Snippings

On the topic of face recognition, I recall a heartwarming tale of parental love and guidance in the New York Times. It concerned a Tuesday evening back in October 2018 when a billionaire retailer, John Catsimatidis, was having dinner at an upscale Italian restaurant in Manhattan’s SoHo neighborhood, when his daughter, Andrea, walked in with her date, a young man unknown to the protective father. The billionaire did what loving father would do in the same situation, which was to ask the waiter to go and take a photograph of her beau, which he then uploaded to the facial recognition application, Clearview AI, on his phone. He was immediately presented with collection of photos of the man along with their source and was able to determine immediately that is daughter’s escort was a venture capitalist from San Francisco, at which point he sent his daughter the full biography of her companion by text.

(I would have assumed that at this point he would take the standard set of actions, which is to call for security and have this poor choice of life partner ejected and then called his lawyer to apply for the restraining order that I imagine to be normal in such circumstances. But no. Rather amusingly Mr. Catsimatidis, who presumably has never been to San Francisco or met a VC before, commented that “I wanted to make sure he wasn’t a charlatan”.)

Well, what self-respecting father could do more. But… are we ready for face recognition everywhere?

The start-up behind the Clearview app has a database of billions of photos, scraped from sites such as Facebook, Twitter and LinkedIn. Even one of its backers says that it “might lead to a dystopian future or something”. Well, at least a dystopian future in which face recognition databases are used to stop deadly viruses from spreading has some merits and, indeed, some people might well choose that option. But it’s the “or something” that bothers me. The unknown unknowns, so to speak.

In a recent interview, the CEO of Clearview, Hoan Ton-That, said that more than 2,400 police agencies across the US are customers and that the fees of $2,000 per annum for each officer with access to the system is “pretty inexpensive, compared to what’s come previously”. Police use of the technology is a live issue here in the UK where there have been many recent newspaper stories about face recognition because of these decision by the police to begin using it despite the current not-quite-Minority-Report state of the art. The facial recognition technology used by police in London incorrectly identified members of the public in 96 per cent of matches made between 2016 and 2018. As my good friend Jamie Bartlett, the man behind “The Missing Cryptoqueen” (the best podcast of 2019), observed on this police use of face recognition in London “if the technology doesn’t work it will be a disaster and if it does work it will be even worse”.

My point, though, is we don’t really know what the new etiquette should be, which is why some people (eg, the EU, Google and me) would like to see a moratorium in the deployment of face recognition technology (a moratorium that ought to be extended to all population-scale passive biometrics, in my opinion). As the FT noted, Brussels and Silicon Valley rarely see eye-to-eye when it comes to technology regulation but in this particular case (and in the case of artificial intelligence) they may well be aligned. We don’t quite know what we are doing. 

This is a valid concern. China illustrates quite clearly how quickly the technology can begin to penetrate. I can choose any one of a thousand examples to illustrate this point, but I like this one: taxi drivers in the Chinese city of Xi’an are verified by facial recognition technology when they get behind the wheel. The biometric identification system is, as is much the fashion these days, linked to an AI to ensure that drivers are not misbehaving (eg, using their smartphone when on the road and so forth). Now, I can see why such a system is attractive. Who doesn’t want a safer taxi service?

(Of course, if we start to rely on such interfaces, they can bring unexpected problems. I particularly enjoyed this story from the South China Morning Post about a woman who had plastic surgery only to discover she could no longer pay online or get into her office!)

We cannot hold back the tide and there is no need to 

Which ever way you look at it, Regulators are surely right to focus down on face recognition as being a technology with a social context that we absolutely do not understand.

By the way, one area that doesn’t get anything like as much attention as it should is the issue of face recognition but for animals. This, as the Wall St. Journal noted, is a challenge because “it’s not like you can tell a donkey to stand still“. Quite. However I can tell you that it can be done. I was privileged to have a speaker from JD Digits, a subsidiary of JD (China’s largest e-commerce business) on my panel about AI ethics and governance at the Innovate Finance Global Summit (IFGS) last year.  JD Digits, amongst other things, runs face recognition services for farmyard animals such as cows and pigs. It turns out that pig face recognition is a big business. There are 700m pigs in China and the productivity gains that farmers can obtain from ensuring that each pig is fed optimally, that sick pigs are kept away from the herd (and so on) are very significant.

(Apparently the face recognition system also goes some way to reigning in wannabe Napoleons, as Dr. X explained that there are some “bully pigs” that try to obtain a disproportionate share of barnyard resources. The system can spot them chowing down when they shouldn’t be and flag for intervention.)

xxx

Think of Aadhaar as an “identity rail”, giving banks and fintech companies a secure means to identify would-be customers — and the government and businesses an easy way to pay them. The payments system, dubbed UPI or the Unified Payments Interface, in turn acts as a “payments rail” to give those players access to infrastructure that enables the transfer of funds.

From India’s payments revolution | FT Alphaville:

xxx

Since auditors and the regulators and the board were unable to prevent criminality on a grand scale here, it is reasonable to ask whether technology might be able to do better. Well, I think the answer is yes, and I think I can put forward a consistent vision of jut how it might do so.

To explain what I mean by ambient accountability, let’s go back to something I wrote a decade or so back. “I think that transparency will be one of the key elements of new propositions in the world of electronic transactions and that clients looking to develop new businesses in that space might want to consider the opportunities for sustained advantage.”

From “Cryptography can bring novel solutions | Consult Hyperion”.

xxx

In some of the workshops that I’ve been running, I’ve mentioned that I think that transparency will be one of the key elements of new propositions in the world of electronic transactions and that clients looking to develop new businesses in that space might want to consider the opportunities for sustained advantage. Why not let me look inside my bank and see where my money is, so to speak? If I log in to my credit card issuer I can see that I spent £43 on books at Amazon: if I log in to Amazon I can that I spent £43 but I can also see what books I bought, recommendations, reviews and so on. They have the data, so they let me look at it. If I want to buy a carpet from a carpet company, how do I know whether they will go bankrupt or not before they deliver? Can I have a look at their order book?
Transparency increases confidence and trust. I often use a story from the August 1931 edition of Popular Mechanics to illustrate this point. The article concerns the relationship between transparency and behaviour in the specific case of depression-era extra-judicial unlicensed wealth redistribution…

BANK hold-ups may soon become things of the past if the common-sense but revolutionary ideas of Francis Keally, New York architect, are put into effect. He suggests that banks be constructed with glass walls and that office partitions within the building likewise be transparent, so that a clear view of everything that is happening inside the bank will be afforded from all angles at all times.

[From Glass Banks Will Foil Hold-Ups]

I urge you to clink on the link, by the way, to see the lovely drawing that goes with the article. The point is well made though: you can’t rob a glass bank. No walls, no Bernie Madoff. But you can see the problem: some of the information in the bank is confidential: my personal details, for example. Thus, it would be great if I could look through the list of bank deposits to check that the bank really has the money it says it has, but I shouldn’t be able to see who those depositors are (although I will want third-party verification that they exist!).

Does technology provide any comfort here at all? I think it does. Many years ago, I had the pleasant experience of having dinner with Nicholas Negroponte, John Barlow and Eric Hughes, author of the cypherpunk manifesto, at a seminar in Palm Springs. This was in, I think, 1995. I can remember Eric talking about “encrypted open books”, a topic that now seems fantastically prescient. His idea was to develop cryptographic techniques so that you could perform certain kinds of operations on encrypted data: in other words, you could build glass organisations where anyone could run some software to check your books without actually being able to read your books. Nick Szabo later referred back to the same concepts when talking about the specific issue of auditing.

Knowing that mutually confidential auditing can be accomplished in principle may lead us to practical solutions. Eric Hughes’ “encrypted open books” was one attempt.

[From Szabo]

Things like this seem impossible when you think of books in terms of paper and index cards: how can you show me your books without giving away commercial data? But when we think in terms of bits, and cryptography, and “blinding” it is all perfectly sensible. This technology seems to me to open up a new model, where corporate data is encrypted but open to all so that no-one cares whether it is copied or distributed in any way. Instead of individuals being given the keys to the database, they will be given keys to decrypt only the data that they are allowed to see and since these keys can easily be stored in tamper-resistant hardware (whereas databases can’t) the implementation becomes cost-effective.

Around the same time that I began to recognise that Eric’s work was sowing the seeds for the future financial system, Bob Hettinga pointed me to Peter Wayner’s work on “translucent databases” that build on the Eric’s concepts, noting that the use of techniques to 

Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols… and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it’s safer — and cheaper — to do that way.

[From Book Review: Peter Wayner’s “Translucent Databases”]

There are other kinds of corporate data that it may at first seem need to be secret, but on reflection could be translucent (I’ll switch to Peter’s word here because it’s a much better description of practical implementations). An example might be salaries. Have the payroll encrypted but open, so anyone can access a company’s salary data and see what salaries are earned. Publish the key to decrypt the salaries, but not any other data. Now anyone who needs access to salary data (eg, the taxman, pressure groups, potential employees, customers etc) can see it and the relevant company data is transparent to them. One particular category of people who might need access to this data is staff! So, let’s say I’m working on a particular project and need access to our salary data because I need to work out the costs of a proposed new business unit. All I need to know is the distribution of salaries: I don’t need to know who they belong to. If our payroll data is open, I can get on and use it without having to have CDs of personal data sent through the post, of whatever.

I can see that for many organisations this kind of controlled transparency (ie, translucency) will be a competitive advantage: as an investor, as customer, as a citizen, I would trust these organsations far more than “closed” ones. Why wait for quarterly filings to see how a public company is doing when you could go on the web at any time to see their sales ledger? Why rely on management assurances of cost control when you can see how their purchase ledger is looking (without necessarily seeing what they’re buying or who they are buying it from) when you can see it on their web page? Why not check staffing levels and qualifications by accessing the personnel database?

Wirecard

According to Bloomberg the Deputy Governor, Tim Lane, the Bank of Canada is “laying the groundwork to introduce a digital currency, should the need for one emerge”. What caught my eye about this story was, of course, that Canada has already had two digital currencies and abandoned both of them. The first was Mondex, the second was MintChip.

Mondex, eh? 

So for those of you who don’t remember what all of the fuss was about: Mondex was an electronic purse, a pre-paid payment instrument based on a tamper-resistant chip. This chip could be integrated into all sorts of things, one of them being a smart card for consumers. Somewhat ahead of its time, Mondex was a peer-to-peer proposition. The value was transferred directly from one chip to another with no intermediary and therefore no cost. In other words, people could pay each other without going through a third party and without paying a charge. It was true cash replacement.

It was invented at National Westminster Bank (NatWest) in 1990 by Tim Jones and Graham Higgins. In December 1993, (NatWest) launched Mondex in a joint development pilot with Midland Bank (part of HSBC) also in the UK and British Telecom (BT) and began planning their pilot in Swindon. Swindon had been chosen as, essentially, the most average place in Britain. Since I’d grown up there, I was rather excited about this, and while my colleagues carried out important work for Mondex (e.g., risk analysis, specification for secure transfer, multi-application OS design and such like) I watched as the fever grew out in the West Country.

Unfortunately, it just never worked for consumers. It was pain to get hold of – I can remember the first time I walked into a bank to get a card. I wandered in with 50 quid and had expected to wander out with a card with 50 quid loaded onto it but it didn’t work like that. I had to set up an account and fill out some forms and then wait for the card to be posted to me. Most normal people couldn’t be bothered to do any of this so ultimately only around 14,000 cards were issued. I also pulled a few strings to get my mum and dad one of the special Mondex telephones so that they could load their card from home instead of having to go to an ATM like everyone else. British Telecom had made some special fixed line handsets with a smart card slot inside and you could ring the bank to upload or download money onto your card. I love these and thought they were the future!

(My parents loved it too, not because they could use it pay for anything but because you could put the Mondex card into the phone and press a button and hey presto your account balance would be displayed on the phone. This was amazing two decades ago.)

For the poor sods who didn’t have one of those phones (essentially, all Mondex card users) the way that you loaded your card was to go to an ATM. Now, the banks involved in the project had chosen an especially crazy way to implement the ATM interface. Remember, you have to have a bank account in order to have one of these cards and so that meant that you also had an ATM card. So if you wanted to load money onto your Mondex card, you had to go to the ATM with your ATM card and put your ATM card in and enter your pin and then select “Mondex value” or whatever the menu said and then you had to put in your Mondex card. Most people couldn’t be bothered. If you go to an ATM with your ATM card then you might as well get cash, which is what they did.

Anyway, while Swindon hogged the limelight and will forever remain a key milestone on the road to digital cash, Guelph in Canada also had a special place in the hearts of digital currency scholars because the Royal Bank of Canada and CIBC brought the Mondex technology to Canada in 1995 and then in 1997, Bank of Montreal, TD Bank, Canada Trust, Bank of Nova Scotia, National Bank of Canada, the credit unions, and Caisse Desjardins formed Mondex Canada.

It got canned at the end of 1998, having never got anywhere near critical mass.

Oh well. Remember Mintchip?

This was developed by the Royal Canadian Mint as a sort of Mondex but in mobile phones instead of smart cards. It was intended as a secure way to send and spend money online, launching the project in April 2012 and showing off its first implementation in 2014.

I was one of the judges for the MintChip Challenge competition. Vitalik Buterin, the inventor of Ethereum, rather kindly mentioned me in dispatches at the time, saying that the Mint has been watching digital currency efforts on the internet for many years now, and “on the board of the MintChip Challenge’s judges are people like David Birch, who has researched Bitcoin extensively and even spoke at the Bitcoin conference in Prague last November.”

In the end, MintChip never made it to the mass market and was sold to nanopay in 2016 when the Mint decided that this central bank digital currency stuff probably wasn’t going anywhere.

So what’s my point?

Well, if the Bank of Canada really does want to lay the groundwork for digital currency, I’d be happy to point them in the direction of a fair few Canadians with some relevant expertise and experience. I might also urge them to make sure that the lessons from those early experiments with virtual Loonies aren’t lost. In particular, there are three lessons that I draw from that time when back with perfect hindsight.

The first lesson is that banks are very probably the wrong people to launch this kind of initiative. Our experiences with (for example) M-PESA, suggest that a lot of the things that I remember that I was baffled and confused by at the time come down to the fact that it was a bank making decisions about how to roll out a new product. The decision not to embrace mobile and Internet franchises, the decision about the ATM implementation, the stuff about the geographic licensing and so on. I can remember when the publicans of Exeter asked the banks to install Mondex terminals in the pubs since all of the students had cards and the bank refused on the grounds that the University’s electronic purse was only for use on campus. Normal companies don’t think like this. 

(There were many people who came to the scheme with innovative ideas and new applications – retailers who wanted to issue their own Mondex cards, groups who wanted to buy pre-loaded disposable cards and so on. They were all turned away. I remember going to a couple of meetings with groups of charities who wanted to put “Swindon Money” on the card, something that I was very enthusiastic about. But the banks were not interested.)

The second lesson is that the calculations about transaction costs (which is what I spent a fair bit of my time doing) actually really didn’t matter: they had no impact on the decision to deploy or not to deploy in any particular application. I remember spending ages poring over calculations to prove that the cost of paying for satellite TV subscriptions would be vastly less using a prepaid Mondex solution rather than building a subscription management and billing platform and nobody cared. I went to present the findings to a bank that was actually funding satellite TV rollout at the time, BT who were providing the backhaul and the satellite TV provider. Nobody cared. The guys at the bank told me that they didn’t have the bandwidth for it (which meant, I think, that they had no interest in spending money so that another part of the bank might benefit). The banks with big acquiring operations were being asked to compete against themselves and they didn’t care either. The transaction cost, which I thought was the most important factor, really wasn’t one of the drivers.

The third lesson is that while the solution was technically brilliant it was too isolated. The world was moving to the Internet and mobile phones and to online in general and Mondex was trying to build something that was optimised not to use of any of those. At the time of the roll-out, I had an assignment for the strategy department of the bank to provide technical input to a study on the future of retail banking that one of the big management consultancies was working on. I remember being surprised that it didn’t mention the Internet, or mobile phones or (and here’s something that I thought would be big but was also wrong about) digital TV. Most of their work as far I as could see was on redesigning the furniture in the branches.

Mondex was designed to be the lowest-cost peer-to-peer offline electronic cash system at exactly the moment that the concept of “offline” began to fade. It was not alone in failing to react to this fundamental change and it’s an interesting point to consider with hindsight: why did we make systems such as Danmont, Mondex, VisaCash and use them to compete with cash in the physical world rather than use them in the virtual world where there was no cash?

(This was clear to me very early on in the experiment and isn’t hindsight. I drew the same lesson from the Mondex pilots in Canada and the USA as well. The banks put Mondex terminals in places where they already had card terminals that worked perfectly well. You could use Mondex cards in Swindon in the places that acquired bank-issued payment cards, such as supermarkets, but not in places where digital cash had a real competitive advantage: on the Internet, in vending machines and at the corner newsagents.)

I hope I’m not breaking any confidences in saying that I can remember being in meetings discussing the concept of online franchises and franchises for mobile operators. Some of the Mondex people thought this might be a good idea, but the banks were against it. They saw payments as their business and they saw physical territories as the basis for deployment. Yet as The Economist said back in 2001, “Mondex, one of the early stored-value cards, launched by British banks in 1994, is still the best tool for creating virtual cash“.

Now, at the same time that all this was going on at Mondex, there were for mobile operators who had started to look at payments as a potential business. These operators who already had a tamper-resistant smart card in the hands of millions of people and so the idea of adding an electronic purse was being investigated. Unfortunately, there was no way to start that ball rolling because you couldn’t just put Mondex purses into the SIMs, you had to get a bank to issue them. And none of them would: I expect they were waiting see whether this mobile phone thing would catch on or not.

So, for a variety of reasons, Mondex never caught on. It never got even half of the 40,000 hoped-for users in Swindon and usage remained low. And a quarter of a century on, the contactless card and the mobile phone (and in a week the combination of the two in ApplePay and GooglePay) continue to displace cash, we still don’t have a mass market cash alternative on the web (yes, I know, Bitcoin, whatever) and prepaid card propositions, while still expensive (because they use the existing debit rails), are widespread.

Canadian Digital Currency

Should the Bank of Canada simply relaunch Mondex or Mintchip then? Well, a bastard child of Mondex and Mintchip is not such a crazy idea. To a first approximation, everyone has a smartphone with a tamper-resistant secure chip inside it. And if Canada wants to compete with China, it has to set a high bar! Remember that Mu Changchun (deputy director of PBoC’s payments department) said back in October 2019 that the proposed Chinese digital currency can be used “without an internet connection would also allow transactions to continue in situations in which communications have broken down, such as an earthquake”. He went on to say, accurately, that “even Libra cannot do this” (because Libra, like Bitcoin needs to be online). Now, if that doesn’t sound like Mondex, I don’t know what does.

xxx

“Macau will give its residents 2.2 billion patacas (US$274.9 million) worth of vouchers to boost the coronavirus-hit economy and distribute extra medical coupons to deal with the impact of the outbreak, officials revealed on Thursday.
To address a widespread shortage of masks, the casino hub is also setting up a production line in mainland China that will supply the protective gear to the city and other areas in the Greater Bay Area.
‘When the coronavirus outbreak is over, the government will invest around 2.2 billion patacas in vouchers to revitalise consumption,’ Secretary for Economy and Finance Lei Wai-nong said, while announcing a series of relief measures, including tax cuts.
He said each permanent resident would be given a card with a stored value of 3,000 patacas that would be valid for three months.
‘It can be used for catering, retail or groceries, but only in Macau,’ he said. ‘The intention is to help enterprises survive through consumption.’”

From “Coronavirus: Macau will give residents 2.2 billion patacas worth of vouchers to boost economy once outbreak is over | South China Morning Post”.

xxx

xxx

Quote from: David Birch

A lot of people don’t want anonymity in payments.  They want privacy in payments, which is a very different thing.  I want privacy.  I want, like, I don’t know, if you’re some company, I don’t want you to be able to snoop around in my payments.  If you’re city hall, you have to get some kind of warrant to look at my payments.  I want privacy, but do I want anonymity?  Do I want to live in a trading environment where I can pay you, and then you can stiff me and I have no idea who you are?  I’m not sure…

From The Royal Canadian Mint just announced a new alternative to BitCoin:

xxx

xxx

The central bank of Brazil is planning the launch of a real-time payments system based on QR codes later this year.

Banco Central de Brasil finished an investigation into instant payments in December 2018
The new system, called PIX, will allow users to send and receive payments via mobile wallets. The central bank has announced that participation will be mandatory for all regulated banks and financial institutions with more than 500,000 customers.

From Central bank of Brazil plans launch of QR-based instant payments system PIX – FinTech Futures:

xxx

It’s easy to create money, as the economist Hyam Minsky famously observed, but harder to get it accepted.

So, I happened to be reading this the other day…

Meanwhile a large merchant group equipped with the point-of-sale device was able to define a new value token for the public. By controlling the material interface of electronic payment, the merchant side Is playing a more active role in the loop of social consensus of money.

Shopify and Libra? Nope, this comes from a 2008 paper about electronic money in Hong Kong looking at the comparative success of Octopus and the comparative failure of Mondex.

xxx

Facebook’s embattled digital currency, Libra, has added its first new backer since the initiative was unveiled in mid-2019.

Shopify announced Friday that it’s joining the association Facebook set up to financially back and govern Libra with 20 existing members that include Spotify, Uber, and Coinbase. The Canadian commerce platform, which operates in roughly 175 countries, said it was joining Libra to “build a payment network that makes money easier to access and supports merchants and consumers everywhere.”

From Briefing: Shopify Joins Facebook’s Libra Project — The Information:

xxx