Token ring – a digital ID solution

The latest event organized by DIG ID (the Melbourne Digital Identity Meetup) featured a Q&A with Steve Shapiro, CTO of Token, moderated by Alan Tsen, General Manager of Stone & Chalk Melbourne. Given the current level of interest in solutions to address online fraud, ID theft, data protection, privacy and personal security, the discussion covered a lot of conceptual and technical topics in a short space of time, so here are some of the key points.

First off, Steve spoke about his start-up and tech journey, that took him from IM (Digsby, Tagged, Bloomberg IB), to cryptocurrency and digital wallets (Case), to digital ID with the Token ring. The pivot towards an ID solution came about after working on Case, where he realized that most consumers don’t understand private key management and the issue of permanence (as compared to the internet, where password re-sets are relatively easy, and often regularly enforced upon users).

If the goal is to provide fool-proof but highly secure end-user authentication, the solution has to focus on the “signing device”, by making it much easier than the status quo. Hence the combination of two-factor authentication (2FA) and bio-metrics to enable Token ring users to live key-less, card-less and cashless, and without having to constantly remember and update passwords. In short, the Token ring works with anything contactless, as long as the relevant permission/authentication protocol layer (challenge and response process) is compatible with the ring’s circuitry.

In assessing the downside risk, gaining consumer adoption is critical, to ensure that users see the benefits of the convenience combined with the credentialing power. Equally, success will depend on the ability to scale as a hardware manufacturer, and the potential to drive traction through virality.

There is still a lot of design work to do on the hardware itself (to enable assembly, customization and distribution as locally as possible). And the platform needs to bring on more partner protocols, especially in key verticals. At the end of the day, this is still a Blockchain solution, with a UX layer for the cryptographic component.

When asked about the future of ID, Steve felt that in the medium term, consumers will no longer have to carry around multiple cards or have to remember multiple passwords. Longer term, governments will no longer be the central authority on managing ID: unlike today, a driver’s license will no longer be the gold standard – instead, solutions will be based on decentralized, contextualized and user-defined ID.

This led to a discussion about Sovereign IDe-government and digital citizenship (e.g., Dubai and Estonia) – and the break up of big government in favour of more city-states. (Which could result either in a “small is beautiful” approach to self-governing and sustainable communities, or a dystopian nightmare of human geo-blocking, as in a film like “Code 46”).

For the tech buffs, the Token ring’s IC hosts a total of 84 components, including the main secure element (as with mobile phones and other devices), finger print reader, optical scan, Bluetooth, NFC, accelerometer, MCU, Custom inductive charging etc.

Finally, there was a discussion about the risk of cloning, mimicking or breaching the unique and secure ID attributes embedded in each Token ring. While it is possible for users to encrypt other knowledge components as part of their individual access verification and authentication (e.g., hand gestures), there is still a need to rely upon trusted manufacturers not to corrupt or compromise the secure layer. And while the public keys to core protocols (such as credit cards and swipe cards) are maintained by the protocol owners themselves and not stored on the device or on Token’s servers, it will be possible for other third parties to on-board their own protocols via a SDK.

Next week: Startup Vic’s EdTech Pitch Night

 

 

Bitcoin – Big In Japan

I spent the past week in Tokyo on behalf of Brave New Coin, meeting with various participants in the cryptocurrency industry – from exchanges to brokers, from industry bodies to information vendors, from connectivity providers to technology platforms. Given its share of Bitcoin trading volumes, and the legal developments currently in motion, Japan is now the focus of attention as it navigates towards a fully regulated and orderly cryptocurrency market.

Bitcoin is now accepted in Bic Camera stores in Japan (Photo: Rory Manchee – all rights reserved)

On my previous visit to Japan, I commented on the extent to which it was still a cash economy – even major museums and galleries don’t accept plastic, and my pre-paid foreign currency card issued by a major Australian bank was only accepted at a limited number of ATMs: 7-Eleven, and Japan Post. But according to expats I spoke to last week, this situation has changed over the past couple of years.

One of the reasons I was given as to why Japan is taking a lead in regulating cryptocurrencies is its previous perception of having a somewhat lax approach to money laundering. Part of this might be explained by the limited technical integration and interoperability with the global banking system (somewhat akin to Japan’s approach to telecoms, where in the past, it was impossible for overseas visitors to use their mobile phones on the domestic network).

In addition, as China has cracked down on most things crypto, so has Bitcoin trading activity shifted to Japan. This growth in Bitcoin trading volumes can also be linked to Japan’s passion for retail forex trading, now expanding into crypto.

Earlier this year, the Japanese government passed legislation that recognises bitcoin as a legal form of payment. (Note: this does not mean that bitcoin is legal tender – shops do not have to accept it; but if they choose to take it as payment for goods and services, then it is no different to paying in cash or by credit card when it comes to things like consumer rights, for example.)

Later this month, the main regulator, the FSA is expected to announce new regulations to govern cryptocurrency exchanges and brokers. Currently, exchanges that accept Yen deposits for cash trading of crypto must be licensed as payment institutions. By the end of March 2018, my understanding is that all exchanges and brokers must be fully licensed to operate – for both cash trading, and futures and margin trading. Anywhere between 20 and 50 exchanges have applied for a license.

Currently, participants in the “legacy” securities and futures industry are either registered with the JSDA or the FFA. Likewise, it is expected that the FSA will appoint a similar self-regulating entity to have official oversight of the cryptocurrency markets, under the overarching authority of the FSA. However, there are two rival blockchain and cryptocurrency industry associations that are vying for this role – which is where things become a little political. One group claims to represent the “pure” crypto world, whereas the other might be seen to represent more of the traditional market. No doubt the FSA would prefer not to have to choose…

Key considerations for the FSA are retail investor protection, and market stability. The total market cap of all cryptocurrencies is now around US$150bn. If we assume that 10% of these assets are held in Japan, when compared to the total capitalisation of the cryptocurrency exchanges themselves, this creates a significant risk for the FSA should there be a market collapse or a run on Yen-based crypto deposits.

Equally, the FSA does not want to stifle innovation in an area of financial services where Japan is keen to take the lead. For example, Japan has witnessed a couple of bitcoin-denominated corporate bonds (more like privately syndicated short-term commercial paper) that demonstrate an investor appetite for this new asset class.

Meanwhile, in preparation for this new regulatory environment, and in anticipation of the increased interest by major banks and asset managers, there is a project underway to create an institutional-strength order management platform connecting banks, brokers and exchanges. I also heard of offshore fund managers looking to launch a crypto-based ETF for distribution in Japan.

Finally, at the risk of blowing our own trumpet, Japan’s leading financial vendor, Quick is now quoting the Bitcoin Liquid Index (BLX) alongside other FX data it distributes from around the world:

 

NOTE: The comments above are made in a purely personal capacity, and do not purport to represent the views of Brave New Coin, its clients or any other organisations I work with. These comments are intended as opinion only and should not be construed as financial advice.

Next week: Tech, Travel and Tourism

 

 

YBF #FinTech pitch night

It’s getting difficult to keep up with all the FinTech activity in Melbourne – from Meetups to pitch nights, from hubs to incubators. The latest Next Money / York Butter Factory / Fintech Victoria pitch night was a showcase for three startups-in-residence at YBF. As such, it was not the usual pitch competition – more an opportunity for the startups to hone their presentations.

First up was Handy, an app-based solution that connects trades with customers to streamline the settlement process for property insurance claims. There is an industry-wide low-level of satisfaction with property claims – which can take up to 60 days to process, even though 80% of claims are for less than $5,000. Handy offers a faster solution, and doesn’t require a lengthy estimate or quoting process, using instead fixed-price rates. With a target market of 100,000 claims per annum, Handy expects to generate 25% savings to the insurance industry, as well as having a broader societal impact in terms of speedier claims, better appreciation of service providers, and more consideration of the respective needs of householders and trades. Launching an MVP in November, there are four insurance firms in pilot test mode. Aiming for a white label solution, Handy will charge clients basic setup and maintenance fees, as well as volume transaction costs (although the exact pricing and revenue model still needs to be worked out). There were audience questions about the liability for quality of work and dispute resolution, the trade supplier on boarding and verification process, and the process for communicating to policy holders whether their insurance provider or broker is covered by the platform.

Next was FinPass, a startup appealing to the 40% of the workforce expected to be freelance by 2020 – a key feature of the gig economy. Targeting so-called “slashies“, FinPass is designed to help customers apply for personal loans when they don’t have a single, steady or stable source of income – and therefore, may lack a formal credit rating or personal credit score – while adhering to the five Cs of credit. Using a combination of blockchain and API to validate a loan applicant’s income profile, FinPass would then make this data available to approved lenders (subject, presumably, to consumer credit and lending standards, customer privacy and data protection requirements). To be fair, this project was fresh from winning a recent hackathon event, and therefore is still at the concept stage. However, it was clear that much needs to be done to define the revenue model, as well as designing the actual blockchain solution. Audience feedback questioned the need for a standalone solution, given the existence of various block explorers, APIs, vendors, protocols and bank feed sources. In addition, while blockchain provides a level of transaction immutability, and since only the hash-keys will be captured, the SHA’s will only confirm the hash itself, not the veracity of the underlying data?

Finally, there was Resolve, a two-sided market place for the insolvency services – a platform to buy and sell distressed businesses. Designed to capture turnaround opportunities, the platform has a target market of 14,000 transactions per annum – of which only 1% currently advertised, simply because it’s too expensive to use traditional media (i.e., finance and business publications). In addition, 92% of companies that enter insolvency return zero cents in the dollar to their creditors. Part bulletin board, part deal room, Resolve aims to create a passive deal flow for this alternative asset class. When asked about their commercial model, the founders expect a turnover based on a few hundred businesses each year, and revenue coming from a flat $1,000 per listing – but the key to success will be building scale.

Each of these early-stage startups represent promising ideas, revealing some innovative solutions, so it will be interesting to follow their respective journeys over the coming months.

Next week: Bitcoin – Big In Japan

FinTech and the Regulators

What’s the collective noun for a group of financial services regulators? Given the current focus on FinTech sand box regulation and the cultivation of innovation, but also the somewhat ambiguous (and sometimes overlapping) roles between policy implementation, industry enforcement and startup monitoring, may I suggest it should be an “arbitrarium”?

Whatever, a panel of regulators (ASIC, RBA, APRA and AUSTRAC) came together at the recent FinTech Melbourne meetup to showcase what they have been working on.

First up, ASIC talked about their Innovation Hub and Sandbox, designed to accelerate the licensing process. Most of the FinTech startups engaging with the Innovation Hub are operating in marketplace lending, digital/robo advice, payment solutions and consumer credit services. Meanwhile, ASIC is seeing a growing number of enquiries from RegTech startups, and as a result, the regulator will be running a showcase event in Melbourne in the near future.

Next, the RBA gave an update on the new payments system (NPP), which will operate under the auspices of the Payments System Platform Mandate. A key aspect of this “pay anyone, anywhere, anytime” model is ISO 20022, the data standard that covers “simple addressing” as part of the payment interchange, clearing and settlement protocols. The system is due to go live later in 2017.

The biggest news came from APRA, in their role of licensing Authorised Depository Institutions (ADIs). According to APRA statistics, 26 new ADIs have been approved in the last 10 years. Most licenses come with significant conditions attached, so APRA is looking to simplify the process and encourage more competition. Similar to ASIC’s sandbox model, new entrants will be able to apply for “restricted ADI” status, under a 2-year license, with certain limitations on the size and volume of their book of business. Essentially, there will be a less onerous startup capital requirement, and the new regime is expected to be operational in the second half of 2018.

Finally, AUSTRAC gave an update on their responsibilities under the AML/CTF Act 2006. While AUSTRAC has selective oversight of FinTech startups, it has responsibility for 14,000 reporting entities, including businesses holding gambling permits. Acknowledging there is something of regulatory lag when compared to new business models and new technology, AUSTRAC pointed to the Fintel Alliance, launched earlier this year, and which may run its own pilot sandbox. Currently undertaking a legislative review and reform exercise, a key aspect of AUSTRAC’s work is undertaking product and sector risk assessment.

During the audience Q&A (including some interesting contributions from ASIC Chairman, Greg Medcraft) there was discussion of cryptocurrencies and blockchain solutions vis-a-vis the NPP, and how to address the potential conflict of laws, for example between KYC and privacy and data protection.

Next week: YBF FinTech pitch night