have happened on a large scale yet, but clearly one of the reasons why economists are interested in getting rid of cash is in order to allow the interest rates to go further into negative territory in order to stimulate economic activity over hoarding. Now, it clearly costs something to manage cash over and above the cost of managing an electronic deposit hence it is interesting to speculate what the crossover rate might be, the modern version of the old “specie point” at which it was cheaper to hold bullion for monetary purposes rather than paper instruments.

In Germany, this calculation is being made. The Bavarian Savings Bank Association sent around a circular to their members setting out their version of the calculation. On this basis, the crossover rate is actually about half of the current negative rate: we’ve already crossed the crossover point.

With 1.50 euros plus insurance tax for 1000 Euro, the value would be at 0.1785 percent, below the ECB's deposit penalty rate of 0.3 percent, it said. Additional costs for CIT or additional burglary protection are not taken into account.

From Penalty interest: Unions want money rather stash in the vault - SPIEGEL ONLINE

 This isn’t really a serious calculation because, as it says at the end, it doesn’t take into account the significant costs of cash in transit (CIT) or the additional security expenditure that would be needed to guard cash hoards. But it does make a fun point, at least to me, which is that the existence of the €500 notes has an impact on that crossover rate. Clearly, if the maximum denomination banknote in Europe was (as it should be) €50 then you will need 10 times as many of them to create a horde of the same value and that means higher costs for storage and transport. Now that the ECB has decided stop printing the 500s, banks would have to store masses of 200s, so the cost of storage and transport will be even higher.

Nevertheless, the calculation does make an interesting point, which is that we appear to past the crossover point already, yet no banks have to date decided to store their squillions under the mattress rather than leave them on deposit. Oh, wait…

Commerzbank, one of Germany's biggest lenders, is examining the possibility of hoarding billions of euro in vaults rather than paying a penalty charge for parking it with the European Central Bank, according to sources familiar with the matter.

From RTÉ Mobile - Commerzbank may hoard cash to avoid ECB charges

Why on Earth would they want to do this? Does it really make any sense?

Wednesday, 2 March 2016

Twitter Has Become a Park Filled With Bats -- Following: How We Live Online

xxx

I posted a screenshot of the email, and a few lines about how I would not be using Twitter until they figured out how to stop making incidents like this one (gross, but comparatively benign) a less constant component of my Twitter experience.

From Twitter Has Become a Park Filled With Bats -- Following: How We Live Online

xxx