Victoria Saporta, BoE executive director for prudential supervision, has said recently that minimum resilience requirements should be required for the tech giants’ (and others’) hosting services, before they may process and store banking data. We strongly support these comments. We have identified this issue as one of a number of new risks arising from modern financial systems architecture, in recent Structured Risk Analyses that we have carried out for financial and retail organisations in North America, Asia-Pac and EMEA.
We were delighted to get a lot of good feedback on Neil’s previous blog on Mondex Memories and CBDCs and its relevance to CBDCs and thought it would be interesting to respond to some of the more interesting – and difficult – points raised in a follow-up blog. Before addressing those I wanted to put the Mondex program into some historical context. They were very different days – we didn’t have an intranet until 1996, let alone internet access. There were no SDKs – although actually we did build a precursor to one of those – or APIs and the idea of remote payments was still in its infancy (although we did that too).
Deep in the mists of time (that is to say, the early-1990s), I led the team from Consult Hyperion responsible for Mondex specification, design and development. For those not familiar with paleo-payments, it was one of a clutch of (contact) smart card based electronic cash systems, none of which survived beyond, let’s say, early adolescence. There were two main reasons for their demise, one technological and one business. The concept was ahead of the capabilities of the underlying technology. Transactions took about the same amount of time as cash plus change, which wasn’t a compelling reason for anyone to leave their wallet behind. The promoters of the schemes (retail banks and payment brands) did not target particular niches where there may have been a business case (I always thought car parking might work) but instead blanketed retail outlets in particular cities or small countries. So, mostly unused devices were put under the counter, and people forgot about the schemes after an initial blaze of publicity.
The Bank of England and the UK Treasury have announced a Central Bank Digital Currency (CBDC) Taskforce to coordinate the exploration of a potential British CBDC. But how could a digital Pound actually work? As it happens, this is something that Consult Hyperion knows rather a lot about. Apart from our work on the first British central bank digital currency (Mondex) back in the 1990s, our work on the first population-scale mobile money scheme (M-PESA) in the 2000s and our work on the most transformational contactless payment roll-out (Transport for London) in the 2010s, our practical experience across implementation platforms means that we understand the architectural options better than anyone.
Guest blog post by Mirela Ciobanu, The Paypers
The topic of Central Bank Digital Currency (CBDC) is gaining momentum. Across the globe, many CBDC initiatives aim to digitalise payments, support financial inclusion, make cross border payments faster and cheaper, support fiscal transfer, etc. What is firing up discussions around CBDC and why is it important today?
Adoption of new technologies and understanding of their huge potential to support and stimulate our life has caused the world to change a lot in the last year. The current pandemic has triggered the decline of cash usage to avoid getting the virus and safeguard the most vulnerable ones (health-wise). Economic wise, as many governments wanted to protect their citizens and directly stimulate the economy down to every citizen, they offered ‘helicopter money’ via digital wallets.
What did you think of the US election? I don’t mean the candidates and the outcome. What did you think of the election process? Should it be possible for national elections of this type to be done online? Last week the IET published a paper on internet voting in the UK, led by our good friend at the University of Surrey, Professor Steve Schneider. It’s well worth a read. As the paper explains, internet voting for statutory political elections is a uniquely challenging problem. Firstly voting systems have exacting requirements and secondly, the stakes are high with the threat of state level interference.
It’s that time of year again. I’ve had a chat with my colleagues at Consult Hyperion, gone back over my notes from the year’s events, taken a look at our most interesting projects around the world and brought together our “live five” for 2019. Now, as in previous years, I don’t expect you to pay any attention to our prognostications without first reviewing our previous attempts, otherwise you won’t have any basis for taking us seriously! So, let’s begin by looking back over the past year and then we’ll take a shot at the future.
As we start to wind down 2018, let’s see how we did…
- 1. Open Banking. Well, it was hardly a tough call and we were bang on with this one. We’ve been working on open banking projects in the UK, on the continent and beyond. What seems to be an obviously European issue, is of course a global one and we’ve been helping the global payment brands understand the opportunities. Helping existing market participants and new market entrants to develop and implement responses to open banking has turned out to be intellectually challenging and complex, and we continue to build our expertise in the field. Planning for the unintended consequences of open banking and the potentially un-level playing field that’s been created by the asymmetry of data, was not the obvious angle of opportunity for traditional tier one banks.
- 2. Conversational Transactions. Yes, we were spot on with this one and not only in financial services. Many organisations are shifting to messaging channels for customer support and for transactions, in both the banking and retail sectors. The opportunity for this continues with the advancements of new messaging enablers, such as the GSMA backed RCS. But as new channels for support and service are introduced to the customer experience, so are new points of vulnerability.
- 3. The Internet of Cars. This is evolving although the security concerns that we spoke about before, continue to add friction to the development of new products and services in this area. Vulnerabilities to card payments or building entry systems are security threats, vulnerabilities to connected or autonomous vehicles are potentially public safety threats.
- 4. Artificial Intelligence. Again, this was an easy prediction because many of our clients were already active. Where we did add to thinking this past year, it was about the interactive landscape of the future (i.e. bots interacting with bots) and how the identity infrastructure needs to evolve to support this.
- 5. Tokens/ICOs. Well, we were right to highlight the importance of “tokens” (the basis of Initial Coin Offerings, or ICOs) and our prediction that once the craziness is out of the way, then regulated token markets will become significant looks to be borne out by mainstream commentary. At Money2020 Asia in Singapore, I had the privilege of interviewing Jonathan Larsen, Corporate Venture Capital Manager at Ping An and CEO of their Global Voyager Fund (which has a $billion or so under management). When I put to him that the tokenisation of assets will be a revolution, he said that “tokenisation is a really massive trend… a much bigger story than cryptocurrencies, initial coin offerings (ICOs), and even blockchain”.
As we said, 2018 has seen disruption because the shift to open banking, starting in the UK,has meant the reshaping of financial services while at the same time the advance of AI into the transaction flow (transactions of all types, from buying a train ticket to selling corporate bonds) begins to reshape the way we do business.
This year we are organising our “live five” in a slightly different way, listing them by priority to our clients rather than as a simple list. So here are the four key technologies that we think will be hot throughout the coming year together with the new technology that we are looking at out of the corner of our eyes, so to speak. The mainstream technologies are authentication,cross-sector digital identity, digital wallets for ticketing and secure IoT in the insurance sector. The one coming up on the outside is post-quantum cryptography.
So here we go…
- 1. With our financial services customers we are moving from developing strategies about open banking to developing implementation plans and supporting the development of new systems and services. The most important technology at the customer interface from the secure transactions perspective is going to be the technology of Strong Customer Authentication (SCA). Understanding the rules around which transactions need SCA or not is complicated enough, and that’s before you even start working out which technologies have the right balance of security and convenience for the relevant customer journeys. Luckily, we know how to help on both counts!
As it happens, better authentication technology is going to make life easier for clients in a number of ways, not only because of PSD2. We are already planning 3D Secure v2 (3DSv2) and Secure Remote Commerce (SRC) implementations for customers. Preventing “authentication friction” (using e.g. FIDO) is central to the new customer journeys.
- 2. Forward thinking jurisdictions such as Canada and Australia have already started to deliver cross-sector digital identity (where in both cases we’ve been advising stakeholders). New technologies such as machine learning, shared ledgers and self-sovereign identity, if implemented correctly, will start to address the real issues and improvements in know your customer (KYC), anti-money laundering (AML), counter-terrorist financing (CTF) and the management of a politically-exposed person (PEP). The skewed cost-benefit around regtech and the friction that flawed digitised identity systems cause, mean that there is considerable pressure to shift the balance and in the coming year I think more organisations around the world will look at models adopted and take action.
- 3. In our work on ticketing around the world, we see a renewed focus on the deployment of real digital wallets. Transit and other forms of ticketing (such as for sporting events) are the effective anchor tenants of the digital wallet, not payments. In the UK and in some other countries there has been little traction for the smartphone digital wallet because of the effectiveness of the deployment and use of contactless cards. If you look in your real wallets, most of what your find isn’t really about payments. In our markets, payments alone do not drive consumers to digital wallets, but take-up might be about to accelerate. It’s one thing to have xPay put cards into a digital wallet but putting your train tickets, your sports rights and your concert passes into a digital wallet makes all the difference to take-up and means serious traction. Our expertise in using the digital wallets for applications beyond payments will give our clients confidence in setting their strategies.
- 4. In the insurance world we see the business cases building around the Internet of Things (IoT). The recent landmark decision of John Hancock, one of the oldest and largest North American life insurers, to stop selling traditional life insurance and instead sell only “interactive” policies that track fitness and health data through wearable devices and smartphones is a significant step both in terms of business model and security infrastructure. We think more organisations in the insurance sector will develop similar new services. Securing IoT systems becomes a priority. Fortunately, our very structured risk analysis for IoT and considerable experience in the practical assessment of countermeasures, deliver a cost-effective approach.
- 5. In our core field of security, we think it’s time to start taking post-quantum cryptography (PQC) seriously not as a research topic but as a strategic imperative around the development and deployment of new transaction systems. As many of you will know, Consult Hyperion’s reputation has been founded on the mass-market deployments of new transactions systems and services and this means we understand the long-term planning of secure platforms. We’re proud to say that we have helped to develop the security infrastructure for services ranging from the Hong Kong smart identity card, to the Euroclear settlement system and from contactless payments to open loop ticketing in major cities. Systems going into service now may well find themselves overlapping with the first practical quantum computer systems that render certain kinds of cryptography worthless, so it’s time to add PQC to strategies for the mass market.
And there you have it! Consult Hyperion’s Live 5 for 2019. Brexit does not mean the end of SCA in the UK (since PSD2 has already been transcribed into UK law) and SCA means that secure digital identities can support transactions conducted from digital wallets, and those digital wallets will contain things other than payment instruments. They might also start to store transit tickets or your right to travel, health and fitness data for your insurance company. Oh, and all of that data will end up in the public sphere unless the organisations charged with protecting it start thinking about post-quantum cryptography or,as Adi Shamir (one of the inventors of public key cryptography) said five years ago, post-cryptographysecurity.
The Chinese were first with the great transition from commodity money to paper money. They had the necessary technologies (you can’t have paper money without paper and you can’t do it at scale without printing) and, more importantly, they had the bureaucracy.
“In 1260, Genghis’ grandson Kublai Khan became Emporer and determined that it was a burden to commerce and taxation to have all sorts of currencies in use, ranging from copper ‘cash’ to iron bars, to pearls to salt to specie, so he decided to implement a new currency. The Khan decided to replace copper, iron, commodity and specie cash with a paper currency. A paper currency! Imagine how crazy that must have sounded! Replacing stuff with printing!”
Just as Marco Polo and other medieval travellers returned along the Silk Road breathless with astonishing tales of paper money, so commentators (e.g., me) are tumbling off of flights from Shanghai with equally astonishing tales of a land of mobile payments, where paper money is vanishing and consumers pay for everything with smartphones. China is well on the way to becoming a cashless society, with the end of its thousand year experiment with paper money in sight.
“14% of China’s population relies on mobile payments to get around, carrying no cash, according to a survey conducted by Renmin University of China”
The natural step from here is to create digital currency so that settlement is in central bank money and there are no credit risks. Last year, the Governor of the People’s Bank of China (PBOC), Zhou Xiaochuan, set out their thinking about digital currency. He said:
[Zhou] said that “it is an irresistible trend that paper money will be replaced by new products and new technologies.”
He went on to say that as a legal tender, digital currency should be issued by the central bank and after noting that he thought it would take a decade or so for digital currency to completely replace cash in cash went to state clearly that “he has plans how to gradually phase out paper money”. As I have written before, I don’t think a “cashless society” means a society in which notes and coins are outlawed, but a society in which they are irrelevant. Under this definition the PBOC could easily achieve this goal for China. But should they do this? Yao Qian, from the PBOC technology department wrote on the subject earlier this year.
To offset the shock to the current banking system imposed by an independent digital currency system (and to protect the investment made by commercial banks on infrastructure), it is possible to incorporate digital currency wallet attributes into the existing commercial bank account system so that electronic currency and digital currency are managed under the same account.
I understand the rationale completely. The Chinese central bank wants the efficiencies that come from having a digital currency but also understands the implications of removing the exorbitant privilege of money creation from the commercial banks. If the commercial banks cannot create money by creating credit, then they can only provide loans from their deposits. Imagine if Bitcoin were the only currency in the world: I’d still need to borrow a few of them to buy a new car, but since Barclays can’t create Bitcoins they can only lend me Bitcoins that they have taken in deposit from other people. Fair enough. But here, as in so many other things, China is a window into the future.
Alipay, WeChat Wallet, and other Chinese third party payment platforms use financial incentives to encourage users to take money out of their bank accounts and temporarily store it on the platform itself.
You can see the potential problem with digital currency created by the central bank. If commercial banks lose both deposits and the privilege of creating money, then their functionality and role in the economy is much reduced. Whether you think that is a good idea or not, you can see that it’s a big step to take and therefore understand the PBOC position.
Following this line of thinking, then, central banks are not going to issue cryptocurrencies and they are not going to issue digital currencies either (at least in the foreseeable future). But what they might do is to allow commercial banks to create digital currency under central bank control. You could have the central bank provide commercial banks with some sort of tamper-resistant smart chip that would mint commercial bank money under the control of the central bank. Wait a moment, that reminds me of something…
Would a central bank go for this? Some form of digital cash that can be passed directly from person to person like Bitcoin rather than some form of digital money like M-PESA, using hardware rather than proof-of-work to prevent double spending? Well…
“It’s not that you use the phone to order money transfers, as is done today, but having bills in the cellular and being able to pass them on from one user to another,” he said.
Clearly at least one of them would! So here’s a “what if” and I’m genuinely curious as to your comments…
What if we dust off the old Mondex specifications (not difficult for us because some of the people who wrote them still work at Consult Hyperion) but this time implement it in SIMs and Secure Elements instead of contactless smart cards? Then we would have genuine digital currency that could work online and offline, work for inter-personal transactions as well as business transactions and allow things to pay other things. With the 20th anniversary of Multos just gone, maybe Mondex’s time has finally come!
I must say, I tend to agree with Andy Haldane on the wisdom of crowds. These are crowds which, in the UK at least, are wrong about almost everything*. There is no hope, to be honest, unless the robots take over pretty sharpish. But that’s by the by. Andy is once again on the money (literally – he’s the Executive Director, Monetary Analysis & Statistics at the Bank of England) commenting on the public’s opinion on matters of high finance:
“The public should not have a direct say in setting interest rates because they can show ‘madness’ when making collective decisions – just look at Boaty McBoatface, the Bank of England’s chief economist has warned.”
Now, as a general rule, I don’t think that the general public should have a direct say in anything at all, including who should run the country. More evidence for the triumph of shameless populism over the reasoned arguments of actual experts came at the recent CityChain17 event in London.
“it was Gideon Greenspan CEO CoinSciences and brains behind MultiChain that for me stole the show, although Dave Birch at Consult Hyperion was the audience’s favourite “
As I said, it is important not to listen to the wisdom of crowds. Had I paid to go to the event, it would have been to listen to Gideon, not me. His excellent presentation on the difference between a blockchain and database and the niches that the former ought to fill stole the show for me, and illustrated clearly why Multichain is growing in the corporate market.
The point of my presentation, on the other hand, wasn’t to discuss which particular shared ledger architecture was best or which particular kind of blockchain implementation of a shared ledger architecture might be most appropriate in different circumstances, but to draw on Consult Hyperion’s practical experiences advising clients in the financial sector to ask where the biggest impact of shared ledger technologies might be.
I used the example of supply chain applications in my talk because it was something that I happened to write about a few days ago and made the point that shared ledger technologies make more sense as a regtech rather than as a fintech, Since these technologies are about sharing information between companies, and between companies and regulators, then it seems to me that they will be more effective at reducing the aggregate costs of a market than the private costs of individual stakeholders.
How, though, can we create a new kind of market where competitors can share sensitive information yet keep it confidential? The idea of translucent transactions is key to all of this. Companies trading with each other may not want the details of those trades to be public, but the public may want to know that those trades are legal. Hence we need to find a way to audit information that remains hidden from us. This is an idea that I first heard expressed a couple of decades ago by one of the cypherpunk founding fathers, Eric Hughes.
I had the pleasant experience of having dinner with Nicholas Negroponte, John Barlow and Eric Hughes, author of the cypherpunk manifesto, at a seminar in Palm Springs. This was in, I think, 1995. I can remember Eric talking about ‘encrypted open books’, a topic that now seems fantastically prescient.
And here’s the off-chain proof…
Eric’s ideas date back to 1993. A decade on, Nick Szabo was inspired by these ideas to write about confidential auditing, which in turn inspired my colleagues and I to explore ideas of ambient accountability a decade later. Now in the 1990s and 2000s, techniques such as homomorphic encryption and zero-knowledge proofs may have seemed for the lab only, but shared ledgers need these technologies and can exploit them to create new ways to solve old problems. And the business case is there too. For all the talk of the blockchain being instant and free (it isn’t), the ability to send money across the internet as quickly and as cheaply as, say, M-PESA doesn’t create anything like the cost-benefit disruption as the ability to reduce compliance costs does.
RegTech has been supplying some of the best use cases in banking. From the early customer engagement stages like KYC and Identity to compliance management, risk and reporting, the potential to reduce costs and create new customer engagement opportunities is tremendous for RegTech. Banks are also actively looking for solutions to better interfaces with regulators.
This idea makes sense to me much more than using a blockchain for (for example) payments. The idea of shared ledger that allows the FCA to continually monitor a bank’s books to see that it is solvent without being able to see the private information of creditors or debtors is very, very appealing. And it doesn’t shoehorn this fascinating new technology into emulating existing structures but allows us instead to create new and more efficient markets.
By the way, the blockchain as a regtech is something that will be explored at Consult Hyperion’s 20th (yes, twentieth) annual Tomorrow’s Transactions Forum in London next week where my colleague Steve Pannifer and our good friend Vasily Suvorov from Luxoft will be presenting a white paper on the use of shared ledger technology to cut KYC costs and reduce the risks of fraud. And that’s not all. Thanks to the generous support of our Platinum sponsors Vocalink and Worldpay, our Gold sponsor Paysafe and our Silver sponsor CMS (and with the help of our superb communication partner ccgroup) we will be continuing our tradition of information discussion, expert comment and honest debate with a variety of leading-edge perspectives on topics ranging from W3C web payments and KYC in developing markets to zero-knowledge proofs and PSD2. And, thanks to those sponsors once again, the closing keynote on the first day will be Professor Lisa Servon from the University of Pennsylvania, a leading thinker on financial inclusion and the author of “The Unbanking of America”. There are also speakers and panelists from Lloyds, Visa, IBM, Discover, Onfido, Omidyar Network, SecureKey, QED-it, the Cabinet Office, HSBC, Sovrin, MasterCard, Masabi, Transport for the North, the Dutch Payment Association, Zopa and Yandex.
You’d be mad to miss it, so head on over here and grab yourself one of the few remaining delegate places. See you first thing next Wednesday, 26th April for another great Forum.