Living abroad, with tokens.
I have just completed a three-month stint building our business in Australia, and expect to return for a similar period in the near future. How were payments, for me? The first thing to note (to coin a phrase) is that I used no cash whatsoever and don’t recall seeing anyone else either. All retail payments, including transport payments (don’t knock commuting if you’ve never travelled to work on the Manly ferry), were via my Apple Watch, so no PINs, either. (Australia is online PIN, so if you do use an old-fashioned card, you’re unlikely to ever have to insert it into a reader.)
Of course, virtual cards, as wielded by (for example) Apple Pay and Google Pay, present tokens (Device PANs) as an alias for the Primary Account Number (PAN). This ensures that the issuer is able to block fraudulent transactions that could present the Device PAN from somewhere other than the relevant wallet (for example, during a standard e-commerce checkout).
Living and working abroad for three months requires payments for things beyond the usual touristic or business travel items—for example, rent and utility bills. Credit cards are not particularly well suited to many of these payments, with the requirement for recurring (and, sometimes, variable) payments, returnable deposits and so forth. Further, in Australia, it is standard practice for credit card payments for these kind of transactions to attract hefty surcharges. And, of course, forex charges and spreads apply.
What would have been better, would have been to have an Australian bank account and use all the domestic money transfer facilities. The trouble was, I didn’t have much idea of eligibility criteria (such as long-term residency) or how long KYC checks would take (especially without an Australian Tax File Number or driving licence, etc). Fortunately, there is a partial solution.
A number of fintechs (I used Wise) enable you to set up an account in your home country and then create (or have created, automatically) linked accounts in many other countries. Thus, I acquired an Australian BSB (Bank-State-Branch, equivalent to UK Sort Code or US/CAN Routing Number) and Account Number, exactly as any long-term resident.
In essence, the BSB/Account Number combination is a token representing my (UK-based) relationship with Wise. Just like a Device PAN, it enables a class of transactions, using a convenient digital representation; and also limits the scope of transactions; e.g. preventing anyone misusing the token from raiding my Sterling or US dollar funds.
One current limitation is that I cannot use the Australian bank details to set up a further level of indirection, that is, to use an Australian PayID, which would enable me to use a convenient handle, such as my mobile number, in place of hard-to-remember bank details (and, in fact, enable account portability). As well as providing more convenience, like other forms of token, this improves security, by making it less likely that someone impersonating me, and requesting payment, can pass off bank details which they control.
It would be nice to go one further step, which would be to use PayTo, the service set up by Australian Payments Plus, using the New Payments Platform (NPP), to manage payment relationships via mobile apps provided by banks and fintechs. I hope Wise (and others) are working on that. Then, a digital nomad could truly fit in!
Finally, a related grouch: I was frustrated, on a number of occasions, by useful apps not being available to people, demonstrably present in the relevant country, with an Apple ID associated with a different country. One example was my mobile provider; the obvious way to top up an account would be via their app, on a phone carrying their SIM, one would have thought. It was not to be, unfortunately. The same issue occurred with a government app and a newspaper app. Conceivably, I could have created an additional Apple ID or temporarily changed my residence details on the existing Apple ID. You’ve got to me braver than me to do that!
The biggest news in payments security in the last month concerns allegations that point of sale terminals supplied by PAX Technology have been subverted to have the capability of launching cyberattacks. Details of the allegations can be found at Krebs and Bloomberg; in response, PAX Technology has published a rebuttal.
Victoria Saporta, BoE executive director for prudential supervision, has said recently that minimum resilience requirements should be required for the tech giants’ (and others’) hosting services, before they may process and store banking data. We strongly support these comments. We have identified this issue as one of a number of new risks arising from modern financial systems architecture, in recent Structured Risk Analyses that we have carried out for financial and retail organisations in North America, Asia-Pac and EMEA.
Deep in the mists of time (that is to say, the early-1990s), I led the team from Consult Hyperion responsible for Mondex specification, design and development. For those not familiar with paleo-payments, it was one of a clutch of (contact) smart card based electronic cash systems, none of which survived beyond, let’s say, early adolescence. There were two main reasons for their demise, one technological and one business. The concept was ahead of the capabilities of the underlying technology. Transactions took about the same amount of time as cash plus change, which wasn’t a compelling reason for anyone to leave their wallet behind. The promoters of the schemes (retail banks and payment brands) did not target particular niches where there may have been a business case (I always thought car parking might work) but instead blanketed retail outlets in particular cities or small countries. So, mostly unused devices were put under the counter, and people forgot about the schemes after an initial blaze of publicity.
We’ve now had well over year of sporadic lockdowns, of varying degrees of severity. I’m loathe to tempt fate, but it does seem that, in the UK, we’re heading towards a low background level of Covid-19, during the summer months at least. It’s therefore an appropriate time to examine the changed methods of working, and whether, or to what extent, they should be incorporated into normal practice.
It’s that time of year again: where’s it’s traditional to take stock and look to the future. At Consult Hyperion, we do that through our ‘Live 5’ process; where we look at major trends in business, technology and consumer attitudes and project them onto our areas of business focus, with twists of our own. This is more than a marketing exercise. It informs our advisory services, but also sets our own strategy, for example by determining what technologies are investigated, and protypes built, by our Hyperlab unit.
Predictions from 1909
This essay is about a work of science-fiction, of which many features have come to pass. I re-read it this week, as it seemed that even more might be, and not necessarily to our advantage, in the world of Covid-19, and I wanted to confirm or deny my memory. In any case, science-fiction is a great background for technology strategising, helping to get beyond limited thinking based on incrementalism.
I took my English Literature ’O’ Level in 1974 and three works from the syllabus have stayed with me since: Macbeth, Lord of the Flies (which I had read a couple of years earlier) and one that no-one’s ever heard of: a science-fiction short story, The Machine Stops, by E.M Forster. That’s right, E.M. Forster, better known for acute observation of middle-class Edwardian manners (A Passage to India, A Room with a View, Howard’s End…). Apparently, he wrote it to demonstrate how easy it was to generate science-fiction akin to H.G. Wells. Indeed, it bears a certain resemblance to The Time Machine, except for an inversion: in Forster’s dystopian far-future, the effete leisured class live underground, while the rough outlaws live on the surface.
Forster’s ‘civilised’ tribe live in a world of pure ideas, only loosely connected, if at all, with sensory perception. I think what I found shocking was the protagonist flying over the Himalayas, glancing out and immediately shutting the blind, with the dismissive thought “no ideas here”. Having shuttled back and forth between England, Australia and America for much of my life until then, at a time when few did, I was appalled. I used to strain to remain awake, whenever it was even half-light, in order to take in everything, and speculate (and later research) on the physical make-up of the land and the people it supported. In fact, I still do!
Air travel was by fleets of airships, so Forster backed the wrong aeronautical horse, so to speak. Although, he explicitly stated that civilisation had given up the dream of beating the sun in Westward travel, as we have, having attained it in a limited fashion with Concorde, for not quite three decades. For the same reason, partly: the availability of real-time electronic communication.
The civilised world is run by ‘the Machine’; a kind of internet, with mechanical appendages; imagine the Internet of Things is an established reality. FaceTime has been invented, and so has Zoom: people’s time is mostly spent in isolation in their identical cells, giving or receiving webinars, on abstruse but useless topics. Alexa will pick up on any expression of discomfort and diagnostic kit and treatments will be lowered from the ceiling, in the manner of oxygen masks in planes. People never travel to things, but things to people, as if by Amazon. “And of course she had studied the civilization that had immediately preceded her own — the civilization that had mistaken the functions of the system, and had used it for bringing people to things, instead of for bringing things to people. Those funny old days, when men went for change of air instead of changing the air in their rooms!”. Not all predictions were correct in 2020; Google was just a big book, which everyone had, principally as a manual for getting the machine to satisfy all reasonable wants.
The natural atmosphere was supposed to be not capable of supporting human life and a respirator was needed at all times, in the unusual event that anyone had—how shall we say—a reasonable excuse to leave the home. I re-read the story partly to determine why that was, imagining disease. Actually, the supposition was either false or greatly exaggerated; what was the case was that the atmosphere stimulated the senses in a way that overwhelmed those used, and possibly adapted, to the sterile air produced by the machine. Notwithstanding the lack of a pandemic, it was certainly the case that humans physically repelled each other and social distancing was the norm.
The denouement has an increasing level of seemingly random and, at first, minor breakdowns in the operation of the machine. In my mind, these were because the machine’s designers could not anticipate all changes in its external environment.
There is, however, a ‘mending apparatus’ which automatically patches the machine. But when that starts to malfunction… The moral is that society should not, by becoming completely dependent on its own creations, become detached from understanding the nuts and bolts of technology. That is something your favourite consultants will never do!
Back to the story. It is clear that the Chinese had taken over the world at some earlier time. Perhaps when, as now, they concerned themselves with acquiring and applying the whole gamut of technical skills.
The team put on an excellent webinar this Thursday (May 21st, 2020) in the Tomorrow’s Transactions series. The focus was on Trust over IP, although digital identity and privacy were covered in the round.
The panellists were Joni Brennan of the DIACC (Digital ID & Authentication Council of Canada—full disclosure: a valued customer), long-time collaborator Andy Tobin of Evernym and our own Steve Pannifer and Justin Gage. Each of the panellists is steeped in expertise on the subject, gained from hard-won experience.
Joni and Andy presented, respectively, the DIACC and ToIP layered architectural models (largely congruent) for implementing digital identification services. The panellists agreed that no service could work without fully defined technical, business and governance structures. Another key point was that the problems of identification and privacy merge into one another. People need to make themselves known, but are reserved about making available a slew of personal information to organisations with whom they may seek no persistent relationship or do not fully trust.
At one point, it was mentioned that practical progress has been slow, even though the basic problem (to put one aspect crudely, why do I need so many passwords?) of establishing trust over digital networks has been defined for 20 years at least. It could be argued that Consult Hyperion has earned its living by designing, developing and deploying point solutions to the problem. I began to wonder why a general solution has been slow to arise, and speculated (to myself) that it was because the end-user has been ill-served. In particular, the user sign-up and sign-in experiences are inconsistent and usually horrible.
Therefore, I posed the question “What is the panel’s vision for how people will gain access to personalised digital services in 2030?” The responses were interesting (after momentary intakes of breath!) but time was short and no conclusions were reached.
I slept on the problem and came up with some tentative ideas. Firstly, when we are transacting with an organisation (from getting past a registration barrier to download some info, through buying things, to filing tax returns), everything on our screens is about the organisation (much of it irrelevant for our purposes) and nothing is about us. Why can’t our platforms present a prominent avatar representing us, clickable to view and edit information we’ve recorded, and dragable onto register, sign-in or authorise fields in apps or browsers?
Now, there could be infinite variations of ‘me’ depending on how much personal information I want to give away; and the degree of assurance the organisation needs to conduct business with me (of course, it’s entirely possible there could be no overlap). I reckon I could get by with three variations, represented by three personas:
- A pseudonym (I get tired of typing firstname.lastname@example.org just to access a café’s wifi; there are some guilty parties registering for our webinars too!)
- Basic personal information (name, age, sex, address) for organisations I trust, with a need-to-know
- All of the above, maybe more, but (at least, partly) attested by some trusted third party.
Obsessives could be given the ability to define as many options, with as many nuances, as they like; but complexity should be easily ignorable to avoid clutter for the average user.
I think it’s the major operating system providers that need to make this happen: essentially, Apple, Android and Microsoft, preferably in a standard and portable way. For each we would set up an ordered list of our preferred authentication methods (PIN, facial recognition, etc) and organisations would declare what is acceptable to them. The system would work out what works for both of us. If the organisation wants anything extra, say some kind of challenge/response, that would be up to them. Hopefully, that would be rare.
The Apple Pay and Google Pay wallets are some way to providing a solution. But sitting above the payment cards and boarding passes there needs to be the concept of persona. At the moment, Apple and Google may be too invested in promulgating their own single customer views to see the need to take this extra step.
I sensed frustration from the panellists that everything was solvable, certainly technically. Governance (e.g. who is liable for what when it all goes wrong?) was taken to be a sticking point. True, but I think we need to put the average user front and centre. Focus groups with mocked-up user experiences would be a good start; we’d be happy to help with that!