Digital identity cards, not digitised identity cards

You all know who Marshall McLuhan was, right? And that he predicted not only the internet but its impact on society

Born in Canada in 1911, McLuhan studied at the University of Manitoba and University of Cambridge before becoming a lecturer at the University of Toronto. He rose to prominence in the 1960s for his work as a media theorist and for coining the term “global village”, which was a prescient vision of the internet age.

Half a century ago, he said of the networked world he predicted that “In the new electric world, where everybody is involved with everybody, where everybody is involved in complex processes, the old identity cards, the old means of finding out who am I, will not work”. I wish that more people would take this on board, give up trying to digitise the old identity systems and start building the new digital identity system we need.

Here’s an example. I notice (via my friends at One World Identity) that the Australian state of New South Wales is soon to provide citizens with “digital driver’s licenses, stored on a user’s smartphone, allowing them to ditch their physical ID card”. I read that article and it seems to me that these aren’t digital driver’s licenses or anything like them. They are digitised driver’s licences, nothing more than virtual shadows of their mundane progenitors. They have no functionality beyond their heritage in industrial age bureaucracy and provide absolutely nothing new to the new economy.

We need digital identity, not digitised identity, a point I intend to make loud and clear in Washington on 26th and 27th March, where I will be chairing the 2nd KnowID conference. And I’ll be talking about McLuhan, because McLuhan had this notion of identity as smeared across entities, depending on the relationships and interactions between identities (what Ian Grigg calls “edge” identity). If this is indeed the correct vision for post-industrial online identity (and since he was right about most other things, I’m certainly not going to call McLuhan out on this one) then what would it mean for the driving licence?

Well, I (and others) have long argued that shifting to an infrastructure where transactions are between virtual identities and enabled by credentials is the way forward. Hence the right way to see a driving licence is as a bundle of credentials. How would we use those credentials? To make claims that we need in order to enable the transactions. In Phil Windley’s “Self-Sovereign Identity and the Legitimacy of Permissioned Ledgers” he says, if I interpret him correctly, that a claim is the process of providing a credential and authenticating its use in order to obtain authorisation. I like the “claims are processes” way of thinking and it seems like a reasonable working definition, so let’s move forward with that, using my favourite Three Domain Identity (3DID) as the framework.

 The Three Domain Identity (3DID) Model

The attributes that are needed in the Authorisation Domain might be very varied, but for sake of the discussion, let’s assume that in the case of the driving licence there are three claims that should be supported:

  • A policeperson might need to know who you are.

  • A car rental company might need to know that you are allowed to drive.

  • A bar might need to know that you are over 18.

Now the digitised driving licence doesn’t know who is asking, what they are asking for, or whether they are allowed to ask for it. So it shows everybody everything and (in the general case) they have no idea whether any of the claims are true or not. But a digital driver’s licence could know all of these things. So when the policeperson asks your digital driving licence who you are, your digital driving licence can check the digital signature of the request and the authorisations that come with them. The digital driving licence knows that the bar can ask if you are over 18, but not who you are because it’s none of their business – although the licence may return a service provider-specific meaningless but unique number (MBUN) that the bar can use for loyalty (and barring). I cannot stress just how much of a new idea this is not. A decade ago John Elliot, Neil McEvoy and I wrote a chapter called “This Is Not Your Father’s ID Card” for the book “Digital Identity Management”. In it, we said that:

Because computers, biometrics and digital signatures can work together to disclose facts about someone without disclosing their full identity. Your ID card could, for example, send a message to a machine confirming that you are over 18 without disclosing who you are or what your citizen number is.

I’m sure we were not the only people to have realised this. The problem then, and now, is that the people in charge of identity cards, and driving licences, and passports and all of the other identity infrastructure, still see these documents only as dumb emulations of paper and not as what they are: nodes in an identity network. They are nodes and our identities, to go with Ian’s formulation, are the edges between them.

All very well, I can hear you saying. All very nice in theory. But what about deployment? How would will you connect up all of the bars and car rental counters and police cars and so on. What would the person in the bar use to interrogate your digital driving licence? Well, their digital driving licence of course! Surely one of the defining characteristics of the digital age driving licence that has a computer in it and is now a node is that… it can talk to other driving licences. There is a beautiful symmetry to this: no digital driving licence is different from any other digital driving licence, nor privileged above any other digital driving licence. No need to for custom equipment. Every has the same digital driving licence – you, the cop, the barman – but these licenses are loaded with different claims.

So this is how Phil Windley’s claims work in practice then: I want to get a drink so in the Authorisation Domain the barman sets his digital driving licence (a smartphone app) to request a claim for IS_OVER_18 and then via NFC, Bluetooth or QR code interrogates my digital driving licence (a smartphone app). My smartphone app sees that his request is signed by a valid licensing authority and has not expired and checks what credentials it has to hand. It discovers two virtual identities containing the relevant IS_OVER_18 attribute: one from the Driving License Authority and from my car insurance company. It selects the first one and sends it to the barman’s app.

(The virtual identity contains a unique identifier, a public key, a number of attributes and a digital signature.)

The barman’s app checks the signature and recognises that it is valid. Since the barman is using his smart driving licence app it either stores or has access to the public keys of the driving licence authorities, car insurance companies, car rental companies and so on. My smart travel app would have similar information for airlines and car rental companies, hotel companies an so on. The barman’s driving licences sends back a message encrypted using the public key. My app can decode this, because it has the corresponding private key, so in the Authentication Domain it asks for me to authenticate myself. I use my fingerprint or PIN or whatever and the app decodes the message. Then it replies to the barman’s app. The barman’s app now knows that I have the corresponding private key and thus it can accept that IS_OVER_18 applies to me.

The claim as process – I want to see a virtual identity that contains a credential that includes this attribute / here is a suitable credential / OK, so prove it is yours / here you go, I decoded your message / Thanks, now I’m happy to serve you – delivers both security and privacy and shows that we use digital identity to create an infrastructure that goes far beyond emulating our broken physical industrial age identity system to provide something so much better,

It’s time to move on from the cardboard age to the communication age, and I hope that you’ll join me at KnowID to discuss all of that latest developments in the digital identity space and to formulate practical strategies for making the long-overdue change to digital identity in the mass market, whether centralised, decentralised, federated or whatever else might work. 

The first ICO, or “unstable coin” as it might well have been called

In her excellent book Stuff and Money in the Time of the French Revolution, Rebecca Spang cautions against using the story of the attempted reinvention of money following the French Revolution as part of a superficial “transition to capitalism” narrative, but as a non-historian it did seem to me that there is something for today in comparing the evolution of money in industrialising Britain and the evolution of money in revolutionary France. To me, it is a contrast between British mercantile pragmatism to exploit bottom-up innovation with French idealism and top-down change, which is why I included a discussion of the assignats in my book “Before Babylon, Beyond Bitcoin”. All of which explains why I was intrigued by Tuur Demeester’s reference to assignats as the “first ICO”.


Now, in this context, I would probably have awarded the title of first ICO to John Law’s notorious Banque Royal (see “The Mississippi Bubble) but Tuur makes in interesting point which is worth reflection. How did the assignats come about?

In pre-revolutionary France it was the monarch’s prerogative to set the exchange rate between the money of account (livre) and the money of reckoning (the coins, such as the ecus). Rebecca notes that in the last 26 years of Louis XIV’s reign, this exchange rate changed 43 times! There was actually very little of this money out in the real economy because pre-revolutionary France was, as pre-industrial England had been, a reputation economy. The great majority of the population engaged in commercial activities with well-known and trusted counterparties. Buying and selling was done “on tick” as people maintained a web of credit relationships for periodic reckoning.

In an economy based on trust and once that trust fails (or fails to scale), the substitute of money is required to oil the wheels of commerce. This is exactly what happened in France where after the revolutio, a lack of trust in the state quickly became a shortage of credit in the marketplace and therefore an immediate demand for a circulating medium of exchange.

But from where? France did not have a central bank along the lines of the Bank of England, so one of the first acts of the new revolutionary government was to take over Church lands and use them as security to issue interest-bearing bonds with the redemption in portion of the land itself. Were the blockchain available to them, I am certain that Robespierre and the other would have certainly gone down the Venezuelan route and gone with an ERC-20 token in an ICO, but they were restricted to the technology of the time and thus the paper assignats were created.

They didn’t last that long. The interest and redemption were soon abandoned and the notes, the assignats, simply became state-issued inconvertible fiduciary notes. There followed what Professor Glynn Davies called in his magisterial History of Money from Ancient Times to the Present Day “the usual consequences”: inflation, dual-pricing (with note payers forced to give more than coin payers), hoarding and (Gresham’s Law again) the practical disappearance of coins as capital fled across international borders. By October 1795, 100 Franc assignats could be traded for only 15 sous in coin and the Paris riots of the time opened the door for Napoleon. It wasn’t until the Bank of France was founded in 1800 that the nation at last enjoyed the same kind of public institution that England, Holland and Sweden had had for more than a century.

There seems to me a useful comparison to made between those revolutionary times and ours. If we expect the state to come up with some grand plan to reinvent a money de nos jours, we run the risk of it going hopelessly wrong. If we leave a regulatory space for the merchants to play in, they may well come up a better idea.

Why am I so interested in these long-gone Latin precursors of the Euro? Well, Rebecca notes that when the assignats wentinto circulation, people treated the new paper currency as the bills of exchange that they were familiar with. They did not value the anonymity of the notes at all. In fact, they signed them as they passed them around. Who had used a note attested to its validity and the identity of the previous holders gave the notes value! A note signed by a trustworthy person such as Joanna Lumley or Sergio Aquero would be worth more than one signed by me, for example. For the citizens, fungibility was not all that.

Or, to look at it from a modern perspective, the new money was identity.

Show me the money

In 2016, the latest year for which information is available, cash was used for 44% of all consumer transactions in the UK. That was down from 50% the previous year and from 68% a decade earlier. Victoria Cleland, Chief Cashier at the Bank of England says that the value of notes “in circulation” has been increasing year on year for the past decade or so and that “we are still seeing growth in total demand for cash.”

What on Earth are these notes being used for if they aren’t being used to buy things? This isn’t a UK problem. The latest figures from the Bundesbank show that nine out of every ten euro banknotes issued in Germany are never used in payments but hoarded at home and abroad as a store of value, the Bundesbank has found. Not “rarely”. Not “infrequently”. Never. The notes are not in circulation at all but are stuffed under mattresses.

Down under, the Reserve Bank of Australia (RBA) Bulletin for September 2017 notes that the value of notes “in circulation” has gone up 6% per annum for the past decade while the use of has collapsed (from two-thirds of consumers payments down to one-third) over the same period. It goes on to note that higher cash usage may be concentrated in groups not included in the survey of consumers (who may well use cash more often than the average consumer) as well as the shadow economy.

Aha. The shadow economy.

A couple of years ago I was at an event where the Chief Cashier said that only about a quarter of the cash the Bank put’s into circulation is for “transactional purposes” (i.e., used). They have a richer categorisation than the Bundesbank for the rest of it, saying that it is either shipped overseas (i.e., exported), kept outside of the banking system (i.e., hoarded) or used to support the shadow economy (i.e., stashed).

Aha. Stashed.

I wrote a comment piece on this for The Guardian, looking at what the key drivers in each of them might be. The first, cash that is used, is easy. We know that the driver is technology but that the impact is weak. In other words, new technology does reduce the amount of cash in circulation, but very slowly.  Moving on to the next category, I know it’s a rather simplistic analysis, but if the amount of cash that is being hoarded has been growing then that would tend to indicate that people have lost confidence in formal financial services or are happy to have loss, theft and inflation eat away their store of value while forgoing the safety and security of bank deposits irrespective of the value of the interest paid. If, on the other hand the amount of cash that is being stashed has been growing then the Bank of England is facilitating an increasing tax gap that the rest of us are having to pay for. In this context cash is a mechanism for greatly reducing the cost of criminality while it remains a penalty on the poor who have to shoulder an unfair proportion of the cost of cash. In this case, we should expect to see a strategy to change this obviously suboptimal element of policy.

The amount of cash that is being exported is hard to calculate, although the Bank itself does comment that the £50 note (which makes up a fifth of the cash out there by value) is “primarily demanded by foreign exchange wholesalers abroad”. I suppose some of this may be transactional use for tourists and business people coming to the UK, and I suppose some of it may be hoarded, but surely the strong suspicion must be that these notes are going into stashes. Note “primarily”. 

My personal feeling is that stashes have grown at the expense of hoards. In a fascinating paper by Prof. Charles Goodhart (London School of Economics) and Jonathan Ashworth (UK economist at Morgan Stanley), they note that the ratio of currency to GDP in the UK has been rising and argue that the rapid growth in the shadow economy has been a key cause. If you look at the detailed figures, you can see that there was a jump in cash held outside of banks around about the time of the Northern Rock affair, but as public confidence in the banks was restored fairly quickly and the impact of low interest rates on hoarding behaviour seems pretty marginal, there must be some other explanation as to why the amount of cash out there kept rising. Two rather obvious factors that do seem to support the shape of the curve are the increase in VAT to 20% and the continuing rise in self-employment (this came up a couple of times in comments to The Guardian piece), both of which serve to reinforce the contribution of cash to the shadow economy.

There are a awful lot of people not paying tax and simple calculations will show that the tax gap that can be attributed to cash is vastly greater than the seigniorage earned by the Bank on the note issue. Cash makes the government (i.e. us) considerably worse off. In summary, I think think the Bank’s view on hoarding is generous and that it is the shadow economy fuelling the growth in cash “in circulation”. There’s something wrong about this, especially when we know that the cost of cash falls unfairly on the poor. It is time for Bank of England to develop an active strategy to start reducing the amount of cash in circulation, beginning with £50 notes.

China’s eight centuries of experiment with paper money is coming to a close

The Chinese were first with the great transition from commodity money to paper money. They had the necessary technologies (you can’t have paper money without paper and you can’t do it at scale without printing) and, more importantly, they had the bureaucracy. In 1260, the new Emporer Kublai Khan  determined that it was a burden on commerce and drag on taxation to have all sorts of currencies in use, ranging from copper coins to iron bars, to pearls to salt to gold and silver, so he decided to implement a new currency. The Khan decided to replace metal, commodities, precious jewels and specie with a paper currency. A paper currency! Imagine how crazy that must have sounded! Replacing actual stuff with apparently worthless paper! It’ll never work!

Crazy or not, it worked and just as Marco Polo and other medieval travellers returned along the Silk Road breathless with astonishing tales of paper money, so modern commentators (e.g., me) are tumbling off of flights from Shanghai with equally astonishing tales of a land of mobile payments, where paper money is vanishing and consumers pay for everything with smartphones. China is well on the way to becoming a cashless society, with the end of paper money in sight. Something like one-seventh of China’s population relies on mobile payments to get around, carrying no cash, according to a survey conducted by Renmin University of China. The natural step from there is to create digital currency so that settlement is in central bank money and there are no credit risks.

This thinking has been evolving for some time. Back in 2016, the Governor of the People’s Bank of China (PBOC), Zhou Xiaochuan, set out the Bank’s thinking about digital currency, saying that it is an irresistible trend that paper money will be replaced by new products and new technologies. He went on to say that as a legal tender, digital currency should be controlled by the central bank and after noting that he thought it would take a decade or so for digital currency to completely replace cash in China, he went to state clearly that the bank was working out “how to gradually phase out paper money”. Rather than simply let the cashless society happen, which may not led to the optimum implementation for society, they were developing a plan for a cashless society.

As I have written before, I don’t think a “cashless society” means a society in which notes and coins are outlawed, but a society in which they are irrelevant. Under this definition the PBOC could easily achieve this goal for China. But should they do this? Yao Qian, from the PBOC technology department wrote on the subject in 2017, saying that to “offset the shock” to commercial banks that would come from introducing an independent digital currency system (and to protect the investment made by commercial banks on infrastructure), it would be possible to “incorporate digital currency wallet attributes into the existing commercial bank account system” so that electronic currency and digital currency are managed under the same account.

This rationale is clear and, well, rational. The Chinese central bank wants the efficiencies that come from having a digital currency but also understands the implications of removing the exorbitant privilege of money creation from the commercial banks. If the commercial banks cannot create money by creating credit, then they can only provide loans from their deposits. Imagine if Bitcoin were the only currency in the world: I’d still need to borrow a few of them to buy a new car, but since Barclays can’t create Bitcoins they can only lend me Bitcoins that they have taken in deposit from other people. Fair enough. But here, as in so many other things, China is a window into the future, because Alipay, WeChat Wallet and other Chinese third party payment platforms use financial incentives to encourage users to take money out of their bank accounts and store it on their platforms. If commercial banks cannot fund loans from deposits, we are in a new place, economically speaking.

Thus you can see the potential problem with digital currency created by the central bank, even if it is now technologically feasible for them to do so. If commercial banks lose both deposits and the privilege of creating money, then their functionality and role in the economy is much reduced. Whether you think that is a good idea or not, you can see that it’s a big step to take. Hence the PBOC position, reinforced at the beginning of this year by Fan Yifei, Deputy Governor of the People’s Bank of China writing that the PBOC digital currency should adopt a “double-tier delivery system”.

Following this line of thinking, then, the PBOC is saying that it is not going to issue cryptocurrency and that it is not going to issue digital currency either (at least in the foreseeable future). But what they might do is to allow commercial banks to distribute digital currency under central bank control (this what they mean by “double tier”. You could have the central bank provide commercial banks with some sort of tamper-resistant smart chip or cryptographic permission that would create digital commercial bank money under the control of the central bank. (This, by the way, is exactly what was attempted a generation ago with the Mondex electronic cash system.)

(Note that this is entirely removed from the issue of whether to use shared ledger technology to manage the money in circulation. I’m open minded about this. I can certainly see how a system in which POS terminals were nodes in a shared ledger, thus obviating the need for a central system — that could, and does, go down — might be rather attractive but whether the resilience would be worth the expense of moving away from current solutions remains to be established.)

Not also that there is no implication in any of the PBOC’s comments that they will be issuing digital cash. Would any central bank go for this? Some form of digital cash that can be passed directly from person to person like Bitcoin rather than some form of digital money like M-PESA, using hardware rather than proof-of-work to prevent double spending? Well… yes. In fact the Uruguayan central bank has said it will test precisely this approach, having digital cash in the mobile phones pass person-to-person directly between the devices. This is not, I am sure, what the PBOC has in mind. On the contrary, the want to see every transaction, and consistent position adumbrated by last year’s decision to make mobile payment companies route transactions through a central switch.

Shanghai bw  1

I’m fascinated by China’s long experiment with paper money and its imminent conclusion. Whatever you might think about their position on monitoring transactions, the PBOC has been strategic in its thinking.  Their comments on the topic from 2016, 2017 and now 2018 have been consistent. Digital currency is coming and China will take the lead just as it did with paper currency.

Digital != crypto != virtual

According to The Daily Telegraph, the Bank of England “could green light its own Bitcoin-style digital currency”. I’m pretty sure that the Bank of England would never use “green light” as verb in any context, but putting that to one side, I was left wondering what they mean by a “Bitcoin-style” digital currency since this is not made clear in the article.  “Bitcoin-style” means what? Uncensorable? Mined in China? 7 transactions per second? High transactions fees? Using more electricity than Poland? Oh wait…

What that article actually says is that a research unit set up by the Bank was investigating the possible introduction of “a crypto-currency linked to sterling”. So not a digital currency, a crypto-currency. That presumably means that the value will be determined by mathematics, not by the Bank of England. Now it all makes sense, except that I cannot imagine why the Bank of England would want to give-up control of Sterling. Oh wait…

Further down, the article says that “a virtual currency issued by the bank” might lead to a revolutionary shake up of high street banking. Ah, now I get it. It will be a virtual currency only used in the internet tubes and not for mundane transactions. This could make sense – a sort of Bank of England “stablecoin” used to reduce friction in online transactions.

Hhmmmm….

It’s all a bit confusing this future of currency stuff, so here’s a handy table I made last year to clarify the differences.

dnb slide

 

I suspect that the Telegraph’s confusion may have arisen because of the tendency amongst management consultants (and others) to conflate the two entirely different kinds of electronic money: a cryptocurrency and a digital currency are very different things. If Mr. Carney were genuinely suggesting that one of the scenarios under consideration by the Bank of England is that it abandons its responsibility for managing the creation of money and instead turns to a cryptocurrency, even if it is a cryptocurrency that is produced as a by-product of a double-permissionless shared ledger spawned by the Bank of England itself, then the value of that currency would not only be beyond political control it would be beyond the Bank’s control and one might imagine the Bank to be somewhat redundant in such circumstances.

On the other hand if Mr. Carney were genuinely suggesting that one of the scenarios under consideration by the Bank of England is that it creates a digital currency, then I say more power to him. A digital currency platform with right APIs in place (providing risk-free, genuinely instant and zero-cost transfers between accounts with final settlement in central bank balances) would be an amazing platform for a Digital Britain. I’d trust the Bank to maintain a Sterling reserve against the digital currency.

Right now, money reaches the public through commercial banks, a practical structure that stems from the retail banks role in providing payment services, but that privileged role is under attack. I might further observe that not only is there no fundamental economic reason why banks should be the dominant providers of payment services, there is no fundamental economic reason why they provide them at all — see, for example, Radecki, L., “Banks’ Payments-Driven Revenues” in “Federal Reserve Bank of New York Economic Policy Review”, no.62, p.53-70 (Jul. 1999) — and there are many very good reasons for separating the crucial economic function of running a payment system to support a modern economy and other banking functions that may involve systemic risk (eg, providing credit).

Marilyne Tolle made this point very clearly a couple of years ago, writing in the Bank of England’s “Bank Underground” that  “the conflation of broad and base money, and the separation of credit and money, would allow the [central bank] to control the money supply directly and independently of credit creation”. You can’t ignore that impact that such a digital currency would have on the commercial banks. Back in 2016, the management consultancy McKinsey said that global payment revenues would be $2 trillion in 2020 and that these payment revenues account for around 40% of global bank revenues! So if payments go away because the central bank provides free, instant transfers between personal accounts, then banks would have to think of something else to do instead.

There’s a good reason why this won’t happen, though, irrespective of bank executives lobbying power and that is that the central bank doesn’t want to do KYC on millions of people, run authentication platforms, perform AML checks, manage black lists and all the rest of it. So here’s a practical suggestion to suit both. Maybe, just like Bitcoin, the central bank could manage accounts that are pseudonymous. The central bank would know that account no. 123456789 belongs to a retail consumer, but not which consumer. It would know that account no. 987654321 belongs to a retailer, but not which retailer. This way the central bank could generate a dashboard of economic activity for the Chancellor to look at when he wakes up in the morning, but not routinely monitor what you or I are up to.

It would be the commercial banks who provide the services linking the pseudonymous accounts to the “real” world (and get paid for doing so). In this construct, your Sterling bank account would just be a pass-through API to a central bank digital currency account (what Marilyne calls the “CBCoin Account”) because my Barclays current account and your Lloyds current account are just skins on the Bank of England instant, free, no-risk Sterling platform (I suggest “BritCoin” as the brand) and the commercial banks can chuck away their legacy retail payment systems and focus on delivering services that add real value instead.

Commercial banks will then have an important, useful and distinct function in society as the vaults that look after identity, not money. I wasn’t the first person to say that identity is the new money, although I may have been the most persistent and annoying, but as time passes it seems to be a more and more accurate description of the future. I imagine that most forward-looking banks already have a digital identity strategy in place and are already developing new products and services to take advantage of this new era, but for those who don’t I’ll post a few ideas on the topic here.

The law of entirely expected consequences case study: payment surcharges

Our Prime Minister, Mrs. Theresa May, went a bit Trump and tweeted. Cool. And here it is.


 The odd thing about this is that every single part of it is manifestly and demonstrably untrue. I’m genuinely baffled as to why Mrs. May (who spent 12 years working at the Association of Payments and Clearing Services, the precursor to UK Payments) should make such a transparently false claim to obtain credit for something that she should be against. To be clear: the charges were not hidden, the ban is not only on credit and debit card surcharges, and it won’t help millions of people to avoid rip-offs. Let me explain, starting with what I saw on 13th January when I went to pay for a flight on British Airways…

My first "no surcharge" purchase

Now normally when I use my BA Amex card to book a flight, I have to pay a credit card surcharge. I don’t mind paying the surcharge because I want the protections that the use of credit cards give me as a consumer and also because I want the frequent flier points I get for using this card. As of 13th January, I don’t. I get all this stuff for free because “new rules which will come into effect on 13 January 2018 will mean you cannot be penalised for choosing to pay by card, either online or in-store”. Happy days. Thank you Mrs. May!

Unfortunately, the entirely predictable result of this ban on card surcharges is that prices will go up.  For the press to say that ban has “backfired” because “consumers face higher prices and new ‘service charges’ as retailers and businesses plan to circumvent the Government’s ban” is laughable. The ban has worked entirely in accordance with the laws of economics.

To see why, let’s go back to Mrs. May’s odd social media message. First of all, the ban on card surcharges is not because of Mrs. May or the British government. It is because of the European Union’s Second Payment Services Directive (PSD2), although in the UK the government has gone further than PSD2 by, essentially, banning surcharges for all electronic payments not just the “four party” schemes. Thus it was the EU that banned “credit or debit card” surcharges, not the British Government, it is indeed the British Government, rather than the EU, that is making poor people pay for my air miles.

Now, just a quick recap of Economics 101. If the government passed a law that (for example) health care is free, that wouldn’t mean that doctors would start working for nothing. It would mean that doctors would have to paid in some other way (out of general taxation, for example). Similarly, passing a law that retailers cannot surcharge for cards doesn’t mean that everyone at Barclaycard is now working for free. Yes, the government has stopped retailers for charging for cards, but that does not mean that the costs are not going to go away. Chip and PIN terminals, 3D Secure gateways and Section 75 chargeback guarantees don’t grow on trees. What will happen?

Suppose you are an online merchant selling, oh I don’t know, let’s say Dungeons and Dragons miniatures. Let’s say your card service comes from a top quality merchant service provider who charges you 25p per transaction. From 13th January…

  1. Well, they could stop taking cards. But that would mean they lose business.

  2. They could have a loyalty scheme (spend £50, get £5 off your next purchase) but only for people who pay with cash.

  3. If half their sales are cash and half on card, then they could put the price of the average basket up by 10p. This is a nice simple solution and it’s good for me, since the customers who pay with cash are now subsidising my John Lewis cashback (since I’m only paying the extra 10p not the full 25p).

  4. Or they could try it on and add a service charge of 25p to all orders. This is what, for example, Just Eat have done.

But why should these dastardly people be allowed to get away with any of these options? Why shouldn’t they be forced to simply accept lower profits and a reduced standard of living as suggested by The Daily Telegraph which is upset that “retailers and other companies are planning measures to ‘sneak’ around the rules“. The dastardly plots unveiled by The Telegraph, precisely as you would expect from an analysis of the environment, are those that I outlined above: refusing card payments, increasing prices and introducing new ‘service charges’.

This is ridiculous from The Telegraph. Refusing to accept cards because the government has made it uneconomic is not sneaking around the rules, it is responding to the rules. And unless The Telegraph is proposing to step in and pay the cost of accepting cards for all merchants, neither is increasing shelf prices. In fact, I absolutely guarantee that prices will rise in accordance with basic laws of economics that The Telegraph should be familiar with. Unlike government ministers, apparently. The Economic Secretary to the Treasury, Mr. Stephen Barclay, said “these small charges can really add up and this change will mean shoppers across the country have that bit of extra cash to spend on the things that matter to them”. How? I have no idea. The UK travel industry, for example, pays around £150m per annum in card charges. Who does Mr. Barclay think is going to pay for the cards, terminals, fraud, bad debt, guarantees and all the rest of the infrastructure in the future? 

The result of banning card surcharges (ie, price-fixing for payment services) will be two-fold. First, it will push retailers into having their own apps that exploit open banking and use instant payments instead of cards. I can assure you that I won’t book a holiday or buy an expensive sofa this way: I want the legal protections that come with credit cards. However, the costs of accepting cards gives these merchants plenty of margin of to play so they will be able to incentive customers away from the existing rails. Second, it will transfer money from poor consumers who are trapped in the cash economy to people like me with cashback and airmiles cards. As the media have belatedly noticed (having not asked me about it in advance) “even those paying cash are set to lose out, as some companies – including food delivery firm Just Eat – plan to apply the cost increases to all customers

The outcome, as it happens, may be even more perverse. Since debit cards cost merchants less than credit cards, consumers switching to credit cards to get the rewards will mean the merchants overall bill for accepting cards will go up! This will hit hard in travel, for example, where “removing the surcharge will result in a significant shift away from payments by debit card and bank transfer so the increase [in extra costs] will be greater than the current credit card surcharge”. Not my words. “Greater than the current credit card surcharge”. So prices will rise by more than the current surcharge, despite Mr. Barclays’ odd prediction that shoppers around the current will have “that bit of extra cash”. No, shoppers around the country won’t. But certain shoppers (eg, me) will, because it the cost of the flight goes up by £1 but I would have had to pay a £2 service charge to use my rewards card before, I’m now saving a £1 and still getting the rewards.

I have long maintained that if you are going to regulate anything in this field then what you should do is require retailers to make the costs of payment choices clear and then let the market do the work. If the government wants to take action, it should adopt my plan to minimise the total social cost of payments and make debit cards the “zero”. In other words, companies should not be allowed to surcharge for debit cards and banks should be required to provide zero interchange debit cards as a condition of holding a retail banking licence. If companies want to surcharge for payment instruments that have a higher overall total social cost (cheques, cash, credit cards, charge cards, cowrie shells or euros) then that’s fine. And there would be a logic to it, unlike the current situation. Meanwhile, “consumer experts have called for regulatory enforcement to ensure businesses cannot dodge the rules“. 

This is absolutely hilarious. Who are these experts? What Soviet-style commission is going to take control of the taxi company’s pricing policy and decree what level of service charge, if any, is to be allowed? The whole situation is nonsensical. If the government, merchants or anyone else thinks that the costs of accepting cards are too high, then they are free to create an alternative that is less expensive. And if merchants want to know how to create an alternative lower cost option for customers *cough* open banking *cough* then they should feel free to call me and I’ll put them in touch with the right people (hint: Consult Hyperion).

Crime of the (new) century

Here’s something that I’m surprised we don’t see more of. Pavel Lerner, the CEO of the cryptocurrency exchange Exmo Finance, has been released by kidnappers after the payment of a $1 million bitcoin ransom. According to the Financial Times, the Ukrainian interior minister specifically labelled the crime “bitcoin kidnapping and extortion”. I would have asked for Monero, rather than traceable bitcoins, but there you go.

Given the number of Bitcoin millionaires wandering around — I bump into them at every conference I go to these days — you would have imagined that the more enterprising and forward thinking members of the cosa nostra (the coder nostra, as I call them) were out in force. Stand around outside Consensus or Money2020 and bundle most anyone into a van and drive them off into the desert and you’re sure of a Bitcoin, Ripple, Ether or Bitcoin Cash payday. It’s a puzzle that this doesn’t happen all the time, although it’s entirely possible that it does and that I never get to hear about it because I’m not rich enough, just like those Silicon Valley sex parties.

So is kidnapping for cyber-ransom the defining crime of the 21st century? Actually, I suspect not. What if, rather than traditional money–related crimes such as kidnapping and extortion, there were much better crypto-crimes invented in parallel to the new forms of crypto-money made available by technology? Is there such a crime that is unique to this virtual world? Not a virtual shadow of a crime that has been around since year zero, but a wholly new crime for the virtual world? Actually, one such crime was invented many years ago. It’s the “assassination market” that I wrote about in “Before Babylon, Beyond Bitcoin“.

An assassination market is a prediction market where any party can place a bet (using anonymous crypto-currency through the TOR network) on the date of death of a given individual, and collect a payoff if they “guess” the date accurately. This would incentivise the assassination of specific individuals because the assassin, knowing when the action would take place, could profit by making an accurate bet on the time of the subject’s death.

Here’s how the market works. Someone runs a public book on the anticipated death dates of public figures. If I hate a pop star or politician, I place a bet on when they will die. When the person dies, who ever had the closest guess wins all of the money, less a cut for the house. Let’s say I bet a fiver that a specific TV personality is going to die at 9am on April Fool’s Day 2018. Other people hate this personality too and they put down bets as well. The more hated the person is, the more bets there will be.

April Fool’s Day comes around. There’s ten million quid bet on this particularly personality. I pay a hit man five million quid to murder the personality. Hurrah! I’ve won the bet, so I get the ten million quid and give half to the hit man. I don’t have to prove that I was responsible for the assassination to get the money and no-one can pin the crime on me because I paid the hitman in untraceable anonymous electronic cash as well: I’m just the lucky winner of the lottery. If someone else had bet 31st March and murdered the television personality themselves the day before, then it would only have cost me a fiver, and I would have regarded that as a fiver well spent.

This is a rather an old idea that originated, as far as I know, with Jim Bell, who back in 1995 wrote an essay on “assassination politics” that brought the idea to the popular (well, amongst a nerd subgroup) imagination. I suppose it was inevitable that the arrival of digital currency would stimulate thought experiments in this area and it was interesting to me then (and now) because it showed the potential for innovation around digital money even in the field of criminality. If I hire thugs to lure a cryptobaron to a hotel room and then beat him up to get a $1m in bitcoins from him (as actually happened in Japan recently), that’s just boring old extortion. If I use Craigslist to lure a HODLer to a street corner and then pull a gun on him and force him to transfer his bitcoins to me (as actually happened in New York back in 2015), that’s just boring old mugging.

 

Now, as I explained in the FT some years ago, Bitcoin is not a very good choice for this sort of cyber-criminality. It’s just not anonymous enough for really decent crimes or the darkest darknets. Hence my scepticism about the claims that Bitcoin’s long term value will be determined by malevolent money mischief. But as I explained to students at Winchester College last week, if there were to be an actually untraceable cryptocurrency then an assassination market is a much better bet for the coder nostra than the physically demanding felony of kidnapping.

What if S.P.E.C.T.R.E. had Spectre?

Ruh roh, as they say. Google has just published a paper outlining a serious security flaw in, to all intents and purposes, all computers. They knew about it months ago, but they’ve been waiting for Apple, Microsoft and everyone else to issue patches (which, apparently, mean an unavoidable reduction in processing speeds) before making it public. The paper sets out two “exploits” that take advantage of the flaw. These are called “Meltdown” and “Spectre”. They basically allow software to read data from other software that it’s not supposed to be able to, so that one application (let’s say, the hacker) can read data from another application (let’s say, your browser) to steal secrets.

Spectre Graphic with Text      Meltdown Graphic with Text

As you can imagine, there was a great deal of media coverage about this flaw (as there should have been – it’s a huge deal). I happened to see an comment about it on Twitter, in which someone said words to the effect of “thank goodness it was found by don’t-be-evil Google and not by the bad guys”. This is a very misplaced sentiment. In the paper, the researchers clearly state that they do not know whether these exploits have been used in real attacks. Apart from anything else, Google says that the “exploitation does not leave any traces in traditional log files”.

So what if S.P.E.C.T.R.E. actually knew about Meltdown months ago and had Spectre in the Spring? How would we know? If they are really smart, then they’ll carry on stealing our secrets but cover their tracks so that we don’t know that they know. If you see what I mean.

It might be timely to remember the story of the Zimmerman telegram, a story that is mother’s milk to security experts.

You may recall that in 1917, Britain and Germany were at war. Britain wanted the U.S. to join the effort against the Axis of Edwardian Evil. The Kaiser’s ministers came up with some interesting plans: to persuade inhabitants fo the British (and French) colonies in the Middle East to launch a jihad, for example. Another scheme was to persuade Mexico to enter the war on the German side, thus dividing the potential U.S. war effort and eventually conquering it.

(At this point I thoroughly recommend historian Barbara Tuchman’s 1966 account of the affair, “The Zimmermann Telegram”.) 

To execute this dastardly plot, the German Foreign Secretary, Arthur Zimmermann, sent a telegram to the German ambassador in Mexico, Heinrich von Eckardt. The telegram instructed the ambassador to approach the Mexican government with a proposal to form a military alliance against the United States. It promised Mexico the land acquired and paid for by the United States after the U.S.-Mexican War if they were to help Germany win the war. The German ambassador relayed the message but the Mexican president declined the offer.

Naturally, so sensitive a topic demanded an encrypted epistle and it was duly dispatched encoded using the German top secret “0075″ code. And here it is…

The Zimmermann Telegram

As it happens, “0075” was a code that the British had already cracked. Thus, the telegram was intercepted and decrypted enough to get the gist of it to the British Naval Intelligence unit, Room 40. In next to no time, the decoded dynamite was on the desk of the Foreign Secretary Arthur Balfour, the teutonic perfidy laid bare.

Now the British were faced with the same dilemma that faces S.P.E.C.T.R.E. with Spectre. How can you use intercepted information without revealing that there is a security flaw and that you have exploited it? Consider the options:

  • If the British had complained to the Germans, then the Germans would know that the British had the key to their code and they would switch to another code that the British might not be able to break for months, missing much vital military intelligence along the way. What’s more, the Americans would know that the British were tapping diplomatic traffic into the U.S.

  • If they did not reveal the contents, they might miss a the chance to bring the U.S. into the war.

The codebreaker’s clever solution was to leak the information in such a way as to make it look as if the leak had come from the Mexican telegraph company: since the German relay from Washington to Mexico used a different code, that the Americans already knew to be broken, this was entirely plausible.

If you’re wondering what happened, well despite strong anti-German (and anti-Mexican) feelings in the U.S., the telegram was believed to be a British forgery designed to bring America into the war, a theory bolstered by German and Mexican diplomats as well as the Hearst press empire. However, on March 29th, Zimmermann gave a speech confirming the text of the telegram. On April 2nd, President Wilson asked Congress to declare war on Germany, and on April 6th they complied.

The point of this story is that stupid hackers would reveal their hand, but clever hackers would not. So the fact that, according to BBC Radio 4’s “Today” programme, the UK’s National Cybersecurity Centre says there is no evidence that the flaws have been exploited, that does not reassure me! These bugs are big.

“The Meltdown fix may reduce the performance of Intel chips by as little as 5 percent or as much as 30 — but there will be some hit. Whatever it is, it’s better than the alternative. Spectre, on the other hand, is not likely to be fully fixed any time soon.”

From “Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device? | TechCrunch”.

 

Maybe the way forward is to assume that all machines are compromised and not fix them but instead move the security away from the processors – so going back to the idea of having a Trusted Processing Module (TPM) in every transaction, either built in to the processors (like the “Secure Enclave” in iPhones) or as a separate chip in a PC or as a smart card that is connected to the computer when you want to do something. In this, as in so many other things, Brittany Spears is a beacon to the nations. Eleven years ago I used my Britney Spears smart card (which I still have) to log on to her fan club web site securely. You can read about it here

Horizon scanning in good company

My favourite think tank, the Centre for the Study of Financial Innovation (CSFI) in London, where I am honoured to be the Technology Fellow, was asked by the law firm Dentons to put together a series of “horizon scanning” events, each looking at the major factors that will determine the shape of the financial services sector over the next 10-15 years. As part of this series they held a fintech breakfast to look at the world of tech-based challenger banks, P2P lenders, crowd-funding, new payments methodologies, AI, crypto-currencies, blockchain and so forth. I was flattered to be invited to take part, along with Clara Durodié (founder and managing partner of AI outfit Cognitive Finance Group) and Nick Ogden (the founder of ClearBank and, some years ago, the founder of WorldPay).

(In my opinion, Nick is at the heart of the current fintech revolution, the UK-centric whirlwind around open banking and the “platformisation” of financial services, whereas Clara is at the heart of the current regtech revolution, using AI to change the markets themselves. We may be a long way from Terminators and HAL 9000, but the massive AI investments pouring into financial services around the world mean that the technology is going to change the sector soon.)

For what it’s worth, my three main horizon-scanning observations were that:

  1. Open Banking starts in January and I remain convinced it will be far more disruptive than many people think. It is not far-fetched, as Wired magazine observed, that banks might go under because of this. At the risk of sounding like a broken record, this about identity, trust and reputation not money. Obviously, I left it to Nick to talk turkey on this one. He set up Clear Bank to provide building societies, credit unions, other banks and fintech companies with access to all the major payment and card schemes, including Faster Payments and is obviously pretty convinced that open banking is going to provide space for innovation.

  2. AI is an event horizon. In that 10-15 year timescale it is clearly the most important technological trend of the generation and it is impossible to see what is the other side of it. Obviously, I left it to Clara to run a few things up the flagpole here. What I will note is that analysts at Forrester have predicted that quarter of financial sector jobs will be “impacted” by AI before 2020 and John Cryan, the Deutsche Bank CEO, was quoted in the Financial Times in September saying that the bank is going to shift from employing people to act like robots to employing robots to act like people. The impact on employment is obvious, but we cannot hold back the tide so we must take advantage of the changes and begin to explore for new opportunities that can be built around a more productive financial services sector

  3. I wanted to bring something from left field to the discussion, so in addition to these two obvious key trends I spoke about the token and Initial Coin Offering (ICO) marketplace. I think that a regulated and organised token marketplace will be one of the big financial services business moves in 2018 and I’m pretty sure that it will be successful (for a variety of reasons to do with liquidity and the elimination of clearing and settlement).

Nick, Clara and I put forward our thoughts about the longer term. During the discussion that followed, there were a number of questions and comments about the impact of AI on the financial services sector. I think this is in many ways quite unpredictable not only because of the “event horizon” but because of the impending interaction. People tend to think in terms of robo-advisers and chat interfaces, focusing on the use of AI by financial institutions to either cut costs or deliver new services (some of which, of course, we can’t imagine). But, to paraphrase Fred Schwed’s 1940s financial services classic… where are the customers’ bots?

If you think about it, however, the customers will have access to AI as well. The customers smartphones will connect them, permanently, to an intelligence far greater than their own. Thus, if a bank is trying to sell me a mortgage or a credit card or whatever, it’s wasting its time showing me incomprehensible advertisements involving astronauts riding horses through fields of purple daffodils and people singing.

My AI is going to negotiate with the AI of the regulated financial institutions in order to obtain the best product for me. Since I’m not smart enough to choose the right credit card, pension or car loan then clearly I’m going to want my own giant killer robot to take care of things. But which robot? Should I choose the Saga robots or the Virgin Money robots or the best performing robot over the past 12 months or the Google self-taught super intelligent robot that is also the world Go champion?

How the banks’ robots will interact with the customers’ robots is at the same time fascinating and frightening. I’m not sure I really want to be in the loop when the discussion of a pension plan or insurance project is taking place, but I do want some sort of confidence that there’s a regulator in the loop and that should push come to shove, my robot will be out to explain why it made the decisions it did. All in all, what I can see on the horizon is giving my AI access to my account through open banking and then letting it decide which ICO is to invest in.

Voter ID is back, and this time it’s in Woking

Well, Woking is in the news. It is going to be part of a pilot scheme at the forefront of the UK’s non-existent identity non-strategy to not introduce a working digital identity infrastructure to our great nation at any time in the foreseeable future The government has decided that voters in five areas in England will be asked to take identification to polling stations at local elections next year, and Woking is one of those areas. The report doesn’t mention just how the entitlement to vote is to be established but we already know what array of high technology machine learning AI super intelligent giant killer robot world brain quantum neuro-computing systems are to be deployed, because local authorities will be invited to apply to trial different types of identification, including forms of photo ID such as driving licences and passports, or formal correspondence such as a utilities bill.

Wait, what? It’s pointless enough showing a trivially counterfeitable physical identity document to someone who can’t verify it anyway, but come on… a utilities bill? That’s where we are in 2017 in the fifth richest country in the world? In Scott Corfe’s recent Social Market Foundation report A Verifiable Success—The future of identity in the UK he highlighted what he calls the “democratic opportunity” for electronic identity verification to facilitate internet voting thereby increasing civic engagement. Well, I agree. But that’s a long way from showing a gas bill to a polling station volunteer.

(And what does ‘local authorities will be invited to apply’ really mean anyway?  They’ve already been ‘invited’ to adopt the national Gov.UK Verify identity service. Very few did, and fewer still continue, so five might be ambitious. And where they do, are we disenfranchising voters who don’t feel like forging documents if they don’t come from the mainstream demographic — a point also made in the SMF report — thus distorting the outcomes).  

Now, I’ve written before that I am in favour of electronic voting of some kind but I’m very much against internet voting, because I think that in a functioning democracy voting must remain a public act and if it is allowed in certain remote conditions then we cannot be sure that a voter’s ballot is either secret or uncoerced. I think it is possible to imagine services where trusted third parties or electoral observers of some kind use mobile phones to go out and allow the infirm or otherwise housebound to vote, but that’s not the same thing as just allowing people to vote using mobile phones. I think internet voting is a really bad idea, but I take Scott’s point about the need for digital identity. However, since we don’t have one and I don’t see any prospect of Government producing a robust one in the foreseeable future, we’re stuck with gas bills until someone gets to grip with issue.

(I should explain here for any baffled overseas readers of this blog that the United Kingdom has no national identification scheme or identity card or any other such symbol of continental tyranny, so our gold standard identity document is the gas bill. The gas bill is a uniquely trusted document, and the obvious choice for a government concerned about fraud. By the way, if for some reason you do not have a gas bill to attest to your suitability for some purpose or other, you can buy one here for theatrical or novelty use only.)

Woking Polling Station

Why is it that the government never ask me about this sort of thing? Since they don’t have an identity infrastructure, why don’t they use other people’s? I would have thought that for a great majority of the population, especially the more transient and younger portion of the electorate (e.g., my sons) social media would provide a far better means to manage this entitlement. I’ve written before that I judge it to be far harder to forge a plausible Facebook profile than a plausible gas bill, so if I turn up at the polling station and log in to the Facebook profile for David Birch (if there is a Facebook profile for a David Birch, incidentally, I can assure you that it isn’t me) then they may as well let me vote.

None of this will make the slightest difference to the central problem, of course, because the main source of electoral fraud in the UK is not personation at the polling station but fraudulently-completed postal ballots, a situation that led one British judge to call it “a system that would disgrace a banana republic”. Indeed, this is precisely what has been going on in my own dear Woking, where four people were jailed recently for electoral fraud. As far as I can understand it from reading the various reports, including the source reports on electoral fraud in the UK, the main problem is that postal votes are being completed by third parties, sometimes in bulk. No proof of identity is going to make any difference to this and so long as we allow people to continue voting by post I can’t see how the situation will improve. So: it is not beyond the wit of man to come up with alternatives to the postal vote. But that’s not what is being proposed. The UK government is not currently proposing an app or any other kind of electronic voting here, it is merely proposing to add a basic test of entitlement at the ballot box.

When this scheme was originally announced, the minister in charge of voting (Chris Skidmore) was quoted by the BBC as saying that “in many transactions you need a proof of ID” which is not, strictly speaking, true. In almost all transactions that we  take part in on a daily basis we are not proving our identity, we are proving that we are authorised to do something whether it is to charge money to a line of credit in a shop, ride a bus or open the door to an office. In these cases we are using ID as a proxy because we don’t have a proper infrastructure in place for allowing us to keep our identities safely under lock and key while we go about our business.

If we are to implement the kind of electronic identity verification envisaged by the Social Market Foundation, then what you should really be presenting at the polling station is an anonymised entitlement to vote that you can authenticate your right to use. It is nobody at the polling station’s business who you are and, in common with many other circumstances, if you are required to present your identity to enable a transaction then we have created another place where identity can be stolen from. The real solution is, of course, not about using gas bills or indeed special-purpose election ID cards, but about introducing a general-purpose National Entitlement Scheme (NES). If memory serves, I think this is what my colleagues at Consult Hyperion and I first proposed in response to a government consultation paper on a national identity scheme a couple of decades ago. Oh well.