SIBOS, Star Trek and the end of Bretton Woods

Here’s a story I came across that I found so interesting that I discussed it in my book about the history and future of money, “Before Babylon, Beyond Bitcoin”. It is a utopian future fiction that happens to have something to interesting to say about money, which is why it caught my eye. This is somewhat unusual for a utopian vision since, as Nigel Dodd observed in his 2014 book “The Social Life of Money“, utopias from Plato’s Republic to Star Trek don’t seem to include money at all, never mind M-PESA or Bitcoin.

Anyhow, the story that interested me has a ‘guy falls asleep under hypnosis and awakes a century later to find a model society, then finds it’s all a dream’ narrative arc that is hard to read with modern eyes, because the perfect society that the author imagines is a communist superstate that looks like Disneyland but run by Stalin. Everyone works for the government, and since government planners can optimize production, the ‘inefficiency’ of the free market is gone.

During his adventures in this new world the narrator, the time travelling protagonist, is told by his host in the modern era (the good Doctor Edward Leete), that cash no longer exists. Instead, the Doctor informs him, the populace use ‘credit cards’ for retail transactions. (He then, as it happens, goes on to describe what are in fact offline pre-authorized debit cards imagined in the technology of the day, but that is by-the-by.)

While the author does not talk about the telephone, laser beams or the knowledge economy, he does make a some insightful predictions about the evolution of money. When talking about an American going to visit Berlin, the good Doctor notes how convenient it is for international travellers to use these ‘credit cards’ instead of foreign currency: ‘An American credit card,’ replied Dr Leete, ‘is just as good as American gold used to be’.

This is an excellent description of our world after the end of the gold standard and the rise of a dominant reserve currency, what economists call the  “Bretton Woods II” era of monetary history. A clever prediction indeed. However, I think that the most fascinating insight into the future of money comes later in the book, when the time traveller asks his twenty-first-century host ‘Are credit cards issued to the women just as to the men?’ and the answer comes back ‘certainly’.

That answer might alert you to the age of the text, which in fact contains the earliest mention of a credit card that I have found anywhere as part of a fictional narrative. The book is by the American author Edward Bellamy and is called “Looking Backward, 2000–1887“. It was written in 1886, a century before the credit card became the iconic representation modern money, and it was one of the best-selling books of its day. I had a 1940s edition in front of me as I wrote my book, so it was still being reprinted sixty years later!

I cannot help but reflect that the discourse on money in that book is a wonderful example of how science fiction is not really about the future at all but about the present: the retort ‘certainly’ is clearly intended to surprise the Victorian reader as much, if not more, than the his prediction of glass tunnels that surround pavements when it rains.  It took a writer, not an economist or a technologist, to ask a simple question about money and get a surprising answer. Hold that thought.

Predictions are hard, especially about the future of money

Now let us have a go at predicting the financial system half a century onwards. Where do we start? Well, a good rule of thumb for futurologists is that if you want to look 50 years forward, you need to look at hundred years back because of the increasing pace of change. A hundred years back we had the telephone and global markets connected by instant, global communications. We had the Bank of England and the Federal Reserve. We had wire transfers. We had the world’s first commercial aviation service, created as it happened to accelerate the clearing of cheques between Chicago and New York.

A century ago we were also coming to the end of the era of the classical gold standard. The demise of that global financial system was brought about by the pressures of global conflict and depression that ultimately led Britain to abandon it permanently in 1931 after a temporary suspension that began in the middle of First World War and lasted until 1925. Some people think we are now coming to the end of the Bretton Woods II era and, as The Economist observed recently (“Into the woods”, 17th August), saying that international trade is complicated because “most countries have their own currencies, which move in idiosyncratic ways and can be held down to boost competitiveness”, it is not at all clear what is coming next!

If this is correct, and it seems likely that it is, then then what will replace the IMF, central banks and commercial banks offering credit when it comes to creating money, facilitating payments and prosperity? The reaction of regulators around the world to one alternative, Facebook’s proposed “Libra” digital currency, seems to indicate that the incumbents are not going to give up with out a fight. Yet given the history of financial markets and institutions, and given that we know that change is inevitable as the structures reshape under social, regulatory and technological pressures, it is not good enough to simply say that the incumbents are wrong. We (ie, the financial industry) must help to create a vision of future banking that helps us all – and I include the regulators in this – to shape strategies that lead to a financial sector that serves society better.

But what vision?

If we set aside both the misplaced view that the status quo will prevail and the Bitcoin maximalists fantasies of a completely decentralised society, where do we look to find believable alternatives? We all hear the speeches of the regulators, read the annual reports from the bankers, see the demos of the technologists and the slide decks of entrepreneurs. But have any of these created a vision in your mind? Perhaps it’s time to return to my opening observations to develop a narrative just as surprising to contemporary audiences Bellamy’s was to a Victorian one.

So. What do we now see a couple of generations from now. The world of Star Wars with a “galactic credit” that is universally accepted. That doesn’t seem right to me. A single currency doesn’t really work between Germany and Greece, so how it would work between Earth and LV-426? Would the use of a Synthetic Hegemonic Currency (SHC), to use Mark Carney’s words in the Financial Times (“Mark Carney calls for global monetary system to replace dollar”, 23rd August 2019), function in these circumstances as a trade currency for the universe?

 

What about the world of Star Trek with no money at all, save the gold pressed latinum of the Ferengi (shown above), valuable because it’s the only substance that the replicators can’t produce? How about the world of Charles Stross’ “Neptune’s Brood” where there is fast money and slow money that relies on cryptography so it only travels at one-third the speed of light?

How will people transact? Will it be the world in Robert Heinlein’s “Beyond the Horizon” where the government has an “integrated accumulator” (what we would now call a blockchain) to record all transactions and the finance minister has dashboard to see just how the economy is doing? The integrated accumulator sounds very much like the “compubank” in Margaret Attwood’s “The Handmaid’s Tale” which tells what happens if this machinery falls under the influence of fanatics, in that case as theocratic US administration that bans and blocks women’s payment cards? Will cash, indeed, be banned or will it simple be cash as in William Gibson’s “Count Zero” where the protagonist finds himself in a near future where he  “had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that no- body ever did anything legitimate with it”. (Which, frankly, sounds like Sweden rather than some future dystopia.)

What if money as we know it vanishes as a transactional medium of exchange? Will it be the world of Bruce Sterling’s “Distraction” in which distributed servers manage reputation as a currency, a theme also present in Cory Doctorow’s “Down and Out in the Magic Kingdom”. I am naturally attracted to these images of a future in which identity, trust and reputation reconnect us with our neolithic heritage (indeed, a few years ago I wrote a book called “Identity is the New Money”) and dispense with many kinds of intermediaries! Will this free us or will it fulfil the prophecy of the Book Of Revelation 13:16-17 that “no man might buy of sell save that he has the mark, or the name of the beast, or the number of his name” enslave us? Should we begin our scenario planning for these transactional environments now (hint: yes) or should we leave the technologists to choose a future for us?

Next week, for the Innotribe closing keynote of most important global banking conference of the year SIBOS, my good friend Brett King and I will be looking how writers have thought about the future of payments, banking and money to see if their narratives can help us to formulate strategies in this space and to see if we can find the hard question and surprising answer for the world of 50 years from now. I have an idea of what it might be, but let’s see how Brett, me and the Innotrible audience develop our thinking on the day. See you there.

China’s digital currency may set the benchmark, not Libra

As I wrote a while ago, the Chinese were first with the great transition from commodity money to paper money. They had the necessary technologies (you can’t have paper money without paper and you can’t do it at scale without printing) and, more importantly, they had the bureaucracy. In 1260, Kublai Khan became Emporer and determined that it was a burden to commerce and taxation to have all sorts of currencies in use, ranging from copper ‘cash’ to iron bars, to pearls to salt to specie, so he decided to implement a new currency. Then, as now, a new and growing economy needed a new kind of money to support trade and therefore prosperity. The Khan decided to replace copper, iron, commodity and specie cash with a paper currency. A paper currency! Imagine how crazy that must have sounded! Replacing physical, valuable stuff with bits of paper!

 

Just as Marco Polo and other medieval travellers returned along the Silk Road breathless with astonishing tales of paper money, so commentators (e.g., me) began tumbling off of flights from Beijing and Shanghai with equally astonishing tales of a land of mobile payments, where paper money is vanishing and consumers pay for everything with smartphones. China is well on the way to becoming a cashless society, with the end of its thousand year experiment with paper money in sight. Already a significant proportion of the population rely wholly on mobile payments and carry no cash at all, much as I do when heading into London.

The natural step from here is to create digital currency so that settlement is in central bank money and there are no credit risks. Now, the People’s Bank of China (PBoC) is run by smart people and as you might imagine they have been looking at this strategy since back in 2014. It now looks as if Facebook’s Libra initiative has stimulated or accelerated their tactics. I read in Central Banking [PBoC sounds alarm over Facebook’s Libra] that PBoC officials had “voiced worries” that [Libra] could have destabilising effects on the financial system and further stated that the bank would step up its own efforts to create an e-currency.

This is no knee-jerk reaction. Way back in 2016, the then-Governor of PBoC, Zhou Xiaochuan, very clearly set out their thinking about digital currency, saying that “it is an irresistible trend that paper money will be replaced by new products and new technologies”. He went on to say that as a legal tender, digital currency should be issued by the central bank (my emphasis) and after noting that he thought it would take a decade or so for digital currency to completely replace cash in cash went to state clearly that “he has plans how to gradually phase out paper money”.

(As I have written before, I don’t think a “cashless society” means a society in which notes and coins are outlawed, but a society in which they are irrelevant. Under this definition the PBoC could easily achieve this goal for China.)

What would be the impact of phasing out paper money? Yao Qian, from the PBOC technology department wrote on this subject back in 2017, noting (as I have done) that a central bank digital currency (CBDC) would have some consequences for commercial banks, so that it might be better to keep those banks as part of the new monetary arrangement. He described what has been called the “two tier” approach, noting that to offset the shock to the current banking system imposed by an independent digital currency system (and to protect the investment made by commercial banks on infrastructure), it is possible to incorporate digital currency wallet attributes into the existing commercial bank account system “so that electronic currency and digital currency are managed under the same account“.

I understand the rationale completely. The Chinese central bank wants the efficiencies that come from having a digital currency but also understands the implications of removing the exorbitant privilege of money creation from the commercial banks. If the commercial banks cannot create money by creating credit, then they can only provide loans from their deposits. Imagine if Bitcoin were the only currency in the world: I’d still need to borrow a few of them to buy a new car, but since Barclays can’t create Bitcoins they can only lend me Bitcoins that they have taken in deposit from other people. Fair enough. But here, as in so many other things, China is a window into the future.

Whether you think CBDC is a good idea or not, you can see that it’s a big step to take and therefore understand the PBoC position. There is a significant potential problem with digital currency created by the central bank. If commercial banks lose deposits and the privilege of creating money, then their functionality and role in the economy is much reduced. We already see this happening because “Alipay, WeChat Wallet, and other Chinese third party payment platforms use financial incentives to encourage users to take money out of their bank accounts and temporarily store it on the platform itself” [China’s Future is Definitely Cashless].

In summary, then, a couple of year ago I wrote that the PBoC were not going to issue cryptocurrencies and they were not going to issue digital currencies either (at least in the foreseeable future). What I said was that what they might do is to allow commercial banks to create digital currency under central bank control. And this indeed what seems to be happening. According to the South China Morning Post, the new Chinese digital currency “would be centrally controlled by the PBoC, with commercial banks having to hold reserves at the central bank for assets valued in the digital yuan“.

How will this work? Well, you could have the central bank provide commercial banks with some sort of cryptographic doodah that would allow them swap electronic money for digital currency under the control of the central bank. Wait a moment, that reminds me of something…

Yep, that’s how Mondex was structured 25 years ago. (If you don’t know what Mondex was, here’s something I wrote about it 20 years on.) There was one big different between Mondex and other electronic money schemes of the time, which was that Mondex would allow offline transfers, chip to chip, without bank (or central bank) intermediation. Would a central bank go for this today? Some form of digital cash that can be passed directly from person to person like Bitcoin rather than some form of electronic money like M-PESA, using hardware rather than proof of work to prevent double spending? Well, it was being tried in Uruguay, but I’m not sure how that pilot is going, although is was not quite the same thing as Mondex because the phones would not be exchanging fungible value but tokens that could ultimately be traced and tracked and monitored, but it’s interesting nonetheless.

 Mondex Paraphanalia

When I wrote about this back in 2018, I said that I thought it was unlikely that the PBoC would allow anonymous peer-to-peer transfers, so I was very surprised to see a Reuters report [6th September 2019] quoting Mu Changchun, deputy director of the PBoC’s payments department, saying about the proposed Chinese digital currency that “its ability to be used without an internet connection would also allow transactions to continue in situations in which communications have broken down, such as an earthquake”.

This would seem to mean that the system will allow offline transactions, which means that value can be transferred from one phone to another via local interfaces such as NFC or Bluetooth. If so, this would be truly radical. I wondered if something was mistranslated in the Reuter’s piece so I went to the source speech (albeit via Google Translate!) and I discovered that this is in fact precisely what he said. Talking about the project, which is called the DC/EP (digital currency and electronic payment) tool, he said that it is functionally “exactly the same as paper money, but it is just a digital form” and went on to confirm that

DC/EP can realize value transfer without an account. In the specific scenario, as long as there is a DC/EP digital wallet on the mobile phone, no network is needed, and as long as the two mobile phones touch each other, the transfer function can be realized… “Even Libra can’t do this,” Mu Changchun said”.

Wow. That’s huge. Libra can’t do it, and never will be able to. To understand why, note that there are basically two ways to transfer value between devices and keep the system secure against double-spending. You can do it in hardware (ie, Mondex or the Bank of Canada’s Mintchip) or you can do it in software. If you do it in software you either need a central databse (eg DigiCash) or a decentralised alternative (eg, blockchain). But if you use either of these, you need to be online. I don’t see how to get the offline functionality without hardware security.

If you do have hardware security and can go offline, then we are back to the question of fungibility again. Here the PBoCs principle is both clear and very surprising.

Mu Changchun said that the public has the need for anonymous payment, but today’s payment tools are closely tied to the traditional bank account system, can not meet the consumer’s anonymous payment needs, and can not completely replace the cash payment. The central bank’s digital currency can solve these problems. It can maintain the attributes and main value characteristics of cash and meet the demands of portability and anonymity.

Wow. They are serious. He goes on to say DC/EP will work the same way as banknotes.

Commercial banks open accounts at the central bank, paying 100% of the total amount, and individuals and businesses open digital wallets through commercial banks or commercial organizations. DC/EP is still replaced by M0 and is legally compensated. For users, just download an app to register, you can use a digital wallet, and recharge cash withdrawals need to dock traditional bank accounts.

I wonder if this will bring interoperability? If DC/EP is really to work as banknotes do then the e-RMB in my bank app and my Alipay app and my WeChat app much be interoperable. I must be able to transfer value from my Alipay app to your WeChat app. If PBoC crack that they will be on the way to one of the world’s most efficient electronic payment infrastructures.

There was a final part to the speech which I did not understand at all, so perhaps a Chinese correspondent more familiar with DC/EP can clarify the meaning. The speech covers “smart” “contract” by which I assume PBoC means apps that use the DC/EP to execute on the handset (since there is no blockchain), but this is my assumption.

Mu Changchun said on several occasions that the central bank’s digital currency can load smart contracts. However, if a smart contract that exceeds its monetary function is loaded, it will be degraded into a value-for-money ticket, reducing its usable level, which will adversely affect the internationalization of the RMB. Therefore, digital currencies will load smart contracts that favor the monetary function, but remain cautious about smart contracts that exceed the monetary function.

I am baffled by this, which I am sure reflects my ignorace of advanced electronic money technologies, but I don’t think that this deflects from my overall observation that if the PBoC goes ahead and launches a person-to-person offline capable CBDC then that will be not only a nail in the coffin of cash but an event as significant and momentous in monetary history as the paper notes of the Khan a millennium ago.

SCA and SSCA

We’re seeing a lot about strong customer authentication (SCA) at the moment because of the requirement of the Second Payment Services Directive (PSD2) that comes into force next week on Black Friday (Friday 13th September). That’s because there’s a lot of fraud online, it’s getting worse and the strong authentication of people (in this case, online customers) is seen as being a way to tackle it. PSD2 demands SCA, and this means that European banks and Payment Service Providers (PSPs) have had to up their game.

Strong authentication, in this context, means “two factor authentication” (2FA). What 2FA means is that you must present two “factors” to demonstrate you are who you say you are. The three factors you can choose from are something you have, something you are and something you know (or, in my case, something I had, something I was and something I’ve forgotten). When you buy something in a shop, for example, you present a credit card (something you have) and put in a PIN (something you know). When you enter the country, you present something you have (a passport) and show your face (something you are). SCA is already being implemented by the UK banks, although in an unpredictable manner. Some banks send a code via their mobile banking app, some send a text, some allow you to choose e-mail instead, some will call a landline and some require the use of a card-reader dongle-thingy. As far as I can tell, none of them use a common app such as Microsoft Authenticator.

I’m actually quite surprised to see that some of them are still using text messaging to send a “one time password” (OTP) to customers for authentication. It’s not because, as the British newspapers were quick to point out, people who can’t get a mobile signal or don’t own a mobile phone face, as The Guardian put, it being “frozen out of internet shopping as banks are increasingly insisting that online payments are verified by text”. This is indeed a valid concern, but what I find most disturbing about this report is that anyone is verifying online payments, or indeed any other important online transaction, by insisting that they are authenticated by text messages! With the explosion of “smishing” (ie, phishing attacks via SMS) and the daily tales of account takeover, bitcoin theft and payment fraud carried out via SMS, you really do have to wonder why text messaging is still being used in this context.

This is hardly a new issue. More than a decade ago I wrote about the comments of Charles Brookson, then the head of the GSMA security group who, when talking about the use of SMS for financial services, made the point that SMS has, to all intents and purposes, no security whatsoever. Structurally, it has always seemed to me to be irresponsible for financial institutions to rely for security on something that is not secure and over which they have no control. Given the prevalence of smart phones, you would think that SMS would be long gone, but it is only now that German banks, for example, are giving up on SMS OTP in response to the PSD2 requirements for SCA.

How will this SMS-less strong authentication be implemented? For payments it will be through the new version of the scheme’s “Three Domain Security” (3DS). 3DS version 2 introduces “frictionless authentication” and will be the main card authentication method used to deliver SCA in Europe. It works by allowing retailers and their PSP to send many more data elements with each transaction. These data elements – such as the shipping address, customer’s device identity and their transaction history – mean that the issuer can carry out more sophisticated risk management.to decide whether SCA is needed or not. In most cases, I would guess (since the issuers will use sophisticated risk management platforms with machine learning and all that sort of thing), no further authentication will be needed. But where it will be needed, Barclaycard (for example) can send a message to the Barclaycard app on my phone and ask me to authenticate myself.

(As it happens, Barclaycard have just sent me another “PINsentry” card reader together with an instructional pamphlet, so I will make every effort to use my Barclaycard online just so I can see how it works. Of course it means I’ll will have to carry the card reader and my Barclaycard around with me at all times in case I want to buy something online, but remember I do this so you don’t have to.)

Barclaycard PSD2 SCA 2FA

In my opinion, the best way forward now is through the bank apps themselves. Google found in their research on authentication for account recovery that whereas 2FA SMS stopped three-quarters of targeted attacks, in-app solutions stopped 90% (and 99% of bulk phishing attacks). It would be good if this approach was adopted across the board – not only for retail payments but for logging in to bank accounts, authorising transfers and everything else. But if customers get mixed up between expecting an e-mail or getting a text, seeing an in-app message sometimes but not other times, then fraudsters will be quick to exploit the situation. In which case (as I suspect) the introduction of strong authentication will actually leader to more fraud. We need both a better and more consistent approach to authentication for financial services. We need to standardise on the approach and the execution and the UX so that consumers can be confident that they are communicating with their bank or whoever.

Standard Strong Customer Authentication

My Consult Hyperion colleague Tim Richards recently set out this problem in a very clear way [The Paypers, 27th August 2019]. He asks us to imagine what would have happened if SCA had been mandated for face-to-face commerce but, as with PSD2, no technological solution was provided. In that case, instead of our EMV-standard chip and PIN payment system we would have had each bank creating its own solution. Then, as has happened online, every time a consumer went into a shop to buy something they would face a different authentication depending on their bank! Tim’s good advice is that regulators need to take a step back, “temporarily drop anti-competition laws and insist that banks come up with a minimum standard for SCA” to support growth in online commerce that is accompanied by real security because customers know what to expect and retailers aren’t disadvantaged by variable SCA experiences leading to cart abandonment.

He’s right, of course. And it terms of implementation it has long been clear that the best architecture for what I am now labelling Standard Strong Customer Authentication (or SSCA) is biometric authentication against a revocable token stored in tamper-resistant local storage. We all carry a device capable of implementing this design at a manageable cost: the mobile phone.

(As an aside, since the mobile phone operators control a standard item of tamper-resistant hardware in all phones — the SIM — why we are not all using a standard authentication from our mobile operators already is a mystery, but that’s a different point and I don’t want to get diverted by Mobile ID Connect here.)

This point is that with really strong authentication, your bank shouldn’t be sending you a text message or an e-mail or whatever, it should be using real cryptography to send a message to the bank app on your mobile phone. So, when you ty to buy something online with your Barclaycard your Barclaycard app pops up on your phone and asks you to authenticate.

If the bank (or anyone else) cannot reach the mobile app then there should be a standard fallback across all service providers which would probably be a voice call thus opening up the use of voice recognition and authentication. And if you are online buying something or transferring money to someone or closing an account and you can’t be reached via the mobile app or by a voice call well… then what are you doing buying things online in the first place?

Surely this is the most practical way forward now that the Financial Conduct Authority (FCA) has confirmed that it will not take enforcement action against businesses who do not implement SCA until March 2021, there is now some time to prepare a mobile-centric SSCA pathway for UK banks and businesses.

Margaret Attwood, Kenneth Rogoff and William Gibson (and me)

A few years ago I was involved in a series of Twitter exchanges about the relationship between cash and anonymity that stimulated me to write a blog post on that topic and that debate (see “It doesn’t have to be the handmaid’s tale” from September 2016). Some more recent exchanges on the same topic made me think about revisiting and revising that post and exploring some of the ideas in further in light of recent discussions (eg, Libra and central bank digital currencies).

The root of these debates is, of course, that many in the Bitcoin community see Bitcoin’s sort-of-anonymity as an important characteristic because it defends the individual against state power and they berate me for wanting to replace cash “in circulation” with a digital alternative. Cash, they claim, is freedom, and they are correct about this: as cash is uncensorable, you have the freedom to buy what ever you want with it.

So should we replace cash with an anonymous cryptocurrency or digital currency? There are many people who I greatly respect who think the former. For example, in his presentation on ’The Zero Lower Bound and Anonymity”, Kocherlakota tends toward some form of cryptocurrency to replace fiat currency rather than a central bank digital currency and one of the reasons for this is his (entirely reasonable) concern about anonymity. This point is illustrated by a literary reference to Margaret Attwood’s “Handmaid’s Tale”, in which a theocratic American government (the “Republic of Gilead”) has taken away many of the rights that women currently enjoy. One of the tools that this government uses to control women is a ban on cash. In Gilead, all transactions now routed digitally through the “Compubank”.

The Handmaid's Tale

It was many, many years since I’d read “The Handmaid’s Tale” so I went to my bookshelf to dig it out and re-read that part. The narrator does indeed talk about how the evil junta in charge of that future America took over and says that it would have been harder if there had still been paper money. But the truth is, I don’t see how. North Korea has everyone using paper money and virtually no cards. Denmark has virtually no paper money and everyone uses cards (and phones). To be frank, in the modern world, I don’t think cash is that closely related to dictatorship.

The point I wanted to make here, though, is that it is wrong to present the only two alternatives as total surveillance and anonymity. I simply do not accept that the alternative to the unconditional anonymity of cash and the crime that goes with it is a dystopian, totalitarian nightmare. That’s only one way to design a circulating medium of exchange and it’s not the way that I would design it. I would opt for something along the lines of a universal pseudonymous mechanism capable of supporting an arbitrary number of currencies, a Mondex de nos jours, an M-PESA with go-faster stripes. In a world where there are completely, unconditionally anonymous payment mechanisms in widespread use there’s no way to stop very bad people from using them to do very bad things, so I’d prefer a world in which there are pseudonymous mechanisms that defend against routine surveillance and petty intrusion but allow societies legitimate interests to protect against crime.

Does this mean that anonymous mechanisms should be banned? Probably not, for the good reason that it would be impossible to do so. More likely would be a situation shown in the diagram below where there is an anonymous layer that has a pseudonymous layer on top of it and a absonymous (I made this word up) on top of that. People, governments and businesses would use the pseudonymous layer for the majority of transactions: the anonymous money would be useless for almost all transactions for almost all people since no-one would accept it. I would love to give this kind of anonymous money the generic name zerocash, after the William Gibson novel (“Count Zero”) in which one of my all-time favourite quotes about the future of money appears, a quote that more accurately describes the foreseeable future of payments than anything from IBM or the IMF:

He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it.

(Unfortunately, someone else had already beaten me to the name! See E. Ben-Sasson, A. Chiesa, C. Garman, M. Green,I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin” in IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, pp.459–474 (2014). But I’ll stick to using the all lower-case zerocash to mean generic unconditionally anonymous electronic cash. The wallet that this electronic cash is stored in is an anonymous digital identity. It’s just a string of bits.)

Now, you could imagine some form of zerocash in circulation as a cash alternative but not accepted in polite society (i.e., any attempt to spend it would be regarded as prima facie evidence of money laundering and exchanges would be barred from handling it). Polite society instead decides to protect privacy through managed conditional anonymity, or pseudonymity. A pseudonymous currency that is managed by a central bank but where transactions take place on a distributed ledger is much more like “RSCoin”, the cryptocurrency that was proposed by George Danezis and Sarah Meiklejohn at UCL [Danzis, G. and S. Meiklejohn. “Centrally Banked Cryptocurrencies”, NDSS ’16, 21-24 February 2016, San Diego, CA, USA] using Ben Laurie’s “mintettes” concept. By creating a pseudonym that is bound to the zerocash digital identity, we make it useful (provided that the binding is done by someone who trusted in the relevant transactional use cases).

Why bind it in this way? Well, there is the usual privacy paradox to be dealt with here: I want my transactions to be anonymous, but everyone else’s to be not anonymous in case they turn out to be criminals. I cannot see any way round this other than pseudonymity. There are people out there (e.g., my colleagues at Consult Hyperion) that know how to design systems that work like this, so there’s nothing stop the FATF, Bank of England, or Barclays or anyone else from starting to design the future, privacy-enhancing electronic money system that we need.

In the real world, as the discussions around Facebook’s proposed “Libra” digital currency have shown, regulators will never allow zerocash. In fact, in the light of the recent FATF rules about identification for cryptocurrency transfers, they will not allow any form of transaction that does not provide full details of counterparties. They might, however, as I have suggested many times before, be prepared to allow some form of pseudonymous alternative provided that we can bind the pseudonym to real-world legal entity through trusted institutions.

Bank are of course a good place to form and maintain this binding, since they’ve already done the KYC and know who I am. So I give present my pseudonym to them and they can bind it to my “real” name to form a nym. In the example below, Barclays know who I really am, and I can present my Barclays nym where needed, but most transactions with counterparties take place at the pseudonymous layer and I can present my Vodafone pseudonym “Neuromancer” there if I want to. My counterparty doesn’t know that I am Dave Birch, only that Vodafone know who (and presumably, where) I am. For the overwhelming majority of day-to-day transactions, this is more than adequate. This layered approach (show below) seems to me a viable vision of a working infrastructure. Few transactions in the top layer (for privacy), most transactions in the middle layer, few transactions at the lower layer.

Layered model of cryptomarkets

So in this made-up example, Barclays know my “real” identity and Vodafone knows a persistent pseudonym tied to my phone number. (Of course, I could go to Barclays and choose to bind my Vodafone identity to my Barclays identity, but we don’t need to think about this sort of thing here.) I’m going to reflect on how these bindings might work in practice more in the future, but for now I want to circle back to that opening concern about losing the anonymity of cash. Here’s another version of that meme that I read in Reason magazine (“Cash means freedom”) a while back: “Cash—the familiar, anonymous paper money and metallic coins that most of us grew up using—isn’t just convenient, it’s also a powerful shield for our autonomy and our privacy”

But it really isn’t. Your privacy is being taken away because of social media, people wearing cam-shades and ubiquitous drones, not because of debit cards. And none of this has anything to do with dictatorship. I wouldn’t want to live in the America of the “The Handmaid’s Tale” whether it had anonymous payments or not. I understand the concerns of those concerned with privacy (as I am) that there might be an inevitable tendency for a government to want to trespass on the pseudonymous infrastructure in the name of money laundering or terrorism, but that’s a problem that needs to be dealt with by society, not by technology.

Look, I think we should start to consigning cash to the dustbin of history, beginning with the $100 bill, the £50 note and that affront to law-abiding people everywhere, the Swiss 1,000 franc note. There are an increasing number of people coming around to my way of thinking, including the former chief economist to the International Monetary Fund (IMF) Kenneth Rogoff, who in his book “The Curse of Cash” argued that large value banknotes should be withdrawn not only because of their use in criminal endeavours but because they prevent central banks from using their full range of monetary policy tools. If we are going to start getting rid of cash though, we need to come up with alternatives the provide levels of privacy and security determined by society as a whole, not by a few engineers.

Libra and Calibra… Tired: KYC. Wired: KYZ.

As Ed Conway noted in The Times recently, Mark Zuckerberg once observed that “in a lot of ways, Facebook is more like a government than a traditional company”. Indeed it is. And in fact it just got a lot more like a government. Companies have loyalty points, but governments have currencies, which are like loyalty points but with standing armies. You can hardly have failed to notice that Mr. Zuckerberg’s highly successful advertising company Facebook is now planning to have a currency of its own. 

The currency is called Libra and the media has been full of commentary about it the new blockchain that will support it (created by the Libra Network) and the new wallets that it will be stored in (created by Calibra, a Facebook subsidiary). Whatever you think about Facebook, or social media in general, or Bitcoin and its ilk, there’s no getting around that this is a big deal and it was unsurprising that it attracted such wide media coverage.

Now, putting to one side whether it is a currency or not or a blockchain or not (Central Banking magazine said that it’s “neither a true currency nor bearing all the hallmarks of a typical crypto asset, Libra will run on a system similar to a blockchain”) and actually I kind of agree with the economist Taylor Nelms that “the crypto angle does seem like a sideshow”,  the fact that it exists is nonetheless rather interesting, although not necessarily for reasons that are anything to do with money although it is a payment system of a potentially large scale, as I will explain later.

What is the purpose of this new payment system though? Libra says that hope to offer services such as “paying bills with the push of a button, buying a cup of coffee with the scan of a code or riding your local public transit without needing to carry cash or a metro pass”. But as numerous internet commentators have pointed out, if you live in London or Nairobi or Beijing or Sydney you can already do all of these things. It’s only in San Francisco where such things appear to be special effects from Bladerunner, an incredible vision of a future where people don’t write cheques to pay their rent and can ride the bus without a pocket full of quarters.

Nevertheless, I’ve written before that a Facebook payment system would be beneficial and I stand by that. The ability to send money around on the internet is clearly useful and there are all sorts of new products and services that it might support. A currency, however, has more far reaching implications. As the brilliant J.P. Koenig points out, Libra is more than a means of exchange. The Libra “will be similar to other unit of account baskets like the IMF’s special drawing right (SDR), the Asian Monetary Unit (AMU), or the European Currency Unit (ECU), the predecessor to the euro” in that it is a kind of currency board where each of  units is a “cocktail” of other currency units. This should, unlike Bitcoin, provide a reasonably stable currency for international trade.

This has significant implications. What if, for example, the inhabitants of some countries abandon their failing inflationary fiat currency and begin to use Libra instead? The ability of central banks to manage the economy would then surely be subverted and this must have political implication. This has not gone unnoticed by the people who understand such things, an example being Mark Carney, quoted in the Financial Times saying that if Libra does become successful then “it would instantly become systemic and will have to be subject to the highest standards of regulation”. Unsurprisingly,  both the international Financial Stability Board and the UK’s Financial Conduct Authority have said they will not allow the world’s largest social network to launch its planned digital currency without “close scrutiny“.

Yes, But…

So there are all kinds of reasons to be sceptical about whether Libra will ever launch and whether it will reach any of the goals set out by its founders. And yet…

There’s something interesting in Libra. I’ve long written about the inevitability of new technology being used for new payments systems that will in turn be used to create new forms of money. More than two decades ago I wrote about the advent of private currencies and I covered the nature of corporate currencies more recently (and in some detail) in my book “Before Babylon, Beyond Bitcoin”.

(Although I have to note than in my “5Cs” taxonomy of the future of money, I would classify Libra as a community currency rather than a corporate currency, but that’s not the point of this discussion.)

Now, using the model that I set out in the book to help general business readers understand what the likely trajectory of digital assets will be, I look at the two institutional bindings needed to turn the cryptographic level o. These are the binding of values on the ledger to real-world assets and the binding of the wallets to real-word entities.

Digital and Crypto Layers Revised Colour Pic

 

The binding of a wallet address to an actual person is difficult and costly. Here’s what Calibra say about it: “Calibra will ensure compliance with AML/CFT requirements and best practices when it comes to
identifying Calibra customers (know your customer [KYC] requirements) by taking the following steps

  • Require ID verification (documentary and non-documentary).

  • Conduct due diligence on customers commensurate with their risk profile.

  • Apply the latest technologies and techniques, such as machine learning, to enhance our KYC and
    AML/CFT program.

  • Report suspicious activity to designated jurisdictional authorities.”

I thought it was worth reproducing this in full.  So if  we put together what the Libra white paper says with what Calibra say about their wallet, you get this specific version of the model from my book. I think it describes the overall proposition quite well.

Digital and Crypto Layers in Colour with Libra pic

All well and good. Now, while I was reading through the Libra description, I didn’t find anything remarkable. Until the last part. On page nine of the Libra white paper, just at the very end, I notice that “an additional goal of the association is to develop and promote an open identity standard. We believe that a decentralized and portable digital identity is a prerequisite to financial inclusion and competition”.

Well, well. An “open identity standard”.

Identity is at the heart of the proposition, if you ask me. One one first questions that Congress had for the Libra hearing with David Marcus was “how parties will ensure that the user or beneficial owner of a currency or wallet is accurately identified”. Now, you can’t know who the beneficial owner of the currency is any more than you can know who the beneficial owner of a $100 bill is, but you can know who the owner of a wallet is. This question has already been answered, by the way. Kevin Weil, Facebook’s VP of product for Calibra was clear that users will  have to “submit government-issued ID to buy Libra” as you would expect. People without IDs will still be able to buy Libra through third-party vendors, of course, but that’s a different point.

Put a pin in “government-issued ID” as we’ll come back to it later.

Its clear that the wallet addresses in a transaction (as shown in my diagram above), a timestamp and the transaction amount will be public because they are on a shared ledger, but as Facebook have made clear, any KYC/AML (ie, the binding shown in my diagram above) will be stored by the wallet providers, including Calibra. Since, as David Marcus has repeatedly pointed out, Libra is open and anyone will be able to connect to the network and create a wallet, there could be many, many wallets. But you’d have to suspect that Facebook’s own Calibra will be in pole position in the race for population scale. Hence Calibra’s approach to identity is really, really, important.

Now, if Calibra provides a standard way to convert a variety of government-issued IDs into a standard, interoperable ID then that will be of great value. Lots of other people (eg, banks) may well want to use the same standard. In the UK, for example, this would be a way to deliver the new Digital Identity Unit (DIU) goal set out by the Minister for Implementation, Oliver Dowden, of one login for your bank and your pension. But it isn’t only the ID that needs interoperability, it’s the credentials that go with it. This is how your build a reputation economy. Your Calibra wallet can store your IS_OVER_18 credential, your Uber rating and your airline loyalty card in such a way as to make them useful. Now, if you want to register for a dating side, you can log in using Calibra and it will automatically either present the relevant credential or tell you how to get it from a Libra partner (eg, MasterCard).

It seems to me that this may, in time, turn out to be the most important aspect of the “Facebucks” (as I cannot resist calling it) initiative. What if a Calibra wallet turns out to be a crucial asset for many of the world’s population not because it contains money but because it contains identity?

Government Issue

Now back to that idea of a government-issued ID. One of the other things that governments do is issue a passports as a form of formal identity. If I obtain a Calibra wallet by presenting my passport, that’s fine. But suppose I live in a developing country and I have no passport or formal ID of any kind?

Well I think Facebook can make a good argument that your Facebook profile is a more than adequate substitute, especially for the purposes of law enforcement. After all, Facebook knows who I message, my WhatsApp address book, who I hang out with, where I go… Facebook can tell real profiles from fake and they kill off fake “identities” all the time. My guess is that if you have had a Facebook profile for (let’s say) a year, then that identity is more than good enough to be able to open an account to hold Libra up to $10,000 or so and, frankly, it’s beneficial for society as a whole to get those transactions on to an immutable shared ledger.

Frankly, in large part of the world Know-Your-Customer (KYC) could be replaced by Known-bY-Zuck (KYZ) to the great benefit of society as a whole.

Digital identity in the UK – Will big banks or big techs deliver it?

The opening keynote at this year’s London Identity Week was given by Oliver Dowden, the Minister for Implementation at the Cabinet Office. Mr. Dowden is the Minister in charge of the digital transformation of government. To people like me, digital identity is central to digital transformation of government (and the digital transformation of everything else, for that matter) so I was looking forward to hearing the UK government’s vision for digital identity.  In his keynote, the Minister said that the UK is seen as being at the cutting edge of digital identity and that GOV.UK Verify is at the heart of that success. 

(On 9th October 2016, Mr. Dowden gave written statement HCWS978 to Parliament, announcing that the government was going to stop funding GOV.UK Verify after 18 months with the private sector responsible for funding after that.)

Right now you can’t use a GOV.UK Verify identity provider to log into your bank or any other private sector service provider. But in his speech the Minister said that he looks forward to a time when people can use a single login to “access their state pension and the savings account”. This, in my opinion, is quite distinct from the single identifier that the Parliamentary Select Committee on Science and Technology called for in their report this week. The Right Honourable Norman Lamb MP, Chair of the Committee, observing that “the current digital service offered by the Government has lost momentum” called for the introduction of a single unique identifier for access to public services.

 

I have to say that I sort of agree with the Science and Technology Committee on the efficient delivery of public services as well as what the Minister said about a single login across both public and private services. Obviously you’d want the same login scheme but a different persona (an identifier plus credentials) for pensions, pornography and other purchases, but that’s a another issue and not the focus on this discussion.

Identity Week Minister

Back to the Minister’s point though. Yes, it would be nice to have some sort of ID app on my phone (I happen to sit on the advisory board of Biid, who provide just such an app) and it would be great if my bank and Her Majesty’s Revenue and Customs (HMRC) and Woking Council and LinkedIn would all let me log in with this ID. The interesting question is who will provide such a login given that the government does not seem able to. Put a pin in that and we’ll return to it later. Meanwhile, back to the Minister, who made three substantive points in his speech. He talked about:

  • The creation of a new Digital Identity Unit, which is a collaboration between DCMS and Cabinet Office. The Unit will help foster co-operation between the public and private sector, ensure the adoption of interoperable standards, specification and schemes, and deliver on the outcome of the consultation.

  • A consultation to be issued in the coming weeks on how to deliver the effective organisation of the digital identity market. Through this consultation the government will work with industry, particularly with sectors who have frequent user identity interactions, to ensure interoperable ‘rules of the road’ for identity. To me, this sounds like a call for a trust framework of some kind but the Minister did not use those words.

  • The start of engagement on the commercial framework for consuming digital identities from the private sector for the period from April 2020 to ensure the continued delivery of public services. The Government Digital Service will continue to ensure alignment of commercial models that are adopted by the developing identity market to build a flourishing ecosystem that delivers value for everyone.

The Minister had a tight schedule was therefore unable to stay for my subsequent speech. I suggested that the idea of a general-purpose digital identity might be ambitious and a preferable strategy might be to look at who else could deliver the “digital identities from the private sector” used for the delivery of public services, which means delivering inclusive identity services with appropriate security at population scale. Perhaps DCMS has ensured that the UK taken a lead in this respect since, according to Sky News, “thanks to its ill-conceived porn block, the government has quietly blundered into the creation of a digital passport – then outsourced its development to private firms”. One of these firms runs the world’s largest pornography site, Pornhub, so I imagine they know a thing or two about population-scale identity management.

Identity Week Keynote

Assuming that the GOV.UK Verify identities fail to gain traction in the private sector, then I think there are two obvious private sector coalitions that might step in to do this for the government: the big banks and the big techs.

Big Banks

For a variety of reasons, I hope that the big banks are able to come together to  respond to the comments of Mark Carney, the Governor of the Bank of England, on the necessity for a digital identity in the finance sector to work with the banks to develop some sort of financial services passport. I made some practical suggestions about this earlier in the year and have continued to discuss the concept with potential stakeholders. I think it stacks up, but we’ll have to see how things develop. 

The reason why I’m so keen on this approach is that banks already do the hard work of establishing customer identities for know-your-customer (KYC) purposes but they don’t then do anything with it. So identity is a cost centre, when there is an opportunity for it to be a platform for new products and services. I’m not the only person who thought that the DCMS age verification legislation would be the trigger for a sophisticated federated privacy-enhancing bank-centric ID.

Modifications to open banking could allow bank customers to share data on their identity and their date of birth with third parties in a double-blind way that stops their bank from knowing the site they want to visit, or the site they’re visiting from knowing their identity.

From Don’t let the government’s porn block create a monopoly – 1828.

Well, whether it’s used for age verification or a pensions dashboard, I would have thought that what the European Commission Expert Group on Electronic Identification and Remote KYC Processes calls an “attribute-based LoA-rated KYC framework for the financial sector (ie, a financial services passport) would make a perfect post-Brexit stake-in-the-ground initiative to define the new era by boosting efficiency in the crucial Big Bank sector as well as providing a platform for new products and services for the Big Techs to develop. Talking of which…

Big Techs

I had the good fortune to attend more recent breakfast session with the Minister organised by the Cicero PR people. I have to say that the subject of digital identity came up more than once. There was considerable discussion (under the Chatham House rule) of both the priority of a UK digital identity infrastructure and the means by which it might come into existence. While I voiced my usual opinion that it should be the banks taking the lead, there were other people talking about alternative private sector providers.

It is clear, then, that if the banks can’t get it together then the big techs will  come knocking on the government’s door. I’ll readily admit that when the Minister said “private sector identities” in his speech, the first thought to flash across my brain was “Apple”. The public,  as well has civil servants in other departments who don’t really know or care about digital ID might be saying to themselves, “why can’t we just use ‘sign in with Apple’ to do our taxes?”, and this is a good point. Even if they are not saying it right now, they’ll be saying it soon as they get used to Apple’s mandate that all iOS apps that allow third-party sign-in must support it.

How would you use your Apple ID to log into HMRC? Easy: you log in as you do now after sending off for the password and waiting for it to come in the post and that sort of thing and then once you are connected tell them the Apple ID that you want to use in the future. If you want to be “jackdaniels@me.com” or whatever, it doesn’t matter. It’s just an identifier for the Revenue to recognise you. Then next time you go to log in to the Revenue, you log in as jackdaniels@me.com, something pops up on your iPhone and you put your thumb on it or look at it, and bingo you are logged in to fill out your PAYE without ever having to remember your taxpayer ID or government gateway passport ever again.

 

Incidentally, you could use this to log in at Pornhub too, because Apple have implemented a form of the persistent pseudonymity that I have long advocated as the core of a practical “privacy settlement”. So, as Wired magazine puts it, Apple’s universal login will let you hide your email address from third-party services. Unlike Facebook, Google and other services, Apple will randomly generate an email address on your behalf, and it then forward communications from the services that you sign up to on to your actual Apple ID address. I’m not joking about Apple delivering an infrastructure for the mass market instead of the government, it’s just that I thought that our forward-thinking innovation-centric banks would be the people to build on it. A couple of years ago I asked “Why doesn’t my bank put a token in my Apple Pay that doesn’t disclose my name or any other personal information… Keep my real identity safe in the vault, give me blank card to top shopping with”

The banks have a chance to to do this if the government, the Bank of England and industry bodies get together and work with them on it. But I wouldn’t be at all surprised to go over to the HMRC web site fairly soon to see “log in with Amazon” and “log in with Apple” next a button with some incomprehensible waffle about eIDAS that I, and most other normal consumers I’m sure, will simply ignore.

Follow the e-money

A couple of years ago I remember going to see ComplyAdvantage to make a podcast with them. I thought the new category of regtech was interesting and that the potential for new technologies in that space (eg, machine learning) was significant, so I went of off to learn some more about and talk to a few organisations to test some hypotheses. I remember thinking at the time that they were good guys and on a good trajectory and it looks as if my opinion was well-founded (they are doubling in size this year).

Anyway, I was thinking about them because they recently sent me a new white paper “A New Dawn for Compliance” (which notes that an estimated $2 trillion is laundered globally every year and only 1-3% of these funds are identified and possibly stopped) and it nicely encapsulated something that has been touched on in a fair few conversations recently: there’s no way to hire ourselves out of the compliance mess we’re in. Even if financial services and other businesses had infinite compliance budgets, which they most certainly do not, it’s simply not feasible to hire enough people to keep up. Even if there were infinite people with expertise in the space, which there most certainly is not, bringing them on board is too time-consuming, too expensive and too inflexible to create a compliance infrastructure that can respond the new environment.

Technology is the only way out of this.

Using technology to automate the current procedures is, as always, only a small part of the solution. The UK Financial Intelligence Unit (UKFIU) receives more than 460,000 suspicious activity reports (SARs) every year (according to the National Crime Agency), yet fraud continues to rise.

Moreover as Rob Wainwright (head of Europol) pointed out last year, European banks are spending some €20 billion per annum on CDD with very limited results. In fact, he said  specifically that  “professional money launderers — and we have identified 400 at the top, top level in Europe — are running billions of illegal drug and other criminal profits through the banking system with a 99 percent success rate”. This is not even a Red Queen’s Race, it’s a Formula 1 of crime where the bad guys are ahead and we can’t overtake them.

The Fifth Anti-Money  Laundering Directive (AMLDV) which comes into force in 2020 will, I predict, do nothing to change this criminal calculus. AMLDV will cost organisations substantially more than its predecessors and these costs are out of control. According to a 2017 whitepaper written by my colleagues at Consult Hyperion, KYC processes currently cost the average bank $60m (€52.9m) annually, with some larger institutions spending up to $500m (€440.7m) every year on KYC and associated customer due diligence (CDD) compliance. In the AMLDV era we will look back with nostalgia to the time when the cost of compliance were so limited.

It’s time for a rethink.

We need to re-engineer regulators and compliance to stop implementing know-your-customer, anti-money laundering, counter-terrorist financing and the tracking of politcally-exposed persons (let’s lump these all together for the sake off convenience as Customer Due Diligence, or CDD) by building electronic analogues of passport and suspicious transaction reports and so on. In a world of machine learning and artificial intelligence, we need to invert the paradigm: instead of using CDD to keep the bad guys out of the system, we should bring the bad guys into the system and then use artificial intelligence and pattern recognition and analytics to find out what the bad guys are doing and then catch them!

Surely, from a law enforcement point of view, it’s better to know what the bad guys are up to? Following their money should mean that it is easier to detect and infiltrate criminal networks and generate information that the law enforcement community can use to actually do something about the flow of criminal funds. In any other financial services business, a success rate of 1% would call into the question the strategy and the management of the business

Posh and Blocks

While flicking through British Vogue magazine for some moisturising tips, I came across a mention of digital identity! I was surprised and delighted that (just as has happened another of my obsessions, Dungeons and Dragons) what was once the province of nerds and outsiders has become fashionable and cool. Hurrah! Vogue says that secure digital identities for luxury goods are crucial, which is great! I could not agree more. Digital identities are not only for people! I have been writing about the need for digital identities for things for many years, and not only for high fashion (a field where, oddly, I have some experience in the use of NFC applications. On mobile phones to scan designer clothes – but that’s another story).

LFW

 

Some years ago I asked if “the blockchain” (put to one side what this might mean for a moment) might be a way to tackle the issue of “ID for the Internet of Things” (#IDIoT). I said at the the time that I had a suspicion that despite some of the nonsense going on, there might be something there. My reason for thinking that is that there is a relationship between blockchain technology and IoT technology, because we need a means to ensure that virtual representations of things in the mundane cannot be duplicated in the virtual. As I saw it, there were three ways to do this: a database, tamper-resistant hardware or blockchain.

If we look at the database idea first, I explored this more than a decade ago using the example of luxury goods such as watches and asking how would you tell a fake Rolex from a real one. It’s a much more complicated problem than it seems at first. For example: why would Rolex care? I can’t afford a Rolex, so if I buy one at a car boot sale or in China, Rolex isn’t losing a sale. But by wearing the fake, I’m presumably advertising the desirability of a Rolex. So surely they should be happy that people want to wear fakes or not? And if I did have a real Rolex, would I want to wear it in dangerous places where expensive watches get stolen in broad daylight by muggers (eg, London, London or London) or where I might just lose it?

Anyway, regardless of the reasons for it, let’s think about how to tell the real thing from the fake thing using technology. Suppose RFID is used to implement Electronic Product Codes (EPCs) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to point my Bluetooth EPC-reading pen at it and read the EPC, which is just a number. My mobile phone can decode the number and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. I could go onto the Gucci-lovers website and find out that product 999 is a particular kind of handbag, but nothing more: I may know that the tag is ‘valid’, but that doesn’t tell much about the bag. For all I know, a bunch tags might have been taken off of real products and attached to fake products.

To know if something is real or not, I need more data. If I wanted to know if the handbag were real or fake, then I would need to obtain its provenance as well as its product details. The provenance might be distributed quite widely. The retailer’s database would know from which distributor the bag came; the distributor’s database would know from which factory the bag came and Gucci’s database should know all of this. I would need access to these data to get the data I would need to decide whether the bag is real or fake.

This is a critical point. The key to all of this is not the product itself but the provenance. A database of provenance (for example) is the core of a system to tell real from fake at scale.

Who should control this database, and who should have access to it, is rather complicated. Even if I could read some identifier from the product, why would the retailer, the distributor or Gucci tell me any about the provenance? How would they know whether I were a retailer, one of their best customers, one of their own ‘brand police’, a counterfeiter (who would love to know which tags are in which shops and so on) or a law enforcement officer with a warrant?

This is where the need for a digital identity comes into the picture. A Gucci brand policeman might have a Bluetooth pen tag reader connected to a mobile. They could then point the pen at a bag and fire off a query: the query would have a digital signature attached (from the SIM or SE) and the Gucci savant could check that signature before processing the query. Gucci could then send a digitally signed and encrypted query to the distributor’s savant which would then send back a digitally signed and encrypted response to be passed back to the brand policeman: ‘No we’ve never heard of this bag’ or ‘We shipped this bag to retailer X on this date’ or ‘We’ve just been queried on this bag in Australia’ or something similar.

The central security issue for brand protection is therefore the protection of (and access to) the provenance data, and this needs a digital identity infrastructure to work properly. If it adds £20 to the price of a Rolex to implement this infrastructure, so what? The kind of people who pay £5,000 for a Rolex wouldn’t hesitate to pay £5,020 for a Rolex that can prove that it is real.

A small brand premium might be rather popular with people who like brands. Imagine the horror of being the host of a dinner party when one of the guests glances at their phone and says “you know those jeans aren’t real Gucci, don’t you?”. Wouldn’t you pay £20 for the satisfaction of knowing that your snooping guest’s Bluetooth pen is steadfastly attesting to all concerned that your Marlboro, Paracetamol and Police sunglasses are all real? Of course you would.

For some goods, we might want to add tamper resistant hardware to the product. I have long been interested in the use of low-cost RFID chips in this context. An example I looked at some years ago was the problem in Korea with the production of counterfeit whiskey. The authentic whiskey producers decided to add an RFID chip to the bottle caps. This chip was coded with a URL and an identifier. When a customer, or a shopkeeper, or a policeman, or in fact anyone else wants to check whether the whiskey is real or not, they touch the cap with their phone and the URL launches a web site that knows the provenance of the identifier and can tell you when and where it was bottled as well as some other information. When a customer opens the bottle, the tag is broken and can no longer be read. That seems to be a cost-effective solution, although it again relies on the provenance database to make it work (otherwise the counterfeiters would just find a way steal the chips).

The mass market IoT, however, amplifier that problem of permission. I have always tried to illustrate this for people in a fun way by using the case study of underwear. It’s one thing for dinner guests to scan my wine bottle to see that it is a real Romanée-Conti and another for them to scan my Rolex to check that it is indeed a first-class far-eastern knock-off, but it’s quite another for them to be able scan my underpants and determine that they date from 1983. How do we turn tags on and off? How do we grant and revoke privileges? How do we allow or deny requests for product or provenance? Once again, we must conclude that not simply digital identity but a full digital infrastructure is needed.

The third approach that I thought worth exploring was that of some form of blockchain. It seemed to me that by using the blockchain to maintain uniqueness, we might find a way to make the IoT a transactional environment. Just as you can’t copy the physical object, but you can transfer it from one owner to another, so you can’t copy a token on a shared ledger, only transfer it from one owner to another. Thus, if you can bind a token to a physical object, you can greatly reduce the cost of managing that object. Hence I was rather interested to read in that Vogue article that Luis Vuitton, Microsoft and Consensus have developed a platform called “Aura” to manage provenance to provide proof of origin and prevent counterfeits using a blockchain. The basic idea is to represent luxury goods as ERC-721 tokens on a private permissioned Quorum blockchain.

Obviously, I don’t have any details about how this will actually work, but LVMH seem to imply that at the time of purchase of one of their brands’ product, the customer can use the brand’s application to receive an “AURA certificate” containing all product information. I assume that if you sell your handbag (or whatever) to a charity shop, you can transfer the certificate to the charity shop’s application. Underlying all of this, there is the token on the blockchain moving from the retailer’s wallet, to your wallet, to the charity shop wallet.

If this works, and it’s simple and convenient for consumers, some sort of app presumably, it will generate an amazing amount of valuable data for brand owners. They will know exactly who has their stuff and how much of it they’ve got. If the app records “fails” as well, then they’ll also know who has the knock-offs too.

Real fakes and fake fakes

My good friend Chris Skinner pointed me at a story about counterfeit art. The art in question, a “Picasso”, is apparently the work of a counterfeiter called Davd Henty. According to The Daily Telegraph, after being exposed as a forger a few years ago, “the publicity led to him being feted on television programmes and his copies – marked clearly as ‘Henty’s’ – now sell for £5,000 and upwards”. This reminded me of something I wrote a decade ago after a visit to Halifax, where I saw an interesting use case for RFID chips that were being bonded into the canvas used for painting. So here’s a picture of such a picture (and me).

RFID_Picture

This caught my eye all those years ago and it’s worth showing it again, because it’s a fascinating case study of using RFID in the real/counterfeit problem space. It’s not just about what’s real and what’s fake.  The picture I am looking at here was painted by John Myatt. If you don’t recognise the name… well, his story  is introduced in The Daily Telegraph this way: “From talented chart-topping songwriter, to Brixton prison for being involved in ‘the biggest art fraud of the 20th century’, John Myatt’s incredible life is now the subject of a Hollywood movie and his artistic talent the focus of a major TV series”.

Interesting guy. Take a look at his “genuine fakes”.

The reason Mr Myatt can make a good living doing genuine fake art, as noted in the Financial Times, is his notoriety as a master forger, which resulted in a six-month prison sentence in 1995. The picture I am looking at has RFID tags bonded to it, but in this case the purpose of the tags is to prove not only that the picture is a fake, rather than real, but that it’s a John Myatt fake and not someone else’s fake. So, basically, the idea is to use a combination of primary and secondary identification technologies to connect product and provenance in such a way as to prove that the picture is a real fake, if you see what I mean. Great stuff.

So if we are going to use technology to create a new identity infrastructure that works for things as well as people, it must not only distinguish real from fake, but fake from fake!

Talking about real fakes, rather than fake fakes, I have an important one at home. I got it after reading about a donation of drawings to Yad Vashem, Israel’s holocaust memorial. The drawings are of the men who worked in the once-secret Nazi operation to produce fake money, a story told in the brilliant film “The Counterfeiters”, which won the 2007 Oscar for best foreign film. It is the true story of Operation Bernhard, which was the Nazi plan to devastate the British economy. The idea, conceived at the very start of the Second World War, was to drop the worthless banknotes over England, thus causing economic instability, inflation and recession. Remember, in 1939 the German people had very recent memory of worthless paper currency devastating the economy, as is well chronicled in Adam Fergusson’s book “When Money Dies”.

The film is based on a memoir written by Adolf Burger, a Jewish Slovak typographer who was imprisoned in 1942 for forging baptismal certificates to save Jews from deportation. The Nazis took Burger and more than a hundred other Jews from a variety of trades—printing, engraving and at least one convicted master counterfeiter, Salomon Smolianoff—and moved them from different death camps to a special unit: “Block 19” in Sachsenhausen concentration camp. There they set about forging first the British and then the American currency. In the end, the prisoners forged around Sterling 132 million, which is about four billion quid in today’s prices.

The Nazis were never able to put their plot into operation. At the end of the war, they packed up all the printers’ plates and counterfeit bills into crates which they dumped into Lake Toplitz in Austria, from which they were subsequently retrieved. Some of the counterfeit notes went to the purchase of war materiel for the nascent Israeli army, some went to collectors. I bought an authenticated Operation Berhard counterfeit “white fiver” from a banknote collector and that is how I came to have a real fake on my wall at home.

Innovation in blockchain innovation

A couple of years ago, I was invited along to the Scottish Blockchain Conference (ScotChain17). I have to say that it was a really enjoyable, well-organised and interesting day out in Edinburgh. Here I am in one of the panel discussions.

Scotchain panel

At this excellent event, I gave a talk about the use of blockchain in supply chains. Professor Angela Walsh kindly commented on my presentation, saying that it had her crying with laughter while learning a lot, a compliment that I treasure. The content was summarised thus by a keen observer…  “The point,” said Birch, “is that people are talking absolute bollocks about blockchain, on an industrial level”. If you at all interested, the talk was filmed and you can see it here:

 

Well, my comments on ideas of using the blockchain to solve supply chain problems being somewhat misguided may have seemed a trifle harsh at the time, but as far as I can tell they were a broadly correct characterisation of the state of the industry and a broadly accurate prediction of the sector’s trajectory. Two years on, I just read that the noted research house Gartner says that nine in ten blockchain-based supply chain projects are “faltering” because they cannot figure out important (or, in my opinion, any) uses for the new technology.

Hence I feel that my somewhat uncharitable remarks were justified and my blockchain crystal ball remains intact, its reputation enhanced. 

My reason for highlighting this Caledonian chronicle, and subsequent validation, is to point you to my forthcoming talk at Vincent Everts’ super Blockchain Innovation conference in Amsterdam. If you are going to the excellent Money2020 in Amsterdam that week – where I will be chairing the Open Banking track – stick around and join me at the ABN Amro headquarters on June 7th for a wide perspective on the state of the blockchain world.

I’ll be making a presentation on the intersection of blockchain and artificial intelligence. This is a space where I have observed an avalanche of absolute bollocks, so I’m going to stick my neck out and make a (well-informed) prediction about the key impact of AI on the blockchain world. It has nothing to do with supply chains, but I think has more significance and will mean big changes in the blockchain ecosystem.

I think have some solid foundations for making this prediction, so come along to cheer or jeer and I’ll be delighted to see you there either way.