Identity is money (your money)

As you may know, the United Kingdom leads the world in digital identity infrastructure and is a beacon to the nations when it comes to the use of new technology for identification, authentication and authorisation. Just kidding of course. Here’s the identity that I used at Money 2020 in Amsterdam last week when I was asked to prove who I was at the registration desk:

Money2020 Europe 

Yes, the gold standard for identity cards, the Southern Railway photocard, issued only to qualified commuters after rigorous KYC (you give them a photo and then write your name on the card yourself).

The truth is that we don’t have a digital identity infrastructure (or in fact any other form of identity infrastructure) and the shambolic approach to identity is manifest in a daily litany of frauds, frictions and fantasies (often from the government). Here is an absolutely typical example: a nightclub is issuing its own identity cards since it can no longer rely on any of the other forms of “identification” that are in use. The nightclub manager says that the number of people presenting fake IDs is  crazy, so the nightclub is going to issue its own identity cards with a picture on them. In order to get one of these cards, customers will need to present “two forms of up-to-date official ID” (not entirely sure what this means, since there is no “official ID” in the UK) and then in order to get into the club, customers will need either one of these club cards or a passport or a driving licence.

I’ve written about this at tedious length before, but the core of the issue is that the identification mechanisms that are in use (e.g., driving licences) are impossible to validate and requiring them to be used at all actually leads to more identity fraud because the analogue artefacts employed are stolen, forged and abused in a variety of different ways stop.

Before I continue with this specific example, let me make a general point about how I think these things should work in an always on, connected world. First of all, retailers and other service providers should all have their own virtual identity, or persona, for every customer because they need to be able to communicate and connect with those customers in order to deliver better services and products. In essence, every customer should have a loyalty card. The contents of that card should be unique to each service provider and any compromise of it should not lead to compromise with other service providers. In a digital identity world, this sort of thing is straightforward. You present a virtual identity from an organisation that is acceptable to the nightclub (e.g., a bank) and they send you back another virtual identity that contains things of relevance to the nightclub, such as your customer number and preferences.

In the virtual world, this makes sense because your mobile phone can store millions or billions of loyalty cards. In the “real” world, it will be really annoying to carry around thousands of loyalty cards with you wherever you go, but when those loyalty cards are (essentially) public key certificates then there is no problem.

So let’s go back to the nightclub and see how they might progress on a digital world, by creating a loyalty card based on digital identity infrastructure. Doing things this way has three distinct advantages. First of all, if you are a nightclub then your bar staff may well not be at MI5 levels when it comes to spotting a fake Romanian passport but they might be able to spot a fake version of your nightclub identity. (In practice, of course, they wouldn’t have to because the validity of the card will be checked by their phones). Secondly, by giving every customer loyalty card you are able to interact with them securely (in technical terms you can always send messages encrypted to that persona). Finally, as the nightclub manager himself notes, “we can also ban people and remove the card at our discretion, giving us more control and creating a safer environment”.

On a commercial note. you might wonder why organisations that already spend a lot of money on working out who people are (e.g., banks) don’t take this sunk cost and transform it into a revenue stream. I’ve more than once been told by a bank that there is no business for providing ID as a service to business customers, when clearly this nightclub (to pick just one example) is perfectly prepared to spend money on creating its own identity service when I’m sure the management would much rather that their efforts be directed towards running a nightclub.

Banks should be looking forwards by creating a digital identity infrastructure and then selling products and services based on the infrastructure to, for example, nightclubs. That way, the nightclubs could produce their own branded app (by adding a skin to a generic multi-bank identity app, for example) and pay the bank a pound to testify to the age of the holder rather than waste money having to do it for themselves.

The euro, my part in its downfall

I once had lunch with Italian anti-euro nationalists. They had invited me because I was in Rome to give evidence on cryptocurrency to a committee in the Italian Parliament and they wanted to ask me about parallel and complementary currencies (yes, really). Here I am in from of the Italian Parliament building, Montecitorio, for the public hearing. 

Getting ready to visit

(The nice people at  Cashless Way made a photo album of the day for you if you want to see more.)

My host for this day was Geronimo Emili (below) from the “War on Cash”. I won’t go into the discussions — they have been covered elsewhere (e.g., here) — but I focused my contribution on the radical and innovative nature of the Bitcoin protocol while remaining sceptical about the potential for Bitcoin as a currency (although I did support the idea that new kinds of currency are around the corner). I think the past four years have reinforced my summary comments to the hearing, which were broadly that Bitcoin is a genuine technological breakthrough and it will cause a revolution, but probably not in payments.

Geronimo Emili

After that, it was off to lunch with (if memory serves) the Deputy Leader of one of the political parties that was in favour of more autonomy for the North. We had a very interesting conversation – through a translator – about the potential for new technology to make regional and city currencies a practical possibility. I’m rather in favour of having more currencies and particularly more currencies that are more closely linked to the values and needs of communities. There is a general argument in favour of a regional approach to currencies in a mobile-phone powered always-on digital age. I first heard it clearly expressed by the late Sir Richard Body MP. Sir Richard was a noted eurosceptic, supporter of an English parliament and, rather famously, one of the “bastards” referenced by John Major. He was also very interested in the theory and practice of money and at the second annual Consult Hyperion Forum (back in 1999) he gave an eloquent explanation as to why regional currencies with floating exchange rates would lead to more efficient resource allocation and more beneficial resource distribution than government transfer payments do.

I think I may have mentioned this at lunch.

Although I thought no more about it at the time, it looks as if I may have inadvertently conspired to destroy the euro, as I now read that the anti-euro Lega nationalists and the alt-Left Five Star Movement are planning to go around the euro and create a rival payment structure based on ‘IOU’ notes. This would subvert the monetary control of the European Central Bank and might well set off a chain reaction in Catalonia, Scotland and perhaps even London.

Oh well.

Amazon bank no, Amazon neo-bank maybe

A while back, the Wall Street Journal ran a story about Amazon being in talks with major banks, including JP Morgan, about building what the Journal referred to as a “checking-account-like” product. This set off a storm of speculation about Amazon moving into the banking business, despite the obvious fact that you don’t need to be a bank to offer such a product.

One of the main reasons for the speculation growing was that consumers seem warm to the idea. Almost half of US consumers surveyed said that were “open” to the idea of Amazon as the provider of their primary bank account (according to LendEDU) which may seem surprising but I think is a reflection on consumer experiences of Amazon in practice. Yesterday I ordered some bottles of sparkling water and some bottles of Coke from Amazon, this morning they showed up. From the time I hit the “buy” button on Amazon I never gave the transactions a moment’s thought. It just works. Some commentators therefore began talking about Amazon becoming a bank. Any why not? They’ve become a book shop! I went into the Amazon store in Austin, Texas, just to buy a physical book from them because I could!

 Amazon

I don’t think they will, though. Why don’t I think Amazon will be a bank? Because, as was said in The Street, “I don’t think Amazon wants to be a bank in the way that JPMorgan is a bank”. Amazon just does not make money the way that banks make money. Look at their existing partnership with Bank of America to lend money to merchants. Amazon don’t care about making some small margin from interest payments, they care about helping merchants to increase Amazon’s overall sales.

If Amazon is going to distribute financial services but not be a bank, then what will it be? I think it’s time for another review of terminology and I’ve got a couple of suggestions. Let’s standardise this way: a “neo-bank” is something that looks like bank, but isn’t (eg, my Simple account when I first got it and before they were taken over by BBVA, which is an actual bank), whereas a “near-bank” is something that performs a function traditionally associated with banks but isn’t a bank and doesn’t look like a bank (eg, Transferwise). In this framework, Amazon would probably become a Neo-bank.

The neo-bank is not a new idea, by the way. In 1997, I wrote, with Consult Hyperion colleague Mike Young, an article for Internet Research (Volume 7, Number 2, p.120-128) called “Financial Services and the Internet”. In that article we wrote about the potential for the new technology to assemble a banking service depending on the customers’ needs explaining how the new infrastructure would allow customers to build their own financial services “with the underlying best-of-breed products originating from a wide range of suppliers” which the manufacturers of financial services (eg, banks) would “retreat to a small range of products that build on core competencies, but supplied to a global market”. Amazon is precisely the kind of organisation that can take these products (eg, unsecured personal credit) to that market.

In Europe, there is nothing that the banks can do to stop Amazon from becoming a neo-bank. PSD2 means that bank customers will give Amazon permission to access their bank accounts, at which point Amazon will become the interface between the customer and financial services. I’ve no reason to doubt Amazon’s potential for success if they go down this route. Time for some thought experiment scenario planning…

So…

If Amazon were to provide something that looks like a checking account but is actually a prepaid account of some kind (as my Simple account was), would people use it? I think the answer to this is a resounding yes, especially if Amazon offer the usual array of discounts or cashback to go with it. They have plenty of margin to trade for data. Look at their credit card that gives you 5% back at Whole Foods, for example. If Starbucks can sit on a a billion (plus) in float just from people buying coffee, imagine the float that Amazon could sit on from people buying… well, everything.

So…

If people begin holding $$$ in Amazon float that gives them a 2% discount on stuff instead of holding $$$ in a bank account that gives them a 0.2% interest rate, funds will begin to drain away from demand deposits pretty damn quickly. Now imagine how quickly that might happen in Europe, where Amazon can use PSD2 to get direct access to customer bank accounts in order to instruct credit transfers to load to Amazon accounts automatically, something like their US Amazon Cash service but using modern electronic instant payments transistors and laser beams instead of Federal Reserve bills. It could be seriously big business.

Ledgers and innovation in banking

I was flicking through the New Scientist magazine from 29th November 1956 when I came across a very interesting article on the digitisation of banking, a subject of great current interest. The article has a very useful diagram for those of us who wonder how exactly it is that banks manage customers’ accounts using computers.

How things work at banks

I don’t know which bank this is, probably TSB, but in any case it is what the article says about digitisation that I found interesting. Apparently, it’s all to do with something called “ledger management”. The article gives a helpful example, explaining how “when a bank clerk first accepts a cheque, he prints on it with something like a typewriter a note of the amount in magnetic ink, all subsequent operations—sorting, listing and entering in ledgers—can be done without human assistance”.

Reading further on, I discovered that you can have different kinds of ledgers that work in different ways. The author notes that this is only one way of “ledgering automatically” and that the “choice of a system depends on how far was is prepared to go: whether automatic book-keeping is to be done only at head office, whether in this case the accounting for all the branches, or whether branches will have their own equipment or to be grouped around sub-centres”. The same centralisation versus decentralisation of ledgers argument continues to this day.

The article continues by noting that banks do not seem to be making as much of this interesting new technology as they might and that “what may prove to be more serious is the determination to cling to time-honoured procedures”. Well, yes indeed. This is just what Anthony Jenkins meant when he said that banks had yet to be disrupted by new technology (shortly before he was fired as Barclays CEO). And if you think those “time-honoured procedures” are fading, you’re dead wrong, since 95 percent of ATM transactions still pass through COBOL programs, 80 percent of in-person transactions rely on them, and over 40 percent of banks still use COBOL as the foundation of their systems.

There’s no point using blockchain, or any other shared ledger technology, to implement these existing processes. The way forward, in banking at least, is to use the new technology to implement new ways of doing businesses. There’s a good argument for thinking that the central co-ordination mechanism for these new ways of doing business might well be trust. Speaking at Davos, way back in 2015, Marc Benioff (the CEO of Salesforce) said that “Trust is a serious problem, we have to get to a new level of transparency – only through radical transparency will we get to radical new levels of trust.”

I could not agree more. I think he is absolutely spot on. This is why I have been focusing on the use of new technologies (and specifically biometrics, blockchains and bots) to create a different kind of financial services infrastructure. I spoke about this earlier in the year and the Digital Jersey Annual Review [YouTube, 24 minutes] and have pushed a similar message out to a number of different audiences since then.

When I talk about radical transparency, I don’t mean it as a vague slogan. I come from the tech side of things, so I interpret it to mean specific technological changes. This is the environment of what I have taken to calling “the glass bank” for short because it is an infrastructure of radical transparency. It is a platform for financial markets that exhibits ambient accountability using translucent transactions with trading built on reputation and regtech. This is an infrastructure that reduces the overall cost of the financial markets that sit on it, thus benefiting the economy as a whole. We finally have chance to build something that looks different to the vision of a bank shown above, so let’s not use all of our amazing new technologies just to simulate what he had back in 1956.

Transactions, hoards, stashes and exports

In 2016, cash was used for 44% of all consumer transactions in the UK. That was down from 50% the previous year and from 68% a decade earlier. Victoria Cleland, Chief Cashier at the Bank of England says that the value of notes “in circulation” has been increasing year on year for the past decade or so and that “we are still seeing growth in total demand for cash”. This seems puzzling, considering that this year the UK will see 13.4 billion debit card payments (of which a third will be contactless) but only 13.3 billion cash payments (according to PaymentsUK).

 Studio 34

Now, as it happens, Victoria and I were both guests on the BBC’s flagship personal finance programme Moneybox last month [you can listen to the show here]. We’d been invited to take part in a phone-in about the trend to the cashless society, along with Andrew Cregan (Head of Payments Policy at the British Retail Consortium). The topic had been triggered by the head of the Swedish central bank calling for a pause in Sweden’s rush to cashlessness. At the end, Victoria and I rather agreed on the need to have a strategic conversation about cash at the national level. The issue in Sweden is that cashlessness is just happening: it’s not part of a plan that addresses the issues associated with a cashless economy (eg, inclusion). In the UK, we can learn from this.

But back to the steady growth in notes “in circulation”. The trend growth of cash in circulation running ahead of GDP growth isn’t a UK phenomenon. The amount of cash “in circulation” around the world has gone from 7% of GDP in 2000 to 9% of GDP in 2016.  On the show, I couldn’t resist an oblique snark about what these notes being used for (ie, money laundering, tax evasion and so on) since they aren’t being used to buy things.

That’s right. Banknotes, statistically, not being used to buy things. Cash is no longer primarily a means of exchange. The latest figures from the Bundesbank show that nine out of every ten euro banknotes issued in Germany are never used in payments but hoarded at home and abroad as a store of value. Not “rarely”. Not “infrequently”. Never. The notes are not in circulation at all but are stuffed under mattresses.

Similarly, down under, the Reserve Bank of Australia (RBA) Bulletin for September 2017 notes that the value of notes “in circulation” has gone up 6% per annum for the past decade while the use for payments has collapsed (from two-thirds of consumers payments down to one-third) over the same period. It goes on to note that higher cash usage may be concentrated in “groups not included in the survey of consumers (who may well use cash more often than the average consumer)” as well as the shadow economy.

Aha. The shadow economy.

A couple of years ago I was at an event where Victoria said that only about a quarter of the cash the Bank puts into circulation is for “transactional purposes”. I wrote a comment piece on it for The Guardian at the time, so I thought it might be interesting to review and update my comments using the Bank of England’s four-way categorisation of the demand for cash, which is that cash is required for:

  1. Transactions. Here the trends are clear. Technology is a driver for change but that the impact is weak. In other words, new technology does reduce the amount of cash in circulation, but very slowly.

  2. Hoards. These are stores of money legally acquired but held outside of the banking system, like the 300 grand that Ken Dodd used to keep in his loft. If the amount of cash that is being hoarded has been growing then that would tend to indicate that people have lost confidence in formal financial services or are happy to have loss, theft and inflation eat away their store of value while forgoing the safety and security of bank deposits irrespective of the value of the interest paid.

  3. Stashes. These are stores of money illegally acquired or held outside the banking system to facilitate criminal behaviour. My personal feeling is that stashes have grown at the expense of hoards.

    In a fascinating paper by Prof. Charles Goodhart (London School of Economics) and Jonathan Ashworth (UK economist at Morgan Stanley), they note that the ratio of currency to GDP in the UK has been rising and argue that the rapid growth in the shadow economy has been a key cause. If you look at the detailed figures, you can see that there was a jump in cash held outside of banks around about the time of the crash, but as public confidence in the banks was restored fairly quickly and the impact of low interest rates on hoarding behaviour seems pretty marginal, there must be some other explanation as to why the amount of cash out there kept rising.

    Two rather obvious factors seemed to support the shape of the curve are the increase in VAT to 20% and the continuing rise in self-employment (this came up a couple of times in comments to that Guardian piece by the way), both of which serve to reinforce the contribution of cash to the shadow economy.

  4. Exports. The amount of cash that is being exported is hard to calculate, although the Bank itself does comment that the £50 note (which makes up a fifth of the cash out there by value) is “primarily demanded by foreign exchange wholesalers abroad”. I suppose some of this may be transactional use for tourists and business people coming to the UK, and I suppose some of it may be hoarded, but surely the strong suspicion must be that at lot of these notes are going into stashes.

If, as I strongly suspect, the amount of cash being stashed has been growing then the Bank of England is facilitating an increasing tax gap that the rest of us are having to pay for. Cash makes the government (i.e. us) considerably worse off. In summary, therefore, I think think that the Bank’s view on hoarding is generous and that it is the shadow economy fuelling the growth in cash “in circulation”. Hence my point that it is time for Bank of England to develop an active strategy to start reducing the amount of cash in circulation, starting with the abolition of the £50 note as well as the ending the production of 1p and 2p coins (almost half of which are never used in a transaction before being returned to the banking system or simply thrown away).

As it happens, the future of those coins and that note are the subject of a current HM Treasury “consultation”. I urge all you of sound mind to reply to the consultation and hasten their abolition here.

Identity at the sharp end

There’s a bit of a row going on about Twitter, Facebook, social media in general and bots. It’s a serious issue. Democracy was invented before bots and doesn’t seem to work terribly well in their presence, so in order to restore peace, low taxes and the tolerable administration of justice we need to do something about one or the other. Many people seem to think that we should do something about bots. The noted entrepreneur Mark Cuban, for example, caused some debate recently by saying that…

He’s wrong about the real name, because anyone familiar with the topic of “real” names knows perfectly well that they make online problems worse rather than better. He’s right about the real person though. Let me use a specific and prosaic example to explain why this is and to suggest a much better solution to the bot problem. The example is internet dating, a topic on which I am a media commentator. Or at least I was once. 

A few years ago, I appeared on a programme about internet dating on one of the more obscure satellite TV channels. They wanted an “internet expert” to comment on the topic and since no-one else would do it, eventually the TV company called me. I agreed immediately and set off for, if memory serves, somewhere off the M4 in West London. The show turned out to be pretty interesting. I didn’t have much to say (I was there to comment on internet security, which no-one really cares about), and I can’t remember much of what was said, but I do remember very clearly that the psychologist at the heart of the show made a couple of predictions. While interviewing a couple who had met online, she said (and I am paraphrasing greatly through the imperfect prism of my memory) that in the future people would think that choosing a partner when drunk in bar is the most ludicrous way of finding a soulmate, and that internet dating was a better mechanism for selecting partners for life. Now it seems that this prediction is being confirmed by the data, as the MIT Technology Review reports that “marriages created in a society with online dating tend to be stronger”.

The psychologist’s other prediction was that internet dating gave women a much wider range of potential mates to choose from and allowed them to review them in more detail before developing relationships. Of course, internet dating also increases the size of the pool for men, but think that her thesis was that men don’t seem to make as much use of this as women do. Anyway, the general point about the wider pool now seems to be showing up in the data, assuming that interracial marriages are a reasonable proxy for the pool size. When researchers from the National Academy of Sciences looked at statistics from 1967 to 2013, they found “spikes” in interracial marriages that coincided with the launch of online matchmaking sites.

Why am I telling you all this? Well, it’s to make the point is that internet dating is mainstream and that is it having a measurable impact on society. This is why it is such a good use case at the sharp end of digital identity. It is rife with fraud, it is a test case for issues around anonymity and pseudonymity, it is a mass market for identity providers and it is a better test of scale for an identity solution than logging on to do taxes once every year. Now, I am not the only person who thinks this and there are already companies exploring solutions. And you can see why they want to: online dating is a huge business. A third of the top 15 iOS apps (by revenue) were dating apps.

So. How to bring the benefits of digital identity to this world. One way not to do it is that Mark Cuban way of demanding “real” names. Last year, the dating platform OKCupid announced it would ask users go by their real names when using its service (the idea was to control harassment and promote community on the platform) but after something of a backlash from the users, they had to relent. Why on Earth would you want people to know your “real” name? That should be for you to disclose when you want to and to whom you want to. If fact the necessity to present a real name will actually prevent transactions from taking place at all, because the transaction enabler isn’t names, it’s reputations. And pretty basic reputations at that. Just knowing that the apple of your eye is a real person is probably the most important element of the reputational calculus central to online introductions, but after that? Your name? Your social media footprint? (Look at the approach of “Blue”, a dating service for Twitter-verified-users-only.)

I don’t think this is a solution, because if I were to be on an internet dating site, I would want the choice of whether to share my name, or Twitter identity, or anything else with a potential partner. I certainly would not want to log in with my “real” name or anything information that might identify me. In fact, this is an interesting example of a market that does not need “real” names at all. “Real” names don’t fix any problem. Your “real” name is not an identifier, it is just an attribute and it’s only one of elements that would need to be collected to ascertain the identity of the corresponding real-world legal entity anyway. Frankly, presenting “real” names will actually make identity problems worse rather than better since the real name is essentially nobody’s business and is not necessary in order to engage in the kinds of transactions that are being discussed here. Forcing the use of real names will mean harassment, abuse and perhaps even worse.

What internet dating needs, and what will solve Mark Cuban’s social media problem as well, is the ability to determine whether you are a person or a bot (remember, in the famous case of the Ashley Madison hack, it turned out that almost all of the women on the site were actually bots). On Twitter it’s not quite that bad yet, because there are still many people posting there, but with bot networks of 500,000 machines tweeting and re-tweeting it is not in good shape. The way forward is surely not for Twitter to try and figure out who is a bot and whether they should be banned (after all, there are plenty of good bots out there) but Twitter to give customers the choice. Why can’t I tell Twitter that I don’t want bot followers, that I want a warning if an account I follow is a bot, that I don’t want to see posts that originated from bots that I don’t follow and so on. Just as with internet dating, the problem is not real names but real people.

Now, working out whether I am a person or not is a difficult problem if you are going to go by reverse Turing tests or Captchas. It’s much easier to ask someone else who already knows whether I’m a bot or not. My bank, for example. So, when I go to sign up for internet dating site, then instead of the dating site trying to work out whether I’m real or not, the dating site can bounce me to my bank (where I can be strongly authenticated using existing infrastructure) and then the bank can send back a token that says “yes this person is real and one of my customers”. It won’t say which customer, of course, because that’s none of the dating site’s business and when the dating site gets hacked it won’t have any customer names or addresses: only tokens. This resolves the Cuban paradox: now you can set your preferences against bots if you want to, but the identity of individuals is protected.

One of my acid tests of whether a digital identity infrastructure is fit for the modern world is whether it can offer this kind of strong pseudonymity (that is, pseudonyms capable of supporting reputations). If we can construct an infrastructure that works for the world of internet dating, then it can work for cryptocurrency, cars, children and all sorts of other things we want to manage securely in our new always-on environment. We have to fix this problem, and soon, because in the connected world, if you don’t know who IS_A_PERSON and who IS_A_DOG and who is neither, you cannot interact online in a functional way.

Germany is an outlier

The G4S World Cash Report came out and I was e-leafing through it when it struck me once again just how much Germany is an outlier when it comes to retail payments. The average German wallet contains 103 physical euros, the European Central Bank (ECB) estimated last year, more than three times the figure in France. Bloomberg says that cash is used in 80% of German point-of-sale (POS) transactions, compared with only 45 percent—and falling fast—next door in the Netherlands. I think they must mean 80% by value because the FT says that 48% of retail transactions are in cash (down from 58% a decade ago).

Perhaps it is that Germans are just naturally conservative people. The Roman historian Tacitus (55-117CE) wrote in his history “Germany and its Tribes” that the barbarian inhabitants of that land had traditionally exchanged weapons, slaves, cattle, women and such like to settle up between themselves but that the Romans had introduced them to money. Having changed their medium of exchange once in the last two millennia, perhaps they just don’t want more change for change’s sake. Or perhaps there is another explanation. The use of cash in retail is falling slowly and we all know that Germans prefer to keep some of their money as cash at home rather than in the bank, maybe much of the cash “in circulation” there just isn’t.

Given the suspicion that much of the cash in Germany is stuffed under mattresses rather than circulation in the economy, it was still rather surprising to hear from the Bundesbank that nine in ten of the euro banknotes that they are are never used in transactions. That’s right: nine in ten. Approximately all of the cash printed in Germany is never used. Not rarely, not occasionally, but never. So this led me wonder whether this huge volume of never used banknotes are in “hoards” (that is, legitimate money held outside of the banking system) or in “stashes” (that is, illegitimate money held outside of the banking system). Can it really be that the German predilection for holding some of their money in the form of cash account for these billions of euros in inert paper money?

Well, because of the current unusual circumstances with respect to interest rates and so forth, it’s certainly a plausible hypothesis. The European Central Bank (ECB) interest rate for bank deposits is currently minus 0.4%. Conventional economic theory would predict that at a minus rate, depositors would prefer to hold cash rather than pay the banking system to look after their money for them.

(One of the reasons why economists are interested in getting rid of cash is in order to allow the interest rates to go further into negative territory in order to stimulate economic activity over hoarding.)

Now, it clearly costs something to manage cash over and above the cost of managing an electronic deposit hence it is interesting to speculate what the German “crossover” negative interest rate might be, the modern version of the old “specie point” at which it was cheaper to hold bullion for monetary purposes rather than paper instruments.

The current negative interest rate cost German banks about a quarter of a billion euros per annum. The Bavarian Savings Bank Association sent around a circular to their members some time ago setting out their calculation of the crossover rate, which they calculated as something like -0.2%, or half of the current negative rate. However, as I wrote at the time, this isn’t really a serious calculation because, as it says at the end, it doesn’t take into account the significant costs of cash in transit (CIT) or the additional security expenditure that would be needed to guard cash hoards. But it does make a fun point, at least to me, which is that the existence of the €500 notes has an impact on that crossover rate. Now that the ECB has decided stop printing the 500s, banks will have to store masses of 200s, so the cost of storage and transport will be higher (which, in turn, will put a premium on the 500s in circulation so that they will trade above par). Just as an indication, two billion euros in 200 euro notes weighs about 11 tonnes.

While that calculation may not be complete, it does make the interesting point that although we have passed the crossover point already, no banks have to date decided to store their squillions under the mattress rather than leave them on deposit. It seems to me therefore that Bavarian estimates must be too low and that the costs of transport, security, insurance and so on are actually quite high, so the ECB will be able to push interest rates further negative before it gets close to a genuine crossover point that would see banks investing in larger mattresses.

Trading and hard currencies

Talking about central banks and digital / crypto / virtual (* delete where applicable) currency, I was interested to read (in the Russia Today Business News) of an initiative to create a joint digital currency for BRIC countries and the Eurasian Economic Union (EEU) that has been proposed by the Central Bank of Russia, according to its First Deputy Governor Olga Skorobogatova. She is reported as saying that “The introduction of a national digital currency seems to us not entirely justified from the point of view of macroeconomics” (presumably because as Russia is still quite cash-intensive the costs might not be justified and the benefits too concentrated). I can see why the alternative suggestion of a cross-border digital currency set up between trading partners would have much wider benefits.

This is not a new idea. As I discussed in my book “Before Babylon, Beyond Bitcoin“, some years ago the then-Chancellor John Major proposed a similar concept as an alternative to the euro which at the time was labelled the hard ECU (and ignored). The hard ECU would have circulated alongside existing national currencies. It would be used by businesses and tourists. It would never exist in physical form but still be legal tender (put to one side what that actually means) in all EU member states. Thus, businesses could keep accounts in hard ECUs and trade them cross-border with minimal transaction costs, tourists could have hard ECU payment cards that they could use through the Union and so on. But each state would continue with its own national currency — you would still be able to use Sterling notes and coins and Sterling-denominated cheques and cards — and the cost of replacing them would have been saved.

Thus, businesses could keep accounts in hard ECUs and trade them cross-border with minimal transaction costs, tourists could have hard ECU payment cards that they could use through the Union and so on. But each state would continue with its own national currency — you would still be able to use Sterling notes and coins and Sterling-denominated cards — and the cost of replacing them would have been saved.

(As an aside, it wasn’t John Major’s idea. It had it’s origin a few year before in a 1983 report of the European Parliament on the European Monetary System, the EMS. The proposal was supported at the time across the political and national groups in the parliament.)

The idea of an electronic currency union to facilitate international trade has new resonance. While Bitcoin captures the media attention, there are a great many other possibilities: new community currencies, brand-based plays, commodity baskets and goodness knows what else. All of these make it an exciting time to be in the electronic money business, but they also make it unpredictable, which is why it is fun. As I say in the book, we’re not looking at a world in which some kind of new global currency takes over, but a world in which a great many communities choose the currencies that are most efficient for themselves. At it happens, one of those communities could be the European Community! Noted political theorist Marine le Pen herself has said that she could see the EU setting up another currency “like the ECU”. I’m sympathetic, obviously, because the idea of restoring the Franc while simultaneously creating a new pan-European currency makes economic sense.

If anything, however, Ms. le Pen’s proposal is not really that radical. Why have nation-state control over money at all? Why not allow regions to have their own currencies? Why not use Normandy Money? Why not have pan-national currencies? Or Islamic e-Dinars? I’m on the same page as “The Futurist Magazine” here. In September 2012, as part of a compilation of pieces about life in 2100, they said that it is quite likely that we will still have money in 2100, but it may not be issued solely by nation states. I couldn’t agree more.

Madame First Deputy Governor Skorobogatova is, incidentally, far from alone in wondering about new digital currencies at this level. Christine Lagarde, head of the International Monetary Fund (IMF), gave a talk on “Central Banking and Fintech” in September last year in which she said that digital currencies (of the kind proposed by Madame Deputy First Governor) could actually become more stable than fiat currencies. She says that they could be issued against “a stable basket of currencies” ( a hard SDR?) but I would extend that suggestion to a token based on a basket of commodities (or, indeed, a mixture of both) or some other “root” with long-term stability.

It’s one thing to have crackpot technologists such as me talking about augmenting and perhaps even replacing national currencies, but when people who are actually in charge of money start speculating about the same, then you do have to suspect that some things are about to change.

The token Saga

As I explained to the Financial Services Club in London recently, I have a theory that while Bitcoin isn’t the future of money, tokens might well be. In case you are interested, here’s the deck I presented to them: it’s in three parts, first of all a high-level explanation of what tokens are, then a discussion about using tokens to implement money and finally a model to help facilitate discussion around these topics.

 

Of course, I’m not the only one who thinks that the financial services mainstream should be developing their token strategies. At Money2020 Asia in Singapore I had the privilege of interviewing Jonathan Larsen, Corporate Venture Capital Manager at Ping An and CEO of their Global Voyager Fund (which has a $billion or so under management). Jonathan has already forgotten more than I will ever know about financial markets and as he is also Chief Innovation Officer at Ping An (and a very nice guy too), I take his views very seriously. When I put to him that the tokenisation of assets will be a revolution, he said that “tokenisation is a really massive trend… a much bigger story than cryptocurrencies, initial coin offerings (ICOs), and even blockchain”.

Dave Birch and Jonathan Larsen

 

Photo courtesy of Fintechcowboys.cz

He went on to say that he had no doubt about the potential for tokenisation to “reduce friction across every asset class and to create fractionalization of assets where it does not exist today”. In fact, and I paraphrase only slightly here, he said that when the token market is properly regulated and the technology is stable then everything will be tokenised.

Wow.

Why do people like Jonathan (as opposed to techno-deterministic utopians such as myself) think that tokens are such a big deal? I think it’s because tokens are the first viable implementation of the 1990s dream of digital bearer instruments with the “code is law” (sort of) management infrastructure. They allow for the exchange of assets in an auto-DvP (delivery versus payment) mode with no clearing or settlement which means for efficient, liquid markets.

Now, one of the first steps towards a regulated token market has come the Swiss regulators (who are important because of the Zug “crypto valley” that has become the home of many token plays). The regulator there, FINMA, has developed an approach based on the underlying purpose of the tokens that are created. FINMA categorises tokens into three types: Payment tokens (ie, money), Utility tokens (tokens which are intended to provide digital access to an application or service) and Asset tokens (which represent assets such as stakes in companies or an entitlement to dividends). Of course, hybrid forms are possible and in practice there are likely to be a few different configurations. One good way to think about this, I think, is to think in terms of combinations of these token types as a means to implement the “digital bearer instrument” (DBI) that has long been seen as the basis of the post-internet, post-crypto financial marketplace.

DBI Schema

 

 

This is a realistic vision of the future. DBIs as a synthetic instrument comprising regulated tokens, DBI trading that operates without clearing and settlement on shared ledgers and shared ledgers with ambient accountability to create marketplaces that are not only more efficient but better for society as a whole. I touched on this in my talk at the FS Club but then went on to focus on the specific implications for digital money, as it is interesting to speculate what digital money created this way might look like.

We might, for example, imagine that for tokens to be used as money in the mass market they should be much less volatile than cryptocurrencies have been to date. Hence the notion of “stablecoins” that are linked to something off-ledger. An example of this category is the “Saga” coin (SGA). SGA has some pretty heavyweight backers, including Jacob Frenkel, chairman of JPMorgan Chase International, Nobel prize winner Myron Scholes and Emin Gün Sirer, co-director at the Initiative for Cryptocurrencies and Smart Contracts at Cornell University, so it deserves a look. This is a non-anonymous payment token that is backed by a variable fractional reserve anchored in the IMF’s special drawing right (SDR) basket of currencies which, as the FT pointed out, is heavily weighted in US dollars. These reserves will be deposited with regulated banks through algorithms in the underlying smart contract system.

It seems to me that initiatives such as Saga are more representative of the future of money than cryptocurrencies such as Bitcoin, but even they represent only part of the spectrum of possibilities that will extend across many forms of tokens. As I wrote last year, in “Bitcoin isn’t the future of money, but tokens might well be”, tokens won’t only be issued by companies, of course. It seems to me that tokens that implement the values of communities (and, because they are “smart”, can enforce them) may come to dominate the transactional space (think of the Islamic e-Dinar and the London Groat). 

Brazil? Ah, I get it…

I was as alarmed as I am sure all of you were to read a story in Computing telling how EMV cards could be cloned with malware. Now, as you might imagine, were this to be true it would be a matter of the highest priority in the world of card issuers. If EMV cards could be cloned (spoiler alert: they can’t) then the whole world of payment cards would collapse. Since my I spend some of my time in that world, yet hadn’t heard anything about this catastrophic turn of events, I was naturally curious as to the accuracy of the report. Delving further into the “news” story, I found the interesting qualification that the fake cards work “on virtually any Brazilian POS system”.

Brazilian POS systems? What? Ah, wait… Now I know that they are talking about. Sadly, this yonks old hack won’t work in most places any more. But it does work in a few remaining places, and Brazil is one of them. Why? Well because Latin America, an early adopter of EMV, is still heavily reliant on “static data authentication chips”, which allow the criminals exploiting them to create usable new chip cards with the data that they can extract.

Thus problem isn’t that “EMV cards” can be cloned. They can’t. The problem is the use of Static Data Authentication (SDA) in EMV. We all knew about this many years ago. In fact, although lots of people knew about this, at the time we thought it would have been irresponsible to blog about it, so I put it to one side until stimulated by an enquiry from Brazil, I finally wrote about it back in 2014, explaining in detail what the problem was, how it was fixed and why it was no longer a worry.

So, no need to panic. Having put your mind at rest (unless you are a Brazilian card issuer, in which case my colleagues at Consult Hyperion stand ready to answer your call) I cannot resist re-telling the story that explains what the “malware” does…

Many years ago, when my colleague at Consult Hyperion were testing SDA cards in the UK, we used to make our own EMV cards. To do this, we essentially we took valid card data and loaded it onto our own Java cards. These are what we in the business call “white plastic”, because they are a white plastic card with a chip on it but otherwise completely blank. Since our white plastic do-it-yourself EMV cards could not generate the correct cryptogram (because you can’t get the necessary key out of the chip on the real card, which is why you can’t make clones of EMV cards), we just set the cryptogram value to be “SDA ANTICS” or whatever (in hex). This is what the criminals referred to in the story are doing. Now, if the card issuer is checking the cryptograms properly, they will spot the invalid cryptogram and reject the transaction. But if they are not checking the cryptograms, then the transaction will go through.

Untitled

You might call these cards pseudo-clones. They act like clones in that they work correctly in the terminals, but they are not real clones because they don’t have the right keys inside them. Naturally, if you make one of these pseudo-clones, you don’t want to be bothered with PIN management so you make it into what is called a “yes card” – instead of programming the chip to check that the correct PIN is entered, you programme it to respond “yes” to whatever PIN is entered.

We used these pseudo-clone cards in a number of shops in Guildford as part of our testing processes to make sure that issuers were checking the cryptograms properly. Not once did any of the Guildford shopkeepers bat an eyelid about us putting these strange blank white cards into their terminals. But I heard a different story from a Brazilian contact. He discovered that a Brazilian bank was issuing SDA cards and he wanted to find out whether the bank was actually checking cryptograms properly (they weren’t). In order to determine this he made a white plastic pseudo-clone card and went into a shop to try it out.

Untitled

When he put the completely white card into the terminal, the Brazilian shopkeeper stopped him and asked him what he was doing and what this completely blank white card was, clearly suspecting some misbehaviour.

The guy, thinking quickly, told him that it was one of the new Apple credit cards!

Cool” said the shopkeeper, “How can I get one?”.