Snippets

xxx Multiple Chase.com customers have reported logging in to their bank accounts, only to be presented with another customer’s bank account details. Chase has acknowledged the incident, saying it was caused by an internal “glitch” From Chase ‘Glitch’ Exposed Customer Accounts — Krebs on Security xxx

I’ve been reading through the GBG/Forrester study (January 2018) "Leaders In Financial Services Are Experts In Customer Identity" when I noticed a very interesting contrast.

xxx The sharing economy is gargantuan. A recent research report published by Bank of America Merrill Lynch estimates the value of it is about $250bn (£190bn) and it’s growing rapidly. From The sharing economy is failing for one simple reason – people can’t be trusted | The Independent xxx

xxx Starting on Tuesday, Whole Foods shoppers who pay with the Amazon Prime Rewards Visa card will earn 5 percent back at the grocery chain’s U.S. stores. From The Amazon Prime credit card will start giving 5 percent back on Whole Foods purchases - Recode xxx

xxx FED up with missing sales in an increasingly cashless society, an enterprising… Big Issue seller Robin Fabian bought a contactless card reader to increase his sales So the 50-year-old bought a contactless card reader just before Christmas, which he said paid for itself on the first day.  From Homeless Robin increased his sales thanks to contactless card reader | UK | News | Express.co.uk xxx

xxx The program is not oriented around making money from interest payments, but to support merchants selling on Amazon's marketplace and to boost Amazon's overall sales growth From Amazon and Bank of America partner for lending program but growth has stalled xxx

    xxx     "Payment identity relates to the issue of the correct identification of payment counterparties. Personally, I think this is much more complicated than it sounds… This raises real issues to do with privacy and these need to be carefully thought through to avoid a Chernobyl of personal information downstream"   From "World class coffee morning with PaymentsUK | Consult Hyperion" .         I noticed that one of the comments on that thread contained the obvious and sensible suggestion that people be allowed to create payment identifiers that are unrelated to to other personally identifiable information. Should work as a reverse phone book for email addresses, too. I asked my bank if i could just create my own PayID that isn't a phone or email. No luck. I think the fast xfers still work with existing BSB/acct numbers so that's what I'll stick with. — Russell Fitzpatrick (@4bx99) February 17, 2018 Indeed. Back in 2015 I said

xxx The development of a digital identity strategy was a recommendation of the 2014 financial system inquiry, which found a "fragmented, unco-ordinated ecosystem of digital credentials creates high costs to government and taxpayers".  From Bank push for new digital identity regime | afr.com xxx

xxx Banks are hoping being a trusted source of customer identity could become a new revenue source From Bank push for new digital identity regime | afr.com xxx

xxx According to the indictment, the Russians not only created Paypal accounts, bank accounts, and false identity documents with stolen American identities From Mueller Indictment: Russian Trolls Stole Real US Identities to Fool Facebook | WIRED xxx

xxx "FINMA's principles focus on the function and transferability of tokens In assessing ICOs, FINMA will focus on the economic function and purpose of the tokens (i.e. the blockchain-based units) issued by the ICO organiser. The key factors are the underlying purpose of the tokens and whether they are already tradeable or transferable. At present, there is no generally recognised terminology for the classification of tokens either in Switzerland or internationally. FINMA categorises tokens into three types, but hybrid forms are possible: Payment tokens are synonymous with cryptocurrencies and have no further functions or links to other development projects. Tokens may in some cases only develop the necessary functionality and become accepted as a means of payment over a period of time. Utility tokens are tokens which are intended to provide digital access to an application or service. Asset tokens represent assets such as participations in real physical underlyings, compani

We said at the end of last year that conversational commerce would be one of the key themes for 2018 and as the year unfolds this prediction is looking spot on. Customers like messaging, and if we (ie, the payments industry) can add payments to that channel then it stands poised to gain a significant fraction of the what now seems almost quaintly called the electronic commerce sector. It looks as if “chat” is a good place for companies to start. Here’s an example. Israel Discount Bank rolled out the Personetics engine through a virtual assistant service “Didi” and has had 200,000+ customers use it. The top three learnings so far make for interesting reading. Customers ask deeper questions of a virtual assistant than you’d think. ‘If a customer has a loan, he will go into specific questions about refinancing loans,’ Frishman said. ‘We covered loans [in Didi’s answer base], but we didn’t think they would go so deep.’ Discount is rolling out a new customer relationship management sys

xxx "But I do find the argument that tokens are this unnecessary evil silly because for decades we have built applications and websites that reward users with sort of 'tokens'; up-votes, or likes, or favourites, or retweets. "Those are social currencies. Y From OpenBazaar adds BCH, Zcash and looks towards tokens xxx

xxx "IT Risk and Internal Control Consultant at NetGuardians John Kiptum said… 70 per cent of the fraud is usually internal where bank staff reset your pin number, do a SIM swap so you no longer receive short message notifications and after that pick your account empty." From "PesaLink ten-month fraud lessons forces cap on transaction amounts :: Kenya - The Standard" . xxx

xxx Howard Schultz, the executive chairman of Starbucks, discussed bitcoin and blockchain in greater detail. In the Jan. 25 call, he said that “I don’t believe that bitcoin is going to be a currency today or in the future,” From A cup of crypto: Starbucks and Dunkin’ both discussed bitcoin in their analyst days - MarketWatch xxx

A millennium ago, in 1016 , the people of England were going about their daily business of growing sheep and suchlike and probably didn’t realise that, these being days long before universal suffrage and representative democracy, they were about to become part of a Scandinavian empire (and without a referendum). This happened when the Saxon King Edmund Ironside died, which led to no end of trouble, because the Saxons of middle England had already chosen Cnut as their king but the cosmopolitan inhabitants of London opted out and went with Ethered’s grandson Edmund Ironside. Then, as now, London was another country but when Ironside died, London couldn’t hold out and Cnut the Great became the King of England. He was the Son of Sweyn Forkbeard a daughter of the King of Poland (bloody Polish kings coming over here and taking all of our monarch’s jobs). He was a grandson of Harald Bluetooth. He became the king of Denmark in 1018 and the King of Norway in 1028, forming the Anglo-Scandinavia

Nigeria is a fascinating business school case study of the relationship between regulation and technology in payments. It ought to be a mobile payments powerhouse, but the regulatory strategy there has resulted in a plethora of subscale mobile money businesses. Despite having 21 mobile money operators licensed by the CBN in the circulation, the volume of transaction on the payment platforms is still grossly low From Cashless: CBN to revoke 15 mobile money licences xxx

Half a century ago, the media theorist Marshall McLuhan who predicted that seismic social shift that the coming online environment would cause in human relationships  said of it that  “In the new electric world, where everybody is involved with everybody, where everybody is involved in complex processes, the old identity cards, the old means of finding out who am I, will not work”. Indeed. McLuhan had this notion of identity as smeared across entities, depending on the relationships and interactions between identities (what Ian Grigg calls “edge” identity). IN t So what will work? I (and others) have long argued that shifting to an infrastructure where transactions are between virtual identities and enabled by credentials is the way forward. In Phil Windley’s “Self-sovereign Identity and the legitimacy of Permissions Ledgers” he says, if I interpret him correctly, that a claim is the process of providing a credential and authenticating its use in order to obtain authorisation. That

Do we want anonymity in payment systems or not? I think not, but who knows. Even those who are actually thinking about this sort of thing are not sure. A few years ago, the US Government Accountability Office published a report on “ Emerging Regulatory, Law Enforcement, and Consumer Protection Challenges ” (May 2014) and the first of its conclusions was that virtual currency systems “may” provide greater anonymity than traditional payment systems. Well, as was famously observed in one of the greatest British films of all time,  Withnail & I , they  may  provide a pork pie. It’s a question of design. The design I want is strong pseudonymity, essentially. I am always interested in the issues around anonymity and pseudonymity in payments and I try hard to collect a variety of different use cases so that I can test proposals for new payment systems to examine their behaviour in very different circumstances. While I was mulling over some issues to do with different kinds of pseudonymi

xxx The average German wallet contains 103 physical euros, the European Central Bank estimated in November, more than three times the figure in France. Cash is still the means of payment in some 80 percent of point-of-sale transactions, compared with only 45 percent—and falling fast—next door in the Netherlands. From Germany Is Still Obsessed With Cash - Bloomberg xxx

xxx For most Swedish businesses, the transaction costs of cash total about 2 percent or 3 percent of the amount concerned, Nilervall says, compared with less than 1 percent for cards. From Germany Is Still Obsessed With Cash - Bloomberg xxx

Well, this week we saw another milestone in the evolution of the global payments marketplace. The New Payments Platform (NPP) will enable customers of Commonwealth Bank, National Australia Bank and Westpac to send money via a service called PayID, which requires users to enter only the recipients' mobile phone number or email address. Other financial institutions, including ANZ, will follow. From Aussie real-time payments platform goes live xxx To celebrate this event, I went to Australia to record a podcast  with NPP Australia Ltd, who developed the system with 13 financial institutions. Adrian Lovney is CEO of NPP Australia and Katrina Stuart is the Executive Manager for Engagement. In the podcast, they explain the key features of NPP and chat about the new products and services that it could enable. From a UK perspective, I’d highlight three areas where NPP is different to our existing Faster Payment Service (FPS) and may inform debate about our New Payments Architectu

xxx China’s central bank is reining in efforts by Tencent and Alibaba to create contentious “social credit” scores from data on citizens’ purchases and social behaviour.  From China cracks down on tech credit scoring xxx

xxx The aggregate value of fake currency seized has increased since 2013. By collating the data issued by the government in response to two questions previously raised in Parliament on May 3, 2016, and July 25, 2017, it can be observed that the total value of fake currency seized has gone up post-demonetisation. From ₹21.54 crore in fake currency seized post demonetisation; Delhi, Gujarat on top - The Hindu xxx

xxx Indian news website NDTV reported that two agents from Pakistan's Inter-Services Intelligence reached out to Mr Marwaha on Facebook a few months ago. They allegedly used fake profiles which led him to believe they were women after which they began regularly communicating with him on WhatsApp. From India officer held over 'swapping secrets' for obscene photos - BBC News xxx

xxx Giffgaff, the mobile network run by Telefonica, is to use Open Banking rules to provide a personal financial management service to its users in the UK. From Mobile network giffgaff to use Open Banking rules to move into pers... xxx

I was very sorry to hear about the death of John Perry Barlow , one of the great influences on my life in technology.     One of my happiest memories of is having dinner with John and cypherpunk founder Eric Hughes, along Nicholas Negroponte, and having a discussion about the use of cryptography to deliver transparency (I was - and still am - sure that Eric’s “open book accounting” has a role to play in creating a new financial services infrastructure). I remember being on a panel with John at a Vanguard executive summit thing in New York. It must have been mid-2000s, maybe 2005 or 2006. The topic of smart cards came up, and I told John that American banks were reluctant to start issuing them. He asked me why, so I told him it was because they were invented in France. He suggested that Gemplus rename them “Freedom Cards”, which still makes me chuckle thinking about it more than a decade later. I probably only met him a dozen times, but he was unfailingly nice and I greatly enjoyed

xxx In June 2017, the National Institute of Standards and Technology revised its digital identity implementation guidelines in Special Publication 800-63.  By the end of June 2018, all federal agencies will be required to have legacy systems and applications in compliance with the guidelines. From NIST's digital identity deadline approaches -- GCN The NIST Digital Identity Guidelines  use a three part model to create a standardised framework for dealing with the digital identity. The NIST guidelines break up digital identity management into three sections: enrollment and identity proofing, authentication and life cycle management and . From  NIST's digital identity deadline approaches -- GCN If that breakdown sounds familiar to blog readers, it’s because it is congruent with the “Three Domain Identity” (3DID) model that we developed a few years ago to help our clients to formulate strategies around digital identity. Just as a reminder, the three domains in our model a

xxx A SURGEON who lied about his skills in an interview so he could get a job at a Worcestershire hospital has been found guilty of fraud. From GUILTY: Surgeon Sudip Sarker lied to get hospital job | Worcester News xxx

xxx Mastercard has announced that by next spring, consumers will be able to identify themselves with biometrics when they shop and pay… using a mobile device. From Mastercard Plans for EU Biometric Authentication | PYMNTS.com xxx

xxx Sometimes an idea is ahead of its time. Many of the most ambitious products in payments and fintech were dismissed as absurd or over-ambitious at the time — only to feel perfectly normal years later as culture and consumer habits evolved. From 7 failed fintech ideas that might succeed today | PaymentsSource xxx

xxx This week, Amazon was awarded two patents for wristbands that can track a warehouse worker's hands and monitor their performance. From Amazon files patent for wearable IoT wristband to track its warehouse workers - TechRepublic xxx   xxx A class-action lawsuit filed earlier this week claims that vibrator manufacturing company Lovense, based in Hong Kong, has been collecting data on customers. The suit does not name any of the plaintiffs, who allege that the features in Lovense's products allowed the company to collect and store 'highly intimate and sensitive data regarding consumers’ personal use of its vibrators. Among these details are 'the date and time of each use and the selected vibration settings', according to the suit. From  Vibrator manufacturing company 'collected users' data' | Daily Mail Online xxx

xxx A class-action lawsuit filed earlier this week claims that vibrator manufacturing company Lovense, based in Hong Kong, has been collecting data on customers… Among these details are ‘the date and time of each use and the selected vibration settings’. From Vibrator manufacturing company 'collected users' data' | Daily Mail Online xxx I was please to read that “ the suit does not name any of the plaintiffs ”. No kidding. But kidding aside, this example provides a stark illustration of what happens when there is no fundamental identity — and therefore trust, reputation and privacy — platform in place. And what’s more, it also tells us that the identity platform cannot be the kind of unsophisticated, basic platform that (for example) banks deploy. There’s a world of difference between logging in to the bank, where I need to prove that I am Dave Birch, and logging in to the sex toy