Paying for food

It feels strange to be writing about paying for food, one of the basic skills we learn in early childhood. However, these are exceptional times, when the basic notion of how we pay is being challenged. It seems we are now considering the different options for paying safely when physical contact must be kept to a minimum.

Consult Hyperion has been alerted to many requests for advice from community groups who normally rely on cash payments, so in response we have drawn up some guiding principles:

1. Maintain good practice: be aware of the vulnerability, both real and perceived, of people unable to leave their homes. Asking them to do things differently risks increasing anxiety and leaving them open to fraud.

2. Keep it simple: work with payments options people already use, and those they are familiar with. The large spike in phishing attacks over the past month highlights scammers’ eagerness to abuse this situation.

3. Maintain records: clear and consistent transaction logging is essential to protect both organisers and the people they are helping. Keep invoices for tracking and reconciliation purposes.

4. Work with existing networks: local authorities, housing associations, care providers, charities, community groups, faith groups, even village shops. The mix will vary according to the community.

5. Only allow demonstrably trustworthy individuals to handle payments: the list of people permitted to countersign passport applications could be a good starting point, but each community is different. Trust is vital in payments.

6. Keep payments and shopping separate: older readers will remember having an account with their local shop and having items added to their tally, paying the bill weekly or monthly.

7. School meals provide a good example: cards (or biometrics) are used to ensure all students have equal access to food, without the stigma attached with free school meals. Food is still served, even if the system has technical issues.

8. Take the time to discuss people’s preferences over the phone: The person receiving the shopping doesn’t have to be the person who pays. Be creative in encouraging people to contribute a little extra, or allow friends and family to pay on their behalf.

When organising payments, only use options people already have. This is not the time for a stressful sign-up process. In order of preference:

Online – PayPal, Bank Transfer, Pingit

With any new online payment, if there is a level of trust through an existing relationship, ask the account holder to send a small sum of 1p or 10p to the intended account, to check that it does arrive in the right place.

PayPal: convenient if you already have an account. Allows you to choose different sources of funds to transfer. Can be used for paying individuals as well as organisations. Includes a degree of protection.

Bank transfer (frequently referred to as Faster Payments): Despite communication from many of our banks, the full roll out of Confirmation of Payee is delayed. There is uncertainty over whether the money will arrive in the right place, so test initially with small amounts. It is irreversible. It can be performed easily via internet banking if you have the capability. Telephone banking is currently overloaded.

Some apps enable an invoice with bank details to be presented through a link to web page. This is better than simply sending requests for payments within an email, as fraudsters can’t just intercept the email and change the recipient details. It requires more effort to set up a fraud and is more likely to get spotted.

Pingit: Less widespread but convenient person-to-person payments which can be sent to a mobile number.

Contactless at the door

Using a portable reader from companies like iZettle, SumUp and Square. Apple Pay and Google Pay are good options as they allow higher value payments without the need to touch the device, if people already have the capability. Appropriate distancing must be observed.

Cheques

The householder only has to part with a single piece of paper and does not have to receive change. Cheques will have to be paid in and take a while to clear but there is very little risk of the householder absconding.

Cash

People are encouraged to avoid handling cash and avoid touching ATMs. Keeping cash in the home makes people more vulnerable. However, some people rely on cash. Where change is to be given, this should be arranged in advance and put in an envelope.

These are extraordinary times, which force us to look differently at the way we pay. Consult Hyperion have been enabling secure payments for over 30 years and we are able to apply our own Structured Risk Analysis process to understand the threats and possible countermeasures in every situation. These threats normally relate to the security of systems but in this case also encompass the risk of infection and people being left without essential supplies.

Finally

If you are reading this from home and need help, try phoning your local shop. If they are not organising deliveries themselves, they may well be aware of groups who are. Many local stores and community groups are providing help to these who need it, providing a much needed service. Get in touch with your local group.

Raising contactless limits to allow more paying without the PIN

In these extraordinary times with the need for social distancing, the payments industry is raising the contactless limits across many countries in order to prevent the need to touch PIN Pads in order to pay for our essential supermarket and pharmacy shopping.  Indeed, such is the concern over the use of cash that contactless payments are being actively encouraged over cash, with some countries, notably China and Russia[1] now requiring that cash is sanitised before it is allowed back into circulation.

The Dutch Payment Association[2] has moved to double their contactless CVM limit from €50 to €100, similar increases are being introduced by Poland; Norway; Canada; Turkey etc.  Yesterday the British Retail Consortium[3] announced that the UK too will raise its contactless limit from £30 to £45 on the 1st April.

So why do we need to wait a week? What does it mean? What are the alternatives?

First let us explain how contactless limits work and understand the difference between contactless payments in the UK compared to most other countries.  Contactless payment terminals have 3 limits:

  • Floor Limit
  • CVM Limit
  • Transaction Limit

The Floor Limit determines if the transaction should be sent online to the Issuing bank for authorisation. In the UK the contactless floor limit has been set at £0 for some time, ensuring all transactions are sent online, preventing spend from any cards that have been reported lost or stolen.

The CVM Limit is the one which is being changed on the 1st April. Above the CVM Limit a transaction requires a cardholder PIN or biometric authentication in order to be approved, which generally means a Chip & PIN transaction is needed. We are now seeing the introduction of some biometric contactless cards, but there are very few of them in the market today. By raising the CVM limit to £45 any contactless transactions below this will be sent to the Issuer for authorisation, which should result in the need to touch the POS less by reducing the number of Chip & PIN transactions.

The Transaction Limit is the maximum value that is allowed for any contactless transaction at that Merchant. This has been badly handled in the past, creating different customer experiences at different merchants. Ideally the contactless Transaction Limit should be the same as the Chip and PIN transaction limit. This then allows a contactless transaction carried out using a mobile phone, with Apple Pay or Google Pay, to be treated in the same way as Chip & PIN transactions. In the coming weeks, most payments will be made at Supermarkets, and whilst the raising of the limit to £45 will enable a higher number of contactless transactions, a large family shop will exceed £45. To be able to Pay without PIN, people should enable their cards in Apple Pay or Google Pay, this will allow them to Pay by contactless no matter the transaction amount.

In the UK, the Transaction Limit has not been uniformly implemented, in some merchants it is set to the same as the CVM Limit, meaning contactless can only happen below £30. The result has been confusion over when Apple Pay and Google Pay transactions will work and when you need to perform Chip & PIN.  POS providers and merchants need to take the opportunity of this limit change to test their systems to ensure that both the CVM Limit and the Transaction Limit are set appropriately to provide the maximum opportunity to pay by contactless.

As my fellow Principal Consultant Tim Richards points out in our video blog, other countries are using mobile apps to prevent the need for PIN – completely “Contact Free” transactions. We don’t have that capability in the UK yet, Apple Pay and Google Pay being the best options for now. We expect this to change as Open Banking progresses and payments without the need for PIN become more common.

Consult Hyperion have extensive experience in contactless and “Contact Free” payments and testing,  we will be able to help organisations ensure they optimise their payments capability to meet the needs of their customers, get in touch for more information on how we can help.

In the meantime, to avoid PIN Pads, shop below £45 or ensure Apple Pay or Google Pay is working on your mobile device, and stay safe.


[1] https://www.finextra.com/newsarticle/35509/russian-banks-act-to-decontaminate-cash?utm_medium=newsflash&utm_source=2020-3-24&member=56902

[2] https://www.finextra.com/newsarticle/35493/dutch-banks-raise-contactless-limits-for-pin-entry

[3] https://www.theguardian.com/money/2020/mar/24/limit-for-contactless-spending-to-rise-to-45-at-beginning-of-april


Counterintuitive Cryptography

There was a post on Twitter in the midst of the coronavirus COV-19 pandemic news this week, that caught my eye. It quoted an emergency room doctor in Los Angeles asking for help from the technology community, saying “we need a platform for frontline doctors to share information quickly and anonymously”. It went on to state the obvious requirement that “I need a platform where doctors can join, have their credentials validated and then ask questions of other frontline doctors”.

This is an interesting requirement that tell us something about the kind of digital identity that we should be building for the modern world instead of trying to find ways to copy passport data around the web. The requirement, to know what someone is without knowing who they are, is fundamental to the operation of a digital identity infrastructure in the kind of open democracy that we (ie, the West) espouse. The information sharing platform needs to know that the person answering a question has relevant qualifications and experience. Who that person is, is not important.

Now, in the physical world this is an extremely difficult problem to solve. Suppose there was a meeting of frontline doctors to discuss different approaches and treatments but the doctors wanted to remain anonymous for whatever reason (for example, they may not want to compromise the identity of their patients). I suppose the doctors could all dress up as ghosts, cover themselves in bedsheet and enter the room by presenting their hospital identity cards (through a slit in the sheet) with their names covered up by black pen. But then how would you know that the identity card belongs to the “doctor” presenting it? After all the picture on every identity card will be the same (someone dressed as a ghost) and you have no way of knowing whether it was their ID cards or whether they were agents of foreign powers, infiltrators hellbent on spreading false information to ensure the maximum number of deaths. The real-world problem of demonstrating that you have some particular credential or that you are the “owner” of a reputation without disclosing personal information is a very difficult problem indeed.

(It also illustrates the difficulty of trying to create large-scale identity infrastructure by using identification methods rather than authenticating to a digital identity infrastructure. Consider the example of James Bond, one of my favourite case studies. James Bond is masquerading as a COV-19 treatment physician in order to obtain the very latest knowledge on the topic. He walks up to the door of the hospital where the meeting is being held and puts his finger on the fingerprint scanner at the door… at which point the door loudly says “hello Mr Bond welcome back to the infectious diseases unit”. Oooops.)

In the virtual world this is quite a straightforward problem to solve. Let’s imagine I go to the doctors information sharing platform and attempt to login. The system will demand to see some form of credential proving that I am a doctor. So I take my digital hospital identity card out from my digital wallet (this is a thought experiment remember, none of the things actually exist yet) and send the relevant credential to the platform.

The credential is an attribute (in this case, IS_A_DOCTOR) together with an identifier for the holder (in this case, a public key) together with the digital signature of someone who can attest to the credential (in thsi case, the hospital the employs the doctor). Now, the information sharing platform can easily check the digital signature of the credential, because they have the public keys of all of the hospital and can extract the relevant attribute.

But how do they know that this IS_A_DOCTOR attribute applies to me and that I haven’t copied it from somebody else’s mobile phone? That’s also easy to determine in the virtual world with the public key of the associated digital identity. The platform can simply encrypt some data (anything will do) using this public key and send it to me. Since the only person in the entire world who can decrypt this message is the person with the corresponding private key, which is in my mobile phone’s secure tamper resistant memory (eg, the SIM or the Secure Enclave or Secure Element), I must be the person associated with the attribute. The phone will not allow the private key to be used to decrypt this message without strong authentication (in this case, let’s say it’s a fingerprint or a facial biometric) so the whole process works smoothly and almost invisibly: the doctor runs the information sharing platform app, the app invisibly talks to the digital wallet app in order to get the credential, the digital wallet app asks for the fingerprint, the doctor puts his or her finger on the phone and away we go.

Now the platform knows that I am a doctor but does not have any personally identifiable information about me and has no idea who I am. It does however have the public key and since the hospital has signed a digital certificate that contains this public key, if I should subsequently turn out to be engaged in dangerous behaviour, giving out information that I know to be incorrect, or whatever else doctors can do to get themselves disbarred from being doctors, then a court order against the hospital will result in them disclosing who I am. I can’t do bad stuff.

This is a good example of how cryptography can deliver some amazing but counterintuitive solutions to serious real-world problems. I know from my personal experience, and the experiences of colleagues at Consult Hyperion, that it can sometimes be difficult to communicate just what can be done in the world of digital identity by using what you might call counterintuitive cryptography, but it’s what we will need to make a digital identity infrastructure that works for everybody in the future. And, crucially, all of the technology exists and is tried and tested so if you really want to solve problems like this one, we can help right away.

KYC at a distance

We live in interesting times. Whatever you think about the Coronavirus situation, social distancing will test our ability to rely on digital services. And one place where digital services continue to struggle is onboarding – establishing who your customer is in the first place.  

One of the main reasons for this, is that regulated industries such as financial services are required to perform strict “know your customer” checks when onboarding customers and risk substantial fines in the event of compliance failings. Understandably then, financial service providers need to be cautious in adopting new technology, especially where the risks are not well understood or where regulators are yet to give clear guidance.

Fortunately, a lot of work is being done. This includes the development of new identification solutions and an increasing recognition that this is a problem that needs to be solved.

The Paypers has recently published its “Digital Onboarding and KYC Report 2020”. It is packed full of insights into developments in this space, features several Consult Hyperion friends and is well worth a look.

You can download the report here: https://thepaypers.com/reports/digital-onboarding-and-kyc-report-2020

Dave New World #IWD2020

One of my favourite quotes is, “at any given IT conference, there are more attendees named Dave[1] than there are women”. Having checked the attendee list at several conferences, it seems a pretty fair rule of thumb.

My first step into IT was to escape a rogue boss, who handled both male and female employees equally, resulting in my predecessor taking a case to tribunal. The local university offered postgraduate qualifications in both IT and accountancy. The first year of IT counted towards both, so I took the path of least resistance. After a year creating expert systems and researching Artificial Life, my choice was made.

Having settled into a technical role with a major network provider, I expressed an interest in moving into the security team, only to be told “you can’t have that job, it’s Dave’s job”. When I insisted, a second opening was found and Dave became a much-valued colleague and friend. When I was promoted to lead the team, it emerged that my salary even after promotion was well below Dave’s and rapid adjustments had to be made.

At around this time I worked alongside a firewall consultant, whose best client had bandwidth beyond our wildest imaginings. She needed cutting edge technology to protect her revenues while engaged in the world’s oldest profession. This consultant, known to use the same password on every system, later put the first firewall into 10 Downing Street. In recent years, I have had the opportunity to research (in a professional capacity) the importance of digital identity in the context of adult services, highlighting the sheer scale of this industry and the important role of technology in this area.

When I first joined Consult Hyperion in 2006, I was asked to organise a workshop for identity experts from across Europe. It was a great opportunity and a real inspiration when Angela Sasse, a leading light in HCI, spoke about the importance of both women and men contributing to systems which are to serve the public. One of my favourite feminists, another Dave, was later to highlight the peculiar assumptions behind some technologies. For instance, the concept of the smart home managed remotely by a man on the move. It may work for people living alone but the ability to turn the lights off or the heating down while partners or family members are at home is not so great.

We are lucky at CHYP to have a diverse and highly skilled team working in Hyperlab, including a Dave. His working proof that an EMV contactless transaction could be completed in under 500ms in a live transit environment was critical to the adoption of the technology by Transport for London, which in turn contributed to the wider implementation of contactless payments. He has also worked on financial inclusion projects in both the UK and Africa, enabling aid to be distributed to farmers in remote areas.

On a personal level, it is always good to see more women joining the industry. It’s a great place to work, with constant change and exciting new challenges. I respect initiatives such as Microsoft’s Girls in STEM[2], although it has caused upset in my household, as my son was very disappointed that there was no equivalent for Boys in STEM. He has a truly inspirational IT teacher, who spent much of her career working in the industry and is equally at home with coding and infrastructure (or ‘the boring stuff’, as my son likes to call my main area of interest). Despite every possible encouragement, there are no girls taking Computer Science in his year. The local girls’ school does not even offer the subject at A level. However, whatever profession you adopt, chances are you will need technology to achieve your goals. At a time of huge opportunity, it is important to remember that there are many different paths into a career in technology. For instance, privacy requires strong legal and technical underpinnings. It is therefore vital that from the earliest years, we encourage children to engage with technology in whatever way best suits their own individual passions.

I’ve run up against some interesting attitudes in my working life: “you don’t look like a techie[3]”, “girls can’t do firewalls”, “a female consultant?” and, disappointingly, female colleagues refusing to take on “men’s work”. Having spent my formative years around a boys’ prep school, where women were mostly ‘below stairs’, I learned early to take this kind of thing in my stride.


[1] In this article, the term ‘Dave’ is used to denote anyone with the given name of ‘David’.

[2] https://www.microsoft.com/en-us/corporate-responsibility/skills-employability/girls-stem-computer-science

[3] https://www.bbc.co.uk/news/blogs-trending-33783007

To paraphrase Plato: the cost of not taking part is to be subject to the decisions of those less capable than you.

Fraudsters target loyalty schemes for easier gains

It has become practically impossible to keep up with the number of loyalty-related security breaches. In today’s edition of “Who Got Hit?”, we read that Tesco is sending security warnings to 600,000 Tesco Clubcard loyalty members following fraudulent activities[1]. The breach is suspected to be attackers trying to ‘brute-force’ their way into the loyalty system, using stolen credentials, potentially from a different breach. In recent years, fraud associated with loyalty has been on the rise. According to a 2019 report by Forter was an 89% increase in loyalty related fraud, from the previous year.

Perhaps one explanation for such a rise is that the payment industry has become increasingly effective in securing the payment infrastructure and making it harder for criminals to steal money. Additionally, the amount of value sitting in customer loyalty accounts continues to rise. For example, Starbucks has over $1.6 billion of unspent value in customer’s loyalty card and wallet accounts. Such trends are increasingly turning criminals’ focus to ‘softer’ targets such as loyalty schemes, taking advantage of weaker security of the systems to steal this value which can be converted into goods if not redeemed as actual cash.

Loyalty fraudsters can loosely be categorised, based on their motivations, technical expertise and level of access to the loyalty systems and processes. The table below outlines such categorisation:


Strong Passwords are no Panacea!

Security experts often suggest implementing stronger security features such as multifactor-authentication and the use of strong passwords to protect loyalty schemes. These are welcome suggestions; it is however not always realistic to implement expensive countermeasures just to protect loyalty points. A holistic approach to securing the systems and reducing frauds is required in order to enforce the security controls on customers and fraudsters alike.

Colleagues at Consult Hyperion have called for a closer alignment between Payment and Loyalty for years now. Card (and mobile) payments are a mature technology with relatively acceptable levels of security which has been proven over numerous decades. A seamless way of integrating loyalty into payments would allow loyalty schemes take advantage of the robustness of the payment schemes. Despite clear benefits, such integration has been limited, perhaps due to the associated costs to the merchant or the inconvenience to the customer. But a lot is changing in the world of customer authentication. Recent advances such as FIDO 2 and 3D-Secure 2.0, will allow strong customer authentication to be achieved within various contexts (including loyalty!), while maintaining a positive customer experience.

Within Consult Hyperion, our subject matter experts bring a deep understanding of the relevant payments technologies, as well as decades of experience in assessing and designing secure systems. If you would like to know more, feel free to give us a call.

More detail can be found here

Is RCS set to transform Mobile Payments and PSD2 SCA?

By GSMA Future Networks Team, Lishoy Francis, Senior Consultant , Consult Hyperion

Mobile telecommunications services, and the devices consumers use to access them, are evolving rapidly – and, with the roll-out of 5G, the integration of IoT and wearables, and the adoption of embedded SIM, mobile services will soon be available everywhere.

Service providers relying on mobile apps, however, face several challenges. These include falling consumer retention figures, as app transaction abandonment rates increase; the cost of developing and maintaining mobile apps; ensuring adequate security for accurate billing and fraud prevention; and meeting regulations such as PSD2.

Rich Communication Services (RCS) – the mobile industry’s upgrade to SMS, which brings enriched multimedia services and enhanced security to mobile messaging – provides a range of solutions to these challenges, and with them new commercial opportunities in the delivery of consumer payments.  RCS is now gaining momentum in the consumer market, and is a key platform to watch in 2020 and beyond.  Adoption of RCS is mainly driven by buy-in from mobile platform providers such as Samsung and Google, more than 20 device OEMs, and over 90 mobile network operators to date.

From the consumer’s perspective, the RCS experience means forgoing the need to download multiple different apps and instead using a native messaging app on their device which is not limited to plain text, but is capable of handling feature-rich communications in the style of WhatsApp, Facebook Messenger or WeChat. The RCS infrastructure consists of an IP Multimedia Subsystem (IMS) core with implementation-specific Application Server (AS) functions. The messaging feature in RCS is enhanced by RCS Business Messaging (RBM) supported by backend platform components.

Security and trust are scarce in the messaging world, where unwitting consumers can fall victim to phishing attacks leading to monetary loss and compromise of personal information. RCS can help here with Verified Sender, a feature of RBM which provides proof of the sender’s identity. This proof is technically based on a digital signature and, for consumer confidence at a glance, can be shown as a visual tick-mark, with a verified name and logo of the sender on the messaging client.

Consumer authentication has been commonly based, until recently, on the use of a one-time password (OTP) sent over SMS, in conjunction with a memorable secret. Since the arrival of PSD2, however, strong customer authentication (SCA) is required for all electronic payments. PSD2 SCA requires the use of at least two from the following elements:

  • Knowledge – something the consumer knows
  • Possession – something the consumer has
  • Inherence – something the consumer is (typically using a biometric)

Although OTP-over-SMS is a permitted possession factor under PSD2 (acting as proof of possession of a SIM card), RBM can offer better security – the question mark over where a given message has originated is now, thankfully, gone.

The GSMA – working with Consult Hyperion, thought leaders in mobile telecommunications, payments, ticketing, and digital identity – has produced a white paper on what RCS has to offer in digital payments. ‘RCS and Payments’ provides a detailed investigation of RCS’ potential in meeting PSD2’s SCA requirements, including the potential of RCS to replace SMS for delivery of OTP, and explores various payment options across the RCS channel.

Also considered are the additional security mechanisms RCS can offer to gain customer confidence and protect payments: the platform for instance offers service providers advanced functionalities such as message recall if a device is offline; additional controls to validate SIM swap requests; rapid service provisioning; and providing continuous customer engagement via AI chatbots.

In short, RCS offers the most exciting opportunity for service providers and MNOs to work together on providing consumers with secure payments and strong authentication since the availability of NFC and HCE on consumer mobile devices.

Read the latest ‘RCS and Payments’ whitepaper for more details.

Consult Hyperion’s Live 5 for 2020

At Consult Hyperion we take a certain amount of enjoyment looking back over some of our most interesting projects around the world over the previous year or so, wrapping up thoughts on what we’re hearing in the market and spending some time thinking about the future. Each year we consolidate the themes and bring together our Live Five.

2020 is upon us and so it’s time for some more future gazing! Now, as in previous years, how can you pay any attention to our prognostications without first reviewing our previous attempts? In 2017 we highlighted regtech and PSD2, 2018 was open banking and conversational commerce, and for 2019 it was secure customer authentication and digital wallets — so we’re a pretty good weathervane for the secure transactions’ world! Now, let’s turn to what we see for this coming year.

Hello 2020

Our Live Five has once again been put together with particular regard to the views of our clients. They are telling us that over the next 12 months retailers, banks, regulators and their suppliers will focus on privacy as a proposition, customer intimacy driven by hyper-personalisation and personalized payment options, underpinned by a focus on cyber-resilience. In the background, they want to do what they can to reduce their impact on the global environment. For our transit clients, there will be a particular focus on bringing these threads together to reduce congestion through flexible fare collection.

So here we go…

1. This year will see privacy as a consumer proposition. This is an easy prediction to make, because serious players are going to push it. We already see this happening with “Sign in with Apple” and more services in this mould are sure to follow. Until quite recently privacy was a hygiene factor that belonged in the “back office”. But with increasing industry and consumer concerns about privacy, regulatory drivers such as GDPR and the potential for a backlash against services that are seen to abuse personal data, privacy will be an integral part of new services. As part of this we expect to see organisations that collect large amounts of personal data looking at ways to monetise this trend by shifting to attribute exchange and anonymised data analytics. Banks are an obvious candidate for this type of innovation, but not the only one – one of our biggest privacy projects is for a mass transit operator, concerned by the amount of additional personal information they are able to collect on travellers as they migrate towards the acceptance of contactless payment cards at the faregate.

2. Underpinning all of this is the urgent need to address cyber-resilience. Not a week goes by without news of some breach or failure by a major organisation putting consumer data and transactions at risk. With the advent of data protection regulations such as GDPR, these issues are major threats to the stability and profitability of companies in all sectors. The first step to addressing this is to identify the threats and vulnerabilities in existing systems before deciding how and where to invest in countermeasures.

Our Structured Risk Analysis (SRA) process is designed to help our customers through this process to ensure that they are prepared for the potential issues that could undermine their businesses.

3. Privacy and Open Data, if correctly implemented and trusted by the consumer, will facilitate the hyper-personalisation of services, which in turn will drive customer intimacy. Many of us are familiar with Google telling us how long it will take us to get home, or to the gym, as we leave the office. Fewer of us will have experienced the pleasure of being pushed new financing options by the first round of Open Banking Fintechs, aimed at helping entrepreneurs to better manage their start-up’s finances.

We have already demonstrated to our clients that it is possible to use new technology in interesting ways to deliver hyper-personalisation in a privacy-enhancing way. Many of these depend on the standardization of Premium Open Banking API’s, i.e. API’s that extend the data shared by banks beyond that required by the regulators, into areas that can generate additional revenue for the bank. We expect to see the emergence of new lending and insurance services, linked to your current financial circumstances, at the point of service, similar to those provided by Klarna.

4. One particular area where personalisation will have immediate impact is giving consumers personalised payment options with new technologies being deployed, such as EMV’s Secure Remote Commerce (SRC) and W3C’s payment request API. Today, most payment solutions are based around payment cards but increasingly we will see direct to account (D2A) payment options such as the PSD2 payment APIs. Cards themselves will increasingly disappear to be replaced by tokenized equivalents which can be deployed with enhanced security to a wide range of form factors – watches, smartphones, IoT devices, etc. The availability of D2A and tokenized solutions will vastly expand the range of payment options available to consumers who will be able to choose the option most suitable for them in specific circumstances. Increasingly we expect to see the awkwardness and friction of the end of purchase payment disappear, as consumers select the payment methods that offer them the maximum convenience for the maximum reward. Real-time, cross-border settlement will power the ability to make many of our commerce transactions completely transparent. Many merchants are confused by the plethora of new payment services and are uncertain about which will bring them more customers and therefore which they should support. Traditionally they have turned to the processors for such advice, but mergers in this field are not necessarily leading to clear direction.

We know how to strategise, design and implement the new payment options to deliver value to all of the stakeholders and our track record in helping global clients to deliver population-scale solutions is a testament to our expertise and experience in this field.

5. In the transit sector, we can see how all of the issues come together. New pay-as-you-go systems based upon cards continue to rollout around the world. The leading edge of Automated Fare Collection (AFC) is however advancing. How a traveller chooses to identify himself, and how he chooses to pay are, in principle, different decisions and we expect to see more flexibility. Reducing congestion and improving air quality are of concern globally; best addressed by providing door-to-door journeys without reliance on private internal combustion engines. This will only prove popular when ultra-convenient. That means that payment for a whole journey (or collection or journeys) involving, say, bike/ride share, tram and train, must be frictionless and support the young, old and in-between alike.

Moving people on to public transport by making it simple and convenient to pay is how we will help people to take practical steps towards sustainability.

So, there we go. Privacy-enhanced resilient infrastructure will deliver hyper-personalisation and give customers more safe payment choices. AFC will use this infrastructure to both deliver value and help the environment to the great benefit of all of us. It’s an exciting year ahead in our field!



Biometric Travel

It’s been a while since I first read that British Airways (BA) was going to introduce facial biometrics for boarding international flights at Heathrow. I don’t recall going through biometric gates for flights, and I fly a lot, so it must still be in limited deployment. Hurry up BA – this is a great example of biometrics as a convenience technology.

If you been in a BA boarding queue recently, you’ll know how convenient it is to board using the QR code on your phone and how inconvenient it is to fumble around getting your passport out to show at the gate and how annoying it is to be in the line behind people who put the phone down to rummage around in a bag to find the passport and then have to mess around unlocking the phone again because it locked while they were rummaging. So, if BA can do the passport scan and face capture away from the boarding gate they can make for a much smoother boarding process.

Of course the boarding pass has to be real. I remember watching an episode of “Britain on the Fiddle” about boarding cards. The program, which was excellent by the way, included reports of ID fraud that I found fascinating, but also featured Mickey Pitt, an engaging cigarette smuggler who masterminded an operation that used fake boarding passes to get in and out of airports undetected. Perhaps we can fix that problem with the same technology.

According to International Airport Review, a scan of the customer’s face is recorded when they travel through security, and when they arrive at the gate, their face is matched with this representation when they present their boarding pass. Thus you can get on the plane just using the boarding pass in your Apple Wallet and you can leave your passport in your bag.

I hope Terminal 5 will move to remote capture for all flights. Surely as an Executive Club member I should be able to have them capture a picture of my passport at home using Au10tix or similar and store it with my account so that next time I go to the airport I can breeze through the boarding process: they should get rid of the “priority” boarding line (which on many BA flights seems to include almost all passengers) and replace it with a mobile/biometric line.

If we analyse the problem by breaking it down using our identity model, the three-domain model (3DID), we can see there are three separate problems that need to be solved using the technologically effectively:

  • identifying the person travelling (we need to bind a passport);
  • authenticating that the boarding pass is in the hand of the correct person; and
  • authorising the person with the boarding pass to go through the gate on to the plane.

The way to do this is, in my opinion, is to create a digital identity for the purposes of travelling (the travel ID) and to bind this identity to a mundane identity by linking it to a specific passport. Then British Airways can bind this identity to my Executive Club by creating a BA virtual identity, Delta can create a Delta identity and so on. Now, when I make a booking, the booking is connected to my BA ID.

That BA ID could, of course, contain either my face (in the form of a biometric template) or it could contain some other biometric that is optimised for speed and convenience at the airport. Finger vein, is a great example of a technology that has been around for ever and is tried and tested. You can’t take a picture of my finger vein when I’m walking down the road and then use it to pretend to be me, I have to walk up to a scanner and then physically insert my finger, thus consenting to the authentication.

That way, we could restructure the airport experience around technology instead of electronic simulations of paper. In this way, I can check in for the flight on my phone and then put my phone away. When I get to the airport, I go through security (at which point my face is checked against the passport photo in my BA ID) and then go to experience the Terminal 5 shopping experience. When it is time to board the plane, I put my finger into a scanner at the gate and off I go.

Consult Hyperion worked on a few projects looking at finger vein technology for UK banks a while ago – and it featured in our  Tomorrow’s Transactions blog back in 2007 because Hitachi and JCB were playing around with finger vein payments. If you’d like to know more about our model for identity (3DID) or would like to hear about our experiences with secure biometric technology, drop us a line info@chyp.com

Ultra Wideband Payments

It didn’t get much of a fanfare, but the new iPhones have an interesting new technology in them. It’s called Ultra Wideband, or UWB, and it’s in the iPhone 11, iPhone 11 Pro and iPhone 11 Pro Max. It’s a technology used for some very interesting location-based applications. To give just one example, NFL players have UWB transmitters in each shoulder pad, part of broadcast technology used for instant replay animations. A football’s location is updated 2,000 times per second.

Anyway, it’s in my iPhone now and it will be showing up in Android phones later this year. If you look on the Apple web site, you’ll see the arrival of UWB confirmed with the interesting caveat that “availability varies by region”.

(The reason for this is that UWB is subject to national regulatory requirements that require it to be turned off in certain locations such as, to give one example, Vietnam.)

It’s not really a new technology as it’s been around for ages. The spectrum was opened up for commercial use in 2005 by the FCC for pulse-based transmission in the 3.1 to 10.6 GHz range and the IEEE (Institute of Electrical and Electronic Engineers) standard on UWB (802.15.4) came out more than a decade ago. The idea behind it was to send data by transmitting short, low-power radio pulses across a wide spectrum (the channels are ten times wider than the channels used for wifi). The data is encoded so that each bit is spread 32-128 of the nanosecond radio pulses so that you can send lots of data (say 10Mb/s) with little interference.

UWB was one of a family of wireless protocols, along with Bluetooth, ZigBee and WiFi, intended for short-range wireless communications with low power consumption. Back in the day it was assumed that, broadly speaking, Bluetooth was for a cordless keyboards and hands-free headset, ZigBee was for monitoring and control networks, while Wi-Fi was for computer-to-computer connections to substitute for wired networks and UWB was for high-bandwidth multimedia link. It never really caught on though. WiFi worked well enough and got faster, it got built in to laptops and phones and together with Bluetooth seemed to take care of most applications.

But then came the pivot.

It turned out that people found another use for UWB, because these nanosecond radio pulses have an interesting characteristic. They allow you to determine location with great accuracy. The short bursts of signals with their sharp rises and drops mean that the signal start and stop are inherently easier to measure than for wifi or Bluetooth transmissions. This means that the distance between two UWB devices can be measured precisely by measuring the time that it takes for a radio wave to pass between the two devices. It delivers much more precise distance measurement than signal-strength estimation and, what’s more, UWB signals maintain their integrity in the presence of noise and multi-path effects.

All of which means that with UWB it is possible to measure the time it takes the signal to travel from transmitter to receiver and calculate the distance in centimetres, giving much better distance information than determining distance based iBeacons and such like. Apps can therefore receive precise location data and location updates can be delivered every 100 ms if necessary. So UWB-equipped devices can determine the precise location of another UWB device and know whether it’s stationary, approaching or receding. For example, a UWB-enabled system can sense if you’re moving toward a locked door and it can know if you’re on the inside or outside of the doorway, to determine if the lock should remain closed or open when you reach a certain point.

So if you have a UWB phone and a UWB tag of some kind, then the phone can work out where the tag is. Now, I already use something like this, because I’m a big fan of Tile. If you haven’t used Tile, it’s an app on your phone that can locate Bluetooth tags. You buy these tags and then attach them to things (I’ve got one on my keys, one in my wallet and one in my notebook) so that you can find them. I can’t tell you how many times — maybe this is something to do with age — that I’ve misplaced my keys and saved hours of searching around the house by using the app.

Anyway, for the moment Apple only uses UWB to connect its own devices but there are standardisation efforts underway to interconnect devices from different manufacturers. An example use case (where Apple already has patents) is for keyless car unlocking.

(Apple is a charter member of the Car Connectivity Consortium, which created the Digital Key Release 1.0 specification in 2018.)

So why am I telling you about UWB now? Well, it’s because it has started to make inroads into the world of payments. In Japan, NTT Docomo has teamed up with Sony and NXP Semiconductors (their UWB chipset was announced last September) to trial technology that lets shoppers make NFC payments without having to take their phones out of their pockets. They are using UWB to follow user movement and positioning with location accuracy of a few centimetres

Pretty cool stuff! So if you are thinking about a fun payments skunkworks project, you might do worse than have a look at what UWB can do to transform your customers’ experiences at point-of-sale and then ask the Hyperlab team at Consult Hyperion to help you to put something together.


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.