Lotteries and lolly

Posted on June 19, 2021 by davebirch

Do we really want anonymity in payment systems or not? It’s a really complicated subject. If anyone tells me that they think payments should be completely anonymous, or completely not anonymous, I suspect that they haven’t thought it through. Even those who are tasked with thinking about this sort of thing are not sure. A few years ago, the US Government Accountability Office published a report on “Emerging Regulatory, Law Enforcement, and Consumer Protection Challenges” (May 2014) and the first of its conclusions was that virtual currency systems “may” provide greater anonymity than traditional payment systems.

They “may”, or they may not. It’s a question of design. The design I want is privacy-enhancing pseudonymity, but that’s just one way of doing things, so I am always keen to gather illustrative use cases. It was while I was writing a piece about assassination lotteries that I remembered the very interesting use of lottery winnings. I was alerted to this by Don Thibeau a couple of years go. He pointed me in the direction of a story about the winner of a HALF A BILLION DOLLAR lottery prize in the United States who was involved in a court case (as Jane Doe) to remain anonymous because she didn’t want everyone to know about it. You can understand why this might lead to problems. Very serious problems, such as when November 2015, Craigory Burch Jr. matched all five numbers in the Georgia Fantasy 5 drawing and won a $434,272 jackpot only to be murdered in his home by seven masked men who kicked in his front door.

Anonymity is Hard

Apart from trying to avoid home invasion and murder, there might be all sorts of reasons that a lottery winner might like to keep her good fortune to herself. Would she really be anonymous though? After all, the money would have to go into a bank account, so not only would lottery officials know who she is but people at the bank would know who she is, and so on. Being anonymous is really difficult in an infrastructure that has no anonymity. Which leads on to an interesting question: if we are designing the identity system of the future, should it allow for this kind of anonymity? It turns out that New Hampshire actually allows people to form anonymous trusts and these trusts can buy lottery tickets. Again, though, would the trust members really be anonymous? The money would have to go somewhere…

You could of course construct the lottery to be completely anonymous from the beginning by using a variant of the cryptographic blinding invented by David Chaum for Digicash. That is, you buy a lottery ticket, fill out the numbers and add your ZCash, Monero or whatever address and then submit it with a blinding factor. The lottery signs the ticket to confirm your numbers and sends it back, at which point you divided out the blinding factor to give yourself a completely anonymous, but completely valid, lottery ticket.

If that ticket wins the lottery, the money can be sent to the cryptocurrency address in the ticket without the lottery owner or anyone else having the slightest idea who it belongs.

NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)

So is this a use case for anonymous cryptocurrency then? Well, no. Here’s the thing: would you want lottery winnings to go to anonymous people? How would you know that the lottery is fair? How would you know that the lottery operator isn’t rigging it and sending all of the winnings to their family? How do you know that the lottery organiser didn’t win and send the money to themselves? There must be a way to audit, and this of course again points away from anonymity.

I understand the genuine concerns of informed observers. I read in Reason magazine (“Cash means freedom”) a while back: “Cash—the familiar, anonymous paper money and metallic coins that most of us grew up using—isn’t just convenient, it’s also a powerful shield for our autonomy and our privacy”. But it really isn’t. Privacy is being taken away because of social media, people wearing cam-shades and ubiquitous drones, not because of debit cards. I empathise with those people who are as concerned with privacy (as I am), people who worry (with good reason) that there might be an inevitable tendency for a government to want to trespass on the pseudonymous infrastructure in the name of money laundering or terrorism, but that’s a problem that needs to be dealt with by society, not by technology.

Between the rock of total surveillance and the hard place of total chaos, it remains difficult to make the case for digital cash, and central bank digital currency in particular, to be anonymous. We must choose the least worst option: privacy, not anonymity. I agree with Michael Casey’s argument in the Cato Journal that a privacy-enhancing digital Dollar would be very appealing on a global scale in contrast to digital currencies subject to continual state surveillance. He says that if the United States were to treat money “less as a means of controlling everyone and more as a field of opportunity for creative startups” then it would bring substantial benefits which, if central banks think (as I suspect they do) that one of the main drivers for a digital currency is as a platform for new products and services, will add to America’s comparative advantage.

(An edited version of this article first appeared on Forbes, 28th May 2021.)

Kim Kardashian, COVID and escape to the cyburbs

Posted on October 29, 2020 by davebirch

Kim Kardashian’s trip to a private island with a few close friends has attracted some criticism from normal people who are unable to outrun this virus in their Gulfstreams, but she is hardly the only one percenter to be using her wealth as an alternative to social distancing, face masks and work-from-home lockdown misery. Douglas Rushkoff wrote eloquently about the phenomenon of the rich moving out of cities to comfortable mansions in the country to avoid the pandemic. He talks about the rich building their “escape pods” and (with what I imagine to be frightening prescience) how the journey from video doorbell to autonomous robots sentries is constrained by money, rather than by ethics.

Inept government responses to COVID are pushing those escape pods to escape velocity irrespective of the actual risk. Indeed, as Rushkoff goes on to say, he “can’t help but wonder if the threat of infection is less the reason for this newfound embrace of virtual insulation than it is the excuse”. The rich have had enough of the rest of us and they don’t want to be another country, they want to be another planet.

As a wage-slave scrabbling to make a living in the post-pandemic ruins of a career, I will never be able to afford that private island with ground-to-air missile defences and live-in help. But I can afford a nice chair for my study, some patio furniture of when it’s warm and high-speed broadband (props to Virgin, by the way). With this, I can retreat from a dangerous, unpleasant and confusing physical world into a controlled organised and above all safe virtual world. I am more than happy to commute through cyberspace rather than on crowded, unpleasant and disease-ridden trains.

Speedtest

Escape velocity, Woking-style.

There must be a lot of people thinking this way right now, judging by the deserted streets I saw in London last week. And it is interesting to me because I agree with Sam Lessin’s observation that if a result of the pandemic is more online working, online commerce, online education, online government and so on, then we will see that digital identity will be a crucial pivot. His point that “if the jobs people need are in digital rather than physical space, the internet’s side of the fight will gain a lot of power” is accurate and I think the consequences of that win are more significant and more far-reaching than may at first be obvious.

The digital identity that I use in the online world will be vastly more important to me than the physical identity that I might occasionally need at an airport. Click To Tweet

In other words, the digital identity that I use to traverse the highways and byways of the online world will be vastly more important to me than the physical identity that I occasionally need at an airport (should I ever get to fly anywhere again).

Never mind a flight to the suburbs, I predict a flight to the cyburbs.

The safe, digital space where I will earn a living is a cyburb, a little corner of the internet where I will live with people are who, broadly speaking, like me. Kind of like the gated community that my cousin retired to in America. A crucial difference, however, between these gated communities in cyberspace and their real-world equivalents in the Hamptons is that digital identity will form a more effective boundary than the barbed wire and armed guards of the gated communities that the rich will retreat to in the real world. The people living in the cyburbs will be happy to pay taxes for better broadband and efficient home delivery and neighbourhood security, but it is going to be pretty difficult to persuade them to pay tax to support public transport in the city that they never visit, police they never see and services for (as they see it) the unchecked angry youth roaming the city streets.

When the residents decide on a new ordinance, they can enforce it instantly and effectively and will exclude transgressors by removing access from their virtual selves. There may be all sorts of constitutional and legal issues with stopping people you don’t like from walking down your physical street, but there’s no problem at all with stopping them from walking down your virtual street. In a reputation economy, justice takes a different form: taking away your attributes can be much more of a punishment than putting you in jail. Life will be ordered and managed. It will be safe.

Out in the cyburbs, code is law.

It seems to me that if society divides across the online and offline fault line, then for a great many people the emerging new world looks more appealing than the old physical world. Lessin’s observation that “a world where people come to earn money mostly online and disconnected from the physical world is a world of internet ascendancy” reinforces the view set out in my book Identity is the New Money (LPP: 2014) that we are going back to the future. What I meant by this was that mobile phones, the Internet and social media allow us to escape the urban anonymity of the industrial revolution and organise ourselves by communities. In the neolithic world, of course, people lived in one community and its boundaries were geographic. Our brains were assembled for optimal interaction in the clan of around 150 people, a number well known to social scientists. In the online world, each of us will belong to multiple overlapping clans that are defined by what people are rather than who they are and the boundaries will be soft, defined by credentials not identity.

These clans will range from friends and family to work and play. Between my Dungeons and Dragons clan and my extended family clan and my Arrest The Prime Minister clan, I’m fine. You can see why people will prefer to live this way. If I break the rules of the Woking FC Season Ticket Holder’s clan, then I will be cast out. End of story. There won’t be a bill of rights any more than there is one for Facebook Groups, no more free speech than there is on Twitter and no more right to reply than there is on Instagram.

Cyburbia might sound like a virtual Disney village to you, a bland echo chamber existence devoid of creativity or imagination, but to a great many people it sounds like heaven.

(This is an edited version of an article that first appeared on Medium, 7th September 2020.)

Apple Pay whatever, Apple ID wowza

Posted on September 18, 2020 by davebirch

We’re all familiar with Apple Pay and Google Pay and how much easier (and more secure) they make online commerce. It would be nice if this security were to extended to online interactions of all kinds, not only payments. I think this is not that far away. Apple has recently registered a number of patent claims across the general field of “verified claims of identity” which quite rightly attracted some attention. In July, they filed an application with the U.S. Patent & Trademark Office that describes the technology it is trying to develop to replace traditional driver’s licenses, passports and varied ID cards for government purposes or access to private property. I think these applications are really important and that the fact that Apple wants to control means of presenting and verifying “identity” through devices, including iPhones, is a signal to the industry that the wallet wars are about to heat up.

If I look in my wallet, most of the stuff in there is nothing to do with payments.

If Apple or Google want to replace my wallet, that means that they have to replace my driving licence, my loyalty cards, my rail discount pass, my blood donor card, my AA membership… well, you get the point. And in the real world, I only have twenty or thirty of those cards but in the virtual world I have hundreds if not thousands. Replacing the payment cards was easy. Replacing the identity cards is hard. But in the long term, it’s much more valuable.

It would be nice if the security and convenience of the digital wallets were to be extended to online interactions of all kinds, not only payments. Perhaps this is not that far away. We already use them make online access easier. If I’m signing up for a new services (eg, when I signed up for the New York TimesNYT recently) then I’ll look for the “sign in with Apple” button first and only if the web site does not support it will I then select “sign in with Google” (after first remembering to log in to my “John Doe” Google account). But this is about authentication, not identification. Apple told the New York Times that I am “blahblahblah@blah.apple.com”, not that I am David Birch or that I am over 21 or that I am a UK resident or whatever.

It’s about time, Frankly. The lack of a digital identity infrastructure is big problem in an online world and it has to get fixed whether by governments, financial institutions, specialist players or someone else. Since governments, banks, telcos and others have not fixed the problem (at a level of global interoperability comparable to the internet and mobile phones), it looks as if someone else is going to have to do it.

Since governments, banks, telcos and others have not fixed the lack of a digital identity infrastructure, it looks as if someone else is going to have to do it. Click To Tweet

At the time of writing, Apple are advertising a vacancy in Cupertino for a product manager for identity. The job description posted is for a “top-flight identity product professional with industry experience in physical and digital identity to join us on the journey of replacing the physical wallet”). Maybe Apple is going to be the someone else who is going to deliver mass market digital identity.

They can do it, and I’m hardly the only person to have said this. A couple of years ago here in Forbes, for example, Panos Mourdoukoutas predicted that Apple’s next big revenue source wouldn’t be another device, but the “monetization of the ID Apple assigns to its customers”. This prediction, I should stress, was not especially radical or unusual. Indeed, back in 2016 I was working on the strategic assumption that this was an inevitable direction. I wrote at the time that “it is a very short step from Apple Pay to Apple ID, where revocable identification tokens are loaded into the tamper-resistant hardware”. This was hardly a mystical prediction. I was merely building on the obvious fact that if the “secure enclave” inside an iPhone is safe enough to store payment tokens then it is safe enough to store a variety of the virtual identities that I will need in the online future, having written back in 2015 that if my “Apple ID” provides a convenient mechanism for mutual recognition in person and on line, it will be indispensable in short order.

(Without getting distracted by technical details, it is important to note that what Apple appear to envisage is that a device — such as an iPhone, to highlight the obvious example — will be storing credentials obtained from a variety of sources. My hope is that Apple, Google and others support an interoperable standard — W3C VC, to highlight the obvious example — so the credential providers and users will move to authorisation-based transactions as soon as possible.

So the idea that the platforms might step in and provide the digital identities that will be crucial to our online existence — because banks, governments and others have not — is not what is new. What is new, and why we are talking about identity now, is the coronavirus and the extent to which is has both illustrated the problems caused by not having digital identities and accelerated the drive toward workable solutions. Suddenly we are having to figure out not only how to shop and bank online but how to work, learn, visit the doctor, vote (to pick a very current and contentious example) and access government services online. In the UK, as in the USA, we don’t yet have anything like the infrastructure needed to do this so we end up with costly and imperfect silo solutions.

My point is that we need to put some serious thought into developing a digital identity infrastructure. And we must think about how that infrastructure will evolve and develop. Does the USA want a system as in China where you have a single identity that must be used to do everything and the government knows what you are doing at all times? That has some interesting consequences! For example, for years, the government there has been trying to stop kids from playing too many video games. Now the Chinese have ruled that anyone wanting to play a game must log in using a state-run authentication rolling out this month.

Now, that may be the right way to run a country or the wrong way. That’s not my point. My point is that we need to think about the problem and make some choices about what we want because if you think that digital identity is just about making it easer to log in to your bank, you are wrong. Should the government know that you have logged in to my bank? Should Apple know that I am playing Fornite? Should Facebook know that you are voting online? How exactly can we design an infrastructure to deliver both privacy and security? These are serious questions: Digital identity is the foundation of existence in an online society and choices that are made about how those identities work will be fundamental to how that society is going to work in the future. We need to begin this discussion now.

[This is an edited version of an article first published on Forbes, 29th August 2020.]

All the news that’s fit to ID

Posted on July 17, 2020 by davebirch

I came across an interesting story via my old chum Charles Arthur’s consistently interesting “Overspill” blog. The story concerns on Oliver Taylor, a student at England’s University of Birmingham. From his picture, he appears to be normal looking twenty-something. From his profile he appears to be a coffee-loving politics junkie with an interest in anti-Semitism and Jewish affairs, with bylines in the Jerusalem Post and the Times of Israel.

Why is this interesting? For two reasons. First of all because I was involved in an interesting Twitter debate with two thoughtful identity commentators, Tim Bouma and Jonathan Williams during which this issue of “anonymous” contributions to newspapers happened to come in to the conversation and it made me think about the same issues as Charles’ story. Tim had mentioned writing for a newspaper that had kept his real name off of his stories, and I responded that if they knew who you were, then you were not anonymous.

Secondly, because Oliver’s picture was created by an AI. It’s a fake face that doesn’t belong to any living human being. It was composed to be a human face that any of us would be able to recognise and distinguish, but it is entirely synthetic.

Oh, and Oliver doesn’t exist.

Charles notes that “two newspapers that published his work say they have tried and failed to confirm his identity”. But wait. Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story?

Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story? Click To Tweet

Well, no. That doesn’t work. What about whistleblowers? What about privacy in general? If the newspaper knows who Tim Bouma is then his personal data is at risk should the newspaper be compromised or co-opted. There seems to be a conflict between newspapers wanting honest opinions and newspapers needing to know identities, even if they are hopeless at telling a real identity from a fake one.

The way out of this dead end is to understand that what the newspaper should be checking for this kind of story is not the identity of the correspondent but their credentials. I doesn’t matter who Oliver Taylor is, it matters what Oliver Taylor is. It ought to be part of our national digital identity strategy (which we don’t have) to create a National Entitlement Scheme (NES) instead of some daft 1950s throwback digitised version of a national identity card. In the NES, it then becomes part of the warp and weft of everyday life for a correspondent with something interesting to say to use his persistent pseudonym “Oliver” to post his comments along with his anonymous IS_A_PERSON credit and his anonymous IS_A_STUDENT (BIRMINGHAM) credential.

That way, the newspaper gets the information it needs to obtain a story of interest and perhaps worth publishing, while even if they are socially-engineered by genius hackers, they cannot disclose the real identity of the correspondent because they don’t know it. The mention of social-engineering, by the way, brings into focus the recent Twitter hack. What’s generally true for newspapers is generally true for Twitter: who I am is none of their business, something I written about at exhausting length before.

Incidentally, it doesn’t take hackers to obtain personal information from a platform because as I am sure you will recall, two of Twitter’s former employees have been charged in the US with spying for Saudi Arabia. The charges allege that Saudi agents sought personal information about Twitter users including known critics of the Saudi government. If Twitter doesn’t have your personal information, then it can’t be leaked, stolen or corrupted.

There is a way forward, and cryptography can deliver it using tried and tested (albeit counterintuitive) techniques.

Don’t listen to technologists (eg, me) listen to the anthropologists

Posted on May 26, 2020 by davebirch

I thoroughly enjoyed the FS Club discussion with eminent futurologists looking back on their predictions from the year 2000 (and learning from them where they were wrong) and looking forward t0 2040. I especially enjoyed it because one of the speakers was Gill Ringland. Gill is now a Director of Ethical Reading, set up to energise an ethical business climate in the Thames Valley, but in the past was head of strategy at ICL amongst other things. I had the good fortune to meet her way back, at the 2012 Digital Money Forum. I’d been very impressed by a report that she’d written and asked her to come along and give a presentation about it. She gave a super talk about her exploration of the world of financial services in 2050 from the report “In Safe Hands” (published at Long Finance).

I wrote at the time that she had used a tried and tested scenario planning technique (the same one that I always use these days) to generate a 2×2 matrix of four scenarios imagined using the “Washington consensus” vs. “Community-based values” on one axis and “mundane” and “virtual” (essentially) on the other axis to reflect the extent to which real or virtual communities come to shape the economy and therefore financial services. Gill explained at the time that in order to create scenarios (i.e., internally-consistent views of possible futures) for a generation from now, she found it useful to look two generations back, and consider the asset classes managed by the financial services industry in 1930. These were broadly commodities, cash, equities and brains. Looking forward, she added a fifth asset class based on demographics for 2050.

Transactions, therefore, become the exchange of these asset classes (but in digital form, of course). This seems to me especially interesting in a city-centric context because, for example, a permit to reside in a desirable city could well become a key tradable commodity. Indeed, this view was reinforced in the FS Club discussion, where the even more expensive view that cities might begin to dictate the policies and trajectories of the nation state was put forward. In this context, Gill’s prescient narrative of the “C50” (the organisation of the 50 richest city-states that will replace the G20 as the mechanism for “managing” the world economy) which came from her “Many Hands” scenario, forms a solid narrative around the future economic organisation of a successful, functional world. As Martin Wolf wrote in the FT around that time “this is the age of cities, not of national economies” (going to say that “it is high time London became a true city state).

(This surely implies that the “cash” of cities will become the most important kind to the average person. In other words, having abandoned Sterling for London Lolly and US Dollars for New York Notes and LA Loonies, will these be sufficient to provide the medium of exchange for the future economy. Right now, almost all transactions are local and even at the national level only 1%-2% of European transactions are cross border. If I live in London and use London Lolly for the train, for lunch and at the supermarket, is it such a big deal to convert it to Moscow Moolah to buy something online? Especially when your phone does it for you?)

A world economy built up from cities and their hinterlands will obviously demand different financial services and institutions from one based on national economies. This was foreseen by the wonderful Jane Jacobs’ work “Cities and the Wealth of Nations” that was published way back in 1984. My Jacobs-influenced city-centric perspective was reinforced when I happened to read a Canvas8 report “The city an an identity anchor” (which echoed Gill’s points about identity, which I’ll return to in a minute) and then the World Economic Forum (WEF) 2017 report “Cities, not nation states, will determine our future survival”.

What this means to me is that the future sense of identity will be city-centric, with people seeing themselves as Londoners and New Yorkers rather than Brits and Yanks, a view that the COVD-19 crisis seems to have reinforced. Their loyalties will be more local than ours and the relationships between cities will replace the relationships between countries as the most important tensions and dynamics. I can’t help but wonder if cities will begin by forming trade pacts and then moving on to form defence alliances, bearing in mind that the wars of the future will be fought in cyberspace. Never mind national identity in the India (Aadhar) model or provincial identities as in Canada. What if these specific city identities are the core of the future digital identity models?

Passports in Pimlico

This leads me to wonder yet again what the model of city-centric identity might be. How will those identities relate to trade, commerce and society as a whole? Which attributes will be the valuable ones (beyond is_a_person, of course) and which will atrophy to form vestigial credentials of no practical value? When discussing the C50 scenarios back in 2012, Gill made a passing but powerful observation on future transactions and it has stayed central to my thinking on the topic. She said that individuals will protect their “personal identity, credit ratings and parking spaces” at all costs and I think this is a powerful and imaginative narrative to group ideas about attributes and credentials.

Personal identity. I might take issue with Gill here and say “personal identities” but I know what she means. An infrastructure that delivers both security and privacy to identity transactions of call kinds will be needed to support the reputation economy of the networked society. There is no possibility of social media and social democracy co-existing in this future scenario without such an infrastructure.

Credit rating. The commercial reputation that means that you can buy or sell, whether an individual or an organisation will be central to economic existence. In a networked society, this is more likely to be something that comes from the social graph than the conventional credit rating of today.

Parking spaces. This means the (tradeable) right to reside in a particular place. These rights will certainly be of critical importance to the individual, since their own identity will be closely related to the city (and hinterland) of residence. There’s no reason why (for example) London and Scotland should have the same immigration rules. If that sounds a little far-fetched, I can tell you that it is happening right now. I came across an interesting case study from Denmark via the social anthropologist Camilla Ida Ravnbol from the University of Copenhagen. Since the COVID-19 crisis has restricted travel, any “permission to work in Copenhagen” document has become a valuable traded commodity in the marginalised Roma community that needs access to the city to earn money (by collecting materials for recycling, for example).

In the language of digital identity, digital money and digital diligence, then, this line of thinking imagines a reputation economy anchored in the mundane which is (as I explored in my book “Before Babylon, Beyond Bitcoin“) a landscape animated by new technology but shaped by physical as well as virtual communities. What does this all mean for transactions? What does it mean for the future of the financial system? Or, more specifically, to answer the question asked at the very beginning, what does it mean for the world in 2040?

Well, I don’t know. But if I wanted to find out, I’d start by talking to social anthropologists. Fortunately, Camilla I will be chairing a session that touches on these issues along with Atreyee Sen at the European Association of Social Anthropologists conference in July. As the conference is now online, you can sign up and log in online to join us here. We are Panel 57, “Digital encounters, cashless cultures: Ethnographic perspectives on the impact of digital finance on economic communities”, so please do pop in and take part in the discussion.

What is the point of the “travel rule”?

Posted on May 19, 2020 by davebirch

A couple of years ago, as you may have read in the Financial Times at the time, the Financial Action Task Force (FATF) extended their recommendations to include cryptocurrency exchange and wallet providers and such like, referred to as Virtual Asset Service Providers (VASPs). This meant that all countries must supervise and monitor these, and that they should apply anti-money laundering and anti-terrorist financing controls: that is, customer due diligence (CDD), suspicious transaction reporting (STR) and the “travel rule”.

The decision to apply the same travel rule on VASPs as on traditional financial institutions was greeted with some dismay in the cryptocurrency world, because it means that the service providers must collect and exchange customer information during transactions. The technically non-binding guidance on how member jurisdictions should regulate their ‘virtual asset’ marketplace included the contentious detail that whenever a user of one exchange sends cryptocurrency worth more than 1,000 dollars or euros to a user of a different exchange, the originating exchange must send identifying information about both the sender and the intended recipient to the beneficiary exchange. The information must also be recorded and made available to “appropriate authorities on request”.

This identifying information, according to the FATF Interpretive Note to Recommendation 16, should include name and account number of the originator and benefactor, the originator’s (physical) address, national identity number (or something similar) or date and place of birth. In essence, this means that personal information will be smeared all over the interweb tubes. My good friend Simon Lelieveldt, who is very well-informed and level-headed about such things, said at the time that this is a “disproportional silly measure by regulators who don’t understand blockchain technology”, which may be a little harsh even if not too far from the truth.

Anyway, some folks from the land of crypto have put together a standard for implementing the travel rule in the hope of spurring interoperability and reducing the costs for all involved. The standard, known as IVMS101, defines a uniform model for data that must be exchanged by virtual asset service providers (VASPs) alongside cryptocurrency transactions. The standard (you can download it here) will identify the senders and receivers of crypto payments, with such information “traveling” alongside the cryptocurrency transactions but along a separate path (that is, the IVMS101 messages do not themselves need the blockchain or any other crypto infrastructure).

(If you are wondering why it’s called IVMS101, it’s because the SWIFT MT101 message is the global standard request for the electronic transfer of funds from one account to another. For those of us in the payments world, MT101 is mother’s milk: mandatory Tag 20 Sender Reference, optional Tag 21 Customer Specified Reference and so on and so on. The MT101 message is used throughout the business world to send bulk payment instructions (ie, a header and multiple payment instructions in a single message). There is also the MT103 message that instructs a single transfer but this is mainly used to move funds between banks and other financial institutions such as money transfer companies.)

IVMS101 is pretty thorough and it sets out in detail what messages should be passed from (eg) one Bitcoin exchange to another, along the lines of:

if the originator is a NaturalPerson then either (
     geographicAddress
          with an addressType value of GEOG or HOME or BIZZ 
     and/or customerNumber
     and/or nationalIdentification
     and/or dateAndPlaceOfBirth )
is required.

This sort of thing is needed because there’s no global standard digital identity that could be attached to messages so market participants have to make do with national solutions or proxies. Nevertheless, it’s a good standard (as you’d expect when you see who wrote it) but uncharitable persons might well be asking what the point of it is because law enforcement agencies can already get this information by presenting a warrant. What the travel rule does is to, essentially, automate mass surveillance without a warrant or any other oversight and force personal information on to marketplace intermediaries (where, in my opinion, it doesn’t belong – my date and place of birth is no business of either intermediary exchanges or, indeed, the destination exchange). What’s more, since the travel rule is for value transfers between exchanges, it seems rather unlikely that it will catch any criminal flows at all.

I, for example, have a Coinbase hosted Bitcoin wallet and a Bitcoin wallet on a USB stick. If I want to send money to criminals, I will transfer it from my Coinbase wallet to my USB wallet and then from my USB wallet off via mixers to the criminal’s USB wallet and the travel rule is irrelevant. The uncharitable people mentioned earlier will undoubtedly observe that since the actual travel rule doesn’t seem to have stopped money laundering which is a massive global industry, there’s no obvious reason why the virtual travel rule will stop electronic money laundering on a similar grand scale.

The enforcement of a regulation (the travel rule) that was created over 20 years ago for a fast-evolving industry, may not be the best approach for cryptocurrency. Click To Tweet

Writing in this month’s Chartwell “Compass” magazine, Omar Magana hits the nail on the head with respect to the travel rule, asking if “the enforcement of a regulation that was created over 20 years ago for a fast-evolving industry, may not be the best approach”. Note that he is not arguing against regulation, he is arguing (as I do) for a form of regulation more appropriate for our age (for which I use the umbrella term “Digital Due Diligence”, or DDD) using artificial intelligence and machine learning to track, trace and connect the dots to find the bad actors.

I am genuinely curious to learn more about whether the travel rule will make the slightest difference to the money launderers, so please do let me know in the comments whether such scepticism is misguided or whether the travel rule will make the world a safer place.

Some off-the-cuff comments on in-the-cuff payments

Posted on November 13, 2019 by davebirch

It’s amazing what sort of things trendy youngsters in the payments space are getting up to these days. Only today, I read that the UK-based DressCode has released “the ultimate in geek chic“, which turns out to be a shirt with a pocket in the cuff to hold a contactless chip for payments.

The ultimate in geek chic? Sorry dudes. I had a Thomas Pink “Commuter” shirt back in 2006! The Commuter shirt had two features that I really liked at the time. It had a channel running up the inside to carry earphone cables tucked away out of sight. These connected through a hole in a side pocket so that you could keep your iPod snug and out of the way while strolling through London’s fashionable West End listening to the mighty Hawkwind. The shirt also had that second pocket in the cuff to hold a contactless card.

It was designed really for Oyster cards, but we put Visa cards in the pocket to make purchases using standard POS terminals with contactless interfaces. As I recall, we bought a few of them as presents for some of our favourite customers as well! Anyway, I went upstairs and got it out of the wardrobe to model it for you:

The point I used to make was that contactless was about more than the interface, it was about form factors and that it would lead to innovation and I used the shirt to show an example of innovation beyond the card itself. Although the shirt was fun and helped to make an interesting demo about contactless payments in conference presentations, I thought it had two design flaws.

First of all, the pocket was behind the cuff on the top of the wrist. This meant you had to lay the back of your forearm across the contactless POS terminal or Oyster card reader. The pocket really should have been on the underneath of the forearm near the wrist to make paying a more natural action.

The second problem was that if you were wearing a suit and coat, it was hard to get the card close enough for the reader. I remember thinking at the time that I wished that the pocket was in my suit rather than in my shirt.

Naturally, being a consultant rather than an entrepreneurial business go-getter my thoughts went no further. I was surprised to see that only eight years later some entrepreneurial Aussies went and did just as I’d thought about, and put the payment card pocket in the suit! I found out that the dynamic and chic (I assume) menswear specialists M.J. Bale and Visa had teamed up to create a suit with a contactless payment chip and antenna woven into the sleeve! Apparently the “power suit will let men pay ‘invisibly’ wherever Visa payWave is accepted”. I expect they were planning something for the ladies too but it’s not mentioned in the article.

Anyway, how fun. These days of course I wouldn’t use either the cable run (because I have AirPods – in fact I have AirPods2 which are absolutely awesome) or the card (because I have a smartphone and that’s what I use to pay). Nevertheless, I wish DressCode all the best with their chic project.

Unknown, known and verified

Posted on October 17, 2019 by davebirch

The stain of racism in football is, you will be unsurprised to learn, not confined to Bulgarian stadia. It’s a serious and unpleasant problem on social media too. To the extent that the noted association footballer Mr. Harold Macguire has been talking about it. According to The Daily Telegraph, “Maguire urged Instagram and Twitter to make users identify themselves in the same way as betting apps after his teammate Paul Pogba was subjected to a torrent of ‘disgusting’ racial abuse from anonymous trolls”.

Many other people seem to think that we should do something about this. Following Mr. Macguire’s analysis, the historian Damian Collins MP (chair of the Digital, Culture, Media and Sport select committee in the UK Parliament) said “Account verification should be more widely available and become the norm. I think accounts should be verified, it can’t be right that cowards and racists can hide behind the anonymity of social media to attack people, often using multiple bogus accounts”. This is an interesting observation that jumbles two different issues together: proving the account “David Beckham” points to a specific person, and proving that the specific person it points to is the former Manchester United winger David Beckham. The first is about attaching attributes to a real-world entity, the second about is about the reputation of the real world identity. Thinking these two things through separately is, I think, a key to finding a workable solution to the social media mess, but back to that later.

Another MP, the lawyer Norman Lamb (chair of the Science and Technology select committee) also commented, saying that if social media companies did not act to clean up abuse then the incoming online regulator should take action. It’s not clear to me what he means by “clean up abuse” since it seems implausible that Twitter could monitor billions of messages every day to remove those that cause any offence to anyone (I assume Mr. Lamb doesn’t want them to remove tweets calling for human rights in certain countries, for example).

(In fact it is not at all clear to me what the incoming regulator is going to do at all, but that it is a different matter.)

It’s also not clear to me what MPs and other commentators mean by “bogus accounts”. But from the context, I assume that they mean accounts that cannot be linked to some other identifier that MPs think is a legitimate form of identity, such as the aforementioned passport.

It’s not a new or interesting idea to try to link social media accounts to government-issued identity, as they do in (for example) China. A while back, to pick on one example, the noted entrepreneur Mark Cuban adumbrated Mr. Maguire by saying that “It’s time for @twitter to confirm a real name and real person behind every account, and for @facebook to to get far more stringent on the same. I don’t care what the user name is. But there needs to be a single human behind every individual account”.

Cuban is as wrong about the real names as Macguire and the MPs are, because anyone familiar with the topic of “real” names knows perfectly well that they make online problems worse rather than better. One example that springs to mind to illustrate this is when the dating platform OKCupid announced it would ask users go by their real names when using its service (the idea was to control harassment and promote community on the platform) but after something of a backlash from the users, they had to relent. Forcing the use of real names in a great many circumstances will mean harassment, abuse and perhaps even worse.

You can understand why. Why on Earth would you want people to know your “real” name? That should be for you to disclose when you want to and to whom you want to. In fact the necessity to present a real name will actually prevent transactions from taking place at all, because the transaction enabler isn’t names, it’s reputations. And pretty basic reputations at that. I think that online dating, frankly, provides a useful way of thinking about the general problem of online identity. In this case, just knowing that the object of your affections is actually a real person and not a bot (remember, in the famous case of the Ashley Madison hack, it turned out that almost all of the women on the site were actually bots) is probably the most important element of the reputational calculus central to online introductions, but after that? Your name? Your social media footprint?

There are plenty of places where I would not want to log in with my “real” name or by using any information that might identify me: the comments section of national newspapers, for example. “Real” names don’t fix any problem because your “real” name is not an identifier, it is just an attribute (refer back to the David Beckham example) and it’s only one of elements that would need to be collected to ascertain the identity of the corresponding real-world legal entity anyway.

What social media needs, and what will help with Mark Cuban’s actual problem with being sure that there is a “single human” behind an account, is the ability to determine whether you are a known real person or not. The problem with bots on social media is just as serious as the problem of racism. Without commenting on the politics of an individual issue, I could have chosen any of a thousand examples to make this point. Here’s just one, from the UK press yesterday: “Almost all of the ten most active Brexit Party supporters on Twitter appear to be automated bots, according to new research“.

The way forward is surely not for Twitter et al to try and figure out who is a bot and whether they should be banned (after all, there are plenty of good bots out there) but for Twitter et al to give their users the choice. Why can’t I tell Twitter that I only want to see tweets from real people that can be identified? It’s none of my business who the person actually is and it’s none of Twitter’s business either. But if someone knows that @dgwbirch is a real person, that’s enough. Harry Macguire can read my tweets in comfort, knowing that if I commit a criminal offence then the police can go to someone to find out who I am.

So who is that someone who knows whether I am a real person or not? Working out whether I am a person or not is a difficult problem if you are going to go by reverse Turing tests or Captchas. It’s much easier just to ask someone else who already knows whether I’m a bot or not.

There are plenty of candidates. There’s the Post Office I suppose. And the school. And the doctor. In fact, there are lots of people who could testify to my existence. But the obvious place to start is my bank. So, when I go to sign up for internet dating site, then instead of the dating site trying to work out whether I’m real or not, the dating site can bounce me to my bank (where I can be strongly authenticated using existing infrastructure) and then the bank can send back a token that says “yes this person is real and one of my customers”. It won’t say which customer, of course, because that’s none of the dating site’s business and when the dating site gets hacked it won’t have any customer names or addresses: only tokens. This resolves the Cuban paradox: now you can set your preferences against bots if you want to, but the identity of individuals is protected.

What is crucial here is the IS_A_PERSON attribute. Twitter, for example, should mark my account as of unknown origin until it sees this attribute. Of course, Twitter will want to see it in the form of a verifiable credential signed by someone who they can sue if it turns out I’m not a person after all, but you get the point. When I sign up to Twitter I am “unknown”. When they get a valid IS_A_PERSON credential from me, then my status changes to to “known”. Once I am known, then I can go on to be verified if I want to be.

Most normal people, I imagine, will leave their Twitter account in the default setting of “known only”. Some people might want to go tighter with “verified only”. If nutters want to post racist abuse about footballers, then they will be posting it to each other and the vast majority of us will never be bothered with them again.

(When I last tried to get my account verified at Twitter, they turned me down. They didn’t say why, but presumably they thought that some of my tweets must have been machine-generated or something.)

Look. This is an important issue that I have been posting about for years, to no avail. Anne Marie Slaughter summed the situation up in the FT last year, saying that “with the decline of traditional trusted intermediaries, and the discovery that social media account holders may well be bots, we will crave verifiability”. This is absolutely spot on, and we need to construct the networks capable of delivering this verifiability or we collapse into a dystopian discourse where no-one believes anything. The knee-jerk “present your passport to use Twitter” is not the way forward. Technology means that we can deliver verifiability in a privacy-enhancing manner, so let’s do it.

SCA and SSCA

Posted on September 2, 2019 by davebirch

We’re seeing a lot about strong customer authentication (SCA) at the moment because of the requirement of the Second Payment Services Directive (PSD2) that comes into force next week on Black Friday (Friday 13th September). That’s because there’s a lot of fraud online, it’s getting worse and the strong authentication of people (in this case, online customers) is seen as being a way to tackle it. PSD2 demands SCA, and this means that European banks and Payment Service Providers (PSPs) have had to up their game.

Strong authentication, in this context, means “two factor authentication” (2FA). What 2FA means is that you must present two “factors” to demonstrate you are who you say you are. The three factors you can choose from are something you have, something you are and something you know (or, in my case, something I had, something I was and something I’ve forgotten). When you buy something in a shop, for example, you present a credit card (something you have) and put in a PIN (something you know). When you enter the country, you present something you have (a passport) and show your face (something you are). SCA is already being implemented by the UK banks, although in an unpredictable manner. Some banks send a code via their mobile banking app, some send a text, some allow you to choose e-mail instead, some will call a landline and some require the use of a card-reader dongle-thingy. As far as I can tell, none of them use a common app such as Microsoft Authenticator.

I’m actually quite surprised to see that some of them are still using text messaging to send a “one time password” (OTP) to customers for authentication. It’s not because, as the British newspapers were quick to point out, people who can’t get a mobile signal or don’t own a mobile phone face, as The Guardian put, it being “frozen out of internet shopping as banks are increasingly insisting that online payments are verified by text”. This is indeed a valid concern, but what I find most disturbing about this report is that anyone is verifying online payments, or indeed any other important online transaction, by insisting that they are authenticated by text messages! With the explosion of “smishing” (ie, phishing attacks via SMS) and the daily tales of account takeover, bitcoin theft and payment fraud carried out via SMS, you really do have to wonder why text messaging is still being used in this context.

This is hardly a new issue. More than a decade ago I wrote about the comments of Charles Brookson, then the head of the GSMA security group who, when talking about the use of SMS for financial services, made the point that SMS has, to all intents and purposes, no security whatsoever. Structurally, it has always seemed to me to be irresponsible for financial institutions to rely for security on something that is not secure and over which they have no control. Given the prevalence of smart phones, you would think that SMS would be long gone, but it is only now that German banks, for example, are giving up on SMS OTP in response to the PSD2 requirements for SCA.

How will this SMS-less strong authentication be implemented? For payments it will be through the new version of the scheme’s “Three Domain Security” (3DS). 3DS version 2 introduces “frictionless authentication” and will be the main card authentication method used to deliver SCA in Europe. It works by allowing retailers and their PSP to send many more data elements with each transaction. These data elements – such as the shipping address, customer’s device identity and their transaction history – mean that the issuer can carry out more sophisticated risk management.to decide whether SCA is needed or not. In most cases, I would guess (since the issuers will use sophisticated risk management platforms with machine learning and all that sort of thing), no further authentication will be needed. But where it will be needed, Barclaycard (for example) can send a message to the Barclaycard app on my phone and ask me to authenticate myself.

(As it happens, Barclaycard have just sent me another “PINsentry” card reader together with an instructional pamphlet, so I will make every effort to use my Barclaycard online just so I can see how it works. Of course it means I’ll will have to carry the card reader and my Barclaycard around with me at all times in case I want to buy something online, but remember I do this so you don’t have to.)

In my opinion, the best way forward now is through the bank apps themselves. Google found in their research on authentication for account recovery that whereas 2FA SMS stopped three-quarters of targeted attacks, in-app solutions stopped 90% (and 99% of bulk phishing attacks). It would be good if this approach was adopted across the board – not only for retail payments but for logging in to bank accounts, authorising transfers and everything else. But if customers get mixed up between expecting an e-mail or getting a text, seeing an in-app message sometimes but not other times, then fraudsters will be quick to exploit the situation. In which case (as I suspect) the introduction of strong authentication will actually leader to more fraud. We need both a better and more consistent approach to authentication for financial services. We need to standardise on the approach and the execution and the UX so that consumers can be confident that they are communicating with their bank or whoever.

Standard Strong Customer Authentication

My Consult Hyperion colleague Tim Richards recently set out this problem in a very clear way [The Paypers, 27th August 2019]. He asks us to imagine what would have happened if SCA had been mandated for face-to-face commerce but, as with PSD2, no technological solution was provided. In that case, instead of our EMV-standard chip and PIN payment system we would have had each bank creating its own solution. Then, as has happened online, every time a consumer went into a shop to buy something they would face a different authentication depending on their bank! Tim’s good advice is that regulators need to take a step back, “temporarily drop anti-competition laws and insist that banks come up with a minimum standard for SCA” to support growth in online commerce that is accompanied by real security because customers know what to expect and retailers aren’t disadvantaged by variable SCA experiences leading to cart abandonment.

He’s right, of course. And it terms of implementation it has long been clear that the best architecture for what I am now labelling Standard Strong Customer Authentication (or SSCA) is biometric authentication against a revocable token stored in tamper-resistant local storage. We all carry a device capable of implementing this design at a manageable cost: the mobile phone.

(As an aside, since the mobile phone operators control a standard item of tamper-resistant hardware in all phones — the SIM — why we are not all using a standard authentication from our mobile operators already is a mystery, but that’s a different point and I don’t want to get diverted by Mobile ID Connect here.)

This point is that with really strong authentication, your bank shouldn’t be sending you a text message or an e-mail or whatever, it should be using real cryptography to send a message to the bank app on your mobile phone. So, when you ty to buy something online with your Barclaycard your Barclaycard app pops up on your phone and asks you to authenticate.

If the bank (or anyone else) cannot reach the mobile app then there should be a standard fallback across all service providers which would probably be a voice call thus opening up the use of voice recognition and authentication. And if you are online buying something or transferring money to someone or closing an account and you can’t be reached via the mobile app or by a voice call well… then what are you doing buying things online in the first place?

Surely this is the most practical way forward now that the Financial Conduct Authority (FCA) has confirmed that it will not take enforcement action against businesses who do not implement SCA until March 2021, there is now some time to prepare a mobile-centric SSCA pathway for UK banks and businesses.

Digital identity in the UK – Will big banks or big techs deliver it?

Posted on July 12, 2019 by davebirch

The opening keynote at this year’s London Identity Week was given by Oliver Dowden, the Minister for Implementation at the Cabinet Office. Mr. Dowden is the Minister in charge of the digital transformation of government. To people like me, digital identity is central to digital transformation of government (and the digital transformation of everything else, for that matter) so I was looking forward to hearing the UK government’s vision for digital identity. In his keynote, the Minister said that the UK is seen as being at the cutting edge of digital identity and that GOV.UK Verify is at the heart of that success.

(On 9th October 2016, Mr. Dowden gave written statement HCWS978 to Parliament, announcing that the government was going to stop funding GOV.UK Verify after 18 months with the private sector responsible for funding after that.)

Right now you can’t use a GOV.UK Verify identity provider to log into your bank or any other private sector service provider. But in his speech the Minister said that he looks forward to a time when people can use a single login to “access their state pension and the savings account”. This, in my opinion, is quite distinct from the single identifier that the Parliamentary Select Committee on Science and Technology called for in their report this week. The Right Honourable Norman Lamb MP, Chair of the Committee, observing that “the current digital service offered by the Government has lost momentum” called for the introduction of a single unique identifier for access to public services.

I have to say that I sort of agree with the Science and Technology Committee on the efficient delivery of public services as well as what the Minister said about a single login across both public and private services. Obviously you’d want the same login scheme but a different persona (an identifier plus credentials) for pensions, pornography and other purchases, but that’s a another issue and not the focus on this discussion.

Back to the Minister’s point though. Yes, it would be nice to have some sort of ID app on my phone (I happen to sit on the advisory board of Biid, who provide just such an app) and it would be great if my bank and Her Majesty’s Revenue and Customs (HMRC) and Woking Council and LinkedIn would all let me log in with this ID. The interesting question is who will provide such a login given that the government does not seem able to. Put a pin in that and we’ll return to it later. Meanwhile, back to the Minister, who made three substantive points in his speech. He talked about:

The creation of a new Digital Identity Unit, which is a collaboration between DCMS and Cabinet Office. The Unit will help foster co-operation between the public and private sector, ensure the adoption of interoperable standards, specification and schemes, and deliver on the outcome of the consultation.
A consultation to be issued in the coming weeks on how to deliver the effective organisation of the digital identity market. Through this consultation the government will work with industry, particularly with sectors who have frequent user identity interactions, to ensure interoperable ‘rules of the road’ for identity. To me, this sounds like a call for a trust framework of some kind but the Minister did not use those words.
The start of engagement on the commercial framework for consuming digital identities from the private sector for the period from April 2020 to ensure the continued delivery of public services. The Government Digital Service will continue to ensure alignment of commercial models that are adopted by the developing identity market to build a flourishing ecosystem that delivers value for everyone.

The Minister had a tight schedule was therefore unable to stay for my subsequent speech. I suggested that the idea of a general-purpose digital identity might be ambitious and a preferable strategy might be to look at who else could deliver the “digital identities from the private sector” used for the delivery of public services, which means delivering inclusive identity services with appropriate security at population scale. Perhaps DCMS has ensured that the UK taken a lead in this respect since, according to Sky News, “thanks to its ill-conceived porn block, the government has quietly blundered into the creation of a digital passport – then outsourced its development to private firms”. One of these firms runs the world’s largest pornography site, Pornhub, so I imagine they know a thing or two about population-scale identity management.

Assuming that the GOV.UK Verify identities fail to gain traction in the private sector, then I think there are two obvious private sector coalitions that might step in to do this for the government: the big banks and the big techs.

Big Banks

For a variety of reasons, I hope that the big banks are able to come together to respond to the comments of Mark Carney, the Governor of the Bank of England, on the necessity for a digital identity in the finance sector to work with the banks to develop some sort of financial services passport. I made some practical suggestions about this earlier in the year and have continued to discuss the concept with potential stakeholders. I think it stacks up, but we’ll have to see how things develop.

The reason why I’m so keen on this approach is that banks already do the hard work of establishing customer identities for know-your-customer (KYC) purposes but they don’t then do anything with it. So identity is a cost centre, when there is an opportunity for it to be a platform for new products and services. I’m not the only person who thought that the DCMS age verification legislation would be the trigger for a sophisticated federated privacy-enhancing bank-centric ID.

Modifications to open banking could allow bank customers to share data on their identity and their date of birth with third parties in a double-blind way that stops their bank from knowing the site they want to visit, or the site they’re visiting from knowing their identity.

From Don’t let the government’s porn block create a monopoly – 1828.

Well, whether it’s used for age verification or a pensions dashboard, I would have thought that what the European Commission Expert Group on Electronic Identification and Remote KYC Processes calls an “attribute-based LoA-rated KYC framework for the financial sector (ie, a financial services passport) would make a perfect post-Brexit stake-in-the-ground initiative to define the new era by boosting efficiency in the crucial Big Bank sector as well as providing a platform for new products and services for the Big Techs to develop. Talking of which…

Big Techs

I had the good fortune to attend more recent breakfast session with the Minister organised by the Cicero PR people. I have to say that the subject of digital identity came up more than once. There was considerable discussion (under the Chatham House rule) of both the priority of a UK digital identity infrastructure and the means by which it might come into existence. While I voiced my usual opinion that it should be the banks taking the lead, there were other people talking about alternative private sector providers.

It is clear, then, that if the banks can’t get it together then the big techs will come knocking on the government’s door. I’ll readily admit that when the Minister said “private sector identities” in his speech, the first thought to flash across my brain was “Apple”. The public, as well has civil servants in other departments who don’t really know or care about digital ID might be saying to themselves, “why can’t we just use ‘sign in with Apple’ to do our taxes?”, and this is a good point. Even if they are not saying it right now, they’ll be saying it soon as they get used to Apple’s mandate that all iOS apps that allow third-party sign-in must support it.

How would you use your Apple ID to log into HMRC? Easy: you log in as you do now after sending off for the password and waiting for it to come in the post and that sort of thing and then once you are connected tell them the Apple ID that you want to use in the future. If you want to be “jackdaniels@me.com” or whatever, it doesn’t matter. It’s just an identifier for the Revenue to recognise you. Then next time you go to log in to the Revenue, you log in as jackdaniels@me.com, something pops up on your iPhone and you put your thumb on it or look at it, and bingo you are logged in to fill out your PAYE without ever having to remember your taxpayer ID or government gateway passport ever again.

Incidentally, you could use this to log in at Pornhub too, because Apple have implemented a form of the persistent pseudonymity that I have long advocated as the core of a practical “privacy settlement”. So, as Wired magazine puts it, Apple’s universal login will let you hide your email address from third-party services. Unlike Facebook, Google and other services, Apple will randomly generate an email address on your behalf, and it then forward communications from the services that you sign up to on to your actual Apple ID address. I’m not joking about Apple delivering an infrastructure for the mass market instead of the government, it’s just that I thought that our forward-thinking innovation-centric banks would be the people to build on it. A couple of years ago I asked “Why doesn’t my bank put a token in my Apple Pay that doesn’t disclose my name or any other personal information… Keep my real identity safe in the vault, give me blank card to top shopping with”

The banks have a chance to to do this if the government, the Bank of England and industry bodies get together and work with them on it. But I wouldn’t be at all surprised to go over to the HMRC web site fairly soon to see “log in with Amazon” and “log in with Apple” next a button with some incomprehensible waffle about eIDAS that I, and most other normal consumers I’m sure, will simply ignore.

15Mb

In the future, everyone will be famous for fifteen megabytes

Category Archives: Identity is the New Money