CBDCs are everywhere – and nowhere. Everyone is discussing them, but almost no one is actually deploying them. Sure, this is in part due to the early stage thinking that is going into working out what is actually required but it’s also due to the tricky business of actually working out how they would be implemented. Developing a retail payment solution is a lot harder than creating a Central Bank backed payment instrument.
A wallet is a way of organising things. My Apple Wallet, just like my real wallet, doesn’t have any cash in it. It has credit cards, debit cards, loyalty cards, vaccination records, boarding passes, train tickets and driving licences (Apple have just gone live with their driving licence and state in Arizona). These things are all held independently in the wallet: they don’t talk to each other and they don’t share data with each other. They are also, as you will have noticed, mostly about identity, not money.
Solutions to enable Android phones to be used to accept EMV contactless card payments without requiring additional hardware have been around for a while. We’ve been advising and helping our clients architect, secure, build and certify SoftPOS solutions for the last 5 years. However, this has not been possible on iOS devices, until now. Speculation that Apple was looking to add contactless payment card acceptance support to iPhone grew when they bought Mobeewave for $100MM in 2020. Based on the technology acquired in this purchase, Apple has recently added contactless card acceptance capability by implementing their Proximity Reader framework to iOS 15.4, for what Apple calls Tap to Pay.
On-card fingerprint readers have been in development for a few years now, with a number of products now in market from vendors such as Fingerprint Cards, Zwipe, Idemia and G+D.
Developing secure software and systems is hard. Even if the most experienced engineers use the best tools and follow best practices, bugs and vulnerabilities can slip through. Add to that the amount of legacy or 3rd-party code in use today, developer turnover and the use of outsourcing, and we can see that it is very difficult to eliminate all vulnerabilities from within a solution. This is why security by design and defence in depth are important principles. By designing-in security right from the start, and having multiple independent and overlapping methods of protection, the impacts of vulnerabilities can be reduced.
16 years on from PIN day (Valentines Day 2006) how is our relationship with PIN holding up?
Last year Dave Birch postulated that PIN was in decline and indeed no longer necessary as our mobile phones make use of various biometrics to authenticate us and our transactions, but as we often remind ourselves in Chyp, we’re not normal. UK Finance statistics tells us that whilst the use of Apple Pay & Google Pay at the Point of Sale is on the rise, the humble plastic card is still the preferred way to pay.
Everyone seems to think that MaaS (Mobility-as-a-Service) is a brand-new business model, when in fact, Transit Agencies have been providing mobility as a service for years, just without the hyphens. When I ride transit I just pay for the service when I need it or purchase a monthly pass if I expect to use it regularly. This is similar to the “as-a-Service” model that has been popularized by software companies who moved away from the license model where users pay a one-time fee to purchase the software. They now offer a subscription model where users pay a recurring fee to use the software. I’ve ridden transit for many years and have never had to buy a bus or train. Sounds like Mobility-as-a-Service to me.
Insecure technology is regularly cited as barrier to the use of online voting systems, in particular when casting your vote through your mobile phone, rather than putting your cross on a piece of paper and putting in a box at the polling station or mail box. At the same time those detractors trust the same mobile technology to place stock trades, initiate high value payments and more recently accessing their health records.
The human society is now at crossroads – demanding changes in our lifestyle, health choices, economics, and civil liberties. These changes are accelerated by climate change, political response to the pandemic, the need for racial and gender equality, human migration, and of course, a few break-through technologies such as digital automation, data analytics, and machine-learning (AI). So where are we heading? The call for “Great Reset” has been reverberating since the past few years and is now getting louder and louder. This was the topic of the virtual fireside chat by two visionaries on our Tomorrow’s Transactions webinar, Brett King and Dave Birch, discussing the societal and technological changes that are foreseen in the next few decades. This conversation was centered around Brett King’s (Richard Petty, co-author) book, “The Rise of Technosocialism” and aligns with Consult Hyperion’s engagement with think tanks on global issues. Our aim to is separate foresight and facts from fiction in trying to understand the trends in the market that our clients should watch-out for especially in payments, banking, transit, digital identity, and information security.
Our overriding theme of this year’s Live5 is interoperability which will lead to inclusion. Whether this is in payments or transit, identity or as a generalised trend what we’re seeing is a collapsing of the barriers between silos. In some areas this is happening more quickly than in others.
Subscribe to our newsletter
