TLS, DSS, and NCS(C)

As I was scanning my list of security-related posts and articles recently, my eye was drawn by the first sentence of an article on (Google security engineer) Adam Langley’s blog, indicating that Her Majesty’s Government does not understand TLS 1.3. Of course, my first thought was that since HMG doesn’t seem to understand the principles of encryption itself, it’s hardly surprising that they don’t understand TLS. However, these aren’t the thoughts of an understandably non-technical politician but instead those of Ian Levy, the Technical Director of the National Cyber Security Centre at GCHQ – someone you’d hope does understand encryption and TLS. Now normally, I would read this type of article without feeling the need to comment. So what’s different?

Well, following the bulk of the article discussing how proxies are currently used by enterprises to examine and control the data leaving their organisation, by in effect masquerading as the intended server and intercepting the TLS connection, is the following throwaway line:

For example, it looks like TLS 1.3 services are probably incompatible with the payment industry standard PCI-DSS…

Could this be true? Why would it be true? The author provided no rationale for this claim. So, again in the spirit of Adam Langley, “it is necessary to write something, if only to have a pointer ready for when people start citing it as evidence.”

Adam’s own response – again following a discussion about how the problem with proxies is their implementation, not with TLS – is that

…the PCI-DSS requirements are general enough to adapt to new versions of TLS and, if TLS 1.2 is sufficient, then TLS 1.3 is better. (Even those misunderstanding aspects of TLS 1.3 are saying it’s stronger than 1.2.)

which would seem to make sense. Not only that, but

[TLS 1.3] is a major improvement in TLS and lets us eliminate session-ticket encryption keys as a mass-decryption threat, which both PCI-DSS- and HIPAA-compliance experts should take great interest in.

In turn, Ian follows up to clarify that it’s not TLS itself that could present problems, but the audit process employed by organisations

The reference to regulatory standards wasn’t intended to call into question the ability of TLS 1.3 to meet the data protection standards. It was all about the potential to affect (badly) audit regimes that regulated industries have to perform. Right or wrong, many of them rely on TLS proxies as part of this, and this will get harder for them.

So that’s alright. TLS 1.3 is not incompatible with PCI DSS. So what is the problem?  Well, helpfully, Simon Gibson outlined this in 2016:

…regulated industries like healthcare and financial services, which have to comply with HIPAA or PCI-DSS, may face certain challenges when moving to TLS 1.3 if they have controls that say, “None of this data will have X, Y, or Z in it” or “This data will never leave this confine and we can prove it by inspecting it.” In order to prove compliance with those controls, they have to look inside the SSL traffic. However, if their infrastructure can’t see traffic or is not set up to be inline with everything that is out of band in their PCI-DSS, they can’t show that their controls are working. And if they’re out of compliance, they might also be out of business.

So the problem is not that TLS 1.3 is incompatible with PCI DSS. It’s that some organisations may have defined controls with which they will no longer be able to show compliance. They may still be compliant with PCI DSS – especially if the only change is to upgrade to TLS 1.3 and keep all else equal – but cannot demonstrate this. So what’s to be done?

Well, you could redefine the controls if necessary. If your control requires you to potentially degrade, if not break, the very security that you’re using to achieve compliance in the first place, is it really suitable? In the case of the two example controls above, however, neither of them should actually require inspection of SSL traffic.

For the organisation to be compliant in the first place, access to the data must only be possible to authorised personnel on authorised (i.e. controlled) systems. If you control the system, you can stop that data leaving the organisation more effectively by prohibiting its access to arbitrary machines in the external world. After all, you have presumably restricted access to any USB and other physical storage connectors, and you hopefully also have controls around visual and other recording devices in the secured area. It is difficult in today’s electronic world to think of a situation where a human (other than the cardholder) absolutely must have access to a full card number without (PCI DSS-compliant) alternatives being available.

So TLS 1.3 is a challenge to organisations who are using faulty proxies and/or inadequate controls already. It certainly doesn’t make you instantly non-compliant with PCI DSS.

Given this, we, as humble international payments security consultants, are left puzzled by the NCSC’s line about TLS 1.3 and PCI DSS compatibility. At worst, organisations need to redefine their audit processes to use the enhanced security of TLS 1.3, rather than degrade their security to meet out of date compliance procedures. But, of course, this is the type of problem we deal with all the time, as we’re frequently called in to help payment institutions address security risks and compliance issues. TLS 1.3 is just another tool in a complex security landscape, but it’s a valuable one that we’re adding to our toolkit in order to help our clients proactively manage their cyber defences.

Who would have ex-Spectre-d this?

At Consult Hyperion we’re always interested in the latest news in cyber security and in case you haven’t heard, 2018 has started with the news that the most processors found inside current computers, tablets, phones and cloud servers are vulnerable to a new class of attack. These attacks have been named Meltdown and Spectre, and are caused by common optimisations built into modern processors. Processors designed by Intel, AMD and ARM are all affected to varying degrees and, as it is a hardware issue (possibly dating back to 1995 if some reports are correct), it could affect any operating system. It’s likely the machine you’re reading this on is affected – whether it’s running Windows, Macs, iOS, Android or is in “the cloud”!!

At a basic level, these vulnerabilities break down the fundamental security barriers between an application and the operating system (OS). This means that a malicious application running on your processor may be able to read your, or your OS’s, secrets which may include passwords, keys or possibly payment data, present in processor caches or memory.

I’m not going to discuss how the vulnerabilities achieve what they do (there’s plenty of sites which attempt to do this), however I’d rather consider its impact on people, such as our clients, who may be handling sensitive data on mobile devices – e.g. payments, banking information. If you do want to understand the low-level details of the vulnerabilities and how they work, I suggest looking at https://spectreattack.com/ which has links to the original papers on both Spectre and Meltdown.

So, what can be done about it? The good news is that whilst the current processors cannot be fixed, several operating system patches have already been released to try and mitigate these problems.

However, my concern is that as this is a new class of attack, Spectre and Meltdown may be the tip of a new iceberg. Even over the last week, the issue has changed from it only affecting Intel processors, to now including AMD and ARM to some extent. I suspect that over the coming weeks and months, as more security researchers (and probably less savoury characters as well) start looking into this class of attack, there may be additional vulnerabilities discovered. Whether they would already be mitigated by the patches coming out now, we’ll have to see.

It should also be understood that for the vulnerability to be exploited, there are a few conditions which must be met:

1. You must have a vulnerable processor (highly likely)
2. You must have a vulnerable OS (i.e. unpatched)
3. An attacker must be able to execute their malicious code on your device

 
For point 1, most modern devices will be vulnerable to some extent, so we can probably assume the condition is always met.

Point 2 highlights two perennial problems, a.) getting people to apply software updates to their devices and b.) getting access to appropriate software updates.

For many devices, software updates are frequent, reliable and easy to install (often automatic) and there are very few legitimate reasons for consumers to not just take the latest updates whenever they are made available. We would always recommend that consumers apply security updates as soon as possible.

A bigger problem for some platforms is the availability of updates in the first place. Within the mobile space, Microsoft, Apple and Google all regularly release software updates; however, many Android OEMs can be slow to release updates for their devices (if they release them at all). Android devices are notorious for not running the latest version of Android – for example, Google’s latest information (https://developer.android.com/about/dashboards/index.html – obtained 5th January 2018 and represents devices accessing the Google Play Store in the prior 7 days) shows that for the top 81% of devices in use:

• 0.5% of devices are running the latest version of Android – Oreo (v8.0, released August 2017)
• 25% are running Nougat (v7.x, released August 2016)
• 30% running Marshmallow (v6.0, released October 2015)
• 26% running Lollipop (v5.x, released November 2014).

 
It should be noted that Google’s Nexus and Pixel devices have a commitment to receiving updates for a set period of time, and Google is very keen to encourage OEMs to improve their support for prompt and frequent updates – for example, the Android One (https://www.android.com/one/) programme highlights that these devices get regular software updates.

If you compare to iOS, it’s estimated (https://data.apteligent.com/ios/) that less than a month after it was released in December 2017, over 75% of iOS devices are already running iOS 11.

The final requirement is Point 3 – getting malicious code onto your device. This could be via a malicious application installed on a device, however, the malicious code could also come via a website as it’s been shown that even JavaScript sandboxed in a browser can exploit these vulnerabilities. As its not unheard of for legitimate websites to unwittingly serve up 3rd-party adverts which contain malicious code, a user doesn’t have to be accessing malicious websites for the problem to occur. Several browsers are receiving patches to try and prevent Meltdown and Spectre working via this route. Regarding malicious applications, we’d always recommend that applications are only ever installed from legitimate sources, however malicious apps still regularly appear in legitimate app stores, so this is not fool-proof.

Thinking specifically about mobile banking and HCE payment applications, which is what interests many of our customers – these applications should already be including protections to prevent, or at least detect, malicious attacks. These protections typically include numerous measures such as root/jailbreak detection, code obfuscation, data minimisation, white-box cryptography and so on.

If anything, these latest vulnerabilities are a useful reminder that security is not a single task within a project plan, ticked off when complete before moving onto the next sprint or task. Rather, it is an ongoing concern for the lifetime of the system – something that Consult Hyperion quietly helps its customers with. A year ago, few would have considered this class of attack to either have been possible, let alone something which needs to be actively mitigated.

China’s PSD2 SCA

QR codes are everywhere because anyone can read them, anyone can use them, anyone can write them. This is in part because there is no security infrastructure. The result in China, where there was little card infrastructure in place beforehand, was the near-ubiquity of QR in the world’s biggest mobile payments market.

“Ogilvy & Mather and Ipsos concluded in a survey of China’s mobile payment market that ‘[Chinese] mobile payment has permeated all aspects of life and changed basic, everyday habits.’”

From “How Chinese Mobile Payments Are Quietly Conquering the World“.

It seemed to us that fraud would be an inevitable consequence of this QR-centric approach, that is indeed what happened. Last year, for example, the South China Morning Post reported that in March 2017 some 90m Yuan were stolen via QR code scams in Guangdong alone (a suspect in one case was found to have replaced merchants legitimate bar codes with fake ones that embedded a virus to steal personal information) and that in China as a whole, a quarter of viruses and trojans were coming in via QR.

Now, while even the man who invented QR codes says that they are an interim technology, there’s no denying that they are here to stay. Hence it makes sense to find a way to make them more secure, and the obvious way to do this is two-factor authentication (2FA). It turns out that the Chinese regulators have come to the same conclusion and have implemented the equivalent of the European Union (EU) Second Payment Services Directive (PSD2) Regulatory Technical Standards (RTS) on Secure Customer Authentication (SCA).

“Under new rules released by the People’s Bank of China [in December 2017], all transactions over 500 yuan (US$76) will be subject to additional levels of verification. As the transaction value passes each trigger point – 1,000 yuan, 5,000 yuan and unlimited – so the security checks will increase.”

From “China’s central bank tightens security“.

Introducing further authentication methods makes obvious sense. Just as in the UK we have contactless for low-value payments but 2FA for higher-value payments (ie, chip and PIN for cards or CDCVM for mobile), QR will be used for low-value payments but 2FA will be required for higher-value payments. Of course, in the Chinese system, QR works just as well on-line as in-person whereas in our system we don’t use chip and PIN online.

This is where we (ie, the industry) should focus our efforts in 2018, since card-not-present fraud is currently growing at 9% per annum in the UK. So what is the way to use chip and PIN online? Well, we already know – it’s the combination of web and mobile browsing with mobile wallets for transactions. When I see a web form asking me to type in my card details – in 2018 already! – my heart sinks. I’ve used ApplePay in-browser a couple of times now (which is the equivalent of using chip and PIN online, as it uses the token in the wallet on the iPhone to complete a web transactions) and I’m already frustrated that more web sites don’t use this kind of solution. If we put our minds to it, we can have online payments that are as ubiquitous as in China, but more secure.

At last, NDEF

A decade ago I remember writing that one of the problems with QR codes is that there is no security. Some years later I wrote an article pointing out that NFC ought to be safer than QR codes because NFC included a standard for digitally-signing tags (although I did also note that no-one used it) whereas anyone could easily create bogus QR codes.

Well, I might not go so far as to call [QR codes] evil, but they certainly have the potential to enable person or persons unknown to act with evil intent.

From A quick response to the problem | Consult Hyperion

I suggested, in connection with a couple of projects we were working on at the time, that the mobile operators do something about this by creating a digital signature standard for QR codes so that phones could be set by default to ignore unsigned codes. None of this happened, as I’m sure you are aware and QR codes became popular precisely because any app could read any code anywhere.

The security problem never went away though. I notice in the South China Morning Post that in March 2017 some 90m Yuan was stolen via QR code scams in Guangdong alone (a suspect in the case replaced merchants’ legitimate bar codes with fake ones that embedded a virus to steal personal information) and that in China as a whole, a quarter of viruses and trojans come in via QR. Despite the incredible success of QR there, we need to do better.

Even the man who invented QR codes says that they are an interim technology.

From Never mind the last mile, what about the last millimetre? | Consult Hyperion

Now, also back in the day, I had originally assumed that Apple would add NFC to the iPhone. I was wrong about this for years, so eventually I assumed that they were going to bypass the technology and go to Bluetooth. Yet what I said at the time still holds: NFC is undeniably convenient.

NFC is a convenience technology, and Apple loves convenience

From Quick response | Consult Hyperion

I wasn’t just guessing about this, I was drawing on Consult Hyperion’s early experiences with NFC (remember the Nokia 6131?) of tag reading and writing, including not only the usual payments and ticketing stuff but also such fun applications as getting information about clothes at London Fashion Week. I also noted surveys at the time that showed that NFC generated better results for merchants, but only once consumers could get it working. As my good friend Osama Bedier, then head of Google Wallet, pointed out, this is was some barrier because of the amount of “futz” it took to get NFC working.

But there was another reason that I was so interested in NFC as QR alternative back in this days.  To go back to the security point, I was interested in thestandard for adding digital signatures to NDEFs (the “NFC Signature RTD Technical Specification”) to build a safe tag infrastructure. After hawking this around a few different projects, to general disinterest, I figured that the telcos weren’t interested in using it to deliver secure infrastructure, so I said…

“Someone else will build this business (Apple? They seem to be getting all sorts of NFC-related patents at the moment) and then the operators will once again complain about being pipes. Is Tom Noyes right to say that “…Apple and Google will be further ahead in coordinating value in new networks”

You don’t know ‘jack | Consult Hyperion

Well, well. Tom was right as usual, even if it took a few years for the hand to play out. At WWDC, Apple announced that IOS11 will indeed include the ability to read NDEF data from tags.

“Using Core NFC, you can read Near Field Communication (NFC) tags of types 1 through 5 that contain data in the NFC Data Exchange Format (NDEF).”

via Apple adds support for NFC tags to iPhone 7 and Apple Watch • NFC World

So now, more than a decade after our first NFC experiments, both IOS and Android can read standard tags and action them. I want to make a couple of quick points about this before I head off down to our Hyperlab and see what our developers make of the new toolkit.

First of all, this technology will inevitable be used for triggering in-app payments that work in a very convenient way for consumers. Instead of having to open your Tesco Payqwiq app and then scan a code from the POS, the POS will function as a tag (and remember it can potentially rewrite a dynamic tag on the fly): you can just tap the phone on the POS and the operating system will automatically open the Payqwiq app and route the data to it.

Secondly, since tags are inexpensive, they will be used for a variety of different applications. Tickets for pop concerts, information about products, name badges, all sorts of things that can be read by a phone rather than by a specialist reader, Therefore I expect new standards for NDEF content to spring up. One of my favourite apps, back in the day, was a phone number tag that men could put in their back pocket at a nightclub: admirers could wave their phone in an appropriate area to get the number and send a text message. Here we are trying experiments with different types of clothing (which turned out to have very different NFC-friendly characteristics!) a decade ago.

Lastly, note that NFC tags can be read through packaging. Unlike QR codes that need to be printed on the outside of a box, tags can be inside. Where would this matter? Well, take a current UK example. Cigarettes now have to be in plain packaging. Tobacco companies don’t like this – for obvious brand reasons – but they do have a point: plain packaging makes like easier for counterfeiters. So suppose packs had a cheap tag inside: then your phone could tell you whether you’ve got real Marlboro or a knock off. You download the Marlboro app, then from then on when you tap a pack if the app doesn’t pop up with a big green tick you know you’ve been done. I’ve written about this sort of thing before ( for example, wine and whiskey) so it’s hardly a new idea.

Note, however, that IOS11 also includes ARKit to add augmented reality. So, when you look at your pack of plain cigarettes through your app (after you’ve tapped, so the phone reads the tag and knows that they are real Marlboro) you don’t see plain packaging any more you see… well whatever.

NFC Example

All in all, Apple’s announcement – whether the culmination of a clever plan or a response to Android market share – is a big deal. I found a whole bunch of blank NFC tags in my desk drawer so I’m off to start programming them now.

Don’t bogart that iPhone

Over the years, I’ve often tried to persuade clients that the time will come when privacy will be part of the upfront consumer proposition rather than a back office hygiene factor.

privacy should be an integral part of the customer proposition that sways the choice of product or service

From The business of privacy | Consult Hyperion

This means that organisations should plan for investments in more sophisticated security infrastructure (you can’t have privacy without security) and that these should be on a roadmap that exploits this transition. I think we may be getting closer to this transition time, because I notice that Apple appear to taking quite a big step forward to improve the privacy of individuals in a networked, hyper-connected world by introducing “differential privacy” in its products.

Differential privacy provides a way to mathematically guarantee that statistics about a pool of data collected from many people can’t be used to reveal much about the contribution of any one individual. Apple has built it into the new version of its mobile operating system, iOS, for iPhones and iPads to be released this fall.

From Apple’s New Privacy Technology May Pressure Competitors to Better Protect Our Data

If you’re wondering what this means, and can’t understand the wikipedia article (I couldn’t), let me give you an example from some software that I wrote many, many years ago. I’ll use the example of recreational drug use, although this isn’t what the project I worked on was about (well, not during daylight hours, anyway).

Suppose for some reason — e.g., public health planning — the government wants to know how many people smoke dope. Imagine that there’s an app on your phone that asks you if you smoke dope. So it asks you “Do you smoke dope?”. The app sends your answer back to some survey database big data cloud thing. Now the big data cloud thing can tell other people (e.g., the government) that you smoke dope but that means that the police will know and also if hackers get into the survey database big data cloud thing they could blackmail you (or sell you dope).

But there is another privacy-enhancing way to do this.

The app asks you if you smoke dope. You answer. Then the app tosses a coin. If the coin comes down heads, then the app tells the big data cloud thing “yes”. If the coin comes down tails, then the app tells the big data cloud thing whatever your real answer was.

Let’s say 10 million people answer. In the big data cloud thing, there are seven million yes answers and three million no answers. Remember, because the coin toss is fair, then five million of the answers will be a yes anyway. So you know that five million of the yes answers were there because of the coin coming down heads, and you can ignore them because they are not the real answer. You can take away five million of the yes answers as down to random chance.

Now you are left with the remaining five million real answers. There are the two million yes answers and three million no answers that are not down to random chance. You can therefore deduce that 40% of the population smoke dope.

Now, if hackers or the police get into the database and discover a yes answer next to your phone number, they cannot tell whether it is a real yes or a yes because of the coin toss. And you don’t want to reveal that you smoke dope, you can say that’s because of the coin toss.

Thus, the statistics for the population are correct and you know that 40% of the population smoke dope but you cannot tell whether any individual person smokes dope.

Now the differential privacy used by Apple is more complex than this simple example, but you get the point, and good on them for taking practical privacy-enhancing action whether it is to advance the sum total of human privacy or to put pressure on Facebook and Google. Either way, making privacy part of the proposition that might sway the customer’s choice is a very good thing.

We might want an irreversible anonymous blockchain but not for irreversible anonymous payments

I think I’ll just read John Lanchester’s superb piece about bitcoin in the London Review of Books one more time. It’s hard to choose a favourite part of such an excellent article, but if I was pressed to do so, I suppose it would be this part:

David Birch is the author of a fresh, original and fascinatingly wide-ranging short book about developments in the field, Identity Is the New Money. His is the best book on general issues around new forms of money, and new possibilities generated by blockchain technology.

From John Lanchester · When Bitcoin Grows Up: What is Money? · LRB 21 April 2016

John is much too kind. And is a much better writer than I am, which is why his piece is so good. His basic question about where we are going next is fascinating and has been at the heart of some heated debates that I’ve been involved in recently, including a stand-up with a bunch of very clever people at the European Blockchain Congress in London.

Arguing with smart people is how I learn

 

My preferred method of accelerated learning is arguing with smart people, and the Congress delivered them in spades. But before I come back to this particular argument, let’s just frame the big picture. First of all, no-one would deny that the bitcoin blockchain is a triumph of technology and engineering and innovation and ingenuity. Statistically, almost no-one uses it, but that’s by the by.

“The total addressable market of people who want to buy bitcoin is very, very thin,”

From What a Tech Startup’s Pivots Say About Bitcoin’s Future | American Banker

Indeed. And most of them aren’t in America or any other developed market. Why? Well, bitcoin is a super-inefficient form of digital currency that was designed to solve one problem (uncensorability). If I’m trying to get my last few dollars out of Caracas before the power is shut off permanently then bitcoin might provide a rickety bridge to US Dollars, but if I’m trying to pay for a delicious burrito at Chipotle then bitcoin is pointless. However, and this is what the argument at the Congress (in the picture above) made me think about, there may be other factors that mean the bitcoin blockchain will obtain mass market traction.

What factors? Well, here are two that were touched on during the discussion pictured above, together with my more considered reflections on them.

One factor might be irreversibility. I think we all understand that you can’t build an irreversible payment system on top of a reversible payment system (such as direct debits in the UK) but you can build a reversible payment system (which is what society actually wants) on top of an irreversible one. That’s a good argument for having an fast, free and irreversible payment system that can be built on to provide a variety of different payment schemes suited to particular marketplaces. In the UK we already have this, it’s called the Faster Payment Service (FPS). Once the Payment Systems Regulator (PSR) has finished opening up access to FPS and once FPS can be accessed efficiently through the “XS2A” Application Programming Interaces (APIs) that will be put in place by the Second Payment Services Directive (PSD2), then we ought to be able to unleash some creativity in the developer community and perhaps build a reversible payment scheme on top of this irreversible infrastructure (I’m not the only genius to have thought of this: MasterCard are one of the bidders). Then it wouldn’t matter whether the scheme used the bitcoin blockchain or the FPS or NPP in Australia or TCH in the US or Ripple or anything else: the choice would come down to price and performance. Perhaps bitcoin would then be a choice, although I’m not sure about it.

Another factor might be anonymity. No-one who actually thinks about it wants anonymity. What they want is privacy. But there is a similar asymmetry as in the case of irreversibility. You can’t build an anonymous system on top of a non-anonymous system but you could build a privacy-enhancing transaction system on topic of an anonymous system and since I’m rather wedded to the idea of private payment systems, I find this an interesting combination. Again, would bitcoin be a choice for this? That’s not clear to me at all.

What if those factors turn out to be important enough to build new services, but not for creating a currency? This would support the view that a blockchain, although not necessarily the bitcoin blockchain, might well be the shared security service that society needs to anchor a new generation of online transactional services. As time goes by, this strikes me as a more and more interesting possibility. I mentioned it a couple of weeks ago.

Dr. Wright says “The mining of bitcoin is a security service that alone creates no wealth”. So to return to the point above, the sheer volume of mining going on (provided it does not become concentrated) means that there is a very, very secure piece of infrastructure out there. This infrastructure may be used to “anchor” all sorts of new services that need security as I said above. Some of them may be payments (as the Lightning folks hope) but most of them will not be.

From Mining for what? | Consult Hyperion

So, to get back to John Lanchester’s piece, where might we be going next? I’m pretty sure that we’ll soon see another more efficient blockchain that will untangle the cryptocurrency from the carrier by providing some other incentive for mining (perhaps more like Ethereum, who knows). This, the Watt blockchain that will replace the Newcomben blockchain that we have now, could well be the new supranational security infrastructure that, as some claim, will be as important as the Internet itself because it will provide the security layer that the Internet should have had in the first place.

Mining for what?

(Updated 6th May with reference to post by Dr. Craig Wright.)

As I am sure you know, the security of the bitcoin blockchain rests on a consensus protocol that includes a proof-of-work algorithm, and executing this algorithm (which is computationally very intensive) has become known as “mining” by analogy to gold mining (because of the bitcoin reward for the activity). Hence the idea of bitcoin miners.

On the edge of a tiny Chinese town is a strange building where you can get an insight into the future – and only a handful of people know what is happening inside.

From BBC – Future – We looked inside a secret Chinese bitcoin mine

By complete coincidence, on the very day that this story about a secret Chinese bitcoin mine was published on the BBC, I ran into the secret Chinese bitcoin miner himself at a not-at-all secret hotel in New York.

Secret Chinese Bitcoin Miner

Yes, it was Chandler Guo! As you may recall, Chandler won the coveted Toast D’Or at last year’s Money 2020 in Las Vegas (you can read the full story about it here) because he asked the best question from the floor.

Money2020 Toast and More

Anyway, he told me not to mention where the secret mine is, so I won’t, but it was interesting hearing him talk (as it always is) about how mining is going and the dynamics in the sector. Chandler mentions in passing in the BBC article that about three-quarters of the world’s bitcoin mining equipment is in China and that he is currently building a bitcoin mine that will produce about a third of all the bitcoins. What will happen to these bitcoins is anyone’s guess.

“The total addressable market of people who want to buy bitcoin is very, very thin,”

From What a Tech Startup’s Pivots Say About Bitcoin’s Future | American Banker

Indeed. And most of them aren’t in America or any other developed market. But what if it turns out that bitcoins aren’t useful as money at all, but as “anchors” for a variety of new and innovative cryptography-based services (one of which may be payments). The bitcoins will be useful because of the sheer volume of mining going on (since the security of the system rests of mining), not because they are coins representing any actual value.

Wait, what? Bitcoins might be valuable because they are not money? Well, yes.

I’ve said before, in my usual soundbite twitter-centric superficial and aphoristic way, that the future of money isn’t bitcoin and the future of bitcoin isn’t money. We don’t need to go into why I think this, although I will say that I think my early analysis of the technology for out clients has stood up pretty well over time. I touched on the topic again last month in a blog post “Is Bitcoin Money?” where I again said “will money as we know it be replaced by bitcoin? I sincerely doubt it” after a discussion about the functions of money. I started thinking about this again during a couple of the discussions at Consensus 2016 and then some pointed me towards a discussion thread about whether bitcoin is money or not. To be honest, I wasn’t that interested in reading it, but as I was bored on a plane I started to scroll down. It became mildly more interesting when someone mentioned John Lanchester’s piece in the London Review of Books. You remember, the one where he says “David Birch is the author of a fresh, original and fascinatingly wide-ranging short book about developments in the field, Identity Is the New Money. His is the best book on general issues around new forms of money, and new possibilities generated by blockchain technology”. (Which reminds me, I must write a blog post on John’s excellent piece…)

Anyway, while I skimmed some of the arguments, the core of the discussion was that an economic adviser to Jeremy Corbyn, the current leader of the UK Labour Party, said that money is credit and bitcoin isn’t credit so it isn’t money. I’m pretty sure he’s wrong about this (since it is easy to envisage non-credit monies), but that’s not my point. He also makes a point about trust, which is a good one and similar to a point made in a Forbes piece that I read a while back.

Why should anyone have more trust in a digital currency created by an anonymous group of coders accountable to no-one than in a democratically-elected government accountable to everyone? Why is an essentially feudal governance model “safer” than a democratic one?

From Bitcoin: In Technology We Trust (Maybe) – Forbes

So far so familiar to people I bore senseless about this stuff at parties. Then it got a lot more interesting when my old chum Izabella Kaminska from the FT stepped into the fray, pointing to something that Craig Wright (the man who may or may not be Satoshi Nakamoto) wrote on the topic.

It’s the first time anyone in the bitcoin world has actually made a compelling argument, with historical references. First, he describes bitcoin not as a currency or a commodity but as a security service.

From Tax Research UK » The problems with Bitcoin

I had not read the Wright piece before, so I had a very quick glance and then bookmarked it to read later. Unfortunately, there was no later as Mr. Wright has now canned his blog, but a correspondent found it using the wayback machine. Dr. Wright says “The mining of bitcoin is a security service that alone creates no wealth”. So to return to the point above, the sheer volume of mining going on (provided it does not become concentrated) means that there is a very, very secure piece of infrastructure out there. This infrastructure may be used to “anchor” all sorts of new services that need security as I said above. Some of them may be payments (as the Lightning folks hope) but most of them will not be. Now, while I think it unlikely that the bitcoin blockchain will be the final form of this infrastructure, that’s no reason not to experiment with it, in which case bitcoins will continue to have value even if no-one is using them to buy mundane goods or services.

We must stop solicitors from using e-mail as soon as possible

I was watching Panorama on the BBC on Monday. It was about hacking, ID theft, the usual stuff. The main takeaway for the general public was, I think, that everyone’s personal details have already been stolen and are common currency amongst criminals.

Hackers have stolen the personal details of millions of customers from companies like Talk Talk. So how do cybercriminals get hold of our data? Reporter Daniel Foggo meets the hackers who can break into any website and finds out how criminals profit from our information.

[From 

BBC One – Panorama, How Hackers Steal Your ID

]

It featured one sad case of a woman who had been misled by fraudsters. She was buying a house and got an e-mail from (she thought) her solicitor asking her to transfer the funds for the house purchase (some £50,000) to a particular bank account. She did. The e-mail was, of course, from crooks and they transferred the money out and were never seen again (so much for the KYC/AML checks we spend so much money on). With so much money at stake, I couldn’t help but wonder, wouldn’t some form of security seem appropriate?

According to the American Bar Association (ABA), only a third of lawyers use encryption to communicate with their clients and of the lawyers who claim that they do use encryption, fully a third cannot say what kind of encryption they use. Of those who could say what type of encryption they use, the most commonly identified type was general purpose software with encryption features that required the recipient to be sent a separate password. Which is perfectly acceptable: I do the same all the time, using some zip utility to encrypt with a password then texting the password to the recipient. But I can’t help but wonder: why it is that Facebook can send me e-mail that is encrypted and digitally-signed and lawyers cannot? It’s not as if there isn’t a threat model!

Mrs d’Adhemar engaged a solicitor to handle the transaction and sent all correspondence through her secure work email address, but used her personal email account for everything else, including contact with the estate agent, Chestertons.

But 10 days after the sale was completed they received a call from their solicitor, who said NatWest had flagged up a problem with their account. Alarm bells immediately rang. The couple didn’t have a NatWest account, they banked with HSBC.

[From 

Email hacking: another home-seller robbed of £270,000 – Telegraph

]

Just in case you are thinking that I’m highlighting odd or exceptional cases in order to make a point, I can assure you that I am not. This sort of thing goes on all the time in the UK.

Mr Lupton’s solicitor, Perry Hay & Co in Richmond, Surrey, emailed him requesting his bank account details for the sale proceeds to be paid into.

As millions of people do regularly and without thought, he duly replied, sending his Barclays bank account number and sort code.
The email was intercepted by fraudsters. Posing as Mr Lupton, the fraudsters swiftly emailed Perry Hay & Co again – from the same email account – and told it to disregard the previous details and send the money to a different account instead.

[From 

‘Fraudsters hacked emails to my solicitor and stole £340,000 from my property sale’ – Telegraph

]

After all these years, we still can’t make e-mail security work. Imagine the hassle that the average solicitor would face in trying to get an average customer to install GPG or something. It’s never going to happen. The solution, as Ian Grigg pointed out seven years ago when I was going on about the security of e-mail another time, is to stop trying to fix e-mail and (as my teenagers did) move somewhere else. Why not use messaging systems that are secure, like Facetime? Yes they aren’t interoperable (so you would need to know whether the customer had Skype or Yahoo or WeChat or WhatsApp or whatever) but I don’t think it would be hard to set up a few accounts. Then the fraudsters would have to take over the solicitor’s account rather than just send an e-mail. This would have two immediate benefits: first, the security of the account would be specifically the problem of the solicitor and they would fix it by using strong authentication and, second, all communications could be encrypted (I remember that we worked on a pilot system like this – for financial services rather than for solicitors – a few years ago and even then the overheads associated with encrypting and signing were negligible).

We need solicitors to stop using e-mail as soon as possible, but we need to provide a viable alternative. If not social media or messaging, then why can’t we have something like they have in Denmark, where everyone has a sort of secure government postbox?

P.S. It’s a rhetorical question. I know perfectly well why we can’t: it’s because Denmark has a national digital identity infrastructure and we don’t. But why not have it as a bank service, like the Barclays Cloud thingy? Since the solicitor knows your bank account, they would automatically know which bank cloud to send the documents to. And if you wanted to tell your solicitor to send money somewhere else or some other instruction, you would have to do it from inside your bank cloud. Surely, with a nuclear-powered robot on Mars, it ought to be possible to send documents from a postbox in one bank cloud to a postbox in another?

#IDIoT is a serious business

The Gartner hype cycle is jolly bullish on autonomous vehicles, which I’m really looking forward to. According to Jerry Kaplan’s fascinating “Humans need not apply”, switching to autonomous vehicles in the US will save thousands of lives and billions of dollars every year. Personally, I couldn’t care less if I never drive a car for myself ever again, and I hope that Woking will become an autonomous vehicle only zone as soon as possible. Sadly, this won’t be for a while.

While autonomous vehicles are still embryonic, this movement still represents a significant advancement, with all major automotive companies putting autonomous vehicles on their near-term roadmaps.

[From Gartner’s 2015 Hype Cycle for Emerging Technologies Identifies the Computing Innovations That Organizations Should Monitor]

Gartner are even more bullish on what they call autonomous field vehicles (which I think means drones, combine harvesters and such like) and predict that these will be around in 2-5 years time, just like enterprise 3D printing and cryptocurrency exchanges. I couldn’t help but notice, though, that their very same hype cycle puts digital security at least 5-10 years out. So they are forecasting that there will be vehicles running around for some years before we are able to secure them, 3D printers inside organisations printing things for years before we are able to protect them and people trading money years before we can stop hackers from looting them. Actually, I agree with Gartner’s prediction, as it’s entirely congruent with my own #IDIoT line of thinking, which is that our developments in connection technologies are accelerating past our developments in disconnection technologies. And if you don’t care what I think about it, you probably do care what Vint Cerf thinks about it.

“Sometimes I’m terrified by it,” he said in a news briefing Monday at the Heidelberg Laureate Forum in Germany. “It’s a combination of appliances and software, and I’m always nervous about software — software has bugs.”

[From Vint Cerf: ‘Sometimes I’m terrified’ by the IoT | ITworld]

We’re busy going round connecting vehicles, equipment and money to the internet with having any sort of strategy in place for disconnecting them, which is much more difficult (doors are easy, locks are hard, basically). And with chips that we don’t even understand being built into everyday devices, the complexity of managing security is escalating daily. Look at the recently-launched “21” idea.

Its core business plan it turns out will be embedding ASIC bitcoin mining chips into everyday devices like USB battery chargers, routers, printers, gaming consoles, set-top boxes and — the piece de resistance — chipsets to be used by internet of things devices.

[From Meet the company that wants to put a bitcoin miner in your toaster | FT Alphaville]

Really? Chips in everything? What could possibly go wrong? Oh wait, it already has. There’s something missing here: an identity layer. Hardly a new idea and I’m not the only person going on about it.

Everyone and everything will have an identity… We can’t scale a world that we can’t talk to, can’t control and can’t secure. Everything, including your toaster, you fridge and your car, will have an identity.

[From Facing the new Big Bang: The IoT’s identity onslaught — Tech News and Analysis]

Yet nothing much is getting done, despite that fact that we already have plenty of case studies as to how bad the situation is already. Never mind smart fridges that give away your personal details or televisions that spy on you there are issues about the maintenance and upkeep of things in the field that create an identity management environment utterly different to anything are used to dealing with in the worlds of OIX, Mobile Connect, SAML and so on. 

Did you buy a smart TV or set-top box or tablet any time before January 2013? Do you watch YouTube on it, perhaps through an app? Bad news: Google has shut down the feed that pushed content into the app.

[From You buy the TV, Google ‘upgrades’ its software and then YouTube doesn’t work … | Technology | The Guardian]

It’s issues like this that make me want to focus on identity in the internet of things (or #IDIoT, as I call it) in the near term, so I was really flattered to be asked along by the good people at ForgeRock to talk about this at their London Identity Summit tomorrow. Really looking forward to exploring some of these ideas and getting feedback from people who know what they’re talking about. What’s more, Consult Hyperion and the Surrey Centre for the Digital Economy (CoDE) will be delivering a highly interactive workshop session designed specifically for the University of Surrey’s 5G Innovation Centre SME Technology Pioneer Members on 30th November 2015. This will include “business lab sessions” interleaved with presentations and discussion. We’ll be putting forward the #IDIoT structure to explore identity, privacy and security issues using our ‘3 Rs’ of Recognition, Relationship and Reputation. The event will be an opportunity to establish contacts with companies interested in the IoT space, as well as connecting with the broader University community and a select group of large enterprises so I’m really looking forward to it and, as you might imagine, you’ll read all about it here!

The dawn of the cardholder-present transaction (Salford edition)

Well, today was the big day. Yes, a cusp in the annals of payment history. The day that mobile payments became real etc etc. Apple Pay in dear old Blighty! And a surprising amount of media attention.

It is the first time the “tap-and-pay” system — which allows users to pay for goods and services by touching their smartphones on contactless payment points — will be available outside the US.

[From Apple Pay taps UK to shake up consumer spending – FT.com]

Hurrah! Now, I’ve been tapping and paying with my iPhone for ages using my splendid Barclaycard sticker. But now the rest of you can join in the fun. Well, at least those of you with some of the latest Apple gear, that is.

Owners of an Apple Watch synced to an iPhone 5, iPhone 5c, and iPhone 5s will also be able to use Apple Pay, albeit without the extra security of Touch ID available only on the latest iPhone 6/6S model. Those with the latest iPad Air 2 or iPad mini 3 will also be able to use Apple Pay within apps to make purchases online.

[From Apple Pay readied for UK live debut – E & T Magazine]

The launch of Apple Pay meant that I had a pleasantly busy media day, starting of in Salford with BBC TV’s national “Breakfast” show.  This was really fun but it’s quite difficult because you have to boil down what you want to say to the bare essentials and talk in a language that a normal person (i.e., not someone obsessed with the future of electronic transactions) can connect to. The main point that I wanted to get over was that this really does mean a payments revolution, but because it brings security and convenience in-app and online, not because you can tap to buy cups off coffee, no matter how cool.

Good Morning Britain

One question that I was asked more than once during the day was “is it secure?”. I sometimes find this a little odd, because it suggests that Apple, the international card schemes, Britain’s leading retail banks and top consultants were thick as planks and hadn’t thought about it. My consistent response was that not only is it secure (or, at least secure within the bounds of the economic parameters appropriate to the business model, which is what I always mean by “secure”) but it is very secure indeed. The truth is though that none of this actually matters when it comes to adoption.

according to our Technographics data from Q1 2015, 27% of UK online consumers owning an iPhone would trust Apple to provide a mobile digital wallet but they are still more likely to trust PayPal (43%), a bank (41%), a credit card network (40%), and Amazon (32%).

[From Expect Faster Adoption Of Apple Pay In The UK | Forrester Blogs]

Now, it’s very important not to listen to consumers at all about this sort of thing. How secure a transaction mechanism is or is not has almost no bearing on whether people think it is or is not secure and no bearing at all on whether they actually use it or not. If you look at what people say and do, it’s clear that they are unconnected and surveys are a bit of a waste of time.

So, broadly speaking, people think that mobile payments are not secure, but since they don’t care about security and value convenience more highly, they will use mobile anyway.

[From I don’t trust public opinion on trust (or anything else) | Consult Hyperion]

The fact is that whatever people think, mobile payments are more secure than card payments. They might even, as it happens, lead to their demise. Anthony Jenkins, when head of Barclaycard, rather famously (to me) said that mobile phones would get rid of cards before they got rid of cash. I hate to say it, but it looks like he was right. Look at the trajectory. A decade ago, Bank Technology said that:

In the US, bank-issued contact smart cards are already in decline. In March of this year, Target said that it would discontinue its smart card programme because so few of the cards were ever used to download coupons as intended. Financial Insights reckon that the numbers in circulation will continue to fall from the peak of 21 million in 2002. Unless there is a dramatic increase in card fraud in the US, the business case for investing in anything other conventional magnetic stripe cards remains non-existent.

Well, there was a dramatic increase in fraud, yet the business case remains uncertain. US issuers are hardly racing to implement EMV. The costs of card-not-present (CNP) fraud and PCI-DSS all fall on the merchants, not the issuers, so their incentive to change is limited. But — and this is a perspective we need to explore — EMV has not been a magic bullet against fraud elsewhere in the world. The UK has had EMV for years, yet card fraud is still a major, major problem.

Damning research shows up to 3.8million bank and credit card frauds are left out of the Crime Survey for England and Wales, distorting the true scale of offending. If they were included, the number of annual offences would rise by 50 per cent, from the record low of 7.3million to 11million a year. It means seven people are defrauded every minute.

[From Why crime is really UP 50%: Upbeat official figures ignore slew of offences, from card fraud to murder | Mail Online]

The reason is two-fold. First, over time, criminals have become more inventive and have found many scams to obtain cards and PINs. Second, and most importantly, EMV did nothing about CNP. This is what Apple Pay is about to change, followed by bank schemes, Google Pay, retailers own schemes, Samsung pay and what ever else.

UK Card Fraud 2003-2014E

According to a variety of figures I’ve looked at, retail e-commerce is growing at around 10% per annum whereas card fraud in retail e-commerce is growing at double that rate. It’s time for a step change in the fight against card fraud. But what? Well, back in January 2014, I said in passing that “until we get a more secure mobile phone-based card infrastructure in place with working tokenisation” we would be stuck with these high levels of card fraud. Of course, I’m not quite the guru you might imagine for saying this, because I knew that my colleagues at Consult Hyperion were already working on tokenisation, but you can see what I was getting at.

I made this point again when I got caught up in an interesting discussion about card fraud a couple of days ago. The circumstances aren’t germane and I wouldn’t want to mention any of the organisations involved, and I hope none of them will mind if I mention that one of the main points of discussion was the relative security of mobile transactions over conventional card transactions. I think is fair to say that, broadly speaking, the discussion subgroup who came from banks agreed with me that mobile would in time be more secure than cards while the subgroup who came from merchants wanted to know if this meant changes to rules and rights. (I think it will.)

So why did the bank group think that mobile holds so much promise in security terms? As you’d expect, device fingerprinting and location-based services were seen as transforming the security around the payment transaction, and I couldn’t agree more. They also thought that this would mean that, in time, card-present (CP) rules and rights could be extended to mobile transactions. Personally, I am more bullish than that and would push further. I think that in time “cardholder present” transactions will actually be cheaper for the merchants than CP transactions and will be more desirable for the merchants because they allow for the sophisticated handling of payments related data within a transaction.

This must mean that in the longer term merchants will incentivise the use of mobile payments (e.g., Apple Pay) over the use of plastic cards and this will further support the evolution of in-app payments. As I said to a journalist this morning, Apple Pay is huge, but not because you can tap your phone to buy a coffee. Apple Pay is huge because it is the mass-market dawn of the change from card-present and card-not-present to cardholder-is-present and cardholder-was-present transactions.

But back to breakfast television. In the “green room” I ran into Mark Thompson, the astronomy chap, who was in to talk about the Pluto mission. As an experiment we decided to try out Apple Pay on his iPhone, which all went swimmingly. He opened up “add a card”, scanned his credit card and then… “sorry, your card is not supported”. He was using a Barclaycard.

Good Morning Britain

I showed him my sticker.