Inclusion, identity and privacy

Financial inclusion is necessarily built on a foundation of customer identity, but the rush to inclusion and the consequent focus on mass registration in many countries has placed at risk the citizens’ rights to privacy – even where these are recognised in law.  But the mere fact of being excluded should never mean that someones right to privacy is in any way diminished.

With support from Omidyar Network, Consult Hyperion has undertaken a global review of the privacy and data protection aspects of digital identity services, with particular reference to their relevance for financial inclusion. We have reviewed the various digital identity initiatives around the world from a privacy perspective. Building on this framework, we have developed a ‘roadmap’ for digital identity that ensures that privacy, and the needs of regulatory authorities, can be built into digital identity services, ensuring the drive towards financial inclusion can be at its most effective. We hope that this roadmap will be a useful contribution to the industry as it considers how best to deliver digital identity to those most in need.

The key elements of this roadmap are as follows.

Put the individual at the centre of privacy protection

This does not only mean giving individuals control over how their personal data is used; it needs to be reflected in the entire approach to the digital identity system. In order to avoid low levels of take-up and use, it is essential that the emphasis be placed on user needs, rather than vendor-driven use cases or so-called “gold standard” solutions.

Provide an effective legal environment

An effective legal environment must be in place that contains, and can enforce, legal remedies to prevent or punish abuses of personal data.  An effective legal environment will also increase confidence that any contractual measures put in place as part of the trust framework to ensure privacy can be enforced.

Design in privacy from the start

There is widespread recognition that privacy should be designed into any system from the start rather than bolted on as an afterthought.  Privacy–by–design requires a careful understanding of the expected goals of the identity system, an appreciation of the distinctive characteristics of the context of use and an awareness of the technological capabilities and privacy risks associated with proposed next generation digital identity systems.

Separate identification from authentication and authorisation

Many existing identity systems combine identification and authentication activities within the scope of the identity provider. Separating out identification from authentication allows for the relatively rapid roll out of basic digital identity credentials, perhaps issued to all but based on low assurance identity data. The quality of the digital identity can be enhanced over time, in part simply through a history of ownership and use or by incorporating additional data points.

Furthermore, if the basic digital identity credentials only show that the citizen is unique and identifiable and not include other data attributes by default, this will allow future developments to minimise disclosure of data. Today identity systems often include a default data set that is always shared, even when it is not necessary for the service being accessed.

Improve authentication then identification

In an ideal world, it would be desirable to move directly to high quality identification and high quality authentication.  In practice, however, the time and effort to improve the quality of these aspects of digital identity are different.  In general, improvements to authentication quality are likely to be quicker to achieve than improvements in identification quality.

Provide a viable commercial model that disincentivises abuse of personal data

Whilst the monolithic identity providers like Facebook and Google offer easy to use digital identity credentials, their business models could run counter to consumer privacy as key revenue streams come from sharing individual and aggregate customer data. Whilst it is possible to constrain such actions contractually and technologically, long term the commercial model must be designed so that incentives to protect privacy are aligned.

Consider who will pay for the identity system

If identity credentials are to become a key infrastructure for a society, then important questions of how they are to be paid for arise.  There are different models of charging for infrastructure provision that can be drawn upon, but choosing the right payment model can be problematic whether the identity provider is a government agency or a commercial body.

Address questions of liability

Service providers should not be held liable for actions based on properly authenticated identity claims. What then of the liability of the identity providers?  Here the complexity of the liability model grows as benefits and risks are shared unequally.  In extremis, the identity provider privatises the some of the benefits (e.g. payments for authentications) but socialises the risks (e.g. complete failure of trust in the identity system as a whole).

Review the role of compulsion

For countries introducing new identity credentials, questions of consent and compulsion become particularly significant from a market and rights perspective.  They may cause significant disruption to the roll out of system.  In such cases it is frequently stated that the new identity system is voluntary, not compulsory and that individuals can always choose not to have an identity credential. In this case, as the critical mass of credential holders develops, effective compulsion can arise. However, evidence from Europe suggests that the various electronic identity cards are used infrequently because most people have infrequent access to public services and those that do have more frequent access rarely need to formally identify themselves each time.

All of the underlying issues, and the elements of the proposed roadmap, are explored in detail in the report available here. It’s very detailed piece of work, so you might want to being with the Executive Summary that is available here. We are genuinely curious about your views and look forward to all feedback.

Bill Gates was spot on at SIBOS – there’s an identity problem

Dgwb blog white border

Last week I was very interested to see that Bill Gates highlighted identity as a key problem at SIBOS. This was because I’d already noticed that there was a problem with one of the identities there: mine.

Cash means a lot of baggage

With my feet up and a cup of tea, I was relaxing reading David R. Warwick’s “The Case Against Cash” in the July edition of “The Futurist” magazine. He notes that of the $829 billion in US currency “in circulation”, two-thirds is outside the US. According to the Boston Fed, the average US consumer has only $79 about their person, with another $157 at home or in the office. Say $200 each for 200 million consumers, that comes to only $40 billion. Even if you calculate it at $300 each for 300m consumers, that’s still only $90 billion, which would imply that about two-thirds of the cash in the US in unaccounted for, a figure that tallies well with more detailed calculations made for some European countries. That means that if the US is as law-abiding as, say, Norway, then there’s about $200 billion of cash in the US that is only used for tax evasion, crime, money laundering and so on.

Mr. Warwick says that the biggest single benefit of the abolition of cash in the US will be the elimination of cash robberies, which costs the country about $140 billion per annum. This may be so, but personally, I think that the greatest benefit will be what he puts second on the list: financial inclusion. People trapped in a cash economy are not only discriminated against (because they pay the highest transactions costs) but they are cannot get on the financial services ladder. They have to take payday loans instead of bank loans, use cheque-cashing services and so on. Helping these people on to that ladder is a very positive outcome for the electronic payments industry (assuming that it can deliver the low-cost products that are needed to do this).

Naturally I sympathise with Mr. Warwick, but I don’t hold out much short term hope for the US getting rid of cash, although I can see that there are some interesting ways to make progress. A correspondent wrote, kindly, in response to a recent post I made about the role of e-payments in reducing cash evasion.

In addition to strict regulations that require POS technology to retain sales records (and criminal liability if they are found to be tampered), the Brazilian state of Sao Paulo created a program called “Nota Fiscal Paulista” which works by consumer demand. It encourages consumers to ask for their receipts, which pressures the business into declaring their sales taxes to the state tax collector. At year’s end the consumer gets a share of their taxes paid returned to them, as well as an entry in a larger lottery. I’ve had family members win sizeable pots simply for opting in to this receipt at check out.

Many merchants really dislike this scheme, presumably because it works, but they are obliged to offer it because of consumer pressure. There’s another similar scheme in Korea, whereby merchants who take more than some threshold (75%?) volume of their transactions electronically rather than in cash get a tax break. The government has presumably calculated that reducing tax evasion from cash sales more than makes up for the revenue reduction from the tax break. Perhaps in these straightened times the US tax authorities might begin to make similar calculations.

However, while the US may not be able to get rid of cash domestically — more’s the pity — it could at least start trying to get rid of cash in some other theatres. Perhaps a good place to start might be somewhere where, unlike America, there is a viable mobile phone-based alternative to cash: Afghanistan, where the M-PAISA scheme is up and running.

Electronic payments, if implemented properly, can bring transparency as well as efficiency. And transparency can have some unexpected consequences. Look what happened when the M-PESA service was launched in Afghanistan (as M-PAISA) and used to introduce efficiency into the process of salary payments for civil servants…

[From Digital Money: Cash does have some unique properties]

Another factor pointing to Afghanistan as the nexus for such an experiment is that the campaign against cash there may be able to co-opt a pretty powerful ally: the US military.

For the past few years the military has been striving to replace its cash transactions with electronic fund transfers and debit card payments in the hopes of achieving a “cashless battlefield,” in the words of Peter Kunkel, a former assistant secretary of the Army.

[From Turn In Your Bin Ladens – NYTimes.com]

Right now, the battlefield is only cashless because all of the cash is being spirited away as soon as it arrives and (I’m sure) to no good purpose — as I heard our (former) man in Kabul Sherard Cowper-Coles pointing out on the BBC’s Start the Week programme recently — and there doesn’t seem to be any way to keep it in place.

Last month, a well-dressed Afghan man en route to Dubai was found carrying three briefcases stuffed with $3 million in U.S. currency and $2 million in Saudi currency, according to an American official who was present when the notes were counted. A few days later, the same man was back at the Kabul airport, en route to Dubai again, with about $5 million in U.S. and Saudi bank notes.

[From Officials puzzle over millions of dollars leaving Afghanistan by plane for Dubai]

I love the title of the article, don’t you? It doesn’t seem that much of a “puzzle” to me.

Cash declaration forms filed at Kabul International Airport and reviewed by The Washington Post show that Afghan passengers took more than $180 million to Dubai during a two-month period starting in July. If that rate held for the entire year, the amount of cash that left Afghanistan in 2009 would have far exceeded the country’s annual tax and other domestic revenue of about $875 million.

[From Officials puzzle over millions of dollars leaving Afghanistan by plane for Dubai]

There really ought to be more upset about the havoc that these billions of US dollars cause but not merely facilitating but actively encouraging corruption on such an enormous scale, yet even at the very highest levels there’s no sense (that I can find) of outrage. In fact, everyone (except taxpayers, presumably) seems quite happy with the seigniorage-powered status quo.

Karzai said cash transactions are quite normal and then-President George W. Bush was aware of the Iranian donations. The United States supposedly gives him bags of cash as well.

[From BlogPost – Karzai’s bags of cash a conundrum for the U.S.]

Interestingly, when he says “bags of cash” he isn’t speaking metaphorically: they actually do give him bags of cash, as do the Iranians apparently. I don’t think any of them are going to get behind my campaign to reduce the use of cash to the great benefit of society as a whole.

Suspicions of corruption in the Afghan government, with one cable alleging that vice president Zia Massoud was carrying $52m in cash when he was stopped during a visit to the United Arab Emirates.

[From US embassy cables leak sparks global diplomatic crisis | World news | The Guardian]

Not mobile phone top-up vouchers or open-loop prepaid cards or high-street vouchers, but FIFTY TWO MILLION GREENBACKS. That made me wonder about his baggage allowance. How much would $52m in weigh? Could you fit it in cabin luggage or would you have to check it? After all 520,000 $100 bills take up a fair bit of space. I seem to remember from a previous discussion, that a cereal box can hold $500,000 so we’re talking about 100 cereal boxes at least.

In reality, restricting ourselves to $100 bills, the maximum is only $450,000 (the New Jersey ne’erdowells didn’t pack optimally!).

[From Digital Money: Has cash jumped the shark?]

I don’t think you could fit 100 cereal boxes in the two checked bags that you’re allowed on British Airways, but I suppose vice presidents are allowed a couple more. But back to the point, which is…

Why does the world need 1 billion $100 bills? Indeed, why does the U.S. continue to print C-notes at all?

[From Hundred-dollar bills are for criminals and sociopaths. Why do we still print them? – By Timothy Noah – Slate Magazine]

Look, I’m not making any sort of political point about Afghanistan, I’m arguing this general point. The US should cease printing $50 and $100 bills immediately. They have no function in supporting commerce.

And it’s not just that carrying around cash is inconvenient and time consuming. These days, one of its main functions is to finance the black economy: drug deals, counterfeiting, under-the-table employment and other nefarious activities. Because cash is anonymous, people can easily opt out of the taxable economy – leaving the rest of us to pick up the tab for their use of public services. Remove cash entirely, and you make it far more difficult to avoid tax, not to mention discouraging criminal activity.

[From I’m dreaming of a cashless Christmas – Telegraph]

I written before about a current example of large amounts of cash making a problem (that no-one would claim is caused by cash) significantly worse.

Ransoms are paid in cash, partly because Somalia has no functioning banking system, and partly to hamper American anti-money-laundering investigators

[From Piracy: No stopping them | The Economist]

I have to say that this piracy is looking more and more like a viable career option to me. It is very well remunerated and there appears to be much less chance of going to jail than in, say, investment banking or management consultancy.

Of the 650 Somali pirates caught since late 2008, 460 have already been released, according to Lloyd’s Market Association

[From Prime Numbers: The Pirate Den – By Bridget Coggins | Foreign Policy]

The English have a proud history of piracy, so I think I’d fit right in. Avast ye landlubbers!

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

Immobile

There’s something odd about a conference on Mobile Money & Migrant Remittances held in a hotel with no mobile coverage and a $25/day charge for wifi, but despite that I thoroughly enjoyed popping along and meeting up with friends from around the world there. I was on the Strategy Panel covering financial inclusion, and this coincidentally, the day after I had been quoted in Warren’s “Washington Internet Daily“:

Mobile payment systems are often treated with a lighter regulatory touch than mobile banking, to reach as many users as possible, Birch said. The need to integrate the “unbanked” into society should “tip the value” toward less regulation of low-value transactions, he said.

An entirely accurate representation of my views. A correspondent wrote in response:

Very sensible words! Not sure if you have actually read FATF’s NPM report from October 2010, but it is actually pretty good, and recommends the right thing: a light KYC regime (including no verification) for specific low risk accounts, praising the power of transactions limits and monitoring.

As it happens, I hadn’t read the FATF New Payment Methods report, so I downloaded it to take a look and discovered some surprisingly sensible conclusions. By “New Payment Methods”, or NPM, the FATF means specifically internet payment systems, mobile payment systems and prepaid card products. My correspondent had noted, to my surprise, that some of their conclusions echo my own ranting on the topic: that is, a light-touch KYC regime (including no verification for specific low risk accounts), with attention paid to setting the right transaction limits and appropriate monitoring and reporting requirements. The report is based on a number of case studies, so the conclusions are based in practical analysis, however it must be said that they are probably not statistically utterly sound.

The project team analysed 33 case studies, which mainly involved prepaid cards or internet payment systems. Only three cases were submitted for mobile payment systems, but these involved only small amounts.

Personally, I found many of the case studies in chapter four of the report uninteresting. Yes, in some cases prepaid cards, or whatever, were used as a part of a crime, but in many of the frauds so were cash and bank accounts. One of the case studies concerned the use of multiple prepaid cards by an individual found to have 12 legally-obtained driving licences in different names (and $145,000 in cash). I’d suggest that cracking down on the driving licence issuing process ought to be more of a priority! The issue of access to transaction record is, I think, much more complicated than many imagine. You could, for example, imagine transaction records that are encrypted with two keys — your key and the system key — so that you can go back and decrypt your records whenever you want, but the forces of law and order would need to obtain a warrant to get the system key. Sounds good. But I might not want a foreign, potentially corrupt, government department to obtain my transactions for perfectly good reasons (like it’s none of their business).

The report says very clearly that the overall threat is “difficult” to assess (so some of the rest of it, I think, is necessarily a trifle fuzzy) but also that the anti-money laundering (AML) and counter terrorist financing (CTF), henceforth AML/CTF, risks posed by anonymous products can be effectively mitigated. I agree. And I also strongly agree with chapter three of the report notes that electronic records give law enforcement something to go on where cash does not. This is something that I’ve mentioned previously, both on this blog and in a variety of other fora, because I think it’s a very important point.

I said that I was not sure that keeping people out of the “system” was the best strategy (because if the terrorists, drug dealers and bank robbers on the run stay in the cash economy, then they can’t be tracked, traced or monitored in any way)

[From Digital Money: Anti-anti money laundering]

The report goes on to expand on the issue of mitigation and, to my mind, deals with it very well. It says that:

Obviously, anonymity as a risk factor could be mitigated by implementing robust identification and verification procedures. But even in the absence of such procedures, the risk posed by an anonymous product can be effectively mitigated by other measures such as imposing value limits (i.e., limits on transaction amounts or frequency) or implementing strict monitoring systems.

Why is this so important? As well as keeping costs down for industry and stimulating the introduction of competitive products, the need for identification is a barrier to inclusion. This link between identification and inclusion is clear, whatever you think about the identification system itself. India is turning out to be a fascinating case study in that respect.

The process would benefit beneficiaries of welfare schemes like old-age pension and NREGA, enabling them to draw money from anywhere as several blocks in Jharkhand have no branches of any bank and would save them from travelling to distant places for collecting money.

[From Unique numbers will save duplication in financial transactions – Ranchi – City – The Times of India]

But I can’t help cautioning that while customer identification is difficult where no national identity scheme exists, but there is a scheme it may give a false sense of security because obtaining fraudulent identities might be easier than obtaining fraudulent payment services in some jurisdictions or where officials from dodgy regimes (like the UK) are at work…

Prosecutor Simon Wild told the court Griffith abused his position by rubber stamping work permit applications that were obviously fake or forged using false names and references.

[From British embassy official ‘nodded through scores of visa applications’ | Mail Online]

For low risk products, then, the way forward is absolutely clear: no identification requirements, potentially strong authentication requirements and controlled access to transactions records. One small problem, though, that the report itself highlights: there are no uniform, international, cross-border standards for what constitutes a “low risk” product. But that’s for another day.

Finally, I couldn’t help but notice that the payment mechanisms that scored worst in the high-level risk table (on page 23) and therefore the one that FATF should be working hardest to crack down on is cash.

P.S. I apologise to the conference organisers for my radio silence during the event, but I belong to the #canpaywontpay tendency: I can afford $25/day for wifi (since I’m not paying, I just expense it to the compnay) but I won’t pay it, because it’s outrageous. No wifi means no twitter, no blog, no buzz. That’s not how conferences should be in 2011.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]

Including everyone

As a chap named Bill Gates wrote recently,

Technology can be a major force to advance financial inclusion, which can help improve the lives of the poor in the developing world.

[From Untitled]

He’s absolutely right, of course. People who are trapped in the cash economy are the ones who are most vulnerable to theft and extortion, most likely to lose their hard-earned notes and coins or have them destroyed by monetary policies, pay the highest transaction costs, lack credit ratings or references and (in an example I heard from Elizabeth Berthe of Grameen at the Digital Money Forum this year) most likely to have their life savings eaten by rats. So what should be done? Well, having governments take the problem seriously and set targets is a good start.

the RBI target of ensuring 100% financial inclusion in villages of 2,000 plus population in the state by March 2010… banks could adopt the RBI’s advice of making use of the business correpondent-BF model, as per the guidelines, to extend the banking services.

This was in keeping with the RBI’s decision to launch a renewed drive for opening up of no-frills accounts in respect of families who do not have a bank account, on the basis of the data relating to the public distribution system.

[From Banks urged to take steps to ensure 100% financial inclusion – dnaindia.com]

To continue with this specific case, it has proved very difficult to translate these targets into action in the heavily-regulated Indian market.

Adding to their presence, the cost of operating a bank account and the cost of transaction for banking services —which includes deposits, withdrawals, credit and other banking products — is not only high for the consumers but also for the banks. This leads to little penetration and reduced delivery of services in order to bring the large number of potential un-banked/under banked population under the mainstream banking system.

[From Financial Inclusion In India]

As far as I can see, banking is a really expensive and really inflexible way to obtain inclusion, and as we all know, there are better ways to obtain inclusion with new technology. In particular, new technology when combined with the business correspondent model mentioned in connection with the RBI guidelines above ought to be delivering more transformation.

A Wharton School study pegs the cost of a transaction at a bank branch at around $1 (Rs. 45). At an automated teller machine, it goes down to about $0.40. And done through business correspondents, the cost drops even lower to $0.10.

[From Banking on technology to bridge financial inclusion gap – Economy and Politics – livemint.com]

Another way forward might be to treat mobile payments as a first step on the ladder to inclusion and try to find a way to bring mobile payments to the mass market and then use the mobile payment platform to deliver other financial services. Naturally, give our work on the project, I can’t resist highlight M-PESA in this context.

This is why, I believe, that the success that Vodafone (through its subsidiary Vodacom) achieved in Tanzania is so important. It was reported that more than a million subscribers have signed up on the service (Read here), but indications at the Congress were that this number has now more than doubled. The fact that Vodafone has demonstrated that they can duplicate the success of mPesa in other countries, is of significant importance. This means that the Kenya experience was not a fluke, and that Vodafone has learned what it takes to make these roll-outs work.

[From Mobile Banking: Vodafone prove mPesa repeatability]

I hate to keep going on about M-PESA, but our experiences advising Vodafone in the early days of this project contain a number of useful lessons, in particular about the relationship between new entrants and regulators. But I wanted to make a different point.

A couple of years ago we were doing some work for a client who was thinking of developing something like M-PESA. I won’t name them, obviously, but I hope no-one will mind if I mention one of our recommendations. Our Head of Mobile Money, Paul Makin, who worked on M-PESA when it was still whiteboard scribble, was asked what he would have changed in the original specification if he had had the wisdom of hindsights, and his top priority was APIs for MIS access. This is why I wasn’t surprised to see this in a report from the front line.

Data from M-PESA cannot directly be imported into the management information systems (MIS) at MFIs. For KADET, this means all payments made through M-PESA have to be manually input into their MIS, another opportunity for human error to affect the process.

[From Mobile Payments: the Devil is in the Details « Kiva Stories from the Field]

(I strongly urge you to read this short and fascinating article about real experiences linking to M-PESA in the field, by the way.) Taking the mobile payments transactional data and providing corporate access is, I think, a key plank in the inclusion strategy. In Kenya, financial institutions have already started to use M-PESA transaction data as a substitute for a credit rating when looking at providing loans and I’m sure that new opportunities will arise due course: with the wisdom of hindsight, better corporate interfaces would have accelerated this process.

This is the short of thing I expect to discuss more when I’m on the panel on Financial Inclusion at the forthcoming Mobile Money and Migrant Remittances conference in London on 16th-18th May 2011. They’ve got a great set of speakers, including Forum friend Elizabeth Berthe from Grameen and John Maynard from Vodafone, and I’m really looking forward to it.

In an act of astonishing charity, the wonderful people at ICBI have given me a two-day delegate pass for the conference — worth an amazing ONE THOUSAND FOUR HUNDRED AND NINETY NINE POUNDS — to give away on this blog as a competition prize. So if you are going to be in London on those dates and you’d like to come along to meet some of the global leaders in the mobile and remittance space, all you have to do is be the first person to respond to this post telling me when Western Union, the founders of the electronic money business in 1871, finally shut down their telegraph service.

In the traditional fashion, this competition is open to all except for employees of Consult Hyperion and members of my immediate family, is void where prohibited and has been risk-assessed under all relevant guidelines. The prize must be claimed within three months. Oh, and no-one can win more than one of the Digital Money Blog prizes per calendar year.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.