What if S.P.E.C.T.R.E. had Spectre?

Ruh roh, as they say. Google has just published a paper outlining a serious security flaw in, to all intents and purposes, all computers. They knew about it months ago, but they’ve been waiting for Apple, Microsoft and everyone else to issue patches (which, apparently, mean an unavoidable reduction in processing speeds) before making it public. The paper sets out two “exploits” that take advantage of the flaw. These are called “Meltdown” and “Spectre”. They basically allow software to read data from other software that it’s not supposed to be able to, so that one application (let’s say, the hacker) can read data from another application (let’s say, your browser) to steal secrets.

Spectre Graphic with Text      Meltdown Graphic with Text

As you can imagine, there was a great deal of media coverage about this flaw (as there should have been – it’s a huge deal). I happened to see an comment about it on Twitter, in which someone said words to the effect of “thank goodness it was found by don’t-be-evil Google and not by the bad guys”. This is a very misplaced sentiment. In the paper, the researchers clearly state that they do not know whether these exploits have been used in real attacks. Apart from anything else, Google says that the “exploitation does not leave any traces in traditional log files”.

So what if S.P.E.C.T.R.E. actually knew about Meltdown months ago and had Spectre in the Spring? How would we know? If they are really smart, then they’ll carry on stealing our secrets but cover their tracks so that we don’t know that they know. If you see what I mean.

It might be timely to remember the story of the Zimmerman telegram, a story that is mother’s milk to security experts.

You may recall that in 1917, Britain and Germany were at war. Britain wanted the U.S. to join the effort against the Axis of Edwardian Evil. The Kaiser’s ministers came up with some interesting plans: to persuade inhabitants fo the British (and French) colonies in the Middle East to launch a jihad, for example. Another scheme was to persuade Mexico to enter the war on the German side, thus dividing the potential U.S. war effort and eventually conquering it.

(At this point I thoroughly recommend historian Barbara Tuchman’s 1966 account of the affair, “The Zimmermann Telegram”.) 

To execute this dastardly plot, the German Foreign Secretary, Arthur Zimmermann, sent a telegram to the German ambassador in Mexico, Heinrich von Eckardt. The telegram instructed the ambassador to approach the Mexican government with a proposal to form a military alliance against the United States. It promised Mexico the land acquired and paid for by the United States after the U.S.-Mexican War if they were to help Germany win the war. The German ambassador relayed the message but the Mexican president declined the offer.

Naturally, so sensitive a topic demanded an encrypted epistle and it was duly dispatched encoded using the German top secret “0075″ code. And here it is…

The Zimmermann Telegram

As it happens, “0075” was a code that the British had already cracked. Thus, the telegram was intercepted and decrypted enough to get the gist of it to the British Naval Intelligence unit, Room 40. In next to no time, the decoded dynamite was on the desk of the Foreign Secretary Arthur Balfour, the teutonic perfidy laid bare.

Now the British were faced with the same dilemma that faces S.P.E.C.T.R.E. with Spectre. How can you use intercepted information without revealing that there is a security flaw and that you have exploited it? Consider the options:

  • If the British had complained to the Germans, then the Germans would know that the British had the key to their code and they would switch to another code that the British might not be able to break for months, missing much vital military intelligence along the way. What’s more, the Americans would know that the British were tapping diplomatic traffic into the U.S.

  • If they did not reveal the contents, they might miss a the chance to bring the U.S. into the war.

The codebreaker’s clever solution was to leak the information in such a way as to make it look as if the leak had come from the Mexican telegraph company: since the German relay from Washington to Mexico used a different code, that the Americans already knew to be broken, this was entirely plausible.

If you’re wondering what happened, well despite strong anti-German (and anti-Mexican) feelings in the U.S., the telegram was believed to be a British forgery designed to bring America into the war, a theory bolstered by German and Mexican diplomats as well as the Hearst press empire. However, on March 29th, Zimmermann gave a speech confirming the text of the telegram. On April 2nd, President Wilson asked Congress to declare war on Germany, and on April 6th they complied.

The point of this story is that stupid hackers would reveal their hand, but clever hackers would not. So the fact that, according to BBC Radio 4’s “Today” programme, the UK’s National Cybersecurity Centre says there is no evidence that the flaws have been exploited, that does not reassure me! These bugs are big.

“The Meltdown fix may reduce the performance of Intel chips by as little as 5 percent or as much as 30 — but there will be some hit. Whatever it is, it’s better than the alternative. Spectre, on the other hand, is not likely to be fully fixed any time soon.”

From “Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device? | TechCrunch”.


Maybe the way forward is to assume that all machines are compromised and not fix them but instead move the security away from the processors – so going back to the idea of having a Trusted Processing Module (TPM) in every transaction, either built in to the processors (like the “Secure Enclave” in iPhones) or as a separate chip in a PC or as a smart card that is connected to the computer when you want to do something. In this, as in so many other things, Brittany Spears is a beacon to the nations. Eleven years ago I used my Britney Spears smart card (which I still have) to log on to her fan club web site securely. You can read about it here

Horizon scanning in good company

My favourite think tank, the Centre for the Study of Financial Innovation (CSFI) in London, where I am honoured to be the Technology Fellow, was asked by the law firm Dentons to put together a series of “horizon scanning” events, each looking at the major factors that will determine the shape of the financial services sector over the next 10-15 years. As part of this series they held a fintech breakfast to look at the world of tech-based challenger banks, P2P lenders, crowd-funding, new payments methodologies, AI, crypto-currencies, blockchain and so forth. I was flattered to be invited to take part, along with Clara Durodié (founder and managing partner of AI outfit Cognitive Finance Group) and Nick Ogden (the founder of ClearBank and, some years ago, the founder of WorldPay).

(In my opinion, Nick is at the heart of the current fintech revolution, the UK-centric whirlwind around open banking and the “platformisation” of financial services, whereas Clara is at the heart of the current regtech revolution, using AI to change the markets themselves. We may be a long way from Terminators and HAL 9000, but the massive AI investments pouring into financial services around the world mean that the technology is going to change the sector soon.)

For what it’s worth, my three main horizon-scanning observations were that:

  1. Open Banking starts in January and I remain convinced it will be far more disruptive than many people think. It is not far-fetched, as Wired magazine observed, that banks might go under because of this. At the risk of sounding like a broken record, this about identity, trust and reputation not money. Obviously, I left it to Nick to talk turkey on this one. He set up Clear Bank to provide building societies, credit unions, other banks and fintech companies with access to all the major payment and card schemes, including Faster Payments and is obviously pretty convinced that open banking is going to provide space for innovation.

  2. AI is an event horizon. In that 10-15 year timescale it is clearly the most important technological trend of the generation and it is impossible to see what is the other side of it. Obviously, I left it to Clara to run a few things up the flagpole here. What I will note is that analysts at Forrester have predicted that quarter of financial sector jobs will be “impacted” by AI before 2020 and John Cryan, the Deutsche Bank CEO, was quoted in the Financial Times in September saying that the bank is going to shift from employing people to act like robots to employing robots to act like people. The impact on employment is obvious, but we cannot hold back the tide so we must take advantage of the changes and begin to explore for new opportunities that can be built around a more productive financial services sector

  3. I wanted to bring something from left field to the discussion, so in addition to these two obvious key trends I spoke about the token and Initial Coin Offering (ICO) marketplace. I think that a regulated and organised token marketplace will be one of the big financial services business moves in 2018 and I’m pretty sure that it will be successful (for a variety of reasons to do with liquidity and the elimination of clearing and settlement).

Nick, Clara and I put forward our thoughts about the longer term. During the discussion that followed, there were a number of questions and comments about the impact of AI on the financial services sector. I think this is in many ways quite unpredictable not only because of the “event horizon” but because of the impending interaction. People tend to think in terms of robo-advisers and chat interfaces, focusing on the use of AI by financial institutions to either cut costs or deliver new services (some of which, of course, we can’t imagine). But, to paraphrase Fred Schwed’s 1940s financial services classic… where are the customers’ bots?

If you think about it, however, the customers will have access to AI as well. The customers smartphones will connect them, permanently, to an intelligence far greater than their own. Thus, if a bank is trying to sell me a mortgage or a credit card or whatever, it’s wasting its time showing me incomprehensible advertisements involving astronauts riding horses through fields of purple daffodils and people singing.

My AI is going to negotiate with the AI of the regulated financial institutions in order to obtain the best product for me. Since I’m not smart enough to choose the right credit card, pension or car loan then clearly I’m going to want my own giant killer robot to take care of things. But which robot? Should I choose the Saga robots or the Virgin Money robots or the best performing robot over the past 12 months or the Google self-taught super intelligent robot that is also the world Go champion?

How the banks’ robots will interact with the customers’ robots is at the same time fascinating and frightening. I’m not sure I really want to be in the loop when the discussion of a pension plan or insurance project is taking place, but I do want some sort of confidence that there’s a regulator in the loop and that should push come to shove, my robot will be out to explain why it made the decisions it did. All in all, what I can see on the horizon is giving my AI access to my account through open banking and then letting it decide which ICO is to invest in.

Voter ID is back, and this time it’s in Woking

Well, Woking is in the news. It is going to be part of a pilot scheme at the forefront of the UK’s non-existent identity non-strategy to not introduce a working digital identity infrastructure to our great nation at any time in the foreseeable future The government has decided that voters in five areas in England will be asked to take identification to polling stations at local elections next year, and Woking is one of those areas. The report doesn’t mention just how the entitlement to vote is to be established but we already know what array of high technology machine learning AI super intelligent giant killer robot world brain quantum neuro-computing systems are to be deployed, because local authorities will be invited to apply to trial different types of identification, including forms of photo ID such as driving licences and passports, or formal correspondence such as a utilities bill.

Wait, what? It’s pointless enough showing a trivially counterfeitable physical identity document to someone who can’t verify it anyway, but come on… a utilities bill? That’s where we are in 2017 in the fifth richest country in the world? In Scott Corfe’s recent Social Market Foundation report A Verifiable Success—The future of identity in the UK he highlighted what he calls the “democratic opportunity” for electronic identity verification to facilitate internet voting thereby increasing civic engagement. Well, I agree. But that’s a long way from showing a gas bill to a polling station volunteer.

(And what does ‘local authorities will be invited to apply’ really mean anyway?  They’ve already been ‘invited’ to adopt the national Gov.UK Verify identity service. Very few did, and fewer still continue, so five might be ambitious. And where they do, are we disenfranchising voters who don’t feel like forging documents if they don’t come from the mainstream demographic — a point also made in the SMF report — thus distorting the outcomes).  

Now, I’ve written before that I am in favour of electronic voting of some kind but I’m very much against internet voting, because I think that in a functioning democracy voting must remain a public act and if it is allowed in certain remote conditions then we cannot be sure that a voter’s ballot is either secret or uncoerced. I think it is possible to imagine services where trusted third parties or electoral observers of some kind use mobile phones to go out and allow the infirm or otherwise housebound to vote, but that’s not the same thing as just allowing people to vote using mobile phones. I think internet voting is a really bad idea, but I take Scott’s point about the need for digital identity. However, since we don’t have one and I don’t see any prospect of Government producing a robust one in the foreseeable future, we’re stuck with gas bills until someone gets to grip with issue.

(I should explain here for any baffled overseas readers of this blog that the United Kingdom has no national identification scheme or identity card or any other such symbol of continental tyranny, so our gold standard identity document is the gas bill. The gas bill is a uniquely trusted document, and the obvious choice for a government concerned about fraud. By the way, if for some reason you do not have a gas bill to attest to your suitability for some purpose or other, you can buy one here for theatrical or novelty use only.)

Woking Polling Station

Why is it that the government never ask me about this sort of thing? Since they don’t have an identity infrastructure, why don’t they use other people’s? I would have thought that for a great majority of the population, especially the more transient and younger portion of the electorate (e.g., my sons) social media would provide a far better means to manage this entitlement. I’ve written before that I judge it to be far harder to forge a plausible Facebook profile than a plausible gas bill, so if I turn up at the polling station and log in to the Facebook profile for David Birch (if there is a Facebook profile for a David Birch, incidentally, I can assure you that it isn’t me) then they may as well let me vote.

None of this will make the slightest difference to the central problem, of course, because the main source of electoral fraud in the UK is not personation at the polling station but fraudulently-completed postal ballots, a situation that led one British judge to call it “a system that would disgrace a banana republic”. Indeed, this is precisely what has been going on in my own dear Woking, where four people were jailed recently for electoral fraud. As far as I can understand it from reading the various reports, including the source reports on electoral fraud in the UK, the main problem is that postal votes are being completed by third parties, sometimes in bulk. No proof of identity is going to make any difference to this and so long as we allow people to continue voting by post I can’t see how the situation will improve. So: it is not beyond the wit of man to come up with alternatives to the postal vote. But that’s not what is being proposed. The UK government is not currently proposing an app or any other kind of electronic voting here, it is merely proposing to add a basic test of entitlement at the ballot box.

When this scheme was originally announced, the minister in charge of voting (Chris Skidmore) was quoted by the BBC as saying that “in many transactions you need a proof of ID” which is not, strictly speaking, true. In almost all transactions that we  take part in on a daily basis we are not proving our identity, we are proving that we are authorised to do something whether it is to charge money to a line of credit in a shop, ride a bus or open the door to an office. In these cases we are using ID as a proxy because we don’t have a proper infrastructure in place for allowing us to keep our identities safely under lock and key while we go about our business.

If we are to implement the kind of electronic identity verification envisaged by the Social Market Foundation, then what you should really be presenting at the polling station is an anonymised entitlement to vote that you can authenticate your right to use. It is nobody at the polling station’s business who you are and, in common with many other circumstances, if you are required to present your identity to enable a transaction then we have created another place where identity can be stolen from. The real solution is, of course, not about using gas bills or indeed special-purpose election ID cards, but about introducing a general-purpose National Entitlement Scheme (NES). If memory serves, I think this is what my colleagues at Consult Hyperion and I first proposed in response to a government consultation paper on a national identity scheme a couple of decades ago. Oh well.

Really breaking banks

I can’t stress enough just how big a deal the UK’s transition to Open Banking is. The writer Wendy Grossman posted an excellent piece about this in her “net.wars” series recently. She said, without exaggeration in my opinion, that the “financial revolution” coming here in mid-January has had surprisingly little publicity perhaps because “it’s not a new technology, not even a cryptocurrency. Instead, this revolution is regulatory: banks will be required to open up access to their accounts to third parties”. As Wendy notes in her piece, Wired had a great article about this (written by Rowland Manthorpe) in October. Having talked to some of the key players and examined some of the key concepts, he draws an important conclusion, which is that open banking is not “just a technical fix, or even a solution specific to banking, but a new way of dealing with the twenty-first century’s most sought-after resource, personal data“.

He is spot on. Identity is, as some people maintain, the new money. Banks are about to be transformed from places that store digital monies (which they really don’t anyway, since the proportion of household wealth held in the form of demand deposits has already fallen to minuscule levels) into places that store digital identities. Now, this is hardly a new idea and it isn’t only techno-crackpots like me who keep going on about it. Back in 2014, the Financial Times was reporting that “Britain’s high street banks believe their future role will be as repositories of more than just money: they want to be the safe place where customers store their digital identities”. This makes complete sense as a strategy and as a European Banking Association (EBA) white paper of the time put it, “banks are well positioned” to be a crucial, supporting, positive part of their customers online lives. Banks know this to be the case, they just haven’t done much about it. I still can’t use my Barclays identity to open an account at RBS, much less to log in to Direct Line or Bet365.

Since that FT piece, some people (uncharitable persons, of whom I am not one) have suggested that banks will pratt about and muck it all up and hand digital identity on a plate to Apple, Facebook, Google, Amazon and Microsoft (the GAFAMs). Well, we’re going to start finding out in January, because I can’t help but feel that the major beneficiaries of the regulators pressure to open up the banks will not be nimble fintech startups but the internet giants who already have the customer relationships. Rowland speculates that open banking may expose some institutions to change and to competition that they simply cannot respond to. He even goes as far as to suggest that banks may well fail because of it. This is the sort of thing that they must have been mulling over down at Open Banking Limited, the entity set up to implement open banking in the UK, where the Implementation Trustee, Imran Gulamhuseinwala, “doesn’t seem to have much sympathy for failing banks”.

Now, having met Imran at dinner (with the Russian Ambassador, as it happens) I can confirm that he is one smart cookie (and a very nice guy too). He’s got a point about the competition that open banking should unleash, but when RBS goes under because all of its customers have shifted to Facebook and the bank becomes a low-margin heavily-regulated pipe that is not operationally-efficient enough to compete only on price and service levels, I suspect others may have a different perspective. Either way, I agree with Erik Tak, Head of the ING Payment Centre, who said at Trustech in Cannes this year (below) that the people who will benefit most from this opening up of retail banking will not be fintechs but those GAFAMs mentioned earlier.

Tak at Trustech

Wendy’s words are well chosen. Open Banking is a revolution, and all we can say for sure is that there is going to be change. But as to who the winners and losers are… well, the UK is about to become an interesting, exciting and unpredictable laboratory experiment in banking regulation. In a year or two, we may at least have a signpost to the future of retail banking in place.

Art and science in Bristol

Well, that was fun. I had the great honour of being invited on to a panel at the Festival of Economics, part of the Bristol Festival of Ideas. I’d never been to the festival before, but I really enjoyed it. It’s a very impressive event, and I’m not just saying that because my publisher, Diane Coyle, founded it. What I found especially impressive, apart from the sheer size of the audiences at the sessions I attended, was that the festival seemed to achieve its goal of bringing serious discussion of important topics to the general public. In our session we have a great audience and they gave us a wide variety of topics to deal with in the Q&A. All in all, an excellent event.

Green Room

I was talking about the future of money with Professor Steve KeenDaniela GaborTatiana Cutts and stand-in chair Romesh Vaitilingam who did a great job moving things along. I’m pleased to say that the session was lively and well-attended.

One of the topics that came up, naturally, was whether Bitcoin was a form of cash or not. Remember that US IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder: “the real lesson from the IRS Bitcoin ruling is that for a currency—or any payment system—to work, its units must be completely fungible”. Now, fungible (from the Latin “to enjoy”) is a great word. One of my favourite words, in fact. In this context (ie, money) it means that all of the tokens are the same and can be substituted one for another. You owe me a pound. It doesn’t matter _which_ pound coin that you give me. Any will do. Any pound coin can substitute for any other pound coin because they are all the same: no-one can distinguish one pound coin from another. This isn’t true of Bitcoins. They are all different, and because they are all different, their history can be tracked through the blockchain. As the MIT Technology Review pointed out, while Bitcoin has a media reputation for providing privacy, analysis of the blockchain suggests it could be surprisingly easy for a law enforcement agency to identify many users of the currency. Actually, recent analysis of the blockchain provides much other interesting information, including the fact that around a quarter to a fifth of the bitcoins already mined are lost for good.

The idea of money that isn’t fungible but that can be tracked, traced and monitored reminded me of Nitipak Samsen’s winning entry in the Consult Hyperion 2011 Future of Money Design Award, an example that I include in my book. I used it to make the general point that if you want to look into the future you need to listen to artists as well as technologist. Anyway, I mentioned the Award on stage and a couple of people came up afterwards to ask more about this particular entry and the competition in general, so if you are one of them and you’d like to learn more, check it out here.

Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?…

[From Money Trailer – Future of Money]

It is interesting to me to see these different perspectives (Nitipak’s artistic imagination about the bastard child of Facebook and Bitcoin, and the more technical ideas about fungibility) coming together and, to my mind, again illustrates just why the FOM Design Award became such a popular session at Consult Hyperion’s Tomorrow’s Transactions Forum. We (technologists) need artists to help us to imagine alternative futures.

So. TL:DR…

Bitcoin isn’t cash, because cash is fungible. If we want something to be cash, we need to make it fungible. But do we want cash? I’m always ready to listen to informed views, but right now my general feeling is that the costs outweigh the benefits.

Noted author talks fraud at Royal Institution

What a piece of luck! I was giving a talk at the CallCredit Fraud Summit at the Royal institution in London and I chose to talk about just how broken our identity infrastructure is. Hardly an original theme, but one that is worth amplifying. As Chris Green (CCO at Call Credit) noted in his introduction to the event, identity fraud is heading towards £200 billion per annum and identity theft is an epidemic.

Pretty bad. Worse still, it looks to me as if no one knows what to do about this, particularly the Government. Given that the Social Market Foundation (SMF) had just issued their report “A Verifiable Success — The future of identity in the UK” (August 2017) which noted that identity verification processes in the UK have not kept up with either technological or social change and says that “the case for change is founded on the dramatic increase in identity fraud, the inconvenience of identity verification and the correlation with social (and therefore financial) exclusion”, I thought I’d talk about how to actually do something about identity in the mass market.


I illustrated the point about just how unsuited our ramshackle infrastructure is with the example of spies, referring to last year’s Financial Times interview with Alex Younger (“C”,  the head of MI6 which is James Bond’s department of the British intelligence services) who explained just how hard it is to be a spy these days. In the old days, it was easy. Just grab a fake passport out of the draw and off you go. But, as the chief spy pointed out, today social media means that it is far more difficult to create a plausible alter ego. Sure, it’s easy to create a fake social media account. It’s easy, but not very useful to a spy. To be plausible, a fake identity needs a reputation. Reputation, unlike identity, is hard to fake. It has a time component. It takes years to build up a reputation that will stand up to scrutiny! If you wanted to pretend to be someone now, you would have to have started building the fake LinkedIn profile a decade ago. The point is that it’s hard for James Bond to pretend to be me, but seemingly easy for me to pretend to be a James Bond on internet dating sites. This is a fun and interesting way to think about some of the issues around identity and I think the audience liked it!

So what was the piece of luck I referred to at the beginning? Well, I turned up at the event, along with the bestselling author (and former politician) Lord Jeffrey Archer. As we had some time spare, I thought I would be helpful and give Jeffrey a few tips on writing books, having just published one myself.



 I think Jeffrey really appreciated my hints and suggestions but unfortunately had to leave for an urgent meeting so I wasn’t able to go into too much detail with him. Before my talk I went off to grab a cup of coffee and picked up the day’s Times to read. It had the very perfect story for me featured prominently. Hence I was able to whip out a copy of the day’s Times and wave it around to great effect at the appropriate point in my presentation!


The point that I was making, of course, is that identity is not just broken but optimally broken, in that it helps the bad guys but not the good guys. We need someone to stop forward with a vision for a better identity future! Where is this person! I heard the Minister for Digital Stuff (this may not be his exact title) talking on BBC radio a few weeks ago in a report on the government’s introduction of mandatory age verification for adult sites. When asked how members of the public could gain access to adult services, the Minister said that people could use credit cards (which is a terrible idea, see for example Ashley Madison) or show their passport to adult sites (which is an even worse idea). I confidently predict that the widespread adoption of either of these solutions will push identity theft even higher.

So why is identity not fixed yet?

As I tried to persuade the audience, if we are going to make any progress we need to have a very different mental model of what identity is. Not some Victorian notion of identity as an index card in a filing cabinet but as the cornerstone of digital relationships and therefore reputation in an online world. We need to develop the strategy based on digital identity, the bridge between the real and virtual worlds. I explain this using the three domain model, as shown on the slide below, and hopefully demonstrated just how powerful this view of identity is.

3DID Basic Colour


We need to move our transactions into the authorisation domain as soon as possible. Let’s go back to example in the newspaper to see why. Imagine I go to the dating site and create an account. As part of this process, the dating site asks me to log in via my bank account. At this point it bounces me to my bank where I carry out the appropriate two factor authentication to establish my identity to the bank’s satisfaction. The bank then returns an appropriate cryptographic token to the Internet dating site, which tells them that I am over 18, resident in the UK and that I have funds available for them to bill against. In this example my real identity is safely locked up back in the bank vault but it has been bound to a virtual identity which I can use for online interactions. So my Internet dating persona contains no Personally Identifiable Information (PII), but if I use that persona to get up to no good then the dating sites can provide the token to the police, the police can see that the token comes from Barclays and Barclays will tell them that it belongs to Dave Birch. This seems to me a very appropriate distribution of responsibilities. When the Internet dating site gets hacked, as they inevitably do, all the criminals will obtain is a meaningless token: they have no idea who it belongs to and Barclays won’t tell them.

One of the key attractions of this architecture, and I’m sure that I am not the only person who thinks this, is that it gives an expectation of redress in the event of inevitable failure. Things always go wrong. What’s important is what the structures, mechanisms and processes for dealing with those failures is. If some fraudsters take over my bank account and use my identity to create a fake profile on a dating site, then I’d expect the bank to have mechanisms in place to revoke the tokens and inform both the dating site and me that such revocations have taken place without disclosing any PII.

This is important because PII is in essence a kind of toxic waste that no companies really want to deal with unless they absolutely have to. Under the new provisions of the General Data Protection Regulation (GDPR), the potential fines for disclosing personal information without the consent of the data subject are astronomical. Hence the complete cycle needs to be thought through because it will be crazy to have an infrastructure that protects my personal data when the system is operating normally but gives it up when the system fails, or when we attempt recovery from failure.

Digital identity gives us a vision of how to do this in our new online world. It is how we keep our real identity safe and sound while we explore the online world in safety using our virtual identities. A huge thank you to Call Credit for asking me along to share this vision with their audience.

Life imitates art, even in payments

A few years ago, I took part in an entertaining event at the British Computer Society (BCS) during which my alter ego, Mr. Don Rogers from the Isle of Man Economic College, set out a new payment system. During this talk (you can see the video here), Mr. Rogers proposed the “Crime Pays System” or CPS. Under this system, digital payments would be either “light” or “dark”. The default transaction type would be light and free to the end users. All transaction histories would be uploaded to a public space (we were, of course, thinking about the Bitcoin blockchain here) which would allow anybody anywhere to view the transaction details. This “Light Exchange” is designed to promote an environment of social accountability. The alternative transaction type would be dark. With this option advanced cryptographic techniques would make the payment completely invisible, leaving no trace of the exchange, thus anonymising all transactions. A small levy in the region of 10% to 20% would be paid per transaction. The “Dark Exchange” would therefore offer privacy for your finances at a reasonable price. The revenue generated from the use of this system would be taken by the government to substitute for the loss of taxes in the dark economy.

Pretty whacky, way-out, left-field thinking, yes? Well, I must in all honesty admit that it was not my idea. Like all such concepts way ahead of their time, it has its origins in art, not technology. The idea came from my good friend and wonderful artist, Austin Houldsworth. As you may know, for many years Consult Hyperion ran the Future of Money Design Award as part of the annual Tomorrow’s Transactions Forum. Austin organised this award and he also designed the cover for my book Before Babylon, Beyond Bitcoin. In fact, here he is showing me the machine that he built for the cover photo of the book.

Welcome to the Machine


Well, it’s taken a few years, but Austin’s idea is a few steps closer to reality, since Coin Telegraph reported that just such a payment system is being proposed for Russia. And our guess of a 10-20 percent holding tax was remarkably accurate, since what is being proposed in Russia is apparently a 13% tax.

The CryptoRubles can be exchanged for regular Rubles at any time, though if the holder is unable to explain where the CryptoRubles came from, a 13 percent tax will be levied. The same tax will be applied to any earned difference between the price of the purchase of the token and the price of the sale.

From BREAKING: Russia Issuing ‘CryptoRuble’

That’s pretty amazing if you ask me, but it does illustrate a general point about futurology, which is that sometimes the technologist’s roadmap can be a less accurate guidebook than artists’ imaginations.

Whether we achieve a mostly cashless society sooner or later should be left to technological advancement.

From Should We Move to a Mostly Cashless Society? – WSJ

No, it shouldn’t. This is a matter of great importance and with significant implications for society. The strategy should be set by society, not by technologists. And we need to make some big decisions about it fairly soon, otherwise we will allow technology (that is, technology companies) to create an environment that we may not be comfortable with. What might that environment be? Well, it won’t be like 1984 (for one thing, we didn’t need the government to come around an install screens to watch us all the time, we bought them ourselves from Apple and Samsung and Google). I don’t think it will be like Star Trek either, partly because of the physics and partly because of the money-free utopianism. I think it will be more like the future set out a few decades ago by the “cypherpunk” writers who predate the internet and social media but saw which way the wind was blowing. I’m not the only one who thinks that “we are, roughly, living in the world the cyberpunks envisioned”.

There’s a nostalgia around that word cypherpunk for me, because it’s now many years back I saw these visions and was captivated by them. A quarter of a century ago, my Consult Hyperion colleague Peter Buck and I wrote an article for the “Computer Law and Security Report” (Volume 8, Issue 2, March–April 1992, Pages 74-76), asking whether William Gibson’s work was science fiction or informed prediction (clearly, we thought it was the latter). The article (called “What is Cyberspace” [Ref] [PDF]), which tried to explain the idea of cyberspace to a lay audience (this was before Netscape, the year zero of the modern age, so most lawyers had never been online), turned out to be rather popular. I like to think that one of the reasons was the conviction that we were exploring the actual future, not a hypothetical future. I can’t remember where the idea of the paper came from, but I do remember that we chose extracts from Gibson’s brilliant writing to illustrate the concepts rather than trying to paraphrase, and I still get a thrill from reading them now.

That’s king hell ice, Case, black as the grave and slick as glass. Fry your brains as soon as look at you

[From “What is Cyberspace?”]

I loved the idea of the “black ice” then and I love it now. In the Gibson world, Intrusion Countermeasures Electronics (ICE) refers to security software that protects data form unauthorised access, and black ice is ICE so deadly that it can kill a hacker. Wonderful. It came back to me a couple of years ago when I turned on BBC radio at random while driving home, only to discover that someone was reading one of my all-time favourite books, Gibson’s “Burning Chrome”, and the mention of the black ice gave me that chill all over again.

Writing this blog post I can still remember the shock of reading Gibson’s 1984 masterpiece “Neuromancer” for the first time. (Gibson later called this work an optimistic view of the near future because it assumes only limited nuclear exchanges between countries – let’s hope he’s right.) Why was it such a shock? Well, since leaving university I’d found myself specialising in secure data communications. I worked on one of the first secure LANs for the UK government, on secure satellite communications for banking, on secure military networks for NATO, that sort of thing. I understood computer networks, but I didn’t grok them. I didn’t feel what it meant, where it was taking us.

Reading Gibson back then was like lifting a veil from parts of my own brain. I took an artist to give me vision and vocabulary. And what a vocabulary it was. My very favourite William Gibson quote, right after “the future is already here, it’s just unevenly distributed” is about money. It comes from his novel “Count Zero” and it’s about the cashless society. I re-use it shamelessly in presentation after presentation.

He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it.

 Use of Cash in Sweden

As I’ve written before, we are heading toward a cashless society, cashless in this Count Zero sense, where cash will still be around and it will still be legal tender (although I don’t think people understand what a limited concept that is), but it will disappear from polite society and from the daily lives of most people. This vision of a cashless society, not a society where there is not no cash but a society where cash is irrelevant, may have seemed outlandish twenty five years ago, but it’s a pretty accurate description of Sweden now (where only a tiny fraction of retail payments are cash)  and China soon. The future is less unevenly distributed than it was even a decade ago.

[An edited version of this piece was posted to Medium, 16th October 2017].

An island of artificial intelligence

As I’ve written many times (e.g., here), it is difficult to overestimate the impact of artificial intelligence (AI) on the financial services industry. As Wired magazine said, “it is no surprise that AI tops the list of potentially disruptive technologies”. With Forrester further forecasting that a quarter of financial sector jobs will be “impacted” by AI before 2020, there’s an urgent need for the island begin to think about the next generation of financial services and begin to formulate a realistic strategy not only to copy with the changes but to exploit them. It is because the need is so urgent that I was delighted to be asked to give a keynote at the Cognitive Finance AI Retreat in September (Which began with a beach barbecue, something I recommend to conference producers everywhere.)

Beach BBQ

A beach barbecue is always a good idea at a conference.

The event was put together by my good friends at Cognitive Finance working with Digital Jersey (where I am advisor to the board) and they did a great job of bringing together a spectrum of both subject matter experts and informed commentators to cover a wide variety of issues and provide a great platform for learning.

On the first day of the event, political economist Will Hutton emphasised that financial services will be at the “cutting edge” of the big data revolution, pointing out that not only does the sector hold highly personal, highly valuable data about individuals, but that it has more complex oversight requirements than most other sectors.

Clara Durodie, CEO of Cognitive Finance Group kicked off the event by talking about the potential for AI to help to manage the colossal flows of data that characterise the financial sector today and I think she was right to highlight that the use of the technologies presents tremendous opportunities here.

In his superb “Radical Technologies, Adam Greenfield wrote of the advance of automation that many of us (me included, by the way) cling to the hope that “there are some creative tasks that computers will simply never be able to peform”. I have no evidence that financial services regulation will be one of those tasks, so in my talk I suggested AI will be the most important “regtech” of all and made a few suggestions as to how regulators can plan to use the technology to create a better (that is faster, cheaper and more transparent) financial services sector. The strategic core of my suggestion was that jurisdictional competition to create a more cost-effective financial services market might be a competition that Jersey could do well in.

AI as Regtech

Regulation, however, was only one the topics discussed in a fascinating couple of days of talks, discussions and case studies. The surprise for me was that there was a lot of discussion about ethics, and how to incorporate ethics into the decision-making processes of AI systems so that they can be accountable. I hadn’t spent too much time thinking about this before, but I was certainly left with the impression that this might be one of the more difficult problems to address and talking with very well-informed presenters. Listening to experts such as Dr. Michael AikenheadKay Firth-ButterfieldDr. Sabine Dembrowski, Andrew Davies and many other leading names in finance and AI left me energised with the  possibilities and intrigued by the problems.

AI is an event horizon for the financial services industry. With our current knowledge, we simply cannot see (or perhaps even imagine) the other side of the introduction of true AI into our business. But we can see that our traditional “laws” of cost-benefit analysis, compliance and competition will not hold in that new financial services space, which is why it is important to start thinking about what the new “laws” might be and how the financial services can take advantage of them.

The smart money

Writing in the Bank of England’s “Bank Underground” blog, Simon Scorer from the Digital Currencies Division makes a number of very interesting points about the requirement for some form of Central Bank Digital Currency (CBDC). He remarks on the transition from dumb money to smart money, and the consequent potential for the implementation of digital fiat to become a platform for innovation (something I strongly agree with), saying that:

Other possible areas of innovation relate to the potential programmability of payments; for instance, it might be possible to automate some tax payments (e.g. when buying a coffee, the net amount could be paid directly to the coffee shop, with a 20% VAT payment routed directly to HMRC), or parents may be able to set limits on their children’s spending or restrict them to trusted stores or websites.

From Beyond blockchain: what are the technology requirements for a Central Bank Digital Currency? – Bank Underground

If digital fiat were to be managed via some form of shared ledger, then Simon’s insight here suggests that it is not the shared ledger but the shared ledger applications (what some people still, annoyingly, insist on calling “smart contracts”) that will become the nexus for radical innovation. They bring intelligence to money, and some people think this is more revolutionary than it first appears. One such person is Eric Lonergan. Eric is someone I always take seriously. He’s a hedge fund manager, economist and writer. He wrote a great book about money, called Money, and he is a source of clear thinking on many issues around this central topic of shared interest. Here’s what he had to say about Bitcoin recently.

The most significant innovation in Bitcoin is not blockchain, nor the fact that it is a non-state-backed electronic currency. It is truly ground-breaking because it is the first ‘intelligent’ money. An ‘intelligent money’ is one which self-regulates.

From Intelligent money & valuing Bitcoin – Philosophy of Money

Quite, but this form of intelligence is only one kind and the Bitcoin self-regulation is only one kind of self-regulation. There are some truly surprising possibilities once you add general-purpose programmability. I have bored people to tears repeatedly with my standard four hour lecture about why the incorrectly labelled “smart contracts” will be the source of real innovation in the world of cryptocurrency and, indeed, why one of the first uses of those smart contracts (ICOs and tokens) will be much more important to the world of financial services than, say, Bitcoin. But that kind of self-regulation may not be the only thing that intelligent money does. Eric goes on to say that:

‘Intelligence’ could also embed social goals – for example the currency could self-regulate the activities for which it is used, perhaps even rewarding or punishing activities contingent on their social impact. In extremis, I imagine we will have a currency which is fully intelligent, gathers data and evolves its own rules of distribution and growth. .

As you will deduce from the subtitle of my recent book “Before Babylon, Beyond Bitcoin – From money that we understand to money that understand us” I agree. What’s more, as Eric says, “my sense is that it [intelligent money] is inevitable – indeed it could be the basis of an edge for digital currency over existing state-backed money”. That’s a pretty interesting statement from someone who is a thorough student of money. If he is right, and money becomes more closely connected with the social goals of the communities that it serves, then the future of money will look very different from both the Washington Consensus and Star Trek (that is, there won’t be a “galactic credit” or whatever, but very many different kinds of money).

Don’t listen to me, listen to Christine Lagarde

Now, you may think that all this talk about digital currencies is just unhinged techno-determinism when it comes from me, and you can safely ignore it, but when it comes from Christine Lagarde, the head of the International Monetary Fund (IMF) and pillar of the Washington Consensus, you have to take it seriously. In a talk given to the Bank of England conference on “Central Banking and Fintech” (29th September 2017), she said that virtual currencies [by which she means digital currencies in my taxonomy] could actually become more stable than fiat currencies. She says “for instance, they could be issued one-for-one for dollars, or a stable basket of currencies”. This idea of creating a what is strictly speaking a digital currency board is not new and I was interested to see Ms. Lagarde’s mention of a basket of currencies as a viable option. In my recent book “Before Babylon, Beyond Bitcoin” I discuss this as one of the potential futures for money, with reference to the vision of a former Chancellor of the Exchequer. Many years ago, John Major proposed just such an extremely sensible alternative to the euro, which at the time was labelled the “hard ECU”.

The idea of the hard ECU was to have a pan-European digital currency (it would never exist in physical form) but still be accepted in all member states. I am not alone in thinking that this was a missed opportunity. Keith Hart, author of the brilliant “The Memory Bank“, a book about money from an anthropological perspective, wrote that it was a big mistake to replace national currencies with the euro. He further pointed out that the hard ECU would have meant politically-managed fiat currencies alongside a low-inflation alternative, a plural option enjoyed by countries that didn’t join the euro, like Britain and Switzerland. I couldn’t agree with Keith more.

The hard ECU, or as I used to like calling it, the e-ecu was always a better idea than the Euro but when John Major proposed it, he was ignored. He envisaged a cross-border currency for businesses and tourists to use. Thus, businesses could keep accounts in hard ECUs and trade them cross-border with minimal transaction costs and no foreign exchange risk and tourists could have hard ECU payment cards that they could use across the continent. But each state would continue with its own national currency — you would still be able to use Sterling notes and coins and Sterling-denominated cards — and the cost of replacing them would have been saved.

 Global money

Real Money.

When researching the hard ECU concept for my book, I discovered that the proposal goes back well before Ms. Lagarde and Mr. Major and back into the early days of Margaret Thatcher’s government, in a 1983 report of the European Parliament on the European Monetary System. The proposal was at that time supported across the political and national groups in the parliament, including by the Germans so long as the central bank only concerned itself with stability of the currency (as subsequently transpired). It was taken up by Mrs. Thatcher’s government as a practical single currency for Europe, a means to expand the UK’s financial services industry across a European single market. But it never made it and the later political drive for the euro sidelined it. 

The point is, though, that it was a feasible option and that a digital currency that is backed by a reserve (whether of dollars or some basket of currencies or, indeed, commodities) is a sensible idea. In fact, it’s already being tried in a couple of places. In Kenya, where M-PESA is a private currency backed 1-1 by Kenyan shillings. And in Ecuador, where the government has been trying to launch a Central Bank digital currency. Any Ecuadorian over the age of 18 can open an account for free and transfer money to other people for free. 

An interesting aspect of this otherwise fairly straightforward value transfer system is that is denominated in US Dollars. The US Dollar has been legal tender in Ecuador since 2000, when the post-gold standard “Sucre” was abandoned although, apparently, the “centavo” coins are still in use. This is a practical solution to the big problem of small change under “dollarisation” and most countries that use the dollar still mint local coins: thus, Ecuador uses the dollar as legal tender but mints centavo coins. The government guarantees that anyone who wants to exchange 100 Ecuadorean centavos for a genuine United States dollar can do so. As the economist John Kay noted when he reflected on the coins in his pocket in Ecuador, is in itself an interesting comment on the subject of money. He also pointed out that there is a 50 cent coin minted for the government of Ecuador while the US does not issue 50 cent coins. So “while everyone in the Galápagos or the national capital Quito would accept my 50 cent coin, no one in Washington would”. He went on to note the curiosity that “genuine dollar coins, minted for the US Treasury, have not proved popular in the US but are widely circulated in Ecuador”. It is important to understand that the US Federal Reserve banknotes that are in circulation in Ecuador, stuffed under mattresses in Ecuador and fuelling the less-formal sections of the Ecuadorian economy are in essence an interest-free loan to Uncle Sam. By replacing these with digital currency, the Ecuadorian central bank can reclaim the seigniorage for itself.

All well and good and the ability to transact electronically will also be of the great benefit to the citizens and should cut transaction costs across the economy. If the central bank were to ask the advice of people with knowledge of the creation of a national non-bank mobile payment system (e.g., my colleagues at Consult Hyperion) I am sure that they would be advised to make the system a platform for innovation to encourage entrepreneurs to build local solutions on top of it. The lack of APIs in the initial roll-out of M-PESA was, in hindsight, a mistake and Ecuador could clearly learn from this to capture even more benefits from its transition to digital currency.

Ecuador Demo


Unreal Money.

The Ecuadorian Digital Dollar has, I have to say, not been universally well-received. A suggestion for governments thinking of introducing such a system in the future is that it  would benefit greatly from transparent auditing as citizens will not hold the electronic currency unless they are sure that it will remain redeemable at par for US dollars (or other basket of currencies or commodities) themselves. Any suspicion of fractional reserve is disastrous. If the government were to fall prey to the temptation to put more of the digital dollars in circulation than they have (or have the equivalent of) in reserve then, as the Wall Street Journal observed at the time of launch, they will simply be creating doomed electronic assignats that will never obtain traction in the wider economy and Ecuador will be unable to reap the many benefits of its transition away from cash. Christine makes this point herself, saying that the issuing of such a digital currency could be “fully transparent, governed by a credible, pre-defined rule, an algorithm that can be monitored…or even a ‘smart rule’ that might reflect changing macroeconomic circumstances”. I agree strongly: the use of shared ledgers and other such technology may be of maximum benefit in delivering the robustness and availability that a national cash replacement system and the radical transparency that it is required to give people faith in the system.

P.S. In case you see any tweets, newspaper comment or learned articles that refer to the Ecuadorean digital experiment in monetary futures as a “cryptocurrency” please bear in mind that it isn’t.