Snippings

xxx

Facebook put the safety of its content moderators at risk after inadvertently exposing their personal details to suspected terrorist users of the social network

From Revealed: Facebook exposed identities of moderators to suspected terrorists | Technology | The Guardian

xxx

I have to admit to having a soft spot for the Minister. In a letter to The Daily Telegraph back in September 2013, she noted that (just as I had predicted) that the Current Account Switching Service that launched that month was (I paraphrase) a bit of a waste of time and money. She then went on to say that customers should have account number portability and be able to switch banks as easily as they can switch mobile phone operators. As I have pointed out before, this is not the solution, because bank account numbers and mobile phone numbers are not the same thing at all.

A phone number is an indirect reference to your phone (well, your SIM card actually) whereas the account number is the “target”. Thus, we shouldn’t really compare the account number to the phone number, but think of it more as the SIM

[From Could bank account numbers be portable like mobile numbers?]

I am not against the principle that the Minister espouses but the implementation. She formulates the problem as:

Ever since I was first elected I have been campaigning to ensure customers can change their bank accounts as easily as a customer can change their mobile phone provider.

[From Andrea Leadsom | Home]

So what implementation should we have then? Well, if we treat the bank account number as the SIM number (its conceptual equivalent) and find something else to be the equivalent of the mobile phone numbers. There are two possibilities in my opinion. One is to have virtual account numbers. I’ve previously put forward the “7-0” solution around this.

The 70 code is unused, so we can issue people with VANs of the form 70-ZX-XX 99999999. These would be compatible with all existing systems and with the IBAN scheme.

[From A suggestion for doing something about account switching in the UK]

The idea here is that the customer gives billers, employers, counterparties the “70” account number that never changes but then chooses which bank account to map it to. They can change this at any time, there’s no need to go back to the billers, employers, counterparties and get them to change anything.

The other way to approach it (and the better way in the long run) is to stopping messing about with 1960s sort codes and account number and use names instead. I used to have a CompuServe number (100017,3342 if memory serves) but now I have a Facebook id, a Twitter id and a LinkedIn id. Why can’t I have an Account ID? As I said at last year’s Payment Innovation conference,

this all links to the discussions about the idea of a financial service passport (or a “pay name”) at techUK last year. I really think that the idea of pseudonymous, strongly-authenticated CDD-inside identities is an idea whose time has come.

[From Payment system regulation as barrier to payment system innovation]

Account numbers! Goodness me! The Minister should be dragging us into 2015 not 1965. I shall mention this to her at the techUK dinner on 24th February where I shall be putting on a suit and tie and using the cutlery in the correct order as the chair of the techUK Payments Group. See you there.

 

 

The Independent Commission on Banking recently published an interim report on their Consultation on Reform Options. This interim report raises the subject of bank account number portability. Section 5.17, to be specific, says that:

Beyond improvements to the existing system, full account number portability would enable customers to change banking service providers without changing their bank account number. This would remove the need to transfer direct debits and standing orders, which remains the main area where problems may arise. In the past, portability has been rejected as overly costly, but if no other solutions appear effective and practicable, it should be reconsidered to see if this remains the case given improvements in IT and the payments system infrastructure.

It seems reasonable for the Commission to wonder why customers cannot port their account number from one bank to another the way that they can port their mobile phone number from one network to another. That seems a plausible request for 2011, but phone numbers and account numbers aren’t quite the same thing. A phone number is an indirect reference to your phone (well, your SIM card actually) whereas the account number is the “target”. Thus, we shouldn’t really compare the account number to the phone number, but think of it more as the SIM. Each SIM card has a unique identifier, just as each bank account has an international bank account number (IBAN). When you turn on your phone, essentially, your SIM tells your mobile operator which phone it is in and then “registers” with a network. I am writing this in Singapore, where I just turned on my iPhone, so now my O2 SIM card is registered with Singtel. When you call my number, O2 will route the call to Singtel, who will then route it to my phone. But how does the call get to O2 in the first place?

In most developed nations there is what is called an “All Call Query” or ACQ system: there is a big database of mobile phone numbers that tells the operators which mobile network each number is routed by. In order to make call connections as fast as possible, each operator has their own copy of this database that is regularly updated. Note that for reasons that are too complicated (and boring) to go into there, in the UK there is a different scheme, known as indirect routing, whereby when you dial my phone number 07973 XXXXXX it is routed to Orange (because that’s where all 07973 numbers originated from) and then Orange looks XXXXXX number up in its own database to see where to route the call to (in this case to O2). This is why calls to ported numbers in the UK take longer to connect than they do in other countries.

It’s entirely possible to envisage a similar system working for banks, whereby we separate the equivalent of the mobile phone number — let’s call it the Current Account Number (CAN) — from the underlying bank account and have an industy database that maps CANs to IBANs. This database would be the equivalent of the ACQ database. (I rather like the branding too: if the banks decided to operate this cross-border, they could label it the international current account number, or iCan.) So the bank sends your salary via FPS to the iCan, and the database tells FPS which actual IBAN to route it to. No matter which bank accounts you use or change to throughout your employment, the employer always sends the salary to the iCan and thus reduces their own costs.

 

 

We just want a simple, portable, pointer to a person that can be used to index into their KYC’d persona.

The easiest way to do this would be to assign a unique financial services identifier (FSI) to a person or other legal entity the first time that they go through a KYC process. I might have the FSI “citizendave!barclays.co.uk”, for example. One someone has one of these FSIs, then there would be no need to drag them through “know your customer” (KYC) again. This would greatly reduce industry costs and make the process of obtaining a new financial service — a new bank account, a new credit card, a new insurance policy, a new accountant — much simpler. Imagine the simplicity of applying for in-store credit for that new sofa by just giving them your FSI and watching the application form magically populate by itself on screen.

It doesn’t matter if a person has multiple FSIs, because each FSI will have been obtained as the result of a KYC process. If the FSI Directory ends up with two “Dave Birch” entries, so what? It’s not an ID card scheme, it’s a “save money for the financial services sector and make life easier for consumers” scheme. And it wouldn’t matter either if both of my FSIs point to different iCans: I might, for example, have a personal persona and a small business persona—lets say citizendave!barclays.co.uk and citizendave!rbs.co.uk and that point to my personal and my small business accounts—and I want to use them for different purposes.

Picture this. You are fed up with the appalling service you get from your bank, so you walk into a branch of New Bank. You ask to open an account, and are directed to the ATM in the lobby and asked to request a balance from your existing current account. You put in the card and enter the PIN. While the ATM is carrying out the balance enquiry, the FSI (obtained from your card) is sent to the Directory and within a couple of seconds both your account balance (from your bank) and your picture (from the FSI Directory) are on the screen. The New Bank agent presses a button and a pre-filled application form is printed out for you to sign and, once you have, the existing system for transferring accounts is triggered.

There might be another useful spin-off from the FSI as well. Suppose you could designate a default account against the FSI: generally speaking, your iCan, but it could also be a prepaid account somewhere, or your PayPal account or whatever. Then someone could send you money by giving your FSI: no need to type in names, sort codes, account numbers. Anyone could pay anyone by entering the FSI into the ATM, or their internet banking screen, or (most likely) their mobile. Simple.

xxx

“Two years ago, the bank’s chief economist, Andy Haldane, proposed getting rid of cash in favour of a government-backed digital currency. But”

via Cash is still king despite rise of contactless payment

Now, Andy Haldane, who is a scholar, a gentleman and a man of exceeding wisdom (and, coincidentally, who wrote a foreword for my new book “Before Babylon, Beyond Bitcoin) did indeed write in favour of a government digital currency, an e£. I wonder, though, if we should make it emulate cash. In other words, should we allow anonymous holding of amounts up to £10,000. 

The wonderful people at Gemalto invited me along to their Digital Banking Summit in Paris on a lovely June day to talk about the opportunities for banks in the burgeoning digital identity space. Perhaps it was psychological only, but I thought I detected more urgency in the air. If I were to hazard a guess, based on animal spirits and conversations over coffee, I’d say that it was because of the realisation that new kinds of competition around the corner.

Let me explain by beginning with a presentation that I unfortunately missed, because I arrived late at night. Patrick Gauthier from Amazon, someone I always take very seriously, was talking about the shift from wallets to identities. I took this to mean that whereas we currently thinking about loading payment products into wallets and then using them to purchase, in the future we will select our identity (e.g., work Dave, home Dave, hobby Dave) to interact with a service provider and then when it comes time for the payment, it will take place invisibly and seamlessly in the background. If you know who the counterparts are, payments are trivial.

By coincidence, on the same day as Patrick’s Paris talk, Amazon in the USA announced their new assault on the payments space.

“Through a new rewards program called Amazon Prime Reload, Prime members can receive 2 percent back on purchases when they first load funds into their Amazon Balance using a debit card attached to their bank’s checking account.”

Amazon launches Prime Reload, offering 2% back on purchases funded through debit cards | TechCrunch

Now you can see why this bothers banks. I wrote before how banks in China are upset with Alipay not because they lose transaction fees, since these are heading towards zero anyway, but because they lose data. Under Amazon’s new scheme, all the bank will see is that you are loading your Amazon balance, in essence turning US dollars into Amazon dollars. The bank won’t see what you spend the money on or when you spend it.

I’m sure it is only a matter of time before those Amazon dollars are accepted by other merchants. Thus your “Amazon identity” is “Amazon money”.

Now, were I an Amazon Prime member in the USA then I would never use this, because I would continue to use the Amazon Visa card with 5% cashback. But you can see how it will be attractive to people who are uncomfortable with credit cards (or who don’t have one). But I can also see another use case

xxx

“The Berlin Group, a-European payments interoperability coalition of banks and payment processors, is pushing a single standard for API access to bank accounts to comply with new regulations on freeing up customer data under PSD2.”

Berlin Group to publish single API standard for PSD2

They plan to publish their framework around the end of the year.

xxx

“A central bank that provides deposits will not supply this full set of services, but it will have to offer accounting, payments system access, liquidity, and the tracking of information. As a consequence, the central bank will need to have compliance and risk management functions—including systems that prevent money laundering, tax evasion and other illegal activities potentially aided by finance. Like banks, they must know their customer.

This brings us to the first conclusion: the cost of providing these services is significant, averaging between 2 and 3 percent of assets for U.S. banks”

Fintech, Central Banking and Digital Currency — Money, Banking and Financial Markets

xxx

Why would a central bank be messing around with a blockchain? Not for creating a cryptocurrency, that’s for sure. As I have written at exhausting length before, it makes absolutely no sense for a central bank to create a cryptocurrency. However, that is an entirely different topic as to whether a central bank might want to create a “blockchain” (i.e., some for of shared ledge) in order to manage transactions in a central bank digital currency (CBDC, as as I call it, e£). This is restated in the latest Bank of England blog.

“I explain that it may not be necessary to use DLT for a CBDC, but I also consider some of the reasons why it could still be desirable.”

Central Bank Digital Currency: DLT, or not DLT? That is the question | Bank Underground

The precisely echoes my thoughts on the same topic. It makes sense to have a BritPESA rather than a BritCoin, but it make well make sense to implement BritPESA using a shared ledger rather than a central database as M-PESA does. And one of the obvious reasons why is that if there is a central database, then it can go down. As M-PESA has done. 

Let use another example to make the point. Suppose an airline reservation system contains a million reservations. Suppose each reservation is as big as a megabyte. That’s a terabyte of data, or about $10 worth of storage in a rack somewhere. Now, suppose that instead of a central reservation system, each entity that interfaces to the airline (e.g., travel agents) has a complete copy of that data and when a reservation is made or changed, it propagates across all of these copies. Now there’s no central system for some wally to unplug. If one of the travel agent’s gateways goes down… so what. 

RTGS

 

However, as I explain in my book “Before Babylon, Beyond Bitcoin”, there are other reasons why both banks and central banks want to put digital currency on a shared ledger rather than run everything through a central system as they do now. When I gave a talk about this a couple of years ago, I fixed on resilience, flexibility and innovation as more important than trustlessness in this context.

This is precisely what the Monetary Authority of Singapore (MAS) decided to do. They have created a permissioned shared ledger (implemented on an Ethereum blockchain) to connect

 

xxx

“I explain that it may not be necessary to use DLT for a CBDC, but I also consider some of the reasons why it could still be desirable.”

Central Bank Digital Currency: DLT, or not DLT? That is the question | Bank Underground

The precisely echoes my thoughts on the same topic. It makes sense to have a BritPESA rather than a BritCoin, but it make well make sense to implement BritPESA using a shared ledger rather than a central database as M-PESA does. And one of the obvious reasons why is that if there is a central database, then it can go down. As M-PESA has done. 

 

British Airways

 

RTGS

xxx

The number of people making a mobile purchase in the UK increased by 39 percent in 2016, comprising 86 percent of UK digital shoppers. Retail m-commerce sales will total £31.42 billion in 2017.

From 86 PERCENT OF UK SHOPPERS HAVE MADE A MOBILE PURCHASE – Payments Cards & Mobile

xxx

Guardian politics tweeted this lovely picture from last Thursday’s general election under “British democracy” with the comment “not sure how to explain this to our non-British followers”.

 

 

Indeed. This brought back some happy memories for me, starting with the 1983 general election. At that time, 

 

because the first time that I came across Lord Buckethead was shortly after