Tuesday, 15 August 2017

UK enjoys Summer of Love for contactless cards | Euromoney

xxx

There were just under 1.4 billion card payments in the UK in June, a monthly record. And with the number of card transactions up 12% in 12 months, UK cards have enjoyed their highest annual rate of growth since June 2008… [a significant] factor was the increase in the use of contactless card payments, which soared by 143%. Contactless payments accounted for 34% of all card transactions

From UK enjoys Summer of Love for contactless cards | Euromoney

xxx

Monday, 14 August 2017

When the price of Bitcoin is above $4000 and still climbing, it gets harder to maintain my sceptical stance on the long-term prospects for the iconic cryptocurrency, but I still do. One of the reasons why is that it is difficult to understand the dynamics of this new and still-evolving marketplace. It’s too opaque. Are changes in the Bitcoin price a reflection of fundamentals, random walks, sound speculation or market manipulation? It’s impossible to tell. For all I know, Satoshi Nakamoto is Kim Jong-un.

Still - I wish I’d bought Bitcoin when they were dollar each, just as I wish I’d bought Apple stock back in 1979 and signed up the Beatles in 1960. Who knew?

How do you figure out what Bitcoin is worth? From the market? It’s hard for an normal person to know what to to do. On the one hand I read that this opaque marketplace is being manipulated by a single “whale” but on the other hand I read that Bitcoins will be worth like $1 billion each or something (which makes it all the more puzzling why merchants bother with Bitcoin acceptance, since no sane shopper would spend Bitcoins instead dollars if they are going to go up a thousandfold in the next few years).

In the long term, for Bitcoins to be worth something, someone has to want them for some reason. What will they want them for? Shopping? It’s too slow, it was never designed for real time payments. Shopping without censorship? I don’t think that the market for drugs on the Dark Web is big enough and evading capital controls can only go on for so long. Money laundering? Bitcoin isn’t anonymous enough for mass market criminals (as the FBI guys who stole coins during the “Silk Road” investigation and that BTC-e guy who got arrested in Greece have discovered). The Wannacry ransomware scallywags swapped their Bitcoins for anonymous Monero as soon as they could get them out of their wallets.

No, I don’t think uncensorability is going to be a good enough business to sustain the Bitcoin rally. Bitcoin will be superseded by more anonymous alternatives and while the computational overheads associated with techniques such as zero-knowledge proofs and homomorphic encryption are high at the moment, truly anonymous digital money will come slaloming down the Moore’s Law slope in the not too distant future. If not Bitcoin, then what? Of course, it’s entirely possible that while Bitcoin isn’t the money of the future, it is a secure platform for the money of the future. And boy do we need that money. In his book “The Money Trap”, Robert Pringle (a former editor of that well-known revolutionary pamphlet The Banker) writes that at the turn of the millenium “globalization reached the limits compatible with existing international monetary arrangements”. I agree. There is pressure for change and I think the current cryptomania gives us a window into the future of money.

In fact, people already have. In my book “Before Babylon, Beyond Bitcoin”, I explore the notion of private money set out by the noted “lateral thinker” Edward de Bono. He wrote a pamphlet called “The IBM Dollar” for the Centre for the Study of Financial Innovation (CSFI) back in the early 1990s. In it, he rather memorably said that he looked forward to a time when “the successors to Bill Gates will have put the successors to Alan Greenspan out of business”. Dr. de Bono was arguing that companies could raise money just as governments now do — by creating it from thin air. Now, if that notion seems to have resonance in age of multi-million dollar initial coin offerings (ICOs) then, well… that’s my point. The idea of private currency as a claim on products or services produced by the issuer caught my attention back then, and continues to inform my thinking. For one thing, it makes economic sense. IBM, in de Bono’s example, might issue “IBM Dollars” that would be redeemable for IBM products and services, but are also tradable for other companies’ monies or for other assets in a liquid market. To make such a scheme work, IBM would have to learn to manage the supply of money to ensure that the monetary base and its capacity to deliver are matched and that inflation does not destroy the value of their creations. But companies should be able to manage that trick at least as easily as governments do, particularly as they don’t have voters to cope with.

It is easy to imagine how such a system would work. A start-up launches, and instead of issuing equity, it issues money that is redeemable against future services. So, for example, a distibuted file storage start-up might offer money in the form of megabyte days that are redeemable five years from now. In the early days, this money would trade at a significant discount to take account of the risks inherent in the venture. But once the file system is up and running and people like using it, then the value of the money will rise. With tens of millions such currencies in circulation, constantly being traded on futures, options and foreign exchange markets, it might sound as if the “money” would be unusable because transactions would be unbearably complex for people to deal with. But as I wrote in The Financial Times, that’s not the world that we will be living in. This is not about transactions between people but transactions between what Jaron Lanier called “economic avatars“ (and those avatars might represent people or things). This is a world of transactions between my virtual me and your virtual me, the virtual Waitrose and the virtual HMRC. This is my machine-learning AI supercomputer robo-advisor, or more likely my mobile phone front end to such, communicating with your machine-learning AI supercomputer robo-advisor. And our robo-advisors will be entirely capable of negotiating between themselves to work out the deal.

In his pamphlet de Bono puts it quite nicely by saying that: Pre-agreed algorithms would determine which financial assets were sold by the purchaser of the good or service depending on the value of the transaction. And the supplier of that good or service would know that the incoming funds would be allocated to the appropriate combination of assets as prescribed by another pre-agreed algorithm. Eligible assets will be any financial assets for which there were market clearing prices in real time. The same system could match demands and supplies of financial assets, determine prices and make settlements. He also wrote (this is more than two decades ago, remember) that the key to any such a system would be “the ability of computers to communicate in real time to permit instantaneous verification of the creditworthiness of counterparties”, an early vision of what we might now call the reputation economy that I explored in my previous book “Identity is the New Money”, where I noted that identities and credentials are easy to create and destroy but reputations are much harder to subvert — especially in the age of the blockchain — since they depend not on what anyone thinks but on what everyone thinks.

You won’t make the decision, your phone will Now that the combination of mobile phones, social networks and shared ledgers makes the calculation of the value of a private currency cost-effective even for small transactions, the technology needed to deliver the Facebook Dollar, the Amazon Dollar, the Apple Dollar and the Microsoft Dollar (I insist that they be called Bill’s Dollars) is in place. And it’s not M-PESA or chip and PIN, but the technology of “tokens” that is already being used (some might say abused) in the current explosion of ICOs.

Now, the idea of use linking cryptocurrency coins or balances as tokens linked to something in the real world — like gold or file storage or a computer game — is hardly new and from the earliest days of Bitcoin people were using “coloured coins” to do this, but token technology really took off with the development of the ERC-20 standard back in 2015. ERC-20 defined a way to create a standard form of token in a “smart contact” on the Ethereum blockchain. Ignore the language here — they are not smart and they are certainly not contracts, they are a special kind of application that executes on a shared ledger (in fact, I prefer to call them shared ledger applications, or SLAPPs) — and just consider the token as a practical implementation of private digital bearer claims on goods or services, without the centralised clearing and settlement infrastructure that de Bono was imagining. Right now, the world of ICOs is chaotic. Hundreds of millions of dollars are being raised in the Wild West of digital finance. Filecoin, a company that plans to monetise unused computer storage, has just raised $50m+ in token pre-sales to Silicon Valley investors (including Sequoia Capital and Andreesen Horowitz) and another $200m in a public token sale. That came not long after Tezos, which is developing a blockchain competitor to Ethereum, raised $232 million.

Despite these huge sums, there is a lot of uncertainty in the space. The Securities and Exchange Commission (SEC) ruled in July 2017 that certain kinds of tokens are in fact securities and that transactions must regulated. This was hardly unexpected and I certainly think that the ruling was good news. Yes it is causing some disruption right now (one of the largest exchanges, Bitfinex, has just suspended ERC-20 token trading for US citizens) and yes some people will lose a lot of money and yes some people will end up in jail, but that’s what happens as we move from a Wild West to regulated growth and prosperity. The regulation of this space is imporant. I think that ICOs are more of a picture of the money of the future than Bitcoin is.

As I said in Before Babylon, Beyond Blockchain, tokens may make a real difference to the way the economy works. When the current craziness is past and tokens become a regulated but wholly new kind of digital asset, a cross between corporate paper and a loyalty scheme, they strike me as being something of an opportunity to remake markets in a new and better way. One might imagine a new version of London Alternative Investment Market (AIM) where start-ups launch but instead of issuing money they create claims on their future in the form of tokens. The trading of these coins is indistinguishable from the trading of electronic cash (because there is no clearing or settlement) but there is an additional transparency in corporate affairs because aspects of the transactions are public. And while the company and observers may not know the beneficial owner of the coins (because the wallets are identified only by keys), the market will be set up to issue wallets after appropriate KYC. In the general run of things, transactions are private but where there is suspicion of wrongdoing the ownership can be exposed under appropriate legal conditions. With reputations established as an immutable history of participation in transactions, good behaviour will not be gamed and bad behaviour will be on display. Market participants will be able to assess and manage risk, regulators will be able to look for patterns and connections. I’ll be able to see that your assets exceed your liabilities without necessarily being able to see what those assets or liabilities are. (This is one of the reasons why I tend to think of the blockchain as a regtech, not a fintech.)

This is a far more efficient way to manage things. There won’t be some giant IMF database that manages the new kinds of money. In this market, company perfomance rewards token holders by improving the exchange rate against other tokens. No coupons and dividends, no clearing and settlement, no hiding the number of tokens out there. The cost of trading these tokens will be a fraction the cost of trading stocks and bonds, which is why liquidity will seep out of existing markets and into these new and more efficient structures. Stephen McKeon, a finance professor at the University of Oregon, summarises this imperative by saying that assets of all kinds will tokenise because they will lose the “liquidity premium” if they do not. Tokens won’t only be issued by companies, of course. In fact, I think that tokens that implement the values of communities may come to dominate the transactional space (think of the Islamic e-Dinar and the London Groat) but it will be the private money of innovative new enterprises that will prove the technology.

Uneasy sits the crown as cash use continues decline

xxx

Consumers and businesses made 15.4 billion cash payments in 2016 - down from 17.2 billion in 2015, according to figures released by UK Finance. However despite the decline, cash was still used 25% more often than the second most frequently-used method; debit cards (11.6 billion).

During 2016, cash represented almost half (44%) of all payments made by consumers - the second year in a row where consumers used cash for fewer than 50% of all payments. During the same period, cash payments reached £240 billion, accounting for 15% of the total value of consumer spending, a decline of five percent compared to the previous year.

More than one in four (26%) consumer cash payments were for a value of £1 or less, and more than three in five (61%) were for a value of £5 or less.

From Uneasy sits the crown as cash use continues decline

xxx

Sunday, 13 August 2017

POST Estonia is a real place

My little corner of the internet seems awash with tales of a mythical utopia that goes by the name of Estonia. I’ve been hearing about digital identity in Estonia more and more. At meetings and conferences, on Twitter and in conversation, I hear people talking about the Estonian national identity scheme that uses a blockchain. The Harvard Business Review, for example, tells us that “since 2007 Estonia has been operating a universal national digital identity scheme using blockchain."

I’m not sure if some of the people talking about this on Twitter know that Estonia is actually real place and some of us have been there. The Estonian national digital identity scheme is a real thing. It launched in 2002. A decade ago a colleague at Consult Hyperion, Margaret Ford, interviewed Mart Parve from the Estonian “Look@World” Foundation in the long standing “Tomorrow’s Transactions” podcast series (available here). Mart was responsible for using the smart ID service (both online and offline) to help Estonia develop its e-society. If you listen carefully to them talking, you will notice that they never mention the blockchain, which is unsurprising since Satoshi’s Nakamoto’s paper on the subject was not published until more than a year later, in October 2008.

The strangeness of the obsession with Estonia in blockchain circles began to obsess me after I was invited along to a blockchain breakfast (seriously) at the House of Lords last year. The invitation came because I had been asked to contribute to the Parliamentary Office of Science and Technology (POST) work on shared ledger technologies (SLTs). In this Government Office for Science report on “Distributed Ledger Technology: beyond blockchain” Sir Mark focused on a particular kind of distributed ledger, the Bitcoin blockchain, and attempted to explain it to the general reader and then explore some of the potential uses.

<p >Personally, I found the report slightly confusing because it was jumping between ledgers, blockchains, the bitcoin blockchain and bitcoin almost on a paragraph by paragraph basis. I realise that I read the document from a very technical perspective and that I may see some of these things therefore in the wrong context, but I prefer Richard Brown’s term “shared ledger technology” as a starting point because I feel that the fact that multiple organisations share the ledger is more important than its architecture. I think the report might have benefited from some more description of shared ledgers, and the reasons why Moore’s Law and falling communications costs have made the core idea of everyone storing every transaction a plausible architecture. Here’s the way that my colleagues at Consult Hyperion and I started to think about the ledger a couple of years ago, the "4Cs" model that has worked rather well.

Consensus Computer Model

I prefer to use this layered approach to explain the key components of a shared ledger and then develop ideas around different choices in those layers. Different choices in consensus technology, for example, lead to a variety of different possibilities for implementing a shared ledger. In order to help categorise these possibilities, and narrow them down to make useful discussions between the strategists and technologists, I use the taxonomy that Consult Hyperion developed to distinguish between different kinds of public and private ledgers. Rather flatteringly, Sir Mark used a simplified version of the this model on page 19 of his report. When the report came out I said that it might be considered reckless to disagree with the Chief Scientific Adviser, but I just did not (and do not) see cryptocurrency as a sensible government option for digital currency. Sir Mark said that permissioned ledgers (i.e., not the Bitcoin blockchain) are appealing for government applications and I’m sure he was right about this, although I remain sceptical about some of the suggested government uses that are based on costs or efficiency. I think that his suggestions around applications that focus on transparency are the more interesting areas to explore in the short term and they would be my focus if I were looking to start exploratory or pilot projects in the field. I share the Open Data Institute’s view on this:

We agree that blockchains could be used to build confidence in government services, through public auditability, and could also be used for widely distributed data collection and publishing, such as supply chain information.

[From Comment: Blockchain technology is useful, but not for everything | Open Data Institute]

Anyway putting my nerdy criticisms to one side, Sir Mark’s conclusions (which were essentially that the technology is worth exploring in government contexts) were surely correct. At the breakfast, Sir Mark said that the goal of the POST reports is to demystify technology for policy makers although I have to report that in his closing remarks he said that we had not been entirely successful in this enterprise and I fully concur with his opinion. After a while, the discussion moved on to the Estonian electronic identity system. I expressed some scepticism as to whether the Estonian electronic identity system was on a blockchain. The conversation continued. Then to my shame I lost it and began babbling “it’s not a blockchain” until the chairman, in an appropriate and gentlemanly manner, told me to shut up.

House of Blockchain

When it came time for my contribution, by the way, I said that it wasn’t at all clear to me that it was accurate to describe Bitcoin as a decentralised system since almost all of the hashing power resides with a very small number of unaccountable mining pools based in China but, more importantly that

  1. It seems to me that many of the efforts to move shared ledgers into the marketplace have concentrated on shaping shared ledgers to emulate existing solutions in the hope that SLTs will be faster, higher or stronger. These are all unproven assertions. It is possible that a shared ledger replacement for RTGS might be cheaper, or more resilient or more functional that the currency centralised solution, but who knows?

  2. The transparency of the shared ledger, the aspect that most doesn’t work for current solutions in current markets, may well turn out to be the most important characteristic because it allows for ambient accountability and therefore opens up the potential for new kinds of markets that are far less costly and complex to regulate, manage, inspect and audit. This is the “shared ledger as regtech not fintech meme” that I am rather fond of.

  3. Just as the invention of double-entry bookkeeping allowed for the creation of new kinds of enterprise, so it seems to me that the shared ledger will similarly lead to new kinds of enterprise that use the shared ledger application (the SLAPP) as the engine of progress and the focus of innovation. I assume that there are kids in basements experimenting with SLAPPs right now and that this is where the breakthrough use case will come from. As I some time ago in a discussion about shared ledgers for land registry, turning the ledger into a platform may be the most important reason for shifting to this implementation.

Anyway. My point is that the Estonian ID scheme, launched in 2002, has nothing to do with distributed ledgers or blockchains or any similar technology. As it happens, a some time after my breakfast with their lordships, I had another breakfast, this time with the new CIO of Estonia, Siim Sikkut

sikkut17 

I asked him where this “Estonian blockchain ID” myth came from, since I find it absolutely baffling that this urban legend has obtained such traction.  He said that it might be something to do with people misunderstanding the use of hashes to protect the integrity of data in the Estonian system. Aha! Then I remembered something… More than decade ago I edited the book “Digital Identity Management” and Taarvi Martens (one of the architects of the Estonian scheme) was kind enough submit a case study for it. Here is an extract from that very case study:

Long-time validity of these [digitally-signed] documents is secured by logging of issued validity confirmations by the Validation Authority. This log is cryptographically secured by one-way hash-function and newspaper-publication to prevent back-dating and carefully backed up to preserve digital history of mankind.

Mystery solved! It looks as if the mention of the record of document hashes has triggered an inappropriate correlation amongst less technical observers and as Siim observed, it may indeed be the origin of the fake news about Estonia’s non-existent digital identity blockchain.

Saturday, 12 August 2017

Here’s the Biggest Security Threat to the World’s Third-Largest Cryptocurrency - MIT Technology Review

xxx

"In that time, the network structure has remained remarkably constant. In 2013 each wallet was connected on average to 3.12 others. In 2016 that number was 3.53."

Here’s the Biggest Security Threat to the World’s Third-Largest Cryptocurrency - MIT Technology Review

xxx

PBOC Researcher: Can Cryptocurrency & Central Banks Coexist? - Bitcoin Magnates

Yao Qian, from the technology department of People’s Bank of China, wrote about this earlier this year.

"To offset the shock to the current banking system imposed by an independent digital currency system (and to protect the investment made by commercial banks on infrastructure), it is possible to incorporate digital currency wallet attributes into the existing commercial bank account system so that electronic currency and digital currency are managed under the same account."

PBOC Researcher: Can Cryptocurrency & Central Banks Coexist? - Bitcoin Magnates

xxx

Ant Financial seen becoming world's top consumer bank- Nikkei Asian Review

xxx

"Alipay now controls 70% of China's mobile payment market, while Yu'e Bao, which serves as a repository for cash leftover from online spending, emerged as the world's largest money market fund this year with $165.6 billion of assets under management."

Ant Financial seen becoming world's top consumer bank- Nikkei Asian Review

xxx

Fake negative reviews are a cheap way to screw up darknet drug marketplaces / Boing Boing

xxx

"once they found a seller they trusted, only 30 percent shopped around"

Fake negative reviews are a cheap way to screw up darknet drug marketplaces / Boing Boing

xxx

Wednesday, 9 August 2017

New Tesco Clubcards cause nightmares for shoppers - AOL UK Money

xxx

"Other users assumed that because the roll-out of the new cards introduced contactless technology, the key fobs would too. However, the key fobs don't have any contactless functionality, so those who have tried to use them as contactless cards, assumed they were broken, and missed out on the points."

New Tesco Clubcards cause nightmares for shoppers - AOL UK Money

xxx

Bitcoin vs Venmo: Lessons Learned from ‘Craigslist Jeff’ | Bank Innovation

xxx

"Scams of this type are becoming fairly common on the ‘killer’ P2P payments app, leading others on Twitter to question its reliability as a payment method, especially when other online transaction routes exist—like cryptocurrencies such as bitcoin, for instance."

Bitcoin vs Venmo: Lessons Learned from ‘Craigslist Jeff’ | Bank Innovation

xxx

Court: Dead daughter’s parents have no right to access her Facebook account | Ars Technica

xxx

"A German appeals court on Wednesday rejected the pleas from a dead girl's parents who wanted access to the 15-year-old's Facebook account. The social networking site fought the parents, claiming that opening the account would breach the privacy of the girl's contacts."

Court: Dead daughter’s parents have no right to access her Facebook account | Ars Technica

xxx

Alibaba's (BABA) "cashless week" to boost mobile payments is angering China's central bank — Quartz

xxx

"14% of China’s population relies on mobile payments to get around, carrying no cash, according to a survey conducted by (link in Chinese) Renmin University of China"

Alibaba's (BABA) "cashless week" to boost mobile payments is angering China's central bank — Quartz

xxx

Why are Britain’s banks blaming customers for online banking fraud? | Miles Brignall | Opinion | The Guardian

xxx

"A year 8 student was bragging to her friends that she's been earning money by opening bank accounts at all the high street banks and given £25 to give the details and send internet banking login details/key pads to someone."

Why are Britain’s banks blaming customers for online banking fraud? | Miles Brignall | Opinion | The Guardian

xxx

Hero who tracked bank fraudsters to win back £20k | Daily Mail Online

xxx

"The judge agreed and Gideon sent the documents to Santander's court orders team, which faxed over the fraudster's bank statements, postal addresses, email addresses and phone numbers."

Hero who tracked bank fraudsters to win back £20k | Daily Mail Online

Unfortunately, there’s nothing in the story to suggest that the police were able to use these details to collar the fraudsters.

August • Future of Retail - Credit card payment fees to be scrapped

xxx

"‘These small charges can really add up and this change will mean shoppers across the country have that bit of extra cash to spend on the things that matter to them.’"

August • Future of Retail - Credit card payment fees to be scrapped

xxx

Drivers avoid pay-by-phone parking bays, says the AA - BBC News

xxx

"The motoring organisation's survey of 16,000 members suggests seven out of 10 would look for parking elsewhere rather than use the 'pay by phone' meters."

via Drivers avoid pay-by-phone parking bays, says the AA - BBC News

xxx

Tuesday, 8 August 2017

Their invention is valued at $250 million. Here’s why they’re not satisfied - The Boston Globe

xxx

"Data on Sia are broken into pieces and stored on multiple computers, a method intended to keep data accessible even when some hosts are offline."

Their invention is valued at $250 million. Here’s why they’re not satisfied - The Boston Globe

I remember writing about “eternity servers” a couple of decades ago (approvingly, as I thought it was a good idea).

Countess claims art dealer shortchanged her: suit | New York Post

xxx

"She was shocked to learn in 2014 that Sammons had sold the painting to a Liechtenstein gallery for the ‘egregiously low price’ of $650,000, her suit says."

Countess claims art dealer shortchanged her: suit | New York Post

This is the sort of thing that can happen when you have a market that is as opaque as, say, Bitcoin trading.

Some old observations on reputation and social networks

The Talmud also deals with identity in the context of reputation and social networks See Tractate Sanhedrin – folio 23a https://www.sefaria.org/Sanhedrin.23a.22?lang=bi As Rav Yehuda says that Rav says: Witnesses do not sign a document unless they know who is signing with them. One does not sign a document unless he recognizes that those signing with him are fit to bear witness.

Returning to the matter itself, Rav Yehuda says that Rav says: Witnesses do not sign a document unless they know who is signing with them. That is also taught in a baraita: This is what the scrupulous people of Jerusalem would do: They would not sign a document unless they knew who was signing with them, and they would not sit in judgment unless they knew who was sitting with them, and they would not join a meal unless they knew who was reclining, i.e., eating, with them.

The medieval scholar Rashi (1040-1105) explains that one needs to know one’s co-witness, because of the potential reputational damage to oneself of countersigning a document which is invalidated because of character defects of one’s co-signatory. The concern is that third parties will hear that the document has been rendered invalid and may assume that you are the cause (no smoke without fire).

eHarmony boss Grant Langston reveals the mantra for daters | This is Money

xxx

"Tales of lonely hearts who believe they have found their match, only to be ripped off by money-grabbing crooks are legion. And according to Grant Langston, chief executive of one of the leading global dating and relationship sites eHarmony, many cases are down to organised crime."

eHarmony boss Grant Langston reveals the mantra for daters | This is Money

xxx

Deutsche Bank backs pan-industry online identity platform

xxx

"Deutsche Bank and partners Allianz, Axel Springer, Daimler and Postbank [will] work on a standard access procedure for online activities, with customers using a 'master key' for registration and identification across industries."

Deutsche Bank backs pan-industry online identity platform

xxx

How liability stands in way of banks’ digital ID ambitions | American Banker

xxx

...if banks were allowed to rely on the work other organizations have done to identify customers they could eliminate redundant paperwork and spare the customer a branch visit to open another account… But banks would need a lot to change before they would partake in this sort of outsourcing of identity provision. At the moment, they are clearly liable, under anti-money-laundering and know-your-customer rules, if they provide accounts to bad actors, wittingly or not."

How liability stands in way of banks’ digital ID ambitions | American Banker

xxx

How liability stands in way of banks’ digital ID ambitions | American Banker

xxx

...if banks were allowed to rely on the work other organizations have done to identify customers they could eliminate redundant paperwork and spare the customer a branch visit to open another account… But banks would need a lot to change before they would partake in this sort of outsourcing of identity provision. At the moment, they are clearly liable, under anti-money-laundering and know-your-customer rules, if they provide accounts to bad actors, wittingly or not."

How liability stands in way of banks’ digital ID ambitions | American Banker

xxx

Monday, 7 August 2017

Cash no longer king as contactless payments soar in UK stores | Money | The Guardian

xxx

"For years, cards have accounted for the majority of retail spending by value, but 2016 was the first year they also accounted for more than 50% of all transactions. It is also the first time that debit cards have overtaken cash. They now account for 42.6% of all transactions, putting them a whisker ahead of notes and coins, which fell almost five percentage points to 42.3%."

Cash no longer king as contactless payments soar in UK stores | Money | The Guardian

xxx

Cash no longer king as contactless payments soar in UK stores | Money | The Guardian

xxx

"For the first time, notes and coins have been toppled from their position as the UK’s number one payment method. Cards now account for more than half of all retail purchases, according to the main body representing shops."

Cash no longer king as contactless payments soar in UK stores | Money | The Guardian

xxx

RBS boss says customers are to blame if they're defrauded | Daily Mail Online

xxx

"‘Banks are still placing too much responsibility on consumers to spot and protect themselves from sophisticated online scams. We’ve heard from many people who have lost life-changing amounts of money through bank transfer fraud, through no fault of their own, who are unlikely to get their money back from the banks involved.’"

RBS boss says customers are to blame if they're defrauded | Daily Mail Online

xxx

Friday, 4 August 2017

NSPCC's contactless face-to-face trial raised three times as much as cash | Third Sector

xxx

In a trial with 10 other charities, it raised an average donation of £3.07, compared with £1 for cash

From NSPCC's contactless face-to-face trial raised three times as much as cash | Third Sector

xxx

As Goldman Embraces Automation, Even the Masters of the Universe Are Threatened - MIT Technology Review

xxx

At its height back in 2000, the U.S. cash equities trading desk at Goldman Sachs’s New York headquarters employed 600 traders, buying and selling stock on the orders of the investment bank’s large clients. Today there are just two equity traders left.

Automated trading programs have taken over the rest of the work, supported by 200 computer engineers.

From As Goldman Embraces Automation, Even the Masters of the Universe Are Threatened - MIT Technology Review

xxx

SEPA INSTANT CREDIT TRANSFERS ARRIVE - Payments Cards & Mobile

The SEPA Instant Payments scheme goes live in November. 

The EPC’s SCT Inst scheme will enable interoperable euro credit transfers in SEPA for transactions of up to €15,000 initially to be available on the payee’s account within ten seconds.

From SEPA INSTANT CREDIT TRANSFERS ARRIVE - Payments Cards & Mobile

xxx

Wednesday, 2 August 2017

UK home secretary Amber Rudd says 'real people' don't need end-to-end encryption | Business Insider

xxx

UK home secretary Amber Rudd has called on messaging apps like WhatsApp to ditch end-to-end encryption, arguing that it aids terrorists. [She] said that “real people” don’t need the feature and that tech companies should do more to help the authorities deal with security threats.

From UK home secretary Amber Rudd says 'real people' don't need end-to-end encryption | Business Insider

I am not privy to this level of decision making in the body politics, but I suppose that Amber’s plan is to make everyone else’s communications as vulnerable to hackers, pranksters and agents of foreign powers as MPs’ communications are.

Parliament has been hit by a “sustained and determined” cyber-attack by hackers attempting to gain access to MPs’ and their staffers’ email accounts… Fewer than 90 email accounts were compromised during the cyber attack on Westminster, sources told the Press Association.

From Cyber-attack on parliament leaves MPs unable to access emails | Politics | The Guardian

Why this is considered a good idea by the Home Secretary is entirely unclear. Presumably she thinks that if everyone can read everyone else’s messages then it will not only add to the gaiety of the nation but will render terrorists unable to communicate. How wrong can you be? If you make it against the law to send encrypted messages, then the terrorists will simply switch to encryption schemes that don’t look like encrypted messages. Surely a noted historian such as Amber is aware of  

Sunday, 30 July 2017

Shayne Elliott's revolution at ANZ | afr.com

xxx

The long overdue migration of intangible financial services, which are purpose-built for digital distribution, away from pens and paper will be facilitated by digital ID verification

From Shayne Elliott's revolution at ANZ | afr.com

xxx

Shayne Elliott's revolution at ANZ | afr.com

xxx

Within a year or so, the rangy New Zealander hopes to introduce what could be the most profound change in modern Australian banking – a move away from conventional fixed pricing of deposits and loans (in which most people pay or receive the same interest rate) towards granular “risk-based pricing” in which everyone can in theory capture a unique interest rate depending on their propensities… Risk-based pricing requires massive amounts of historical data coupled with outstanding predictive modelling capabilities

From Shayne Elliott's revolution at ANZ | afr.com

xxx

In the online dating jungle, unverified by Twitter doesn’t mean undesirable | Sam Diss | Opinion | The Guardian

xxx

That’s the world in which Blue, the new Twitter-verified-users-only offering from dating app Loveflutter, is claiming to operate in. “In an era of catfishing and fake identities, authenticity is key,” says the accompanying press release, “which is why we’re leveraging Twitter’s world-class verification system to make dating safer.”

From In the online dating jungle, unverified by Twitter doesn’t mean undesirable | Sam Diss | Opinion | The Guardian

xxx

The sharing economy is failing for one simple reason – people can’t be trusted | The Independent

xxx

The sharing economy is gargantuan. A recent research report published by Bank of America Merrill Lynch estimates the value of it is about $250bn (£190bn) and it’s growing rapidly.

From The sharing economy is failing for one simple reason – people can’t be trusted | The Independent

xxx

Blueprint for KYC data sharing in the UK

xxx

The UK's Payment Strategy Forum has delivered a blueprint for the future of the nation's payment system, setting out design and implementation approaches for the construction of a new 'National Payments Architecture'.

From PSF lays down blueprint for new UK payments architecture

xxx

Since publishing our Strategy, we have reviewed the approach and agreed on the following detriments as focus areas for the proposed data sharing framework:

  1. Inclusion of bad actors: Obtaining sufficient KYC information to identify bad actors requires the use of multiple external data sources and systems during on-boarding and ongoing due diligence. Incomplete, in-accurate or out-of-date SME customer data hinders the detection of bad actors.

  2. Poor customer experience for good actors: Limited data sharing among the PSPs and other sectors such as utilities and telecommunication providers lead to significant duplication of effort if a customer moves to another provider or extends their products. data hinders the detection of bad actors.

  3. Barrier for small PSPs: Privileged access to SME data can be viewed as a barrier for small and new entrants, narrowing access and weakening competition. data hinders the detection of bad actors.

  4. Inefficiency in the SME KYC process: Customer identification processes can be complex, protracted, and expensive, despite not being a key competitive differentiator for PSPs and providers in other sectors. data hinders the detection of bad actors.

  5. Lack of trust: The fear of fraudulent actors potentially being able to penetrate the digital environment and get access to customer data leads to an erosion of trust in society.data hinders the detection of bad actors.

The plan is to start with SMEs. 

End user needs

xxx

In our Strategy, we prioritised the collaborative development of requirements and rules for 3 EUN solutions. These are:

  1. ‘Request to Pay’ which addresses detriments arising from a lack of sufficient control, flexibility and transparency in the current payment mechanisms to meet the evolving needs of some end-users. Apart from anything else, this is why there's no need for "pull" payments in NPA.
  2. ‘Assurance Data’ which addresses the lack of adequate assurance to the payer that they have sufficient funds to make a payment; that they are making the payment to the intended payee’s account and status of the payment once they make the payment. Right now, the assurance services envisaged are confirmation of available funds, payment tracking and the slightly more complex confirmation of payee.
  3. ‘Enhanced Data’ which addresses the limited capacity, in current payment systems, to carry more structured data alongside the payment.

The reason why I call the payee confirmation service more complex is… well… it’s more complex. As I said in connection with this last year:

There’s a long way to go with this though, because there are privacy and other issues. Is it any of my business what the name on your account is?

From Are the banks telling you that you may as well use bitcoin? | Consult Hyperion

The CoP will be a real-time 24/7 services and the response provided to the payer will be as clear and unequivocal as possible to allow the payer to make a decision that he or she is making the payment to the intended payee. All to the well and good. But you can see the problems lurking in the shadows of this apparently reasonable requirement. An obvious issue is that data protection regulations must be considered to ensure that payer data is handled lawfully especially in the case where the account information is played back. If you send a payment to your dentist, for example, should be provided with your dentist's real name, address and other personally-identifiable information (PII). I would have thought not. Then there's also the issue of accuracy and liability for incorrect information. And consider also that is some cases the system must not return the "correct" information (as part of law enforcement operationa, for example).

This isn’t just about bank accounts and instant payments, of course. If it was, I wouldn’t be blogging about it. I hate to say it, but the problem and the solution are all about identity.

From Super-complaints but no super-solutions | Consult Hyperion

One safeguard that the PSF puts forward is that the payee confirmation service can only be utilised for the purposes of making a payment and it assumes that PSPs will ensure relevant safeguards are put in place to ensure prudent use (e.g., to guard against phishing, profiling etc.). OK, so I may sound like a broken record on this, but without a working digital identity infrastructure in place, we will end up with something incomplete and expensive getting hacked up to support NPA implementation alone.

 

I wrote last year that

I imagine that an outcome of Payment UK’s deliberations on payee confirmation may well be the creation of a database of “paynames” (i.e., £dgwbirch) to make casual instant payments even easier.

From There you go bringing class into it again | Consult Hyperion

xxx

MUles

xxx

 

xxx

Cifas, which aims at reducing financial crime in the UK, said that the number of “misuse of facility” frauds involving those under 21 years of age, has risen sharply.

From Gangs force thousands of teens to become 'money mules' | The Independent

xxx

Payment Strategy Forum’s “Blueprint for the Future of UK Payments” (July 2017) says that “tactical solution work has been progressed to provide early benefit in the fight against financial crime in the detection of money mule accounts, and piloting methods for funds repatriation. The tactical solution was handed over in June, and implementation is expected by the end of 2017”. I’m not privy to the work of the Forum

Push! Push! Push!

 

The Payment Strategy Forum’s “Blueprint for the Future of UK Payments” (July 2017)

During the design phase of the NPA, the concept of a push only payments model has been developed further to assess whether our proposition is suitable in light of the Forum’s commitment to enable competition, innovation and minimise risk in payment systems. In summary, we concluded that a push only model offers many advantages but recognise that for some in the industry, changes will be required to enable them to deliver existing pull based payments products, such as Direct Debits.

xxx

Saturday, 29 July 2017

Tax breaks for farmers causing 'subsidy addiction', government adviser warns

Some years hence at a party of some kind in the West Country, I found myself chatting to a farmer. He was telling me about sheep farming, and making the point that it would be wholly uneconomic without massive taxpayer subsidies. Naturally I asked why these subsidies were provided. After all, if management consulting were to become uneconomic, because of the 

xxx

"Farmers receive not just the £3 billion of subsidy, they receive a whole range of other benefits that nobody else in the economy gets."

From Tax breaks for farmers causing 'subsidy addiction', government adviser warns

xxx

xxx

“If you’re producing 0.7% of output, receiving £3 billion of subsidies for that output of about £9 billion and being exempted on rates, and being exempted on diesel and being exempted on inheritance tax… it’s kind of a subsidy addiction in the end.

From Tax breaks for farmers causing 'subsidy addiction', government adviser warns

Land Value Tax Now! 

Gangs pay teenagers to launder crime cash | News | The Times & The Sunday Times

xxx

According to Cifas, the fraud prevention service, there has been a huge rise in the number of young people involved in “misuse of facility fraud”, where an account, policy or product is misused by the genuine account holder. There were 4,222 cases involving a person under 21 in the first six months of this year, compared with 2,143 cases during the same period last year.

From Gangs pay teenagers to launder crime cash | News | The Times & The Sunday Times

xxx

Friday, 28 July 2017

What's wrong with finance

xxx

What is the finance sector supposed to do? Essentially, it needs to perform a number of basic economic functions. First and foremost, it operates the payments system without which most transactions could not occur. Secondly, it channels funds from individual savers to the corporate sector so the latter can finance its expansion. In doing so, it does the highly useful service of maturity transformation; allowing households to have short-term assets (deposits) while making long-term loans. It also creates diversified products (such as mutual funds) that help to reduce the risk to savers of catastrophic loss. Thirdly, it provides liquidity to the market by buying and selling assets. The prices established in the course of this process are a useful signal of which companies offer the most attractive use for capital and which governments are the most profligate. Fourthly, the sector helps individuals and companies to manage risks, whether physical (fire and theft) or financial (sudden currency movements).

From What's wrong with finance

xxx

Tap-and-go threatens cash economy - Convenience & Impulse Retailing

xxx

“Around one-third of all point-of-sale transactions were conducted using contactless cards in 2016… As a share of card payments only, nearly two-thirds of all point-of-sale payments were contactless in 2016.”

From Tap-and-go threatens cash economy - Convenience & Impulse Retailing

xxx

Cards overtake cash for consumer payments in Australia

xxx

In 2013, cash was used in 47% of payments, compared to 43% for cards. Three years on, this outcome has now flipped so that 52% of payments are now via card, compared to just 37% by cash.

From Cards overtake cash for consumer payments in Australia

xxx

From Liverpool to east London: Local currencies are making a comeback

xxx

Millennials' distrust of British banks, and a growing interest in supporting local communities, has helped spawn a new crop of local digital currencies, with the Liverpool pound launching earlier in the year, and the east London pound debuting last month.

From From Liverpool to east London: Local currencies are making a comeback

xxx

Wednesday, 26 July 2017

Email hacking fraud hits home renovators: 'I paid £10,800 to a bogus builder'

xxx

Fraudsters tricked lawyer Mr Mullinger into paying £10,800 into their Lloyds account after posing as the tradesman working on his third floor extension.

From Email hacking fraud hits home renovators: 'I paid £10,800 to a bogus builder'

xxx

Tuesday, 25 July 2017

Credit and debit card surcharges to be banned - BBC News

xxx

From January next year, businesses will not be allowed to add any surcharges for card payments. The worst offenders currently are airlines and food delivery apps, and small businesses which typically add a fee for cards. In 2010 alone consumers spent £473m on such charges, according to estimates by the Treasury.

From Credit and debit card surcharges to be banned - BBC News

This is just plain dumb. If you are going to interfere in a market

Sunday, 23 July 2017

Expectations on PSD2 interactions between banks and fintechs clarified by UK Treasury

xxx

Though there are differences in scope between the two regimes, consideration is being given to how open application program interfaces (APIs) being developed under the open banking initiative could be used to support access to payment accounts and data by PISPs and AISPs under PSD2.

From Expectations on PSD2 interactions between banks and fintechs clarified by UK Treasury

xxx

Families left stranded after £10,000 villas did not exist | Daily Mail Online

xxx

When you search on Google, it orders results by what it believes to be the most useful and relevant. A website’s rank has become a common barometer for how high-quality or trustworthy a company is.

From Families left stranded after £10,000 villas did not exist | Daily Mail Online

Oh dear. A website’s rank has absolutely nothing to do with either quality or trustworthiness. It’s no wonder people get taken in like this, but since we have no trust infrastructure and no way of connecting people to it via the user interface even if we did, it’s hard to see how things will improve.

What would have to be in place to fix this sort of problem. Well, first of all, when you go to a website offering holiday villas you should be able to tell whether someone knows who it is that is behind the site. 

Families left stranded after £10,000 villas did not exist | Daily Mail Online

xxx

‘We’ve booked online before and the website looked genuine. It came up as the number one search on Google,’

From Families left stranded after £10,000 villas did not exist | Daily Mail Online

Oh dear.

 

xxx

after an email exchange with the website’s staff, Ann, a 39-year-old PR director, felt content as she transferred £6,000 via BACS direct to the villa owners for her two-week holiday.

From Families left stranded after £10,000 villas did not exist | Daily Mail Online

It was a scam, of course. But you’d think that as the money could only have been sent via BACS to a UK bank account, and since that UK bank account was opened and maintained in accordance with our strict KYC and AML regulations, it should have been easy for the police to simply pop round and arrest the perps.

Thursday, 20 July 2017

POST The government is completely and utterly wrong about surcharging

When I was in sunnier climes earlier this month, I was asked a couple of times about a particularly bonkers British government policy announcement concerning card payments. More than one person from overseas regulators asked me about it, in fact. They asked me if I could explain our government’s reasoning behind their policy announcement about card payment surcharges. Which was:

From January next year, businesses will not be allowed to add any surcharges for card payments. The worst offenders currently are airlines and food delivery apps, and small businesses which typically add a fee for cards. In 2010 alone consumers spent £473m on such charges, according to estimates by the Treasury.

From Credit and debit card surcharges to be banned - BBC News

Unfortunately, I cannot. This is just plain dumb. If you are going to interfere in a market and start price-fixing, then you should do it to increase the net welfare, not to provide a hidden subsidy to the well-off. I imagine what happened is that the partner of a government minister went online to book a mini-break to Dubrovnik, searched for the cheapest flights, went to pay with their black Amex card and got upset about being charged a surcharge that they could well afford to pay. Next thing you know, it’s government policy that rich users of rewards cards must be subsidised by everyone else. Baffling.

The move will save British consumers hundreds of millions of dollars

From U.K. Bans Credit Card Surcharges, Calling Them A 'Rip-Off' : The Two-Way : NPR

Really? How? The credit card system (and all the legal protections that come with it) do not suddenly become fee. British Airways still has to pay a merchant service charge (MSC) to their acquirer and the acquirer still has to pay an interchange fee (already capped by the EU). If British Airways can’t charge me an extra £2.50 for using my credit card so that I can get extra Avios, then they will simply add £1 “booking fee” or whatever to all tickets. Now, people who pay with their debit cards (who used to pay nothing extra) are paying an extra £1 and I’m paying £1.50 less and still getting my Avios.

There are two issues here: should merchants be allowed to surcharge (hint: yes) and should the government interfere in the surcharging (more on this later).

 Surcharging in Melbourne

xxx 

xxx 

Wednesday, 19 July 2017

Ed Sheeran takes on ticket touts and cancels 10,000 gig tickets sold by unofficial resale sites

xxx

Fans who purchased tickets when they went on sale will have to arrive at their gig venue with the booking confirmation, a valid form of ID and the credit card used for the purchase (or a photocopy).

From Ed Sheeran takes on ticket touts and cancels 10,000 gig tickets sold by unofficial resale sites

How are the bouncers on the door at an Ed Sheeran concert supposed to tell a real Portuguese fishing licence from a fake one? And what happens if I use my credit card to buy a ticket as a present for someone?

There is a solution, of course: put the tickets on a shared ledger and then sell them on eBay so that the market clears. If Ed wants fans to have tickets for £10 instead of £100, then he can buy the £100 tickets in the auction and re-sell them himself using whatever identification and authentication system he wants. Ticket “scalping” is a natural response to a broken market.

Bank of England comes good on promise to provide non-banks with dir...

xxx

There are plenty of non-bank players out there who want to have access to the infrastructure and the UK’s Emerging Payments Association recently presented a report to arguing that, under the appropriate licence conditions, non-banks should be allowed access to instant payments infrastructure through the use of a new kind of limited pre-funded settlement account at the Bank of England.

From Access | Consult Hyperion

xxx

xxx

The widely-trailed move is expected to open up a competitive space which has long been the preserve of the UK's biggest incumbents, providing non-bank PSPs with direct access to the UK’s sterling payment systems that settle in central bank money, including Faster Payments, Bacs, Chaps, Link, Visa, and, once live, the new digital cheque imaging system.

From Bank of England comes good on promise to provide non-banks with dir...

xxx

Monday, 17 July 2017

Child Safety Online: Age Verification for Pornography - GOV.UK

The government’s consultation process on blocking children from accessing porn has completed and they have published the results and the way forward.

Child Safety Online: Age Verification for Pornography

From Child Safety Online: Age Verification for Pornography - GOV.UK

I was listening to reports of this on the BBC and I heard at least two mad schemes being suggested. One was to use credit card details as a mechanism for proving that someone is over 18 and the other was to have people send their passport details to porn sites. What I didn’t hear being suggested was the development of a sane digital identity infrastructure capable of actually solving the problem. Since I’ve written about this topic several times in recent years, I thought I’d bring together a couple of old posts and update them with some new thinking to try to explain why the ideas I heard on the radio are not only wrong but dangerous and to make a sensible suggestion as to how the problem should be fixed.

So let’s start by going back a few years. For me, my serious interest in this topic began a few years ago when I was finishing up my book “Identity in the New Money”.  I went along to the seminar on “Childhood and the Internet – Safety, Education and Regulation” in London in January 2014. I was there for three main reasons:

  1. I am interested in the evolution of identification and authentication in an online environment, and protecting children is one of the cases that brings the mass market practicalities into sharp relief.
  2. Consult Hyperion had clients who are developing recognition services, and it seems to me that if these services can contribute to a safer environment for children then we may have something of a win-win for encouraging adoption. Note that “recognition” is the term I use her for the combination of identification and authentication that is appropriate for the authorisation of the transaction at hand.
  3. Protecting children is an emotional topic, and as responsible member of society it concerns me that emotional responses may not be society’s best responses. This is a difficult subject. If, as technologists, we make any comment about initiatives to protect children being pointless or even counterproductive we may be accused of being sympathetic to criminals and perverts hence we need to learn to engage effectively. I’m not interest in childhood e-safety theatre, but childhood e-safety.

That seminar was kicked-off by Simon Milner, the Policy Director (UK and Ireland) for Facebook. He started off by noting that Facebook has a “real” names policy. Given my fascination with the topic, I found his comments were quite interesting as they were made on the same day that the head of Facebook, Mark Zuckerberg, was interviewed in Business Week saying that the “real” names policy was being amended.

One thing about some of the new apps that will come as a shock to anyone familiar with Facebook: Users will be able to log in anonymously.

[From Facebook Turns 10: The Mark Zuckerberg Interview – Businessweek]

Simon went on to say that the “real” names policy, setting to one side whether it means anything or not, is a good thing (he didn’t really explain why and I didn’t get a chance to ask) and then talked about how children who are being bullied on Facebook can report the problem and so on. I know nothing about this topic, other than as a parent, so I can’t comment on how effective or otherwise these measures might be although I have heard anecdotally from many sources that they are of limited impact.  I found some of the talks by the subject matter experts extremely thought-provoking and I’m glad I heard them.

The main discussion that I was interested in was led by Helen Goodman MP (the Shadow Minister for Culture, Media and Sport) and Claire Perry MP, who is the Prime Minister’s special advisor on preventing the sexualisation and commercialisation of childhood. The ex-McKinsey Ms. Perry attracted a certain amount of fame in web circles last year (just search on “#PornoPerry”) when she made some public statements that seemed to indicate that she didn’t completely understand how the internet worked, despite being behind the government’s “porn filter”. (I am not picking on her. I should explain for foreign readers that most MPs are lawyers, management consultants, property developers, PR flacks and such like and they don’t really understand how anything actually works, least of all the interweb tubes. Only one out of the 635 MPs in the British Parliament is scientist.)

Now, let me be completely honest and point out that I have previously criticised not only the “real” names movement in general but Ms. Goodman’s views on anonymity in particular. I think she is wrong to demand “real” names. However, as I said a couple of years ago,

I’m not for one moment suggesting that Ms. Goodman’s concerns are not wholly real and heart felt. I’m sure they are.

[From The battle of the internet security experts – Tomorrow’s Transactions]

This does not make her right about what to do though. Forcing people to interact online using their mundane identity is a bad idea on so many levels.

But that was the same month that the Communist party struck its first major blow against Weibo, requiring users to register their real names with the service. From that point, those wishing to criticise the Party had to do so without the comforting blanket of anonymity and users started to rein themselves in.

[From China kills off discussion on Weibo after internet crackdown – Telegraph]

I’m not suggesting that Ms. Perry represents a government intent on creating a totalitarian corporatist state that reduces us wage-slaves to the level of serfs to be monitored at all times. I’m sure her good intentions are to block only those communications that challenge basic human decency and serve to undermine the foundations of our society, such as MTV, but the end of public online space seems a drastic step. What has been the result of the Chinese campaign to end anonymity? What is the practical impact of a real names policy?

Once an incalculably important public space for news and opinion – a fast-flowing river of information that censors struggled to contain – it has arguably now been reduced to a wasteland of celebrity endorsements, government propaganda and corporate jingles.

[From China kills off discussion on Weibo after internet crackdown – Telegraph]

None of us, I’m sure, would like to see pillars of our society such as the Daily Mail reduced to the level of “celebrity endorsements, government propaganda and corporate jingles”. Perhaps there is now less crime in China too, but I have yet to discover any statistics that would prove that. I don’t want this to happen to Twitter, Facebook and The Telegraph web site (where it is my right as Englishman to post abuse about the Chancellor of the Exchequer should I so choose). So here is a practical and positive suggestion. At the seminar Helen said the “The gap between real-world identity and online identity is at the root of [the problem of cyberbullying]”. So let’s close that gap. Not by requiring (and policing) “real” names, but by implementing pseudonymity correctly. I wrote an extended piece on this for Total Payments magazine recently.

Now imagine that I get a death threat from an authenticated account. I report the abuse. Twitter can (automatically) tell the police who authenticated the transaction (i.e., Barclays). The police can then obtain a warrant and ask Barclays who I am. Barclays will tell them my name and address and where I last used my debit card. If it was, say, Vodafone who had authenticated me rather than Barclays, then Vodafone could even tell the police where I am (or at least, where my phone is).

[From Dave Birch’s Guest Post: Anonymity – privilege or right? – Total Payments : Total Payments]

As I said, I don’t just want to talk about doing something about cyberbullying and the like, I actually want to do something about it. “Real” names are a soundbite, not a solution. What we need is a working identity infrastructure that allows for strongly-authenticated pseudonyms so that bullies can be blocked and revealed but public space can remain open for discussion and debate. Then you can default Facebook and Twitter and whatever to block unauthenticated pseudonyms without insisting the kid looking for help on coming out, the woman looking at double-glazing options or the dreary middle-aged businessman railing against suicidal economic policies from revealing their identities unless they want to

 

We’d all, I’m sure, prefer a world in which children did not have access to corrosive and nauseating material that undermines our civilised society. But how can we stop children from seeing MTV and the Daily Mail? The government has given up on this, I’m afraid, and has instead decided to try to stop them from seeing porn.

 

Porn is a problem. Let’s not beat about the bush. None of us want kids watching inappropriate sexual content on the web, not even the stuff they’ve created themselves. And I would like to practical ways to achieve this goal, which is why I’ve been along to a couple of events about safety on the internet and such like, looking for a win-win whereby our clients can use their technology to help.

The main discussion that I was interested in was led by Helen Goodman MP (the Shadow Minister for Culture, Media and Sport) and Claire Perry MP, who is the Prime Minister’s special advisor on preventing the sexualisation and commercialisation of childhood.

[From Identity and authentication technologies can make the Internet safer]

Ms. Perry, a former McKinsey consultant, attracted a certain amount of notoriety in web circles last year when she made some public statements that seemed to indicate that she didn’t completely understand how the internet worked, despite being Prime Minister’s advisor on such things. As I said at the time, I don’t understand why government doesn’t ask people who understand how things work (e.g., me) for advice and instead seem to evolve policy by listening to PR flacks, mates in the City, management experts and political lifers who have never had a real job of any kind. But let’s put that to one side.

The British Government’s Department of Culture, Media and Sport (DCMS) is reportedly drawing up plans to force porn sites to verify the age of visitors. Since the UK has no identity infrastructure (the government scrapped the controversial identity card scheme years ago and has yet to commission a study from Consult Hyperion on the viable alternative, the National Entitlement Scheme, NES) there is no way of doing this properly, so they are casting around for proxies.

As reported by the Sunday Times, this includes bank-approved software and credit cards, which can only be issued to those 18-years-old or above.

[From Porn and weapons websites may need to verify age of those using services – Gadgets and Tech – Life and Style – The Independent]

I liked this credit card example, because it shows how little the politicians understand about identity. Forcing people to give their credit card details out willy-nilly will inevitably leading to an explosion in card fraud, since there is no way that the punter can tell whether they are looking at the real “Honourable Members” or an Eastern European rid-off created solely for the purpose of harvesting valuable personal information. The example also feeds one of my pet bugbears, which is trying to use the payment system as a policeman instead of using real policeman.

The payments systems, which will be overseen by Economic Secretary to the Treasury and MP for South Northamptonshire Andrea Leadsom, will utilise UK-approved companies such as PayPal and Visa.

[From Porn and weapons websites may need to verify age of those using services – Gadgets and Tech – Life and Style – The Independent]

Andrea Leadsom read Political Science and comes from the investment banking and hedge fund world so I imagine she is very familiar with know-your-customer legislation, multi-factor authentication and such like. However, I would like to point out that there is a crucial difference between logging in to a hedge fund account and logging in to a porn account. I want the hedge fund to know who I am, but I don’t want the porn account to know who I am. Which is not to say I want to be (or should be allowed to be) anonymous, just that there is no reason for the operators of the web site “Ministers without Portfolios” to know who I really am.

What we need is a working identity infrastructure that allows for strongly-authenticated pseudonyms

[From Identity and authentication technologies can make the Internet safer]

We have to come up with something that will work for the porn sites so that they want to implement it because it makes their lives easier. But it has to be something that will protect the privacy of individuals who are doing nothing illegal by checking out the Black Rod’s Garden Gate. Oh wait, that’s real…

Better choose another example. It has to be something that will protect the privacy of individuals who are doing nothing illegal by snapchatting their junk to attractive  opposite persons of the contradictory gender (who may or may not be real).

Brooks Newmark quit as the minister for civil society after he apparently sent a picture of his genitals, taken while he was wearing paisley pyjamas, to an undercover reporter who was posing as a “Tory PR girl”.

[From Brooks Newmark Quits As MP: ‘Sexting’ Scandal Places ‘Intolerable Burden’ On Family]

Actually, my idea wouldn’t have helped the Minister in this instance, because it’s not about identifying people, it’s about protecting their identities. (That’s enough examples, Ed.)

The protection of privacy must be by a trusted intermediary. A bank, for example. Here’s a free idea for the DCMS to consider. I go to log in to “Home Secretaries in Heels” or whatever my favourite fetish site of the day is. It asks me to create an account. As part of the account creation process it asks for my bank. I tell it Barclays. At that point, I am bounced to the Barclays web site and asked to log in. I do this using my dongle (**). Once I am authenticated, Barclays generates a one-off service provider ID (maybe by hashing my account number and the DNS name of the requesting site). I am then bounced back to the porn site to continue browsing, logged in using the bank-provided pseudonym. The porn site gets a digitally-signed message from Barclays that says “this person is over 18 and known to us” together with the service provider ID. Now they have a unique identifier for me that cannot be traced back to me because it is the output of a cryptographic one-way function. What’s more, the service provider ID will be different for each site where I create an account: “Bigger Ben” cannot collude with “Dispatch Fox” to determine that I am the same person.

Now, you may think that I am being slightly flippant about this serious topic, but I am not. Taking active steps to create digital identity services that have privacy as an integral element of the customer proposition means that banks can establish a clear, responsible, customer-centric position in the emerging value network. The payment system isn’t a policeman, but banks might be privacy providers.

(*) Sincere apologies for appalling but irresistible puns throughout.

(**) The two-factor authentication device that I use to access my Barclays bank account.

 

IBM upgrades mainframe to encrypt data at high speeds | American Banker

xxx

Banks have had to hash personally identifiable customer information, such as address, date of birth and Social Security number, since 2003,

From IBM upgrades mainframe to encrypt data at high speeds | American Banker

xxx

Saturday, 15 July 2017

Films for planes review of "Life"

Life ☀️☀️

In the mood for some sci-fi I punched this up on a transatlantic flight. At first I thought I’d made a reasonable choice. Nice start, interesting idea even if you sort of knew what the plot would be, good special effects to get the story moving.

Lots of it was too dark to see properly so I couldn't entirely tell what was going on.

Rating System

In case you’d forgotten, I use a five sun rating system. It works like this:

  1. Movie gets one sun for interesting story with good acting

  2. Movie gets one sun for not having an English villain

  3. Movie gets one sun for not being too dark or having lots of special effects, so you can enjoy it properly on an airplane screen

  4. Movie gets one sun if I watched all the way to the end without falling asleep or turning over because I was bored

  5. Movie gets one sun if it doesn’t have Kate Winslet in it

So any movie I watch on a place gets at least one sun, and if they pull out all the stops they can get five.

Friday, 14 July 2017

Platform currencies may soon be obsolete – The Blockchain Investments Blog

xxx

"As frictions to holding and exchanging multiple cryptotokens decrease any payment system and any financial flow whatsoever can easily extend to all existing cryptocurrencies. "

Platform currencies may soon be obsolete – The Blockchain Investments Blog

xxx

Tuesday, 11 July 2017

Real Estate Fraud | Bar Works | Ponzi Schemes

xxx

Robert paid the first half of the $2,000 fee up-front — in Bitcoin. That’s when the consultant grew suspicious.

From Real Estate Fraud | Bar Works | Ponzi Schemes

xxx

Mobile payments taking off for contactless commuting

xxx

one-in-ten contactless journeys on London's buses and tubes now paid for by the likes of Apple Pay and Samsung Pay. The latest figures from Transport for London detail over one billion journeys on the transit network using contactless cards, with almost £2 billion spent by commuters since the cards were first accepted in 2012.

In total, 40% of all pay as you go journeys are now made using contactless. This is up from 25% in early 2016.

From Mobile payments taking off for contactless commuting

xxx

Sunday, 9 July 2017

Blockchain Technology Could Reduce Investment Banks’ Infrastructure Costs by 30 Percent, According to Accenture Report | Accenture Newsroom

xxx

Blockchain technology could reduce infrastructure costs for eight of the world’s 10 largest investment banks by an average of 30 percent, translating to $8 billion to $12 billion in annual cost savings for those banks, according to a new report by Accenture

From Blockchain Technology Could Reduce Investment Banks’ Infrastructure Costs by 30 Percent, According to Accenture Report | Accenture Newsroom

xxx

Using Blockchain to Solve Regulatory and Compliance Requirements

xxx

Distributed ledger technology (DLT) or blockchain has the potential to take away several pain points for financial institutions and regulators.

From Using Blockchain to Solve Regulatory and Compliance Requirements

xxx

Worldpay emerges as a winner in the war on cash

xxx

Mr Jansen says Worldpay can respond by selling extra services to its customers based on analysing all the data from the 41m transactions it handles on an average day.

From Worldpay emerges as a winner in the war on cash

xxx

Guru

Alan Woodward, one of the security-wallahs that I take very seriously, pointed me to a new paper from the University of Luxembourg: "Guru: Universal Reputation Module for Distributed Consensus Protocols".

We introduce reputation module Guru, which can be laid on top of various consensus protocols such as PBFT or HoneyBadger. It ranks nodes based on the outcomes of consensus rounds run by a small committee, and adaptively selects the committee based on the current reputation. The protocol can also take external reputation ranking as input.

Persistent reputation of pseudonyms is one of the key mechanisms that I think

Saturday, 8 July 2017

Bitcoin can be an asset but not currency - China central bank adviser | Reuters

xxx

Virtual currencies like bitcoin are assets but bitcoin in itself does not have the fundamental attributes needed to be a currency that could meet modern economic development needs, a Chinese central bank adviser said.

From Bitcoin can be an asset but not currency - China central bank adviser | Reuters

xxx

Monday, 3 July 2017

PSD2 impact on payments - Icon Solutions

xxx

PSD2 and Instant Payments to drive a 37% decline in online card volumes by 2027 Boosted by increased consumer convenience, Instant Payments will overtake cards by 2025 Retail Instant Payments in Europe will hit €725bn in transactions by the end of 2027 Single card payments set to decline from 40% to 11% market share by 2027 Instant Payments will become one of the main online payment tools in Europe, accounting for roughly €338bn of direct online expenditure

From PSD2 impact on payments - Icon Solutions

xxx

Thursday, 29 June 2017

Rise in online and mobile shopping drives card fraud transactions t...

xxx

The nine percent rise in UK card fraud over 2015, topped the previous peak set in 2008 after the introduction of chip and PIN.

From Rise in online and mobile shopping drives card fraud transactions t...

CNP fraud is now almost three-quarters of total card fraud, which is what you’d expect given the use of the chip and PIN.

Saturday, 24 June 2017

Square gets green light to take on banks with 'PIN on glass' mobile technology

xxx

The PCI Security Standards Council, which comprises the five largest global credit card companies, is expected to green light the way Square captures PIN numbers through smartphones.

From Square gets green light to take on banks with 'PIN on glass' mobile technology

xxx

Friday, 23 June 2017

Central banks, cryptocurrencies and complexity

Well, that was fun. I was invited along to take part in the CSFI roundtable on “'Formal' digital cash: The currencies of the future?” along with Ben Dyson from the Bank of England and Hugh Halford-Thompson of BTL Group. The event, held at the London Capital Club, was hugely oversubscribed, which I took to be evidence of renewed City interest in the general topic of digital cash and the specific topic of digital currency.

My good friend Andrew Hilton, long-stanfing captain of the good ship CSFI, framed the discussion in his invitation ask the basic “what if”. "What if some central bank issued a digital coin that was as widely accepted as a bank note? Or, if not a central bank, what if a group of banks or payments operators issued a similar digital coin?”.

For me, the roundtable was both an opportunity to plug my new book (did I mention that I have a new book out by the way?) “Before Babylon, Beyond Bitcoin” and an opportunity to learn in the best possible way: by answering hard questions from smart people.

 

 

xxx

"Such risks could be reduced if central banks offer digital national currencies, which the IMF defines as a 'widely available DLT-based representation of fiat money'."

IMF urges central banks to study digital currencies | afr.com

Now, why the IMF would define digital national currencies is unclear. A national digital currency, or e-fiat for short, may be implemented in any number of different ways. A “widely-available DLT-based representation” would be only one such option and even then it is not entirely clear what “DLT-based” actually means in this context. For that matter, it is not entirely clear what “DLT” means in this context either.

 

Wednesday, 21 June 2017

"The Blockchain Is Going to Revolutionize Central Banking and Monetary Policy" -

David L. Yermack, the Albert Fingerhut Professor of Finance and Business Transformation at New York University Stern School of Business, wrote recently that:

"Rather than printing greenbacks and circulating bills and notes, why doesn’t the Federal Reserve just put everything on a national blockchain and make all of the money electronic?   This is something that I think is probably going to happen. "

"The Blockchain Is Going to Revolutionize Central Banking and Monetary Policy" -

Well, I think it's probably going to happen too, but it depends what you mean by "national blockchain".

Adyen: the new bank is not a bank any more

As my old friend Simon Leleiveldt points out...

"One big difference between banks and payment institutions is that payment institutions are barred access from the RTGS-system of the ECB. The reasons is that the Settlement Finality Directive does not allow for PIs to become a direct member of designated systems. Even though already 5 years ago, the Dutch Ministry of Finance has made it clear that from a policy perspective the Settlement Finality Directive should change in this respect, no further action can be seen on the EU-level."

Adyen: the new bank is not a bank any more

xxx

Tuesday, 20 June 2017

It was 20 years ago today, as they say

20 years ago in June 1997 the Centre for the study of financial innovation published a report called the Internet and financial services.

This report was the result of a series of working groups that had been set up to look at retail banking, personal finance, insurance, equity trading, regulation, payments, security and crime at the dawn of the Internet era. I was part of the team that created the input to the report (I was also part of the retail banking working group) and I’m eternally grateful to Andrew Hilton, the director of the centre, for having kicked off the process all the way back in 1996. I learned a lot from taking part in the working groups and from distilling input from a lot of different people in order to create input to the report. When I look at the things I wrote around that time, two things stand out to me. First of all, I was right about the likely impact of mobile phones because even in those far-off days with the first rudimentary SMS services in place, you could see that the mobile could be a very powerful new channel for financial services (although not even I could have imagined just how central it would become to the modern financial services industry)

Once each of the unremarkable acts we undertake in the course of the day—opening the front door, buying the groceries, hopping onto the bus—has been reconceived as a digital transaction, it tends to dematerialize.

From A Sociology of the Smartphone

Secondly I was wrong about digital television! I’d worked on a couple of digital television projects back in those days, including projects for delivering financial services and other information using digital television and I was sure that for many people the digital TV will become the easiest way to access rich financial services. But I did share the feeling of many people at those early roundtables that something unusual was happening and that the Internet would turn out to be a major and unpredictable driver of change. The executive summary of the report picked out for ways that the Internet might disrupt the financial services landscape as it stood then. More competition (and more transparency) to the benefit of new entrants, privileging suppliers with technology and digital marketing know-how and incumbents lacked, empowering customers by giving them direct access and removing geography as a constraint to financial services businesses. Remember this was long before the iPhone, WAP and the great financial crisis stop

The report correctly predicted that banking would move from branches to screens, that the personal finance market would sprout many direct suppliers, that equity markets will give retail investors access to prices and suchlike and that while the insurance industry might be slow to adopt new technology the elimination of geography would be a particular benefits to both wholesale and retail providers.

I note, interestingly, the report also said that the Internet might eventually provides a means for settling equity trades, a discussion researching since the arrival of bit coin and the block chain.

One other thing I found rather interesting about report is that it was confident about the ability of the technology to deliver security and clearly did not anticipate the failure of the market to implement it. Finally the report says that “regulation may be the key obstacle” and as time goes by it is becoming steadily more clear that it is regulation that will shape strategy over the coming years.

I was the chairman of the retail banking working group along with Paul Taylor from the financial Times, and a variety of well-informed and expert members including my old friend Thomas Carruthers who went on to launch X, Keith Gold from IBM who was very influential in helping me to think about the big picture relationship between technology and banking, representatives from both a few banks, lawyers, the BBC and something called Anderson consulting which no longer exists as far as I can tell from a quick Google.. I noticed that one of the conclusions of the retail banking working group was that there was an opportunity for banks to provide risk management services that “could eventually become a core business of Internet-based banks” and although I don’t remember who made that point most vigorously, whoever did at the beginning had a big influence on my thinking. The working group was right to say that “it is hard to overstate the potential impact of the Internet on retail banking in the UK” and I think, unless I’m misreading some of the comments, seen quite bullish on the ability of the existing banks to extend and embrace the digital revolution. I think at the time there was probably a lot of talk of new Internet only banks coming along and overthrowing the establish order, which really didn’t happen, so I imagine that sober voices must have steered the working group around my youthful enthusiasm for all things digital.

Privacy concerns as Chinese cities use facial recognition software to shame jaywalkers | Hong Kong Free Press HKFP

xxx

Efforts by some Chinese cities to use facial recognition software to shame jaywalkers have been met with concerns that the practice may violate pedestrians’ privacy.

From Privacy concerns as Chinese cities use facial recognition software to shame jaywalkers | Hong Kong Free Press HKFP

xxx