At Consult Hyperion we frequently discuss the implications of financial crime migrating online. You’re less likely to be mugged at the cashpoint but the online environment is of course open to a wider range of attackers, often well hidden, and operating in diverse geographies. Personally, I have little patience with those who cite the ‘Four Horsemen of the Information Apocalypse’: terrorists, drug dealers, kidnappers and child pornographers. It is, therefore, particularly refreshing to see a genuinely practical approach to child protection being promoted by TrustElevate, drawing on opinions expressed by young people themselves.
Victoria Saporta, BoE executive director for prudential supervision, has said recently that minimum resilience requirements should be required for the tech giants’ (and others’) hosting services, before they may process and store banking data. We strongly support these comments. We have identified this issue as one of a number of new risks arising from modern financial systems architecture, in recent Structured Risk Analyses that we have carried out for financial and retail organisations in North America, Asia-Pac and EMEA.
In our Live 5 for 2021, we said that governance would be a major topic for digital identity this year. Nowhere has this been more true than in the UK, where the government has been diligently working with a wide set of stakeholders to develop its digital identity and attribute trust framework – the rules of road for digital identity in the UK. The work continues but with the publication of the second iteration of the framework I thought it would be helpful to focus on one particular aspect – how might the framework apply to decentralised identity, given that is the direction of travel in the industry.
I was delighted to be asked to present a keynote at the FIDO Authenticate Summit and chose to focus on digital identity governance, which is something of a hot topic at the moment. Little did I know that the day before my session was recorded the European Commission would propose a monumental change to eIDAS, the Europe Union’s digital identity framework – one of the main examples I was planning to refer to. I hastily skimmed the proposed new regulation before the recording but have since had the time to take a more detailed look.
Earlier this year we were delighted to be part of the Consult Hyperion webinar on Request to Pay. A common thread in post-event conversations that followed was an interest in the parallel developments of the UK and European flavours of Request to Pay and how they might work together. With the launch of the European version on June 15th, we thought it an ideal time to signpost the bigger differences.
In the new digital economy, digital identity is a key component to ensuring security, privacy, and convenience for people and businesses.
When we look forward to 2021, it is no surprise that COVID-19 is the dominant factor. So far as the merchant payments world is concerned, the shape of the post-pandemic new normal transaction environment must be the key strategic consideration for stakeholders and I am desperately keen to hear the variety of informed opinion on this topic that I have come to expect at Merchant Payments Ecosystem every year. At Consult Hyperion we like to contribute to these conversations by providing a useful framework for discussion: our annual “Live 5”, our yearly set of suggestions for strategic focus. This year, we choose to look at the key issue of pandemic transformation and its impact of on the three key domains where our clients operate: Payment, Identity and Transit, together with (as is traditional!) a suggestion as to a technology that the POS world may not be thinking about but probably should be.