A library of snippets
xxx
“In 2015, Franco A had registered as a refugee with the Bavarian authorities. He’d claimed he was a Christian Syrian, the son of a fruit seller from Damascus. Under his Syrian alias, he was given a monthly allowance of €400, and a room in a local hostel. All the while he continued his army service in the Bundeswehr, and no-one smelt a rat.”
Islamism isn’t the only terror threat Germany is facing | Coffee House
xxx
xxx
“What is blockchain? First and foremost, Blockchain is a public electronic ledger — similar to a relational database — that can be openly shared among disparate users and that creates an unchangeable record of their transactions, each one time-stamped and linked to the previous one.”
FAQ: What is blockchain and how can it help business? | Computerworld
xxx
“Each digital record or transaction in the thread is called a block (hence the name), and it allows either an open or controlled set of users to participate in the electronic ledger. Each block is linked to a specific participant.”
FAQ: What is blockchain and how can it help business? | Computerworld
xxx
xxx
“Students at a Mumbai chemical college succeeded in spoofing a fingerprint attendance device with fake fingerprints.”
via Indian pupils cheat biometric system with glue | Planet Biometrics News
xxx
xxx
categorizing all unreported cash as “black money” risks putting into one policy basket the multiple (and legally valid) contexts that lead people to keep money hidden and store value in cash form. In particular, a large section of women, including many belonging to the middle class, have had good reasons to hide their small savings in rice bins and cosmetic jars, away from husbands and other family members.
xxx
xxx
Amazon, Apple, Google, Intuit, and Paypal just asked Congress for a unified federal alternative to state money transmission licensing. In a letter to congress, their industry group, Financial Innovation Now, explained how state-by-state money transmission licesing is a major impediment to innovation in financial serivces here in the US
xxx
There’s so much that needs to be thought through about “open banking” before it turns into a thing across Europe. For one thing, we are a long way away from being able to go online and download a standard European bank account API (there is no such thing, by the way) and then activate it by obtaining an API from the European Bank API Management Centre (there is no such thing, by the way) by using a European Financial Services Identity (there is no such thing, by the way). As the Euro Banking Association say in their very good March 2017 working paper on “Open Banking: Advancing Customer-Centricity”, open banking “will require crucial developments in digital identity and APIs.
Let’s assume that these crucial developments happen. Then what exactly will we be able to do in the new open banking environment? There are gazillions of rules and directives and regulations that govern financial services and all of them will have to be interpreted and re-interpreted for API access. Some of the crucial constraints do not come from PSD2 itself but from other directions, such as the General Data Protection Regulation (GDPR). This may have some serious implications for Account Information Service Providers (AISPs) because it will restrict what data they can have and what they can do with it. Our good friends at Innopay pointed this out in a blog post earlier in the year.
We expect that the obligations that GDPR impose on AS-PSPs will significantly limit the possibilities for AISPs and other third parties to use account information in a way that would add real value for their customers. Although this may be a fair price to pay for privacy protection, it is unfortunate that it may hamper the development of innovative solutions for financial and other services.
From GDPR can significantly limit the value potential of Account Information Services
There may, however, be a way to get round this. Suppose that the information returned by an AISP query to the AS-PSP delivers persistent pseudonyms (in the form of meaningless but unique numbers, or MBUNs) rather than PII on counterparties? I understand that in the UK open banking sandbox the idea is to return a persistent MBUN and SIC code (so that the AISP can see, for example, see that you paid a fast-food retailer or a mobile network provider).
If you are wondering, SICs are Standard Industrial Classification codes. These are codes set by the government and used to collect and analyse data for statistical purposes. I’ll leave it to you assess their fitness for purpose, but will as an aside note that they may be in need for revision in order to be of maximum value to fintech entrepreneurs. A National Endowment For Science, Technology and Arts (NESTA) report found it a trifle odd that there is no SIC for video games or graphene but there is one for whale oil production.
So, imagine that when an AISP queries my bank account they see my purchase of a season ticket for Woking Football Club (come on you Cards) they get back MBUN 12345 and the SIC code “Sports” or whatever. When they query again next year, Woking Football Club again shows up as MBUN 12345. But that is specific to me: it’s derived from the merchant ID for Woking Football Club, a bank ID for me and an AISP ID from the requestor. Every time that AISP queries my account they will see a Woking Football Club purchases as 12345 / Sports. But every time they query my friend Farid’s account, they will see his purchases from Woking Football Club show up as 67890 / Sports. And if hackers obtain these records, they will not be be able to reverse-engineer the MBUN. Only my bank can calculate that MBUN.
This seems to me to be a reasonable compromise.
xxx
Over in the Livery Hall, a lively discussion about open banking was introduced and expertly steered by Dave Birch, head of innovation, Consult Hyperion.
Well, to be honest to success of the Open Banking session was more to do with the fact that the expert panel were actual experts and that they were prepared to share their genuine opinions than it was to my steering.
//embedr.flickr.com/assets/client-code.js
The panel, it seemed to me, were very clear about the priority of organisational strategies for the open banking world.
xxx
Banks operating in the EU will be able to verify the identity of customers and carry out due diligence checks on a wholly digitised and cross-border basis under plans outlined by the European Commission.
From Digital ID and fintech at the heart of new EU consumer financial services action plan
When the Commission say “digital identity”, they are talking about electronic identity schemes as set out their rules on e-ID and trust services (e-IDAS). To the best of my knowledge there is, at the time of writing, only one scheme “notified” to eIDAS and that is in Germany, so we are a long way from a universal eIDAS infrastructure, which is why I tend to think that a sector specific financial services identity (“financial passport”) might be a more practical way forward if we are going to tackle the escalating costs of regulation.
The good people at BBVA Research recently published a paper on central bank digital currencies (Central Bank Digital Currencies, Gouveia et al, March 2017) in which, amongst other conclusions, the authors say that “we also consider it likely that a scenario in which CBDC is anonymous, universal and non-yield bearing will be implemented”. But why is this “likely”? Why would any central bank bother setting up the form of distributed ledger that the authors envisage in order to implement something of such obvious utility to criminals, terrorists, money-launderers, tax-evaders and corrupt politicians? I don’t get it.
xxx
“‘If all I want to do is take your phone and use your Apple Pay to buy stuff”
That Fingerprint Sensor on Your Phone Is Not as Safe as You Think – The New York Times
xxx
Snippings