Supporting the CDBC dialogue

The way that central bank digital currencies will work is a matter of great importance and there needs be informed discussion and debate about the requirements, goals and constraints of practical population-scale fiat electronic cash. But the fact is that CBDC is a complicated, emotive and (frankly) poorly-understood subject that needs collaboration across public and private sectors to deliver benefits to all stakeholders. With the interest the subject growing from all directions, Mastercard’s announcement of a new CBDC Partner Program to foster collaboration with key players in the space is very welcome.

Their inaugural set of partners includes the remittance platform Ripple, blockchain and Web3 software company Consensys, multi-CBDC and tokenized assets solution provider Fluency, digital identity technology provider Idemia, security technology group Giesecke+Devrient, digital asset operations platform Fireblocks and, of course, Consult Hyperion. We were delighted to be asked to join the program and, given our considerable experience in the design and development of mass-market electronic alternatives to cash – for clients ranging central banks, through commercial banks, to telecommunications operators and mass transit schemes – around the world, we will work with the partners to tackle key questions and advance the state of the art.

One of the key questions is, of course, the fundamental need for CBDC at all. Here, we are far from global consensus. Writing in the Financial Times earlier this year, a senior advisor to the Bank of England said that as CBDC is the digital equivalent of cash and that since we already have electronic commercial bank money, we don’t really need it. Similarly, in the Wall Street Journal, a technology writer said that a retail CBDC isn’t any different from the electronic money in bank accounts today—it’s just a digital dollar. But they are both wrong: there is a fundamental difference between electronic money that lives in bank accounts and electronic cash that lives… well, anywhere. In phones, USB sticks, laptops, smart cards, cars or wherever else we can put a microchip capable of secure processing.

Why does this matter? Well, when I sent my sister the money that I owed her recently, it went from my bank account through the banking system to her bank account. But in the future, I will send her electronic cash from the wallet in my laptop to the wallet in her phone and it will never go anywhere near banks or the banking system. There won’t be any clearing or settlement, which is why the existence of instant payment networks has nothing to do with the need for CBDC.

The modern economy needs both electronic money and CBDC. We need a safe and sound banking system but we also need safe and sound money that can move around outside that banking system to provide not only resilience in the infrastructue but, most importantly in my opinion, a platform for new products and services. This is where the real excitement should be. If there is going to be a digital dollar, it should be in a form that is a platform for open innovation. Electronic cash, like cash, is a pre-paid product with no credit risk. Anyone should be able to use a digital dollar API to create not mere emulations of the payment services that we have now, but new ways of transacting: micropayments, smart payments, conditional payments, whatever.

Jesse McWaters, who leads global regulatory advocacy at Mastercard, says that there are questions about the role of the private sector in CBDC issuance, security, privacy and interoperability. He is right, and Mastercard is looking to help answer some of these questions by fostering industry collaboration to draw on (for example) Fluency’s work to build interoperability among different CBDCs, Consult Hyperion’s work with central banks and payment processors to define their CBDC requirements and Ripple’s launch of an inaugural government-issued national stablecoin in collaboration with the Republic of Palau. Mastercard are to be applauded for their initiative to bring these questions forward for serious discussion and informed debate.

The Identity of Things: Products and Provenance

blue and yellow phone modules

If we think about the idea of digital identity in the internet of things then luxury goods such as watches make for an interesting example. How would you tell a fake Rolex from a real one in an always-on, interconnected world? You might say just put a hologram in it, or a chip that can’t be forged or something. And these might be good starting points but it’s a much more complicated problem than it seems at first.

Let’s think about secure microchips. Suppose contactless technology is used to implement some kinds of ID for the Internet of Things (IDIoT) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to wave my mobile phone over it and read the IDIoT. My mobile phone can decode the IDIoT and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. I could go onto the Gucci-lovers website and find out that product 999 is a particular kind of handbag, but nothing more: I may know that the chip in the handbag label is ‘valid’, but that doesn’t tell much about the bag. For all I know, a bunch of tags might have been taken off of real products and attached to fake products.

To know if something is real or not, I need more data. If I wanted to know if the handbag were real or fake, then I would need know about the provenance as well as the product. The provenance might be distributed quite widely between different organisations with different drivers (this is why many people are keen on the using the blockchain as a means to co-ordinate and obtain consensus in such an environment). The retailer’s system would know from which distributor the bag came; the distributor’s system would know from which factory the bag came and Gucci’s system would know who stitched and where the components came from, a supplier system would know that the material came from sustainable hippos or whatever else it is they make handbags from. I would need access to these data to get the data I would need to decide whether the bag is real or fake. (Of course, I might want access to other data to give me more information to support my purchases decisions too. Such as ethical data for example: Who guarantees that my new jeans were not made by children and so on?)

This is a critical point. The key to all of this is not the product itself but the provenance. A secure system of provenance (for example) is the core of a system to tell real from fake at scale.

Provenance

Who should control the provenance of a product, and who should have access to the all or part of that provenance, is rather complicated. Even if I could read some identifier from the product, why would the retailer, the distributor or Gucci tell me anything about the provenance? How would they know whether I am a retailer, one of their best customers, one of their own ‘brand police’, a counterfeiter (who would love to know which tags are in which shops and so on) or a law enforcement officer with a warrant?

This is where the need for a digital identity comes into the picture. A Gucci brand policeman might wave their phone over a bag and fire off a query: the query would have a digital signature attached (from secure hardware in the mobile phone, as in iPhones, for example) and the provenance system could check that signature before processing the query. It could then send a digitally signed and encrypted query to the distributor’s system which would then send back a digitally signed and encrypted response to be passed back to the brand policeman: ‘No we’ve never heard of this bag’ or ‘We shipped this bag to retailer X on this date’ or ‘We’ve just been queried on this bag in Australia’ or something similar.

(And, of course, each time an IDIoT is created, interrogated, amended or removed from the system, the vent will be recorded on a shared ledger to guarantee the integrity.)

The central security issue for brand protection is therefore the protection of (and access to) the provenance data. Who exactly is allowed to scan my pants and under what circumstances? If I give my designer shirt to a charity shop, what information should they learn about the idea? An approach to this issues that uses the right combination of tools (ie, using secure chips to link the provenance on a shared ledger to the physical objects) will deliver a powerful new platform for a wide variety of potential services.

What might these services be? I don’t know, because I’m only a consultant and can’t afford luxury goods but perhaps if such a system adds £20 to the price of a Rolex to implement this infrastructure, so what? The kind of people who pay £5,000 for a Rolex wouldn’t hesitate to pay £5,020 for a Rolex that can prove that it is real.

In fact, such a provenance premium might be rather popular with people who like brands. Imagine the horror of being the host of a dinner party when one of the guests glances at their phone and says “you know those jeans aren’t real Calvin Klein, don’t you?”. Wouldn’t you pay an extra £5 for the satisfaction of knowing that your snooping guest’s app is steadfastly attesting to all concerned that your jeans, watch and sunglasses are all real? Of course you would.

This international identity day, remember that identity is not just for people. It is for droogs and droids, pants and pets. The digital identity infrastructure that we need for the future is for everything. Everything.

Identity in the Metaverse

An aurora accents Earth's atmospheric glow underneath a starry sky

I had the privilege to chair a discussion about identity in the metaverse at the Identiverse conference in Denver in June 2022, and had great fun discussing the new landscape for identity with Heather Vescent, Jonathan Howle, Katryna Dow and Gopal Padinjaruveetil. In order to frame my thoughts and get the discussion about identity and privacy going, I needed a mental model.

What Exactly Is A Smart Wallet?

pexels-photo-887751.jpeg

A wallet is a way of organising things. My Apple Wallet, just like my real wallet, doesn’t have any cash in it. It has credit cards, debit cards, loyalty cards, vaccination records, boarding passes, train tickets and driving licences (Apple have just gone live with their driving licence and state in Arizona). These things are all held independently in the wallet: they don’t talk to each other and they don’t share data with each other. They are also, as you will have noticed, mostly about identity, not money.

How Could Digital Currency Work?

The Bank of England and the UK Treasury have announced a Central Bank Digital Currency (CBDC) Taskforce to coordinate the exploration of a potential British CBDC. But how could a digital Pound actually work? As it happens, this is something that Consult Hyperion knows rather a lot about. Apart from our work on the first British central bank digital currency (Mondex) back in the 1990s, our work on the first population-scale mobile money scheme (M-PESA) in the 2000s and our work on the most transformational contactless payment roll-out (Transport for London) in the 2010s, our practical experience across implementation platforms means that we understand the architectural options better than anyone.

Chip and PIN? Remember that?

three red roses

This weekend marks an anniversary. Although Consult Hyperion’s romance with smart cards had started many years before that, it will be fifteen years on Sunday that chip and PIN went live in the UK. I remember St. Valentine’s Day 2006 as if it was yesterday!

Merchant Payments Ecosystem 2021

When we look forward to 2021, it is no surprise that COVID-19 is the dominant factor. So far as the merchant payments world is concerned, the shape of the post-pandemic new normal transaction environment must be the key strategic consideration for stakeholders and I am desperately keen to hear the variety of informed opinion on this topic that I have come to expect at Merchant Payments Ecosystem every year. At Consult Hyperion we like to contribute to these conversations by providing a useful framework for discussion: our annual “Live 5”, our yearly set of suggestions for strategic focus. This year, we choose to look at the key issue of pandemic transformation and its impact of on the three key domains where our clients operate: Payment, Identity and Transit, together with (as is traditional!) a suggestion as to a technology that the POS world may not be thinking about but probably should be.

Fintech South 2020 – Maintaining trust and safety in a digital world

At the (sadly, virtual) Fintech South event the year, I was asked to chair a discussion on identity and privacy with three extremely well-qualified experts who had informed perspectives on the state of, and trends in, those important pillars of a digital society. These were Adam Gunther (SVP, Digital Identity for Equifax), Andrew Gowasack (Co-Founder and President at TrustStamp) and Megan Heinze (President, Financial Institutions, North America for IDEMIA). It was great to talk to a group of people who were not only well-informed on these topics but had some passion for them too.

I won’t go over everything that was discussed, but I do want to pick up on a comment that was made in passing when I was chatting to the panelists: someone said that a guiding principle should be “no scary systems”. Hear hear! But what is a scary system? It is, in my opinion, a system that privileges security over privacy. This is not how we should be designing the identity systems for the 21st century!

4+4 | Strategic thinking for post-pandemic payments

mountains nature arrow guide

Early on in the pandemic my colleagues at Consult Hyperion and I did a lot of research to explore how it might impact our customers and our customers’ customers, just as I am sure every other organisation in the payments sector did. We looked at a lot of speculative forecasts, we looked at research and analysis from quite a wide range of organisations in the financial sector and beyond, we spoke to a number of people in the industry and we took part in a fair few discussions and debates on the topic. As a result of this, we identified a number of strategic areas where stakeholders in the payment space should be developing or at least preparing their strategies and where they should be planning for some changes to take them through and beyond the COVID-19 crisis.

City Currency

The pandemic has revised interest in a topic that has surfaced repeatedly in Tomorrow’s Transactions events over the years, and that is the issue of local and complementary currencies. The Bristol Pound, the Brixton Pound, the Lewes Pound and many other experiments have sprung up around the country (indeed, around the world) to try to stimulate and regenerate local and regional trade and prosperity in response the changing economic circumstances. We tend to think of currencies as being instruments of the nation state but that’s actually a recent invention in the great scheme of things. There’s no reason to see optimal currency areas as inviolable laws of nature rather than transitional borders under prevailing monetary and financial arrangements.


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
Verified by MonsterInsights