Saturday, 30 April 2016

Making current account switching easier - making-current-account-switching-easier.pdf

In March 2015, the Financial Conduct Authority published a report on “Making currency account switching easier” detailing “the effectiveness of the Current Account Switch Service (CASS) and evidence on the account number portability”. It said that:

Consumer organisations, while appreciating the benefits that such a system would give consumers, were also cautious about ANP, arguing that the real barriers to switching do not lie in the infrastructure but in the choice and differentiation of the current accounts available.

From Making current account switching easier - making-current-account-switching-easier.pdf

This is a fair point (note that it also applies to the current account switching service) but I think it misses the advantages to other stakeholders, not of ANP but of Virtual Account Numbers (VANs), 

xxx

Well, as I mentioned to [the Economic Secretary to the Treasury] at techUK (I was the nutter at back who kept going on about “7-0” solutions, Angela) the best way to do this is with virtual account numbers (VANs) and virtual payment names (“pay names”).

From Account number portability is on the PSR's agenda. Sorted. | Consult Hyperion

xxx

xxx

Let’s call this a VAN. A virtual account number. Now, you know how all mobile phone numbers in the UK begin with a “7”. Well, what if all virtual account numbers in the UK began with “7” as well? It turns out that the “7” sort codes in the UK have an unusual history

From A suggestion for doing something about account switching in the UK | Consult Hyperion

The solution is straightforward. When someone opens a bank account, give them a virtual sort code that begins with 7 and then an account number. They keep this number for as long as they like. When they change bank accounts, they keep the 7X-XX-XX XXXXXXXX number but it now points to their new account. Employers, utility companies, P2P services and everyone else carries on using the that virtual number. No-one needs to update anything or notify anyone.

Wednesday, 27 April 2016

Cops Could Undermine Dark Web Markets by Leaving Fake Reviews | Motherboard

xxx

law enforcement agencies (LEAs) could attempt to lower the value of drugs traded on the marketplaces by purchasing products and then leaving bad reviews.

From Cops Could Undermine Dark Web Markets by Leaving Fake Reviews | Motherboard

xxx

Swift confirms multiple cases of fraudulent message traffic

xxx

Interbank co-operative Swift has confirmed that it has experienced a number of recent instances of hackers compromising network interface devices at client banks to send fraudulent payment messages over the global banking network.

From Swift confirms multiple cases of fraudulent message traffic

May as well use Bitcoin then.

Islamic State: Up to $800m of funds 'destroyed by strikes' - BBC News

xxx

Maj Gen Gerstner, the deputy commander for operations and intelligence for the US-led operation against IS, said under 20 air strikes targeting the group’s stores of money had been conducted… While it was difficult to know precisely how much money had been destroyed in total, estimates put the figure at between $500m and $800m, he said.

From Islamic State: Up to $800m of funds 'destroyed by strikes' - BBC News

xxx

Sunday, 24 April 2016

Facebook payment system will change banking forever, but it comes with its own price tag – your privacy | Voices | The Independent

xxx

The prize is huge. If you know where people have been, what sites they visit, what apps they download, and also their spending habits, you know a massive amount about them – much more than their bankers, the credit and debit card companies, and more than their mobile phone operators.

From Facebook payment system will change banking forever, but it comes with its own price tag – your privacy | Voices | The Independent

xxx

Fake MONOPOLY money which Gianni Accamo 'used to scam dealers out of diamonds' | Daily Mail Online

xxx

The jury at Bristol Crown Court was told the scheme went unnoticed until after the buyers had left, despite the word Monopoly written in huge letters down the middle of the bills.

The paper cash bears a slight resemblance Euro notes but the colour scheme is much lighter and the images on the bills are out of focus compared to the real deal.

From Fake MONOPOLY money which Gianni Accamo 'used to scam dealers out of diamonds' | Daily Mail Online

xxx

Saturday, 23 April 2016

POST #IDIoT was a good choice

My good friend Wendy Goodman was kind enough to write about her experiences at Tomorrow’s Transactions this year (our 19th annual Forum!!) referring to it as

Tomorrow's Transactions Forum, Dave Birch's quirky annual event where ideas about the future of money are smashed together like particles to see what happens.

From net.wars: The blockchain menu

xxx

Tuesday, 19 April 2016

We could fix mobile security, you know. We don't, but we could

Earlier in the week I blogged about mobile banking security, and I said that in design terms it is best to assume that the internet is in the hands of your enemies. In case you think I was exaggerating…

The thieves also provided “free” wireless connections in public places to secretly mine users’ personal information.

From Gone in minutes: Chinese cybertheft gangs mine smartphones for bank card data | South China Morning Post

Personally, I always use an SSL VPN when connected by wifi (even at home!) but I doubt that most people would ever go to this trouble or take the time to configure a VPN and such like. Anyway, the point is that the internet isn’t secure. And actually SMS isn’t much better, which is why it shouldn’t really be used for securing anything as important as home banking.

The report also described how gangs stole mobile security codes – which banks automatically send to card holders’ registered mobile phones to verify online transactions – by using either a Trojan virus in the smartphone or a device that intercepted mobile signals up to a kilometre away.

From Gone in minutes: Chinese cybertheft gangs mine smartphones for bank card data | South China Morning Post

Of course, no-one who takes security seriously wanted to do things this way in the first place (which is why, for example, we used a SIM Toolkit application for M-PESA). This is hardly a new opinion.

I saw Charles Brookson, the head of the GSMA security group, make a very interesting point recently. Charles was talking about the use of SMS for mobile banking and payment services and he made the point that SMS has, to all intents and purposes, no security whatsoever.

From SOS SMS | Consult Hyperion

In case you’re interested, that blog post comes from 2008 and if I remember correctly I’d made a presentation around that time drawing on a story from 2007 to illustrate that the mass market use of SMS for secure transactions might prove to be unwise despite the convenience.

Identity theft and a fraudulent SIM swap cost a children's charity R90 000.

From Standard, MTN point fingers in fraud case | ITWeb

These are all symptoms of the fact that nobody listens to me about mobile banking security. Well, sort of. I’m sure other people have made the same point about keeping private keys in tamper-resistant hardware so that all bank-customer communications are securely encrypted and digitally-signed at all times, but since I’ve been making the same point for two decades (back to the days of the proposed “Genie Passport” at BT Cellnet) and despite the existence proof of M-PESA nothing much seems to be happening. Or at least it wasn’t. But perhaps this era is, finally, coming to an end. Here is what the US Department of Commerce’s National Institute of Standards and Technology (NIST) say about out-of-band (OOB) text messaging in their latest Digital Authentication Guideline (July 2016):

OOB using SMS is deprecated, and will no longer be allowed in future releases of this guidance.

From DRAFT NIST Special Publication 800-63B

I looked up “deprecated” just to make sure I understood, since I assumed in meant something other than a general disapproval. According to my dictionary: “(chiefly of a software feature) be usable but regarded as obsolete and best avoided, typically because it has been superseded: this feature is deprecated and will be removed in later versions”. So: as of now, no-one should be planning to use SMS for authentication.

The NIST guideline goes on to talk about using push notifications to applications on smart phones, which is how we think it should be done. But how should this work in the mass market? The banks and the telcos and the handset manufacturers and the platforms just do not agree on how it should all work. But surely we all know what the answer is, which is that all handsets should have a Trusted Execution Environment (like the iPhones and Samsungs do) and third-parties should be allowed access to it on open, transparent and non-discriminatory terms. The mobile operators should use the SIM to offer a basic digital identity services (as indeed some are beginning to do with the GSMA’s Mobile Connect). The banks should use standard identity services from the SIM and store virtual identities in the TEE. There you go, sorted.

So… when the Barclays app loads up on my phone it would bind the digital identity in my SIM to my Barclays identity and use the TEE for secure access to resources (e.g. the screen). Standard authentication services via FIDO should be in place so that Barclays can request appropriate authentication as and when required..

Now… when Barclays want to send me a message they generate a session key and encrypt the message. Then they encrypt the session key using the public key in my Barclays identity. Then they send the message to the app. The only place in the world where the corresponding private key exists is in my SIM, so the app sends the encrypted session key to the SIM and gets back the key it can then use to decrypt the message itself. In order to effect the use of the private key, the SIM requires authentication, so the TEE takes over the screen and the fingerprint reader and I swipe my finger or enter a PIN or whatever.

If the bank needs step-up authentication for, say, a high-value transaction or the addition of a new payee, it can use FIDO to obtain additional authentication for input to its own authorisation processes.

Why is this all so hard? Why don’t I have an “Apple ID” on my iPhone right now?

It seems to me that there is little incentive for the participants to work together so long as each of them thinks that they can win and control the whole process. Apple and Google and Samsung and Verizon and Vodafone all want to charge the bank a dollar per log in (or whatever) and the banks are worried that if they pay up (in what might actually be a reasonable deal at the beginning) then they will be over a barrel in the mass market. Is it possible to find some workable settlement between these stakeholders so that we can all move on?

Sunday, 17 April 2016

Bitcoin: In Technology We Trust (Maybe) - Forbes

xxx

Why should anyone have more trust in a digital currency created by an anonymous group of coders accountable to no-one than in a democratically-elected government accountable to everyone? Why is an essentially feudal governance model “safer” than a democratic one?

From Bitcoin: In Technology We Trust (Maybe) - Forbes

xxx

POST Reimagining

xxx

Innovative banks are increasingly seeing their future as the stewards of identity

From How Blockchain Fits into the Future of Digital Identity | American Banker

xxx

xxx

Comment: With blockchain, regulators should first do no harm - FT.com

xxx

Governments and regulators should avoid undue restrictions, support a predictable, consistent and simple legal environment and respect the “bottom-up” nature of the technology and its development in a global marketplace. “Do no harm” is the right approach for DLT.

From Comment: With blockchain, regulators should first do no harm - FT.com

xxx

A torrential leak | The Economist

xxx

The head of the Chilean branch of Transparency International, which campaigns against corporate secrecy, resigned after being linked to five firms in tax havens.

From A torrential leak | The Economist

xxx

How Close Are Smart Contracts to Impacting Real-World Law? - CoinDesk

xxx

In general, there were two fundamental challenges that needed to be addressed before smart contracts could be used in the real world. First: How would a smart contract actually control real assets so that it could enforce an agreement?… Second: What computer would be trusted to “execute" those terms in a way that both parties could rely upon?

From How Close Are Smart Contracts to Impacting Real-World Law? - CoinDesk

The emergence of the blockchain as the existence proof of a consensus protocol capable of operating an entirely trestles environment opened up new possibilities for dealing with the second problem, but the first one remains difficult to address. As Gideon Greenspan, who I take very seriously on such matters, has pointed out, the link between the world of the blockchain and the "real" world must be managed by a trusted entity, otherwise the blockchain cannot know that the state of the real world has changed.

Banks and fintechs at war over password sharing | afr.com

xxx

Micro investment company Acorns has accused ANZ Banking Group and other banks of telling customers they can't share account passwords with the start-up, retarding its growth. 

From Banks and fintechs at war over password sharing | afr.com

The article calls password-sharing a “grey area”, which it really isn’t, since both bank procedures and common sense security practice should tell us that giving _anyone_ a password (which ought not to be thought of as any form of security at all) to a third party is dangerous. When they get hacked, you get hacked.

Subway photographer connects random photos to people's social media profiles | Privacy Online News

xxx

Егор Цветков (Egor Tsvetkov), a photographer in Russia, has taken photos of random people on the subway and connected them to social media portraits and complete profiles using face matching technology.

From Subway photographer connects random photos to people's social media profiles | Privacy Online News

Right now, he’s using some software that matches faces against the pictures on vKontakte, the Russian version of Facebook, and it is getting a 70% match rate even against photographs taken from angles and under different lighting.

Think what this means.

When I walk into a conference, my Google glasses will be able to tell me who everyone is and scan their LinkedIn profiles. I’ll get it to put green ticks next to people who influence the budgets at banks and red crosses next to mouthy but powerless middle managers such as myself. Come on, you’d all do it. It’s embarrassing enough meeting people that you’ve forgotten meeting, or remembered their names wrong or you didn’t know that they work for you (all of which have happened to me).

It would certainly be helpful for a run of the mill pervert looking at women on the subway to know whether they are single, straight, living on their own, where they work, what their address is, whether they are going out later and so on. Instead of having to do any donkey work, they’ll just iPerv or some similar app to get the details there and then.

There is no answer other than the immediate mass production of Facebook-blue burkhas for us all.

Live example of "underhanded solidity" coding on mainnet : ethereum

xxx

One of the concerns about Ethereum contract safety has always been the issue that even though it's theoretically possible to check a piece of code and make sure that it does exactly what you expect it to do, in practice, outside of highly standardized contexts (ie. widely used dapps) where many people can audit the code, it's hard for the average user to check and make sure that there is no secret bug in the program... I actually found a real live example of this on the ethereum mainnet today.

From Live example of "underhanded solidity" coding on mainnet : ethereum

I hadn't much thought about this, although I imagine my colleagues who spend more time thinking about risk analysis had, and I once again reinforced to me the distinction between shared ledger applications (SLAPPs) and actual contracts! Would you want to use a system where,

The World’s First Cashless Society Is Here - A Totalitarian’s Dream Come True - Ron Paul Liberty Report

Over at the Ron Paul Liberty Report they are in doubt as to who is behind this sort of thing.

The War on Cash is a favorite pet project of the economic central planners. They want to eliminate hand-to-hand currency so that governments can document, control, and tax everything.

From The World’s First Cashless Society Is Here - A Totalitarian’s Dream Come True - Ron Paul Liberty Report

xxx

What a Tech Startup's Pivots Say About Bitcoin's Future | American Banker

xxx

"The total addressable market of people who want to buy bitcoin is very, very thin,"

From What a Tech Startup's Pivots Say About Bitcoin's Future | American Banker

Indeed. And most of them aren’t in America or any other developed market.

Saturday, 16 April 2016

Americans Are Using Less Cash but Mobile Payments Are Not The Ones Replacing It | Let's Talk Payments

xxx

The use of cash has fallen more than 50% in the last four years and is projected to continue to fall as consumers look for faster and secure means of paying options. With a high degree of smartphone penetration in the US market, mobile and digital payments are rapidly gaining a market share in digital payments.

From Americans Are Using Less Cash but Mobile Payments Are Not The Ones Replacing It | Let's Talk Payments

xxx

[Weekender] Korea going coinless by 2020

xxx

“It is important for countries like Korea which suffer a severe polarization of wealth due to the shadow economy to pursue more transparency,”

From [Weekender] Korea going coinless by 2020

xxx

POST Back to the Future, Part 97: The Coinless Economy

Before the industrial revolution, we lived in an essentially cashless economy. A reputation economy. There was very little money in circulation.

 

xxx

To spur the trend, the Bank of Korea is seeking a digital way to replace coins for transactions with its aim to make Korea a “coinless society” by 2020.

From [Weekender] Korea going coinless by 2020

xxx

Meanwhile, Kenneth Rogoff in his book on cash makes precisely the opposite recommendation: that we replace the banknotes with digital alternatives and keep the coins.

Sunday, 10 April 2016

How a Cashless Society Could Embolden Big Brother - The Atlantic

Sarah Jeong, writing in The Atlantic, raises the spectre of of surveillance in a cashless society. And she's right.

When money becomes information, it can inform on you.

From How a Cashless Society Could Embolden Big Brother - The Atlantic

xxx

In June 2015, Thomas Dart, the sheriff of Cook County—the largest county in Illinois, which includes the city of Chicago—wrote an open letter to the major payment processors. “As the Sheriff of Cook County, a father and a caring citizen, I write to request that your institution immediately cease and desist from allowing your credit cards to be used to place ads on websites like Backpage.com.”

Visa and Mastercard immediately folded in the face of Dart’s letter, and stopped serving Backpage.

From How a Cashless Society Could Embolden Big Brother - The Atlantic

Now, whatever you think about the morality of prostitution, there's something troubling about this. You can blame Visa and MasterCard for spinelessly caving to a form a blackmail that circumvents legal due process by invoking social media mobs. That's the world we live in. But if the Sheriff Dart's of the world succeed, then payments will vanish underground and society will be vastly worse off.

Saturday, 9 April 2016

How are banks actually going to use blockchains and smart contracts?

xxx

On a private chain with no cryptocurrencies, there is nothing that lives entirely on the chain. There is no asset whose existence is defined only by what's written on the chain. What you are actually transacting on the chain is a promise, for some recognised entity to give you something in exchange for that on-chain token.

"You don't need complex computation to move the asset around because you are not directly moving the asset anyway.

From How are banks actually going to use blockchains and smart contracts?

xxx

Losing Count: U.S. Terror Rules Drive Money Underground - WSJ

xxx

Banks close the accounts of customers they fear may be up to no good, evicting from the financial system those the government most wants to watch

From Losing Count: U.S. Terror Rules Drive Money Underground - WSJ

xxx

VocaLink Money2020 Europe report.

I have to say that I walked out of the inaugural Money 2020 Europe conference last week feeling rather smug. The reason for this unbecoming bout of self-satisfaction is that I was one of the people who lobbied the organisers of the event to stage it in Copenhagen! Boy, was this the right decision. The event had a few teething troubles, as they all do, but overall my response to it (and the overwhelming response of the majority of the delegates that I spoke to) was that it was an absolutely superb event that has already changed the landscape for fintech events in Europe for good. I take my hat off to the organisers for doing such a great job in creating an event with a European feel that was distinct from, yet complementary to, the Las Vegas event that spawned it.

The venue was superb. The AC Bella Sky is apparently the largest hotel in Scandinavia. I loved the rooms, I loved the layout (especially the central atrium which meant that everybody bumped into everybody else during the course of the event), I loved it is on a Metro line into the city, I loved that it is only a few minutes from the airport by taxi, I loved the organisation, I loved the food and (speaking from a business point of view) I loved the fact that a great many of our clients were there. I will definitely be going again next year and you probably should too.

The way the event was configured was with a general session area that included the main stage and seating for umpteen thousand people (I had the great privilege of interviewing Google on the main stage to talk about their plans for Android Pay in Europe and thoroughly enjoyed the experience), then five session areas for the parallel tracks. The session areas were next to each other, so that you can wander between them if you found that the session you were in was quite what you were looking for or if someone else texted you “hey come and check out this presentation”, and next to the speakers lounge which made it super convenient for people like me to have meetings at the event as well as having somewhere quiet to sit now and then to have a coffee and catch up on email.

A fireside chat about Android Pay with Spencer Spinelli, Director of Emerging Platforms at Google, on the main stage.

The key themes of the event have been summarised nicely by Business Insider so there’s no need for me to step through the agenda and point you in the direction of the key announcements from Alipay, Amazon, R3, Google and many others. But I thought it might be mildly useful to explain why I found a few of the themes of the event particularly interesting and what they might mean for some of our clients. I’ve picked out three themes to explore. The first comes under the general heading of block chain, which was everywhere at the event. The second comes under the general heading of alternative payments. The third of was regulation.

money2020panel

Panel discussion on the R3 initiative with Alex Batlin, Richard Brown, and Simon Taylor.

The blockchain first. There were a number of sessions about the block chain. I chaired one of them, which featured Richard Brown from R3, the consortium of 40+ international banks developing shared ledger technology for financial services, along with two of their member banks (UBS and Barclays). Blockchain was everywhere even if an awful lot of the delegates weren’t actually sure what it was. The head of Digital Asset Holdings, famous investment banker Blythe Masters flew into talk on the main stage and said that blockchain will be deployed in financial services in two years and could save 30-40% of post-trade costs, the famous venture capitalist Michael Moritz said blockchain wasn’t worth the hype and various other people said that blockchain would/would not (* delete where applicable) revolutionise everything. But I couldn’t help noticing that even the sessions that weren’t about the blockchain had almost inevitable mention of the technology, which must mean something! What I don’t know. But I think it’s relevant to note that R3’s landmark announcement of their “Corda” platform was about shared ledger technology that is not a blockchain. A blockchain is only one form of shared ledger, remember, and the Bitcoin blockchain is only one form of blockchain.

There were a number of interesting payments announcements at the conference. It must mean something that Bitcoin wallet Circle has got an electronic money licence and a deal with Barclays, although again I’m not sure what. I didn’t really hear anything revolutionary in the world of cards. My colleague Tim Richards moderated the tokenisation panel, and I was involved in a number of meetings about tokenisation, which is a very important to us, but now it’s all about building and delivering tokenisation platforms and services rather than inventing any new. I did hear a very clear message from Amazon announcing their Amazon Payments Partner Programme. Patrick Gauthier from Amazon is someone I always take very seriously in the world of payments, so I see Amazon Payments as a serious challenge to PayPal and other wallet providers. There was also a very loud and clear message from Alipay announcing their expansion into Europe. In fact I thought the presentation from Alipay was the best one I saw at the event (I should make it clear that I didn’t see all of the presentations) as it was impressively focused. Sabrina Peng, President of Alipay International took the audience through just what kind of service Alipay would be delivering to European merchants who wanted to sell to Chinese customers and easily won the contest for the best sound bite of the event, saying that their "merchants didn’t want more payment systems, they want more customers". I intend to use this as a standard bumper sticker in all of my presentations about payments for the foreseeable future.

There were some discussions about regulation but I think that I detected the emergence of “regtech” as a distinct from “fintech” as a paradigm and organising principle. Fintech investment seems to be cooling and the money men are beginning to sniff around for what’s next. I spoke to a few people about this during the course of the sessions and it seems to me that for many of the financial services delegates their number one problem, the place where costs are out of control and apparently growing without limit, is compliance. There is great new technology out there but that new technology can’t help unless it has a regulatory context in which to flourish. The idea that there might be new categories of technology (and actually I think that the shared ledger might be one of them because of its potential for a new kind of transparency and a regulatory win-win) where the impact is to reduce the cost of complying with regulation rather than to reduce the cost of delivering a functional service sounds rather interesting and is likely to be a bigger focus of next year’s event.

In this context, I thought that some very good points were made at the lunch sponsored by VocaLink that I attended on the second day. The lunch was “Chatham house” so I can’t say who said it, but as the discussion on payment regulation in the UK evolved, more than one person made the point that the U.K.'s new Payment Systems Regulator (PSR) did not appear to have any kind of economic strategy beyond utility competition. I agree with this and I am hopeful that a productive dialogue with the regulator might serve to match up the wider socio-economic goals for the payment system (reducing the overall total social cost of payments, for example) with the potential offered by new technology to transform the sector, not to simply add competitors doing the same thing. There was also a lively discussion about the nature of regulation. I am strongly in favour of regulating for outcomes, not by technology. There is a difference between forcing London taxis, for example, to have contactless terminals and forcing them to offer cashless payments. After all, customers don’t want more payment systems, you might say, but more convenience.

Elsewhere there was a lot of talk about partnerships, as the fintechs begin to work with the banks, and also a lot of talk about PSD2 and APIs (with top, top players like Shamir Karkal from BBCA and Alex Mifsud from Ixaris explaining why this will be a big shift in the delivery of banking services) although that seemed less innovative to me as we’ve been talking about this kind of thing with our clients for a long time. There was some talk about AI and robo-advice . There wasn’t much talk about wearables (there seemed to be more interest in this whole area at Mobile World Congress earlier in the year) or about about cars or beacons, except over at the WorldPay stand where you could see the brilliant demos that Consult Hyperion built for them!

Well, that’s enough work. It’s time to head off and party with Rudimental. I had a nice chat with them about the use of the Payment Account Reference (PAR) and the generation of closed-loop EMV tokens as a means to deliver efficient ticketing and payment solutions in an event context (not).

Rudimental were the stars of the Tuesday night party.

There are three companies I particularly want to thank for their efforts during the week. The first is VocaLink for laying on the lunch that I mentioned earlier, the second is Google for letting me into their VIP area for the Tuesday night party (which was great fun) and the third is ACI worldwide for the smoothie bar that they set up in the exhibition area. I have no idea what it cost, but since everyone was choosing the smoothie bar as the location for meetings it meant that our good friends over at ACI got to chat to a lot of people and good for them!

money2020-europe-amazes-excites-and-raises-the-bar

xxx

My congratulations to the organisers - Anil Aggarwal, Jonathan Weiner and Pat Patel - for making sure this was a very European event.

From money2020-europe-amazes-excites-and-raises-the-bar

I strongly agree. 

Android Pay

As some of you may recall, I had the great good fortune to be asked to interview Spencer X from Google on the main stage at Money 2020 Europe in Copenhagen.

Before I go on to what was discussed, let me first just go on record to sat what a great guy Spencer is. We discussed the general area of questions, but we did not discuss specific questions and we didn't rehearse any questions or answers. As a result, the interaction was interesting and lively and got great feedback from the delegates. I think companies and speakers can often benefit greatly from being a little less scripted at an event like this, so thanks to Spencer and Google for a great discussion. Oh, and for my VIP ticket to the Rudimental party in the evening. I'd never had a "Moscow Mule" before, and now I won't drink anything else.

The reason that Spencer was in town was that AndroidPay is launching in Europe, starting with the UK. What most people in the audience were interested in was whether Google would charge the same “toll” to issuing banks as Apple does. 

“We’re certainly not tolling the issuing banks, we are not going to toll the merchants who are already under enormous pressure. Android needs to be best in class, it’s really very simple. Payments has to work and it has to work seamlessly.”

From Android Pay to expand into Europe ‘soon’ - Mobile Banking

The answer was no, and I assume it is because Google benefits from the data associated with the payment so the relatively minor toll that they could extract for the payment is nothing compared to being able to link purchases to searches and that sort of thing. Anyway, Spencer covered a whole bunch of interesting as aspects of AndroidPay to give us some indication of where it might go in the future.

A trial in the Bay Area involving 50 small businesses and 50  McDonald’s restaurants is allowing Google to hide payments in the background of retail transactions. It’s called Handsfree, it was announced at Google’s developer conference last month, and while this technology is admittedly in its “early days” as Spinnell puts it, it’s indicative of a future we’re heading toward where your identity matters more than your phone.

From Money20/20 Europe: Android Pay Handsfree is Easier Than Tapping

His main point, if I remember correctly, when challenged as to AndroidPay’s competitive positioning against the other “xPays” was that AndroidPay would be open. They intended to compete on APIs and SDKs and by exposing the AndroidPay functionality so that innovative developers can build on top of it. I was thinking about this because of a couple of discussions I’ve been in with clients recently about making the transition from selling propositions directly to customers to selling propositions to the developers who develop the customer propositions. Switching from persuading customers to use your service to persuading developers to use your service is hard. As I’m sure you’ll appreciate, it’s not just a matter of hanging out an API and hoping.

Tuesday, 5 April 2016

UK payment cards annual fraud losses hit £567.5 million

xxx

Statistics by Financial Fraud Action (FFA) UK show fraud losses on UK payment cards totalled £567.5 million in 2015, representing an 18% increase from £479 million one year before.

From UK payment cards annual fraud losses hit £567.5 million

xxx

Contactless soaring in popularity

xxx

Contactless now makes up one in five of all face to face card payments under £30, figures show after a five fold increase in their use by shoppers.

From Contactless soaring in popularity

So tap and pay is a tenth of a card transactions and a fifth of all low-value transactions. Having been working on contactless payment projects of one form or another for yonks, I’m so happy to see us at the point where merchants now have to have signs to tell consumers that they can’t tap rather than that they can.

[billy bishop POS]

But there’s a better way to pay that is already growing, and that is in-app.

Saturday, 2 April 2016

POS Nordic nous

xxx

In both Sweden and Norway, the migration to almost total “cashlessness” is being led from the bottom up. Bills and coins now represent just 2 percent of Sweden’s economy, compared with 10 percent in the euro-zone, and only about 20 percent of all consumer payments in Sweden have been made in cash

From The Fate of Big Bills- a Catalyst for Digital Payments? | Ariadne Plaitakis | LinkedIn

xxx

The Fate of Big Bills- a Catalyst for Digital Payments? | Ariadne Plaitakis | LinkedIn

xxx

Europol has reported that sometimes criminals will pay more than face value for large notes due to their transport convenience.

From The Fate of Big Bills- a Catalyst for Digital Payments? | Ariadne Plaitakis | LinkedIn

xxx

The Fate of Big Bills- a Catalyst for Digital Payments? | Ariadne Plaitakis | LinkedIn

xxx

Yet since 1998 the usefulness of these notes and their links to money laundering have been the subject of recurring European Parliamentary questions aimed at the European Commission, who has consistently denied jurisdiction in such matters, deferring to the ECB. The non-utility of these notes was, for example, highlighted in a 2011 ECB survey among households and companies in 2008 and 2009 that estimated that only around one-third of the 500-euro notes in circulation were used for transaction purposes and that the remainder were hoarded as store-of-value in the euro area or held abroad.

From The Fate of Big Bills- a Catalyst for Digital Payments? | Ariadne Plaitakis | LinkedIn

xxx

POST Moving away from cards (and terminals)

xxxx

Android Pay, which allows owners of Android smartphones to tokenise their credit or debit cards and pay with their phones at contactless terminals, will launch in the UK "in the next few months", promises Google.

From Does 'pay by app' mean an end to shopping queues? - BBC News

In the US, Google have relaunched their wallet product without the physical debit that it had before.

Google Wallet has been given a makeover, focussing peer-to-peer payments and wallet-to-bank transfers, making the physical card obsolete.

From Google ditches Wallet debit card

xxx

Tesco takes on Apple with own mobile payment system - IGD Retail Analysis

xxx

Tesco's move makes it the latest grocer to develop its own technology to bypass the costly Android and Apple systems. Sainsbury's for instance is trialling its SmartShop app which allows users to create their own shopping lists, navigate stores and make payments at dedicated kiosks, while Walmart has launched its own system in the US to expand customer payment options and increase the speed of checkouts in its stores.

From Tesco takes on Apple with own mobile payment system - IGD Retail Analysis

xxx