A library of snippets
xxx
The view that the giant big tech firms could disrupt the banking system, and that regulators should watch out, is gaining ground. Yet the experiences of China (which has, in many ways, become the leader) suggest that this concern is exaggerated. The main reason is that big tech firms already have market power to buy financial services on good terms from a sector that has excess capacity and faces strong regulatory pressure.
xxx
xxx
Alessandro Baroni, CMO equensWorldline, speaks about the technological issues regarding online identity, the role of the financial services industry in determining the future of online identity and how identity should be considered a ‘big business’ concept for financial institutions.
xxx
In my keynote speech at KnowID 2019 in Las Vegas, I said that we needed think about the big picture around digital identity. I said that digital identity should be seen as a fundamental defence in the cyberwar that we are already in and that has no imaginable end. It’s possible that some of the people in the audience felt that I was being hyperbolic and that this piece of conference rhetoric was for entertainment purposes only. In which case I must refer them to the recent comments of General Sir Nick Carter, Britain’s Chief of the Defence Staff, who said that our nation is “at war every day” due to constant cyberattacks. Even more interestingly, he then went on to say in the modern world there is no longer a distinction between war and peace (my emphasis).
This is precisely as the great media theorist Marshall McLuhan predicted. Indeed, I quoted him in my speech. In Culture is our Business, written nearly 50 years ago, he said that “World War III is a guerrilla information war with no division between military and civilian participation”. This is why we need to take digital identity seriously, as strategic infrastructure and as matter of national urgency. It’s not about making it easier for people to log in to The Daily Telegraph or Woking Council, although that should surely be a by-product of a well-designed system, it’s about keeping our people, our institutions and our democracy safe.
(I saw Paul Chichester, the Director of Operations at the UK National Cyber Security Centre, speaking about this at the P20 conference in London. In addition to telling the delegates that “cybercrime paid for that North Korean submarine launch”, he observed that it is the centenary of the Government Communications Headquarters (GCHQ) and that they have special exhibition about this over at the Science Museum. I’m really looking forward taking at look at this when I’m in London next!)
So what should we do?
I don’t think the answer for us it to build a centralised identity service (such as Aadhar in India) or a centralised reputation management system (such as China’s social credit score). I think we need to think about more sophisticated and more flexible federated options. I think we should start building an identity infrastructure for the modern world and that we should probably start with the banks. Citi put out a paper about this last month: it’s called “The Age of Consent” and it discusses the idea of a federated financial sector solution, something along the line of the Scandinavian bank ID services. (I contributed to the paper.)
You can see the author, Tony McLaughlin of Citi, talking about it here on Finextra TV saying that “if we fix digital identity, we fix payments”, and he’s got a point. Banks have an obvious and significant interest in creating the new infrastructure because it’s good for banks. But it’s also good for everyone else, so it’s not only a way for banks to save money, it’s also a way for banks to create new products and services that mean new revenue streams. In fact, it could be that digital identity is not simply an additional revenue stream in the future but that identity is bigger than payments to banks. You can watch Alessandro Baroni, CMO of equensWorldline, saying just this today on another Finextra TV interview.
In the UK, it is time for the regulators to demand action from the banks. When I was last asked to log in to a web site to buy something (last weekend) I was presented with the option to “Log in with Amazon” but no option to “Log in with your safe and trusted bank digital identity that is part of a regulatory framework designed to protect you and comes with expectations of redress, ombudsman, accountability and, ultimately, a physical presence to resolve issues”. Why not?
xxx
There is no good way for a person to identify another person without first mutually agreeing on Brand identities.
xxx
Doing away with a phone (or a card or a chip in your head) and just going with biometrics is a different issue. Biometric identification is a much harder problem and is fraught with difficulties. It can work very well with limited populations, which is why it is being installed in airports all over the place. I rather like the system going in to Chinese airports where when you walk up to one of the screens displaying flight information it switches to displaying your flight only. Very helpful. And earlier this year at KnowID in Las Vegas I saw a super presentation from US Customs and Border Control talking about the specific use of biometrics in airports as an interesting example of how to use biometric technologies for security but at the same time deliver convenience into the mass market. The investments made in biometrics to allow paperless travel have obvious benefits in terms of security but, as we have found in our other work about the cross-sector exploitation of digital identity, intelligent use of these new capabilities can also transform the customer experience. The same biometric system that scans your passport picture on entry to the airport and then checks you in for your flight can also be used to direct you through the airport and implement smart departure boards that as you approach them switch from displaying a list of all flights to displaying your flight only.
You can imagine this kind of system being extended to retailers and banks. Having been to the AmazonGo
When I go to the airport, however, I want to be identified. I’m already a member of a subgroup of the general population (ie, people who are flying from that airport on that day) and I want to co-operate in being identified to make my journey more convenient. It’s a different matter when you are dealing with the population as a whole, not a self-selected subgroup, including people who don’t want to be identified. The Metropolitan Police have revealed that their facial recognition technology incorrectly identified members of the public in 96% of matches made between 2016 and 2018. So, round off, that’s in practical terms all matches that were incorrect.
Hhhmmmm…..
One particularly interesting aspect of biometric identification is its amusing susceptibility to what is known as “adversarial” biometrics. If you know how a face recognition algorithm works, for example, then you can deliberately choose to wear make-up or some disguise that exploits the characteristics of that algorithm. In fact, as it turns out, it is all too easy to do this and to do it in such a way as to give the recognition algorithms high confidence that they have correctly identified something. When it comes to picture recognition, the results can be hilarious (and disturbing). MIT researchers found that Google’s AI-powered open source “Inception” picture classifier can be easily fooled. Take a picture of a cat, add some “noise” that is imperceptible to people and the computer thinks it is looking a guacamole (this is a real example). There are techniques, such as Adversarial Generative Networks (AGNs), that can automatically create images to fool the recognition algorithms!
Master criminals may not need to resort to such sophisticated algorithmic skullduggery to get away with
xxx
Despite all the trouble of updating her ID and registering her new face on all the online platforms she used, Huan said she was very happy with her new nose.
Facial recognition technology in China beaten by a nose job | South China Morning Post:
xxx
xxx
“You don’t set up an IT system to charge your customers for deposits,”
Ulster Bank’s computer says no to negative rates | Financial Times:
xxx
xxx
“There’s a new model of tokenization emerging where card-on-file tokenization is done by the payment networks, such as Visa or Mastercard, instead of the merchants.”
From “Tokenization buzz gets more attention than fundamentals | PaymentsSource”.
xxx
xxx
As cash use declines, the BRC says card costs continue to rise, resulting in £1.3 billion in third party spending by merchants, up £70 million from 2017. Each transaction cost retailers an average of 5.85 pence per transaction, up 17% (from 4.98 pence).
Retail lobby group calls for Government intervention over rising ca…:
xxx
xxx
Julin stressed that – despite the weight of expectations – no decision has been taken by the Riksbank’s board actually to issue e-kronor. But the approach being investigated is to have a value-based central bank digital currency (CBDC).
This would act as a retail digital ‘wallet’ held with the central bank that would offer no interest. There are no current plans to use e-kronor as a transmission tool for monetary policy – for example by imposing negative rates on funds held with the central bank.
Julin says the Riksbank is not particularly worried about a substitution of funds away from commercial banks to e-kronor, at least in “in normal times”.
Riksbank may not use DLT for e-kronor, says Julin – Central Banking:
xxx
xxx
“One way to reduce this threat: Central banks could have digital wallets for everyday people, but they wouldn’t pay interest on the balance. Another avenue: Consumers could hold digital cash only at their bank, leaving central banks as remote from everyday savers as they are today.”
From “The Coming Currency War: Digital Money vs. the Dollar – WSJ”.
xxx
Snippings