Living abroad, with tokens

digital wallet app on smartphone

Living abroad, with tokens.

I have just completed a three-month stint building our business in Australia, and expect to return for a similar period in the near future. How were payments, for me? The first thing to note (to coin a phrase) is that I used no cash whatsoever and don’t recall seeing anyone else either. All retail payments, including transport payments (don’t knock commuting if you’ve never travelled to work on the Manly ferry), were via my Apple Watch, so no PINs, either. (Australia is online PIN, so if you do use an old-fashioned card, you’re unlikely to ever have to insert it into a reader.)

Of course, virtual cards, as wielded by (for example) Apple Pay and Google Pay, present tokens (Device PANs) as an alias for the Primary Account Number (PAN). This ensures that the issuer is able to block fraudulent transactions that could present the Device PAN from somewhere other than the relevant wallet (for example, during a standard e-commerce checkout).

Living and working abroad for three months requires payments for things beyond the usual touristic or business travel items—for example, rent and utility bills. Credit cards are not particularly well suited to many of these payments, with the requirement for recurring (and, sometimes, variable) payments, returnable deposits and so forth. Further, in Australia, it is standard practice for credit card payments for these kind of transactions to attract hefty surcharges. And, of course, forex charges and spreads apply.

What would have been better, would have been to have an Australian bank account and use all the domestic money transfer facilities. The trouble was, I didn’t have much idea of eligibility criteria (such as long-term residency) or how long KYC checks would take (especially without an Australian Tax File Number or driving licence, etc). Fortunately, there is a partial solution.

A number of fintechs (I used Wise) enable you to set up an account in your home country and then create (or have created, automatically) linked accounts in many other countries. Thus, I acquired an Australian BSB (Bank-State-Branch, equivalent to UK Sort Code or US/CAN Routing Number) and Account Number, exactly as any long-term resident.

In essence, the BSB/Account Number combination is a token representing my (UK-based) relationship with Wise. Just like a Device PAN, it enables a class of transactions, using a convenient digital representation; and also limits the scope of transactions; e.g. preventing anyone misusing the token from raiding my Sterling or US dollar funds.

One current limitation is that I cannot use the Australian bank details to set up a further level of indirection, that is, to use an Australian PayID, which would enable me to use a convenient handle, such as my mobile number, in place of hard-to-remember bank details (and, in fact, enable account portability). As well as providing more convenience, like other forms of token, this improves security, by making it less likely that someone impersonating me, and requesting payment, can pass off bank details which they control.

It would be nice to go one further step, which would be to use PayTo, the service set up by Australian Payments Plus, using the New Payments Platform (NPP), to manage payment relationships via mobile apps provided by banks and fintechs. I hope Wise (and others) are working on that. Then, a digital nomad could truly fit in!

Finally, a related grouch: I was frustrated, on a number of occasions, by useful apps not being available to people, demonstrably present in the relevant country, with an Apple ID associated with a different country. One example was my mobile provider; the obvious way to top up an account would be via their app, on a phone carrying their SIM, one would have thought. It was not to be, unfortunately. The same issue occurred with a government app and a newspaper app. Conceivably, I could have created an additional Apple ID or temporarily changed my residence details on the existing Apple ID. You’ve got to me braver than me to do that!

The Identity of Things: Products and Provenance

blue and yellow phone modules

If we think about the idea of digital identity in the internet of things then luxury goods such as watches make for an interesting example. How would you tell a fake Rolex from a real one in an always-on, interconnected world? You might say just put a hologram in it, or a chip that can’t be forged or something. And these might be good starting points but it’s a much more complicated problem than it seems at first.

Let’s think about secure microchips. Suppose contactless technology is used to implement some kinds of ID for the Internet of Things (IDIoT) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to wave my mobile phone over it and read the IDIoT. My mobile phone can decode the IDIoT and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. I could go onto the Gucci-lovers website and find out that product 999 is a particular kind of handbag, but nothing more: I may know that the chip in the handbag label is ‘valid’, but that doesn’t tell much about the bag. For all I know, a bunch of tags might have been taken off of real products and attached to fake products.

To know if something is real or not, I need more data. If I wanted to know if the handbag were real or fake, then I would need know about the provenance as well as the product. The provenance might be distributed quite widely between different organisations with different drivers (this is why many people are keen on the using the blockchain as a means to co-ordinate and obtain consensus in such an environment). The retailer’s system would know from which distributor the bag came; the distributor’s system would know from which factory the bag came and Gucci’s system would know who stitched and where the components came from, a supplier system would know that the material came from sustainable hippos or whatever else it is they make handbags from. I would need access to these data to get the data I would need to decide whether the bag is real or fake. (Of course, I might want access to other data to give me more information to support my purchases decisions too. Such as ethical data for example: Who guarantees that my new jeans were not made by children and so on?)

This is a critical point. The key to all of this is not the product itself but the provenance. A secure system of provenance (for example) is the core of a system to tell real from fake at scale.

Provenance

Who should control the provenance of a product, and who should have access to the all or part of that provenance, is rather complicated. Even if I could read some identifier from the product, why would the retailer, the distributor or Gucci tell me anything about the provenance? How would they know whether I am a retailer, one of their best customers, one of their own ‘brand police’, a counterfeiter (who would love to know which tags are in which shops and so on) or a law enforcement officer with a warrant?

This is where the need for a digital identity comes into the picture. A Gucci brand policeman might wave their phone over a bag and fire off a query: the query would have a digital signature attached (from secure hardware in the mobile phone, as in iPhones, for example) and the provenance system could check that signature before processing the query. It could then send a digitally signed and encrypted query to the distributor’s system which would then send back a digitally signed and encrypted response to be passed back to the brand policeman: ‘No we’ve never heard of this bag’ or ‘We shipped this bag to retailer X on this date’ or ‘We’ve just been queried on this bag in Australia’ or something similar.

(And, of course, each time an IDIoT is created, interrogated, amended or removed from the system, the vent will be recorded on a shared ledger to guarantee the integrity.)

The central security issue for brand protection is therefore the protection of (and access to) the provenance data. Who exactly is allowed to scan my pants and under what circumstances? If I give my designer shirt to a charity shop, what information should they learn about the idea? An approach to this issues that uses the right combination of tools (ie, using secure chips to link the provenance on a shared ledger to the physical objects) will deliver a powerful new platform for a wide variety of potential services.

What might these services be? I don’t know, because I’m only a consultant and can’t afford luxury goods but perhaps if such a system adds £20 to the price of a Rolex to implement this infrastructure, so what? The kind of people who pay £5,000 for a Rolex wouldn’t hesitate to pay £5,020 for a Rolex that can prove that it is real.

In fact, such a provenance premium might be rather popular with people who like brands. Imagine the horror of being the host of a dinner party when one of the guests glances at their phone and says “you know those jeans aren’t real Calvin Klein, don’t you?”. Wouldn’t you pay an extra £5 for the satisfaction of knowing that your snooping guest’s app is steadfastly attesting to all concerned that your jeans, watch and sunglasses are all real? Of course you would.

This international identity day, remember that identity is not just for people. It is for droogs and droids, pants and pets. The digital identity infrastructure that we need for the future is for everything. Everything.

Identity really is the new money

close up of hand holding text over black background

Today is International Identity Day supported by the many organisations around the world seeking to address the huge inclusion issues caused by a lack of digital identity. It is tempting to think that this is a mainly developing world issue and that in the developed world the lack of digital identity services is more of an inconvenience than a real problem. Here in the UK, however there are still up to 5m people who struggle to access financial services because they do not have the right documents or data. More on that in our recent report.

Something I’ve been thinking about quite a bit this year is interplay between Digital Identity and Central Bank Digital Currency (CBDC). What’s that got to do with the pressing need to give effective digital identity to those that need it most? Two things really:

  • Firstly, a significant factor in the development of a CDBC will be to ensure it is inclusive. After all one of the main objectives in CDBCs is to provide a digital alternative to cash. The financially excluded rely on cash and so a CDBC may have an important role to play in addressing their needs.
  • Secondly, whilst the need is pressing, making it happen will take time. The UN Sustainable development goal 16.9 calls for the provision of legal identity for all by 2030. Many CDBC initiatives are operating on a similar timeframe.

The beauty of CDBCs is that, in the main, central banks are starting from a blank sheet of paper, which creates the opportunity to design something well from the start. A big problem in digital identity has been trying to retrofit it into a digital world after the fact.

Another interesting thing is that the emerging model for CDBCs has close similarities to the decentralised model for digital identity, which is the direction of travel in that space. Let me explain a little.

This following picture illustrates 2-tier model for CDBC:

Senders and receivers will have wallets that interact with each other. They will hold the identifiers (backed by private keys) that allow the parties to control the use of their CDBC value. The actual system of record will be a ledger provided by (or on behalf of) the central bank. Wallets will use tokens, which are cryptographic representations of the value managed by the ledger, which are bound to the identifiers (and keys) belonging to the parties.

Now look at the standard model for decentralised identity:

Identity information is sent from holders to verifiers. The information is sent in the form of cryptographic credentials (you could think of them as identity “tokens”) that are bound to identifiers which can be checked in a registry. Of course for those credentials to have any value they need to come from a trusted source – an issuer.

So you can see there is a strong correlation between CDBC and decentralised identity systems. The content of the two grey boxes is basically the same.

Furthermore, CDBC systems will have some very particular digital identity and privacy requirements:

  • There will need to be controls in place to prevent AML.
  • The CDBC must not become a mass surveillance system.
  • The system must allow anonymous transactions in some circumstances but not all.
  • Users must have control over how much data is shared (and in some cases if the user is not willing to share data the transaction will not be able to be completed).

These requirements could be met very well through the use of decentralised identity technologies such as those being developed in W3C, which support the presentation of verifiable identity information whilst employing strong privacy controls. There seems to be a strong case for the CDBC community to collaborate with the identity community. We have a foot in both camps and are working hard to ensure that the years of work put into decentralised identity is leveraged effectively in CDBCs.

It really is the case that Identity is the New Money.

CBDC’s – wallets, liability and acceptance

illuminated cityscape against blue sky at night

CBDCs are everywhere – and nowhere. Everyone is discussing them, but almost no one is actually deploying them. Sure, this is in part due to the early stage thinking that is going into working out what is actually required but it’s also due to the tricky business of actually working out how they would be implemented. Developing a retail payment solution is a lot harder than creating a Central Bank backed payment instrument.

Identity in the Metaverse

An aurora accents Earth's atmospheric glow underneath a starry sky

I had the privilege to chair a discussion about identity in the metaverse at the Identiverse conference in Denver in June 2022, and had great fun discussing the new landscape for identity with Heather Vescent, Jonathan Howle, Katryna Dow and Gopal Padinjaruveetil. In order to frame my thoughts and get the discussion about identity and privacy going, I needed a mental model.

Do I need to upgrade my Fare Collection system to support CBDC?

automated ticket machine

This week, a press release from China announced they had expanded acceptance of the digital Yuan onto public transport in 12 cities. China has led the way in the development of a Central Bank Digital Currency (CBDC), launching a trial in 2020 which has been expanding steadily. But what does this mean? What is a CBDC? And when will I need to consider accepting them in public transportation?

What Exactly Is A Smart Wallet?

pexels-photo-887751.jpeg

A wallet is a way of organising things. My Apple Wallet, just like my real wallet, doesn’t have any cash in it. It has credit cards, debit cards, loyalty cards, vaccination records, boarding passes, train tickets and driving licences (Apple have just gone live with their driving licence and state in Arizona). These things are all held independently in the wallet: they don’t talk to each other and they don’t share data with each other. They are also, as you will have noticed, mostly about identity, not money.

Apple Finally Enables Payment Card Acceptance on iPhone

person-woman-hand-space.jpg

Contactless Card Acceptance

Solutions to enable Android phones to be used to accept EMV contactless card payments without requiring additional hardware have been around for a while.  We’ve been advising and helping our clients architect, secure, build and certify SoftPOS solutions for the last 5 years.  However, this has not been possible on iOS devices, until now.  Speculation that Apple was looking to add contactless payment card acceptance support to iPhone grew when they bought Mobeewave for $100MM in 2020. Based on the technology acquired in this purchase, Apple has recently added contactless card acceptance capability by implementing their Proximity Reader framework to iOS 15.4, for what Apple calls Tap to Pay.

Brazilians wow the world of Open Banking

flag of brazil

At last week’s FDX Virtual Spring Global Summit, I received a glimpse into the huge strides being made by the Financial Data Exchange in the adoption of their data sharing API for the US market. In the context of minimal centralised regulation in the US, progress is driven by industry. This marks a substantial move away from screen scraping, which has historically been prominent in the US market. While the API approach provides value in terms of security and standardisation, many organisations still depend on screen scraping to support their business model.

Biometrics on Cards

Improving Cardholder Authentication

On-card fingerprint readers have been in development for a few years now, with a number of products now in market from vendors such as Fingerprint Cards, Zwipe, Idemia and G+D.


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.