Posh and Blocks

While flicking through British Vogue magazine for some moisturising tips, I came across a mention of digital identity! I was surprised and delighted that (just as has happened another of my obsessions, Dungeons and Dragons) what was once the province of nerds and outsiders has become fashionable and cool. Hurrah! Vogue says that secure digital identities for luxury goods are crucial, which is great! I could not agree more. Digital identities are not only for people! I have been writing about the need for digital identities for things for many years, and not only for high fashion (a field where, oddly, I have some experience in the use of NFC applications. On mobile phones to scan designer clothes – but that’s another story).

LFW

 

Some years ago I asked if “the blockchain” (put to one side what this might mean for a moment) might be a way to tackle the issue of “ID for the Internet of Things” (#IDIoT). I said at the the time that I had a suspicion that despite some of the nonsense going on, there might be something there. My reason for thinking that is that there is a relationship between blockchain technology and IoT technology, because we need a means to ensure that virtual representations of things in the mundane cannot be duplicated in the virtual. As I saw it, there were three ways to do this: a database, tamper-resistant hardware or blockchain.

If we look at the database idea first, I explored this more than a decade ago using the example of luxury goods such as watches and asking how would you tell a fake Rolex from a real one. It’s a much more complicated problem than it seems at first. For example: why would Rolex care? I can’t afford a Rolex, so if I buy one at a car boot sale or in China, Rolex isn’t losing a sale. But by wearing the fake, I’m presumably advertising the desirability of a Rolex. So surely they should be happy that people want to wear fakes or not? And if I did have a real Rolex, would I want to wear it in dangerous places where expensive watches get stolen in broad daylight by muggers (eg, London, London or London) or where I might just lose it?

Anyway, regardless of the reasons for it, let’s think about how to tell the real thing from the fake thing using technology. Suppose RFID is used to implement Electronic Product Codes (EPCs) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to point my Bluetooth EPC-reading pen at it and read the EPC, which is just a number. My mobile phone can decode the number and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. I could go onto the Gucci-lovers website and find out that product 999 is a particular kind of handbag, but nothing more: I may know that the tag is ‘valid’, but that doesn’t tell much about the bag. For all I know, a bunch tags might have been taken off of real products and attached to fake products.

To know if something is real or not, I need more data. If I wanted to know if the handbag were real or fake, then I would need to obtain its provenance as well as its product details. The provenance might be distributed quite widely. The retailer’s database would know from which distributor the bag came; the distributor’s database would know from which factory the bag came and Gucci’s database should know all of this. I would need access to these data to get the data I would need to decide whether the bag is real or fake.

This is a critical point. The key to all of this is not the product itself but the provenance. A database of provenance (for example) is the core of a system to tell real from fake at scale.

Who should control this database, and who should have access to it, is rather complicated. Even if I could read some identifier from the product, why would the retailer, the distributor or Gucci tell me any about the provenance? How would they know whether I were a retailer, one of their best customers, one of their own ‘brand police’, a counterfeiter (who would love to know which tags are in which shops and so on) or a law enforcement officer with a warrant?

This is where the need for a digital identity comes into the picture. A Gucci brand policeman might have a Bluetooth pen tag reader connected to a mobile. They could then point the pen at a bag and fire off a query: the query would have a digital signature attached (from the SIM or SE) and the Gucci savant could check that signature before processing the query. Gucci could then send a digitally signed and encrypted query to the distributor’s savant which would then send back a digitally signed and encrypted response to be passed back to the brand policeman: ‘No we’ve never heard of this bag’ or ‘We shipped this bag to retailer X on this date’ or ‘We’ve just been queried on this bag in Australia’ or something similar.

The central security issue for brand protection is therefore the protection of (and access to) the provenance data, and this needs a digital identity infrastructure to work properly. If it adds £20 to the price of a Rolex to implement this infrastructure, so what? The kind of people who pay £5,000 for a Rolex wouldn’t hesitate to pay £5,020 for a Rolex that can prove that it is real.

A small brand premium might be rather popular with people who like brands. Imagine the horror of being the host of a dinner party when one of the guests glances at their phone and says “you know those jeans aren’t real Gucci, don’t you?”. Wouldn’t you pay £20 for the satisfaction of knowing that your snooping guest’s Bluetooth pen is steadfastly attesting to all concerned that your Marlboro, Paracetamol and Police sunglasses are all real? Of course you would.

For some goods, we might want to add tamper resistant hardware to the product. I have long been interested in the use of low-cost RFID chips in this context. An example I looked at some years ago was the problem in Korea with the production of counterfeit whiskey. The authentic whiskey producers decided to add an RFID chip to the bottle caps. This chip was coded with a URL and an identifier. When a customer, or a shopkeeper, or a policeman, or in fact anyone else wants to check whether the whiskey is real or not, they touch the cap with their phone and the URL launches a web site that knows the provenance of the identifier and can tell you when and where it was bottled as well as some other information. When a customer opens the bottle, the tag is broken and can no longer be read. That seems to be a cost-effective solution, although it again relies on the provenance database to make it work (otherwise the counterfeiters would just find a way steal the chips).

The mass market IoT, however, amplifier that problem of permission. I have always tried to illustrate this for people in a fun way by using the case study of underwear. It’s one thing for dinner guests to scan my wine bottle to see that it is a real Romanée-Conti and another for them to scan my Rolex to check that it is indeed a first-class far-eastern knock-off, but it’s quite another for them to be able scan my underpants and determine that they date from 1983. How do we turn tags on and off? How do we grant and revoke privileges? How do we allow or deny requests for product or provenance? Once again, we must conclude that not simply digital identity but a full digital infrastructure is needed.

The third approach that I thought worth exploring was that of some form of blockchain. It seemed to me that by using the blockchain to maintain uniqueness, we might find a way to make the IoT a transactional environment. Just as you can’t copy the physical object, but you can transfer it from one owner to another, so you can’t copy a token on a shared ledger, only transfer it from one owner to another. Thus, if you can bind a token to a physical object, you can greatly reduce the cost of managing that object. Hence I was rather interested to read in that Vogue article that Luis Vuitton, Microsoft and Consensus have developed a platform called “Aura” to manage provenance to provide proof of origin and prevent counterfeits using a blockchain. The basic idea is to represent luxury goods as ERC-721 tokens on a private permissioned Quorum blockchain.

Obviously, I don’t have any details about how this will actually work, but LVMH seem to imply that at the time of purchase of one of their brands’ product, the customer can use the brand’s application to receive an “AURA certificate” containing all product information. I assume that if you sell your handbag (or whatever) to a charity shop, you can transfer the certificate to the charity shop’s application. Underlying all of this, there is the token on the blockchain moving from the retailer’s wallet, to your wallet, to the charity shop wallet.

If this works, and it’s simple and convenient for consumers, some sort of app presumably, it will generate an amazing amount of valuable data for brand owners. They will know exactly who has their stuff and how much of it they’ve got. If the app records “fails” as well, then they’ll also know who has the knock-offs too.

Real fakes and fake fakes

My good friend Chris Skinner pointed me at a story about counterfeit art. The art in question, a “Picasso”, is apparently the work of a counterfeiter called Davd Henty. According to The Daily Telegraph, after being exposed as a forger a few years ago, “the publicity led to him being feted on television programmes and his copies – marked clearly as ‘Henty’s’ – now sell for £5,000 and upwards”. This reminded me of something I wrote a decade ago after a visit to Halifax, where I saw an interesting use case for RFID chips that were being bonded into the canvas used for painting. So here’s a picture of such a picture (and me).

RFID_Picture

This caught my eye all those years ago and it’s worth showing it again, because it’s a fascinating case study of using RFID in the real/counterfeit problem space. It’s not just about what’s real and what’s fake.  The picture I am looking at here was painted by John Myatt. If you don’t recognise the name… well, his story  is introduced in The Daily Telegraph this way: “From talented chart-topping songwriter, to Brixton prison for being involved in ‘the biggest art fraud of the 20th century’, John Myatt’s incredible life is now the subject of a Hollywood movie and his artistic talent the focus of a major TV series”.

Interesting guy. Take a look at his “genuine fakes”.

The reason Mr Myatt can make a good living doing genuine fake art, as noted in the Financial Times, is his notoriety as a master forger, which resulted in a six-month prison sentence in 1995. The picture I am looking at has RFID tags bonded to it, but in this case the purpose of the tags is to prove not only that the picture is a fake, rather than real, but that it’s a John Myatt fake and not someone else’s fake. So, basically, the idea is to use a combination of primary and secondary identification technologies to connect product and provenance in such a way as to prove that the picture is a real fake, if you see what I mean. Great stuff.

So if we are going to use technology to create a new identity infrastructure that works for things as well as people, it must not only distinguish real from fake, but fake from fake!

Talking about real fakes, rather than fake fakes, I have an important one at home. I got it after reading about a donation of drawings to Yad Vashem, Israel’s holocaust memorial. The drawings are of the men who worked in the once-secret Nazi operation to produce fake money, a story told in the brilliant film “The Counterfeiters”, which won the 2007 Oscar for best foreign film. It is the true story of Operation Bernhard, which was the Nazi plan to devastate the British economy. The idea, conceived at the very start of the Second World War, was to drop the worthless banknotes over England, thus causing economic instability, inflation and recession. Remember, in 1939 the German people had very recent memory of worthless paper currency devastating the economy, as is well chronicled in Adam Fergusson’s book “When Money Dies”.

The film is based on a memoir written by Adolf Burger, a Jewish Slovak typographer who was imprisoned in 1942 for forging baptismal certificates to save Jews from deportation. The Nazis took Burger and more than a hundred other Jews from a variety of trades—printing, engraving and at least one convicted master counterfeiter, Salomon Smolianoff—and moved them from different death camps to a special unit: “Block 19” in Sachsenhausen concentration camp. There they set about forging first the British and then the American currency. In the end, the prisoners forged around Sterling 132 million, which is about four billion quid in today’s prices.

The Nazis were never able to put their plot into operation. At the end of the war, they packed up all the printers’ plates and counterfeit bills into crates which they dumped into Lake Toplitz in Austria, from which they were subsequently retrieved. Some of the counterfeit notes went to the purchase of war materiel for the nascent Israeli army, some went to collectors. I bought an authenticated Operation Berhard counterfeit “white fiver” from a banknote collector and that is how I came to have a real fake on my wall at home.

Innovation in blockchain innovation

A couple of years ago, I was invited along to the Scottish Blockchain Conference (ScotChain17). I have to say that it was a really enjoyable, well-organised and interesting day out in Edinburgh. Here I am in one of the panel discussions.

Scotchain panel

At this excellent event, I gave a talk about the use of blockchain in supply chains. Professor Angela Walsh kindly commented on my presentation, saying that it had her crying with laughter while learning a lot, a compliment that I treasure. The content was summarised thus by a keen observer…  “The point,” said Birch, “is that people are talking absolute bollocks about blockchain, on an industrial level”. If you at all interested, the talk was filmed and you can see it here:

 

Well, my comments on ideas of using the blockchain to solve supply chain problems being somewhat misguided may have seemed a trifle harsh at the time, but as far as I can tell they were a broadly correct characterisation of the state of the industry and a broadly accurate prediction of the sector’s trajectory. Two years on, I just read that the noted research house Gartner says that nine in ten blockchain-based supply chain projects are “faltering” because they cannot figure out important (or, in my opinion, any) uses for the new technology.

Hence I feel that my somewhat uncharitable remarks were justified and my blockchain crystal ball remains intact, its reputation enhanced. 

My reason for highlighting this Caledonian chronicle, and subsequent validation, is to point you to my forthcoming talk at Vincent Everts’ super Blockchain Innovation conference in Amsterdam. If you are going to the excellent Money2020 in Amsterdam that week – where I will be chairing the Open Banking track – stick around and join me at the ABN Amro headquarters on June 7th for a wide perspective on the state of the blockchain world.

I’ll be making a presentation on the intersection of blockchain and artificial intelligence. This is a space where I have observed an avalanche of absolute bollocks, so I’m going to stick my neck out and make a (well-informed) prediction about the key impact of AI on the blockchain world. It has nothing to do with supply chains, but I think has more significance and will mean big changes in the blockchain ecosystem.

I think have some solid foundations for making this prediction, so come along to cheer or jeer and I’ll be delighted to see you there either way.

Know 2019 Keynote

This time it’s war
Keynote address to Know 2019, Las Vegas, 25h March 2019.

[An edited version of this keynote appeared on Medium, 28th March 2019]

Know 2019 Las Vegas

I’ve said many times that we need an identity infrastructure that deals with the realities of this modern world, the world of the Nth industrial revolution (where N is 4, or 5, or something similar). As things go from bad to worse, we need this infrastructure be a government priority and we need the private and public sectors to come together to deliver it. And if they don’t want to, if you don’t want to, then you should be made to. I’m not standing here flattered to be asked to deliver this keynote because digital identity is about making life easier when you log in to your bank or to do your taxes. I’m here because it is far more important than that. Digital identity is vital national infrastructure

We don’t have long to get our act together and we are starting from scratch. In the UK we have no tradition of identity cards or national identification systems, or anything like it. To the British, national identification is “papers, please”: something associated with authoritarian tyrannies, France and wartime. And even in wartime, the idea of requiring people to hold some form of identification was regarded as so fundamentally incompatible with the customs and practices of Her Majesty’s subjects that the last British identity cards (from the first and second world wars, essentially) drew on what Jon Agar memorably labelled “parasitic vitality” from other systems such as conscription and food rationing. Identity infrastructure was created as a form of mobilisation against the enemies of the Realm and the chosen implementation, the identity card, was not an end in itself, but a means to support those other activities in to aid the war effort.

This dislike of identification as a State function is hardly unique to the United Kingdom. In America there are similarly strong opinions on the topic and the failure of the Australia Card back in 2007 stems, I think, from the same common law roots. These views of course stand in stark contrast to the views of almost all other nations of the world. The majority of people on Earth have some form of state identification and would find it impossible to navigate daily life without it. That doesn’t make the need to be identified by the state at all times either right or proper, by the way, but that’s a different discussion for another day.

If the development of national identity infrastructure is, however, only possible as part of a war effort… well, I have to tell you that we are at war. It’s just that this time we’re in a cyberwar and our identity infrastructure needs to support mobilisation across virtual and mundane realms. World War 3.0 has already started but a lot of people haven’t noticed because it’s in the matrix. There was no specific date when this war broke out and there is no conceivable Armistice Day on which it will end. Rather, as Bruce Schneier put it in his excellent book Click Here to Kill Everybody last year, cyberwar is the new normal.

(This will, unfortunately, make the war movies of the future rather dull. No more Dunkirk or Saving Private Ryan, no more The Dambusters or Enemy at Gate. Instead movies will be about solitary individuals sitting in dimly-lit bedsits typing lines of Perl or Solidity while eating tuna out of a can.)

The advent of cyberspace conflict is not because computers and communications technologies have only just reached the Armed Forces. Far from it: the very first computers were developed to compute ballistic trajectories and part of my young life was spent trying to work out how to use radio and satellite technologies to keep NATO systems connected after a first strike against command and control infrastructure, which is why talk of white noise jamming and direct-sequence spread spectrum transmission still gives me a shiver. But in those far-off days, the reason for knocking out the NATO’s IT infrastructure was so that you could then send tank columns through the Fulda Gap or drop the Spetsnatz into Downing Street. There were cyber aspects to war, but it wasn’t a cyberwar. Now it’s all out cyberwar and as historian Niall Ferguson said in his book The Square and The Tower, it’s war between networks.

(The early British response to this new state of affairs was comfortingly backward-looking. Back in 2013 there was a plan for the creation of a digital Home Guard made up from well-meaning volunteers to stand on the cyber-landing grounds to repel invasion.)

Now, I’m sure that behind the scenes the Department of Defense have been working around the clock to defend our payment systems and water supplies against foreign hackers but I do wonder if the insidious threat from the intersection of post-modernism and social media had as a high a priority? It should have done, because as it turned out the enemy stormed Facebook, not the Fulda Gap. We need a wall right enough, but we need it to around our data.

Marshall McLuhan saw this coming, just as he saw everything else coming. Way back in 1970, when the same Cold War that I played my part in was well under way, he wrote in Culture is our Business that “World War III is a guerrilla information war with no division between military and civilian participation”. Indeed. And as we are now beginning to understand, it is a war where quiet subversion of the enemy’s mental assets is as important as the destruction of their physical assets. Social media are creating entirely new opportunities for what The Economist referred to as “influence operations” (IO) and the manipulation of public opinion. We all understand why! In the future, “fake news” put together with the aid of artificial intelligence will be so realistic that even the best-resourced and most professional news organisation will be hard pressed to tell the difference between the real and the made-up sort.

Smart cyber-rebels will want to take over social media, just as rebel forces set off to capture the radio and TV stations first: not to shut them down, but to control them. The lack of identity infrastructure makes it easy for them: at least you could see when your favourite news reader had been replaced by a colonel in a flak jacket, but you’ve no idea who is feeding the “news” to your social media timeline. It’s probably not even people anymore. While writing these words I read of (yet another) complaint about social media companies doing nothing to control co-ordinated bot attacks. But how are they supposed to know who is a bot and who isn’t? Whether a troll army is controlled by enemies of the state or commercial interests? If an account is really that of a first-hand witness to some event or a spy manufacturing an event that never happened?

The need to tell “us” from “them”, real from fake, insiders from outsiders, attackers from defenders is critical and the lack of an identity infrastructure (as much as the creation of identity infrastructures that are too easy to subvert) leaves us open to manipulation. We need to create an effective infrastructure as a matter of urgency but it should not be framed in the context of a 20th-century bureaucracy responding to the urban anonymity of the industrial revolution by conceiving of people as index cards, but in a 21st-century context based on McLuhan’s notions of identity forged in relationships. We need to create an environment of ambient safety, where both security and privacy are strengthened, twin foundations for the structures we need to build to prevent chaos.

(America may or may not need a Space Force, but it most certainly needs a Cyberspace Force.)

So this is my challenge to you. This is a conference I take very seriously and an audience that I respect. I am looking to you to man the barricades. I want you to begin the process of assembling the infrastructure that we so desperately need, so that I can tell my e-mail package to ignore messages that say they came from bank but didn’t, my web browser to put a red border around “news” that does not come from a reputable, cross-checked source and set my phone to ignore tweets that come from bots rather than people.

If this all sounds over-dramatic: it isn’t. I think it is perfectly reasonable to interpret the current state of cyberspace in these terms because the foreseeable future is one of continuous cyberattack from both state and non-state actors and digital identity is a necessary building block of our key defences. I sincerely hope that over the next couple of days you will find new ideas, new ways of co-operating and perhaps even a new mission to protect and survive in this new era of amazing opportunities, astonishing threats and terrifying risks.

Thank you.

Feedback

Well, I’ve never appeared in a cartoon before (to the best of my knowledge) so my sincere thanks Richard Parry and “The Chaps” for their kind comment on this keynote. I should point out that I am well aware of the market failure around cybersecurity, but that’s a topic for another day!

Know 2019

 

The non-cartoon feedback was pretty good too!

And from the education day that preceeded the keynote…

Thanks y’all!

Actually, I think there is a link between AI and the blockchain

There is a character flaw in some people (eg, me) which means when they see something that is obviously wrong on Twitter they feel compelled to comment. This is why I couldn’t stop myself from posting a few somewhat negative comments about an “infographic” on the connection between AI and the blockchain, even though I could have just ignored the odd combination of cargo cult mystical thinking and a near-random jumble of assorted IT concepts and gone about my day.

When it came down to it though, I just couldn’t. So, naturally, I decided to write a blog post about it instead. The particular graphic made a number of points, none of which are interesting enough to enumerate in this discussion, but at its heart was the basic view set out, here for example, that blockchain and AI are at the opposite ends of a technology spectrum: one fostering centralised intelligence on closed data platforms, the other promoting decentralised applications in an open-data environment. Then, as the infographic “explained”, the technologies come together with AIs using blockchains to share immutable data with other AIs.

Neither of those basic views is true though. Whether an AI is centralised or decentralised is tangential to whether it uses centralised or distributed data, and whether “blockchain” is used by centralised or decentralised applications is tangential to whether those applications use AI. What is important to remember is that decentralised consensus applications running on some form of shared ledger technology can only access consensus data that is stored on that ledger (obviously, otherwise you couldn’t be sure that all of the applications would return the same results). An AI designed to, for example, optimise energy use in your home would requires oracles to read data from all of your devices and place it on the ledger and then another set of factotums to read new settings from the ledger and update the device settings. What’s the point? Why not just have the AI talk to the devices?

There is, however, one part of the shared ledger ecosystem—of consensus applications running on consensus computers—that might benefit considerably from a shift to AI and this is the applications. People are very bad at writing code, by and large, and as the wonderful David Gerard observed in the chapter “Smart contracts, stupid people” in his must-read “Attack of the 50 foot blockchain”, they are particularly bad at writing smart contracts. This is clearly sub-optimal for apps that are supposed to send anonymous and untraceable electronic cash around. As David says, “programs that cannot be allowed to have bugs … can’t be bodged by an average JavaScript programmer used to working in an iterative Agile manner… And you can even deploy fully-audited code that you’ve mathematically proven is correct — and then a bug in a lower layer means you have a security hole anyway. And this has already happened”.

It seems to me that one thing we might expect AIs to do better than people is to write code. Researchers from Oak Ridge National Laboratory in the US foresee AI taking over code creation from humans within a generation. They say that machines, rather than humans, “will write most of their own code by 2040”. As it happens, they’ve started already. AutoML was developed by Google as a solution to the lack of top-notch talent in AI programming. There aren’t enough cutting edge developers to keep up with demand, so the team came up with a machine learning software that can create self-learning code… Even scarier, AutoML is better at coding machine-learning systems than the researchers who made it.

When we’re talking about “smart” “contracts” though we’re not talking superhuman programming feats, we’re really talking about messing around with Java and APIs. Luckily, last year saw the arrival of a new deep learning, software coding application that can help human programmers navigate Java and APIs. The system—called BAYOU—was developed at Rice University with funding from the US Department of Defense’s Defense Advanced Research Projects Agency (DARPA) and Google. It trained itself by studying millions of lines of human-written Java code from GitHub, and drew on what it found to write its own code.

Putting two and two together then, I think I can see that if there is an interesting and special connection between AI and “blockchain” then it’s not about using the blockchain as a glorified Excel spreadsheet that AIs share between themselves, it’s about writing the consensus applications for the consensus computers. They still wouldn’t be contracts, but they would at least work.

Not a cryptocurrency. End of.

The media recently reported, somewhat breathlessly (eg, CNBC), that JP Morgan Chase (JPMC)is launching a “cryptocurrency to transform the payments business”. This sounded amazing so I was very excited to learn more about this great leap forward in the future history of money.

As CNBC reported, it seems to herald new forms of business. Umar Farooq, the head of JPMC’s blockchain projects, sets put this vision clearly, saying that the applications for this innovative use of new transaction technology “are frankly quite endless; anything where you have a distributed ledger which involves corporations or institutions can use this.

Wow.

Now, many people took a look at this and pointed out that it is simply JPMC deposits by another name, and uncharitable persons (of whom I am not one) therefore dismissed it as a marketing gimmick. But it is more interesting than that. Here is the problem that it is trying to solve…

Suppose I am running apps (referred to by less well-informed media commentators as “smart” “contracts” when they are neither) on JPMC’s Quorum blockchain. Quorum is, in the terminology that I developed along with Richard Brown (CTO of R3) and my colleague Salome Parulava, their double-permissioned Ethereum fork (that is, it requires permission to access it and a further permission to take part in the consensus-forming process). I’m quite partial to Quorum (this is what I wrote about it back in 2017) and am always interested to see how it is developing and helping to define what I call the Enterprise Shared Ledger (ESL) software category.

Now suppose my Quorum app wants to make a payment – not in imaginary internet play money, but in US dollars – in return for some service. How can it do this? Remember that our apps can’t send a wire transfer or use a credit card because they can only access data on the blockchain. If the app has to pay using a credit card, and that app could be executing on a thousand nodes in the blockchain network, then you would have a thousand credit card payments all being fired off within a few seconds! You can see why this can’t work.

One way to solve this problem would be to have “oracles” reporting on the state of bank accounts to the blockchain and “watchers”  (or “custom executors” as Darius calls them here) looking for state changes in the blockchain bank accounts that they could then instruct in the actual bank accounts. But that would mean putting the safe-to-spend limits for millions of bank accounts on to the blockchain. Another more practical solution would be to add tokens to Quorum and allow the apps to send these tokens to one another. This is, as far as I can tell from a distance, is what JPM Coins are for.

I have to say that this is a fairly standard way of approaching this problem. A couple of months ago, Signature Bank of New York, launched just such a service for corporate customers — with a minimum $250,000 balance — using another permissioned Ethereum fork, similarly converting Uncle Sam’s dollars into ERC-20 tokens. If you’re interested, I gave a presentation to the Dutch Blockchain Innovation Conference last year on this approach and why I think it will grow and the video is online [23 minutes].)

Animal, vegetable or mineral?

These JPM Coins (I simply cannot resist calling them Dimon Dollars, or $Dimon, for obvious reasons) have attracted considerable discussion but I thought I might contribute something different to the debate by trying to reason my way through to a categorisation. I talked about this on the panel in the “Blockchain and Cryptocurrencies” session at Merchant Payments Ecosystem in Berlin today, and you can see my slides here:

 

On the panel, I said that the $Dimon is e-money. Here’s why…

Is it “money”? No it isn’t. It is certainly a cryptoasset – a digital asset that has an institutional binding to a real-world asset – that in certain circumstances exhibits money-like behaviour. Personally, I am happy to classify such assets as forms of digital money, the logical reason that they are bearer instruments that can be traded without clearing or settlement. 

Is it a “cryptocurrency”? No, it isn’t. A cryptocurrency has a value determined, essentially, by mathematics in that the algorithm to produce the currency is known and the value of the cryptocurrency depends only that known supply and the unknown demand (and, of course, market manipulation of various kinds). It is not set by an institution, government or otherwise.

Is it a “stablecoin”? No, it is isn’t. A stablecoin has its value maintained at a certain level with reference to a fiat currency by managing the supply of the coins. But the value of the $Dimon is maintained by the institution of JP Morgan irrespective of the demand for it.

Is it a “currency board”? No, it isn’t. A currency board maintains the value of one currency using a reserve in another currency. So, for example, you might have a Zimbabwean currency board that issues Zim Dollars against a 100% reserve of South African Rand.

In fact, as far as I can tell, the $Dimon is e-money, which is one particular kind of digital money. There are two main reasons for this:

First, according to the EU Directive 2009/110/EC, “Electronic money” is defined as “electronically, including magnetically, stored monetary value as represented by a claim on the issuer which is issued on receipt of funds for the purpose of making payment transactions […], and which is accepted by a natural or legal person other than the electronic money issuer”. This sounds awfully like, as Bloomberg put it, the $Dimon is “a digital coin representing United States Dollars held in designated accounts at JPMorgan Chase N.A.”. It is a bearer instrument (so “coin” is a reasonable appellation) that entitles the holder to obtain a US dollar from that bank and therefore seems to fall within that EU definition since people other than JPMC, albeit customers of JPMC, accept it in payment. (I would pull back from calling it digital cash because of this need to establish an account with JPMC in order to hold it.)

Second, because my good friend Simon Lelieveldt, who knows more about electronic money than almost anyone else, says so. Simon and I have long agreed that the trading of digital assets in the form of tokens is the most interesting aspect of current developments in cryptocurrency, a point I made more than once in my MPE talk.


Following my logic then, in European regulatory terms then, the $Dimon is “e-money” and I think that is a quite reasonable definition. Case closed.

Mark Carney (and me) and digital ID

The governor of the Bank of England, the Canadian ex-Goldman Sachs economist Mr. Mark Carney, recently suggested that digital ID cards “would make it safer for people to access money online”. He is sort-of-correct. We do indeed need to do something to stop the relentless increase in identity-related fraud and scams (such as, for example, “man receives surprise message purporting to be from Mark Carney offering multimillion-dollar sum”) because we need to make substantial improvements in both the security and privacy of online financial services, as well as a step-change in convenience) and we need it urgently. 

I don’t think that a digital ID card is quite the solution though, because I prefer a more sophisticated solution that is based on digital identities for everything and multiple personae for transactional purposes, but that’s splitting hairs at high level. I am right behind Mr. Carney on the need for a solution, although I think he was wrong when he went on to say that such a scheme could also prove controversial and could “only be introduced by the Government rather than the Bank of England”. In my opinion he is mixing up the controversial idea of a national digital identity card of some kind (and he may well be unaware of the government’s decision to stop funding their gov.verify online identity scheme) with the uncontroversial notion of a some form of secure and convenient identity management for the purposes of interacting with regulated financial institutions.

Only a day after Mr. Carney’s remarks, the Emerging Payments Association (EPA) released its report on money laundering and payments-related financial crime, calling for UK financial institutions and payment processors to create a “national digital identity scheme to tackle these threats”. So let’s take this national digital identity for financial services and digital ID card for online identity checking in Mr. Carney’s terms and call the concept, for sake of brevity, the Financial Services Passport, or FSP.

I don’t know if Mr. Carney has read my 2014 book Identity is the New Money (still available from all good bookshops and Amazon), but in there I wrote that one very specific use of a digital identity infrastructure “should be to greatly reduce the cost and complexity of executing transactions in the UK by explicitly recognising that reputation will be the basis of trust and therefore transaction costs. The regulators should therefore set in motion plans for a Financial Services Passport”.

A few year ago, I spent some time as co-chair (with Ian Jenkins of Deloitte) of the techUK Financial Services Passport Working Group, I was working on the concept of a financial services passport with a bunch of smart people and no-one took the slightest interest in this obviously sensible concept and I do not remember observing any inclination by the UK’s banks to work together on it.

That techUK Working Group, incidentally, was created because of recommendations of an earlier techUK report “Towards a New Financial Services” developed through 2013. Section 3 of this report is actually called “Identity and Authentication: Time for a Digital Financial Services Passport”. The conclusion of that section was: 

There is clearly a need to look again at identity authentication in financial services. In addition to creating inconvenience for consumers, the current approach is expensive to maintain and inadequate in serving an increasingly digital financial services industry. As trusted authenticators of identity, a new standardised approach by financial services organisation could enable wider societal benefits, while also unlocking new opportunities for the industry. However, moving from the current fragmented identity infrastructure to a standardised financial services passport would require overcoming several challenges; from the competitive dynamics in financial services, to the extent and scope of liability, whilst simultaneously maintaining KYC and AML compliance.

In the first instance, the scope of a financial services passport needs to be more clearly defined. This requires a technology roadmap that can match objectives and requirements in managing digital identities in financial services with technical solutions and provide a feel for how trends may already be shaping the market in this space.

So what would a practical financial services passport actually look like? In the techUK discussions, we explored three broad architectures using the technology roadmap referred to above. 

  1. A centralised solution, some sort of KYC utility funded by the banks. This was seen as being the cheapest solution, but with some problems of governance and control. It could also be a single point of failure for the financial system and therefore unwise given that we are now in a cyberwar without end.

  2. A decentralised “blockchain” (it wouldn’t really be a blockchain, of course, it would be some form of shared ledger) where financial institutions (and regulators) would operate the nodes and all of the identity crud (“create, read, update and delete”) would be recorded permanently.

  3. A federated solution where each bank would be responsible for managing the identities of its own customers and providing relevant information to other banks as and when required. 

At the time, I thought that the third option was probably best but I’m open to rational debate around the topic. The way that I envisage this working was straightforward: my bank creates a financial services passport using the KYC data that it already has and “stamps” the passport with a minimum set of attributes needed to enable transactions. So Barclays would create an FSP for me. Then, when I go to Nationwide to apply for a mortgage, I could present that FSP to Nationwide and save them (and me) the time, trouble and cost of KYC. Instead of asking me for my bank account details, home address and inside leg measurement, Nationwide can use the stamps in my passport.

As I recall, the technology bit of this was easy but there were two discussions about this that were difficult. One was about liability (I advocate the “Identrust model” of transaction liability) and the other was about payment (I advocate an interchange model where the organisation using the passport pays the passport originator).

Let’s just say for sake of argument though that in response to Mr. Carney’s comments, the FCA decided on a federated solution using the three-domain identity (3DID) model. It would look like this:

3DID Bank Framework

 

All of the standards and technologies needed to make this happen already exist except in one area. The banks already do the KYC in the Identification Domain, we have FIDO and biometrics and mandatory Secure Customer Authentication (SCA) in the Authentication Domain and the tools that we need in the Authorisation Domain.

Let’s imagine that the digital identity is, basically, a key pair. In this case, the virtual identity is then a public key certificate that carries the attributes – the data about a person – that is necessary to enable transactions, as shown below. The attributes are digitally-signed by organisations that are trusted. This is where we need some standardisation to define attributes (eg, IS_A_PERSON, IS_OVER_18, HAS_OVERDRAFT_AGREEMENT or whatever). Were the Bank of England to make the banks get their act together and start doing something about this, maybe they could do what they did for Open Banking and set up an Financial Passport Implementation Entity (FPIE) to draw up the formats and standards for Persona that can be used by developers to start work right away.

Virtual Financial Services

Note that this special case, where the virtual identity is the same as the “real” identity is only one case. Barclays and others might well give me (or charge me for) other virtual identities, with the most obvious example being an “adult” identity that does not contain any personally-identifiable information for use in internet dating and so on.

In 2014, I wrote “what about a financial services passport?”. It is a testament to the power of my writing and my great influence in the financial services community that it has taken a mere five years for this idea to reach the governor and for him to put it forward as a way to “harmonise the various different systems of online identity checking”. Let’s hope that more people listen to him than listened to me.

Ten more years

We’ve just had Bitcoin’s tenth birthday, so like most other electronic payment aficionados I’ve been mulling over the trajectory of the noted peer-to-peer electronic cash system. My interest in it goes back long way. I was  invited to speak to the first European Bitcoin conference in Prague back in 2011 having previously given perspectives on the project — in blogs, magazines and even on BBC radio — that were not especially enthusiastic. As an example, in Prospect Magazine back in 2011 I wrote “while many of us would like currency management taken away from governments, that doesn’t mean an unmanaged solution will be any better”.

That Prague conference was therefore an opportunity for me to learn more about Bitcoin and the Bitcoin community as well as to test my arguments with an informed crowd. My views didn’t change – I still didn’t think Bitcoin would crack the mass market – but looking back on it now is a fascinating slice of early Bitcoin life.

In the first presentation, Sergey Kurtsev from IMCEX said that anonymity is misunderstood and that the public don’t need it. I was upset about this, not because he was absolutely correct about it, but because it was going to be the subject of my talk in the afternoon. So it led to some emergency last-minute Keynote acrobatics on my part!

Amir Taaki from the Bitcoin Consultancy gave a presentation that was quite wide-ranging so I will use that presentation as a peg to hang a few comments on. He said, essentially, that there were three problems with Bitcoin: the marketplace, the technology and finance.

  1. Marketplace. Amir said that consumers had no reason to use Bitcoin because attributes that Bitcoin projects (such as that anonymity) are not valued by consumers and the merchants obviously don’t see enough value to drive consumers towards it. I don’t see that anything has changed in the last decade. As I pointed out in 2015, if there’s no demand for Bitcoin for porn, then there’s no future for it as a means of exchange!

  2. Technology. There were scale issues, as people much cleverer than me (e.g., Ben Laurie) pointed out at the very beginning, but the key technology issue was that it was hard to use. Now it’s a bit easier because you have a variety of Bitcoin wallets to choose from.

  3. Finance. Amir made a point about “compromising events”. He said that if you want people to hold Bitcoins instead of dollars or gold, they have to have real faith. Every time they read about exchanges crashing and money vanishing that becomes more unlikely. As I have posted with wearying repetition on Twitter across the last decade “help I want my anonymous, untraceable digital cash back!”.

When it came to my talk (which you can see below), I did try to make constructive criticism. I tried to highlight some areas of commerce where the existing mass market solutions might be vulnerable to well-crafted alternatives (e.g., social networking, games, kids) or where a significant improvement in security would generate value.

 

( I also emphasis, as I recall, that any realistic mass-market solution must be mobile-centric.)

Overall, as I’d previously written, I was unconvinced that Bitcoin would make a good currency or scale into the mainstream economy, mainly because the anonymity that was the attractive feature to the early-adopting bitcoiners was not attractive to the mass market. I still don’t see any traction for Bitcoin in the mass market. Back in 2015, I set off to visit Swindon on the 20th anniversary of the launch of the UK Mondex scheme (an offline, smartcard-based form of electronic cash) and discovered a shop advertising that they accepted Bitcoin. But when I attempted to pay with Mr. Nakamoto’s peer-to-peer electronic cash system, no-one could remember the password and when I asked to speak to the manager, he told me that no customer had ever asked to pay with Bitcoin anyway. 

Bitcoin at POS in Swindon

 

(Swindon, once twinned with Disney World, is the epicentre and bellwether of the transition to new forms of money. In two decades it went from a place where no-one used Mondex to a place where no-one used Bitcoin.)

More interestingly, with the perspective of hindsight, a couple of the speakers at the event suggested creating a scheme on top of Bitcoin rather than use Bitcoin itself, which to my mind adumbrates the evolution of the token, which I do think has more chance of success. I wrote about this last year, saying that I see Bitcoin and its cousins not as prototypes but as a base layer that will be used by some, but not by most, people to make real transactions in the future. I think most transactions will take place at the token layer, exchanging bearer assets over an efficient (no clearing or settlement) transaction layer.

So the blockchain is new and so on… and yet… the idea of a trading “money like” instruments without clearing and settlement is hugely appealing. This not on idealogical grounds but on economic ones: it’s cheaper.

Whether the transaction layer underneath will be Bitcoin or not is anyone’s guess, although I suspect it will not. If the function of the transaction layer is to be a global, shared resource for security infrastructure then the protocol will surely need to be optimised in that direction and the operations will surely need to be organised in such a way as to prevent any well-funded (at the National State level) attacker from being able to control sufficient of the necessary resources to subvert or disrupt that infrastructure. No-one is going to move their stock market over to a platform where trading might be disrupted by crypto-kitties.

“Do you want a shot of novocain? / No, I want a shot of you getting a diploma.”

There’s been yet another story about fake medical qualifications in the news. A woman from New Zealand spent a couple of decades working as a consultant psychiatrist in our National Health Service (NHS) before it was discovered that she had made up her medical degree and forged a bogus letter of recommendation from Pakistan. The deception only came to light after she had been convicted of trying to defraud an elderly patient.

Now, I rather imagine that if I were a hospital or a medical centre or a GP practice employing a new doctor, I might be tempted to at least look them up on LinkedIn or something before I let them get their hands on a patient but I suppose that under the NHS it’s considered ungentlemanly or discriminatory or just plain rude to ask a prospective clinical employee for verifiable evidence of any valid qualifications. We are English, so we take people at their word. Unfortunately, dictum meum pactum. May not survive the 

While fake doctors seem to be something of an issue, as I have written before, I am English and therefore far more concerned about the epidemic of deceptive dentists across our green and pleasant land.

When I read that a “bogus dentist with no qualifications managed to fool her employers at NHS hospitals for nine years before being discovered” it makes me shiver.

When I see a woman convicted at Birmingham Magistrates’ Court on two charges of carrying out dentistry work without holding any dentistry qualifications, I get twitchy.

When I find out that Manchester Magistrates Court convicted a man who had no dentist qualifications, used a false name and was fraudulently using the registration number of a genuine dentist, I begin to think about leaving the country for good.

When I discover that a bogus dentist (an asylum seeker who told immigration officers he had a dental practice in Iran) took a dead dentist’s identity, drilled without a local anaesthetic and did expensive fillings that crumbled within days, I have trouble sleeping.

(Which again reminds me of the late lamented Robert Schimmel’s joke about visiting the dentist: “Do you want a shot of novocain? / No, I want a shot of you getting a diploma.”)

How can this happen, you might wonder, in a world where the blockchain exists? As Don and Alex Tapscott remind us in “Blockchain Revolution”, the “blockchain can hold any legal document, from deeds and marriage licenses to educational degrees and birth certificates”. And indeed managing educational qualifications seems to be one of those things I hear about at conferences where the magical properties of the blockchain are going to transform the sector and bring about a new era of peace and prosperity.

But how?

Suppose there was some global educational qualifications blockchain. That wouldn’t by itself fix anything as far as I can see. How exactly would the blockchain stop fake dentists from fixing my teeth with superglue and polyfilla?

I happened to look at a couple of projects in this space earlier in the year, and I can tell you that much of the wishful thinking projected onto the blockchain is really nothing about consensus or immutability but, as in so many other cases, really all about interoperability. There is no global standard for education qualifications, there is no global trust framework for organisations able to create qualifications (and their regulators) and there is no global infrastructure for digital signatures in that framework.

Think about it. If you present me with a Ph.D in Quantum Philosophy from the University of Woking, I need to be able to establish a trust chain that tells that there is a WokingU, that WokingU was authorised to award Ph.Ds at the time that you’re Ph.D was awarded, that the Ph.D you are presenting is real and signed by WokingU and that you are indeed the subject of the Ph.D award.

All of these problems have to be solved before we get near to figuring out whether a global blockchain might or might not be a better place to store such qualifications that either a global database of qualifications or a scheme for federating qualification repositories.

Gold cards vs. gold cards

According to a reputable news source (well, the Daily Mail) the Royal Mint is casting (sic) around to find things to do when the Treasury caves to the inevitable and tells them to quit wasting everyone’s time and money by minting coins. They’ve come up with the idea of making a credit card out of real gold. They are apparently working on ways to get 18-carat gold cards to work in ATMs and, of course, at contactless terminals.

The cards will have the owners signature engraved on the back (I’ve no idea why, since the card schemes are discontinuing the use of the pointless signature panels on cards) and will apparently be worth $3,000 each which (as a number of Twitterwags immediately pointed out) will greatly increase the number of fake ATMs in the streets around Belgravia after midnight.

This isn’t the Royal Mint’s idea, of course. They stole it wholesale from 30 Rock a few years ago.

There’s another kind of gold card that is worth considering: not one that is made of gold, but one that is backed by gold. I wrote about this idea more than a decade ago, using the example of an Islamic electronic gold card, saying…

“Given the desire to transact with the convenience of a card but in a non-interest bearing currency, it would seem to be a straightforward proposition to offer a gold card that is actually denominated in gold. An Islamic person tenders their chip & PIN gold card in Oxford Street to buy a pair of shoes: to the system it’s just another foreign currency transaction that is translated into grams of gold on the statement. If, at the end of the month, the person has used more gold than they have in their account then they can use some of the bank’s gold for a time at a fee. Hey presto, no interest. And if said Islamic person wants their gold then they can, in principle, go to the relevant depository and draw it out (minus a handling fee, naturally). Would interested credit card issuers form an orderly queue, please?”

Nowadays you’d implement the gold card as a cryptoasset that is institutionally linked to gold in a depository I suppose, but the idea of a turning store-of-value gold into means-of-exchange e-gold remains interesting: there are a great many people around the world who would prefer to pay and save in gold rather than any more modern medium. As it happens, the Royal Mint were go to have a go at this too with their RMG blockchain-based crypto asset until the spoilsports at the Treasury told them to knock it off and get back to making commemorative Brexit 50p coins.

So gold cards, or cards backed by gold or cards backed by assets backed by gold? My bet is that in the long run regulated token markets will win out but I’m genuinely curious as to your opinions on this.

[updated 29th October 2018 to include the government tell Royal Mint to stop crypto asset development.]