Token ring – a digital ID solution

The latest event organized by DIG ID (the Melbourne Digital Identity Meetup) featured a Q&A with Steve Shapiro, CTO of Token, moderated by Alan Tsen, General Manager of Stone & Chalk Melbourne. Given the current level of interest in solutions to address online fraud, ID theft, data protection, privacy and personal security, the discussion covered a lot of conceptual and technical topics in a short space of time, so here are some of the key points.

First off, Steve spoke about his start-up and tech journey, that took him from IM (Digsby, Tagged, Bloomberg IB), to cryptocurrency and digital wallets (Case), to digital ID with the Token ring. The pivot towards an ID solution came about after working on Case, where he realized that most consumers don’t understand private key management and the issue of permanence (as compared to the internet, where password re-sets are relatively easy, and often regularly enforced upon users).

If the goal is to provide fool-proof but highly secure end-user authentication, the solution has to focus on the “signing device”, by making it much easier than the status quo. Hence the combination of two-factor authentication (2FA) and bio-metrics to enable Token ring users to live key-less, card-less and cashless, and without having to constantly remember and update passwords. In short, the Token ring works with anything contactless, as long as the relevant permission/authentication protocol layer (challenge and response process) is compatible with the ring’s circuitry.

In assessing the downside risk, gaining consumer adoption is critical, to ensure that users see the benefits of the convenience combined with the credentialing power. Equally, success will depend on the ability to scale as a hardware manufacturer, and the potential to drive traction through virality.

There is still a lot of design work to do on the hardware itself (to enable assembly, customization and distribution as locally as possible). And the platform needs to bring on more partner protocols, especially in key verticals. At the end of the day, this is still a Blockchain solution, with a UX layer for the cryptographic component.

When asked about the future of ID, Steve felt that in the medium term, consumers will no longer have to carry around multiple cards or have to remember multiple passwords. Longer term, governments will no longer be the central authority on managing ID: unlike today, a driver’s license will no longer be the gold standard – instead, solutions will be based on decentralized, contextualized and user-defined ID.

This led to a discussion about Sovereign IDe-government and digital citizenship (e.g., Dubai and Estonia) – and the break up of big government in favour of more city-states. (Which could result either in a “small is beautiful” approach to self-governing and sustainable communities, or a dystopian nightmare of human geo-blocking, as in a film like “Code 46”).

For the tech buffs, the Token ring’s IC hosts a total of 84 components, including the main secure element (as with mobile phones and other devices), finger print reader, optical scan, Bluetooth, NFC, accelerometer, MCU, Custom inductive charging etc.

Finally, there was a discussion about the risk of cloning, mimicking or breaching the unique and secure ID attributes embedded in each Token ring. While it is possible for users to encrypt other knowledge components as part of their individual access verification and authentication (e.g., hand gestures), there is still a need to rely upon trusted manufacturers not to corrupt or compromise the secure layer. And while the public keys to core protocols (such as credit cards and swipe cards) are maintained by the protocol owners themselves and not stored on the device or on Token’s servers, it will be possible for other third parties to on-board their own protocols via a SDK.

Next week: EdTech Pitch Night

 

 

Tech, Travel and Tourism (revisited)

Just over two years ago, I posted a blog on how the tourism and travel industries needed to embrace the opportunities brought about by digital disruption. Having been on half a dozen overseas trips in the past 12 months, I can see that there have been some improvements in the traveler experience, but there is still a lot of room for improvement…

One of the biggest benefits has been the expanded integration of public transportation information into Google Maps. Navigation and route planning, right down to which platform to board from or which subway exit to take, has been a huge boost to the traveler UX. Many cities are now using integrated stored value cards for public transport, but limitations still exist: for example, some systems don’t make it that easy for overseas visitors to obtain the card itself, others make it hard to re-load other than by cash; while only a few systems, like Hong Kong and Japan, support multiple point-of-sale transactions for shops, restaurants and other services.

Another plus for frequent travelers has been the increased adoption of chip-enabled, e-passports which streamline the immigration entry/exit process (but only for participating countries, of course). Laborious paperwork still exists in many cases with arrival/departure cards and customs declaration forms – but over time, these processes should become more streamlined with the adoption of digital IDs and biometrics.

Using local mobile phone networks may have gotten easier with compatible operating systems, but even with pre-paid travel SIM cards and data packages, access costs are still disproportionately expensive for overseas visitors. Sure, there are more and more public WiFi services and hotspots available, but most still require users to provide personal data and/or reveal security weaknesses. Even though I recently purchased a mobile pass to access “free” WiFi services abroad, it’s hard to see what value it offers, because it only works after I have already logged onto the WiFi network.

Getting flight information, notifications and alerts via SMS and e-mail has improved considerably, along with easier online booking tools and mobile check-in solutions – and of course, QR codes now support paperless boarding cards. But I’ve noticed that some airline apps don’t support full integration with mobile phone wallets, and consolidating ticketing and invoicing information (e.g., for consolidated expense reporting) from multiple airlines and booking platforms still feels a long way off.

Finally, a constant irritation for travelers are the card transaction fees that most hotels still pass on at checkout – as if many guests are likely to pay in cash! – compounded by the FX fees that the credit card companies also like to charge. All up, this can mean an average of between 3% and 5% in additional fees, in a situation where hotel guests are something of a captive audience. Transaction fees remain a target for further disruption….

Next week: Token ring – a digital ID solution

 

 

 

FinTech and the Regulators

What’s the collective noun for a group of financial services regulators? Given the current focus on FinTech sand box regulation and the cultivation of innovation, but also the somewhat ambiguous (and sometimes overlapping) roles between policy implementation, industry enforcement and startup monitoring, may I suggest it should be an “arbitrarium”?

Whatever, a panel of regulators (ASIC, RBA, APRA and AUSTRAC) came together at the recent FinTech Melbourne meetup to showcase what they have been working on.

First up, ASIC talked about their Innovation Hub and Sandbox, designed to accelerate the licensing process. Most of the FinTech startups engaging with the Innovation Hub are operating in marketplace lending, digital/robo advice, payment solutions and consumer credit services. Meanwhile, ASIC is seeing a growing number of enquiries from RegTech startups, and as a result, the regulator will be running a showcase event in Melbourne in the near future.

Next, the RBA gave an update on the new payments system (NPP), which will operate under the auspices of the Payments System Platform Mandate. A key aspect of this “pay anyone, anywhere, anytime” model is ISO 20022, the data standard that covers “simple addressing” as part of the payment interchange, clearing and settlement protocols. The system is due to go live later in 2017.

The biggest news came from APRA, in their role of licensing Authorised Depository Institutions (ADIs). According to APRA statistics, 26 new ADIs have been approved in the last 10 years. Most licenses come with significant conditions attached, so APRA is looking to simplify the process and encourage more competition. Similar to ASIC’s sandbox model, new entrants will be able to apply for “restricted ADI” status, under a 2-year license, with certain limitations on the size and volume of their book of business. Essentially, there will be a less onerous startup capital requirement, and the new regime is expected to be operational in the second half of 2018.

Finally, AUSTRAC gave an update on their responsibilities under the AML/CTF Act 2006. While AUSTRAC has selective oversight of FinTech startups, it has responsibility for 14,000 reporting entities, including businesses holding gambling permits. Acknowledging there is something of regulatory lag when compared to new business models and new technology, AUSTRAC pointed to the Fintel Alliance, launched earlier this year, and which may run its own pilot sandbox. Currently undertaking a legislative review and reform exercise, a key aspect of AUSTRAC’s work is undertaking product and sector risk assessment.

During the audience Q&A (including some interesting contributions from ASIC Chairman, Greg Medcraft) there was discussion of cryptocurrencies and blockchain solutions vis-a-vis the NPP, and how to address the potential conflict of laws, for example between KYC and privacy and data protection.

Next week: YBF FinTech pitch night

 

Token Issuance Programs – the new structured finance?

We’ve known for some time now that Blockchain and Bitcoin were designed to disrupt the financial services sector. But I suspect that not even the earliest proponents of distributed ledger technology nor the most avid supporters of crypto-currencies anticipated how far and how quickly that disruption would spread. In addition to P2P payments and lending, alternative stock exchanges, and self-executing smart contracts, recent events suggest that digital assets issued on Blockchain infrastructure are themselves the new source of venture capital, that they may even come to be seen as the new form of structured finance (albeit with less complexity and more transparency).

Image: Maria’s Cakes founder issues her own record…. (Source: Maria Lee website)

In the past few weeks, we have seen Token Issuance Programs (sometimes referred to as ICOs – “initial coin offerings” – or token sales) raise extraordinary amounts of capital – $53m for MobileGo, $150m for Bancor. Even allowing for the fact that VC funding rounds have been increasing in recent years, these results are quite staggering – given that the sellers of these tokens have not had to relinquish any equity, or incur any debt either. Because tokens do not represent shares in a company or units in a corporate bond. Nor are they securities in the usual sense, as they do not create any interest or obligation other than an entitlement to be granted a given number of tokens at a predetermined price.

Of course, these tokens may carry the right to use proprietary software or access marketplace platforms, and even acquire future products. In this way, they also resemble crowdfunding projects. But because of the potential returns generated by the increased value tokens may accrue (a combination of network effects, scarcity and market appreciation), there is buyer demand for new tokens backed by the right project.

These token sale results have also benefited from the increased price of Bitcoin, Ethereum and other leading digital currencies – or perhaps the other way round? – as investors get more comfortable with this new asset class. That’s not to say there isn’t talk of a market correction, or even a bubble. But despite the apparent risks, and the occasional exchange outage, new token issuance and crypto-currency trading are generating growing interest – not just from currency speculators, but also asset managers and traditional investors. No doubt helped by developments in markets like Japan, where crypto-currencies are now a legally recognized form of payment.

As for structured finance, some projects are looking to issue tokens that are linked to or represent an underlying asset, such as a pool of loans. In the case of securitization, for example, Blockchain technology can not only help to structure the token issuance (via smart contracts, for example), it can also provide better transparency on the underlying loan performance (using real-time repayment data from bank feeds, for example).

Of course, there have been some speed bumps along the way for Blockchain-derived assets, most notably the infamous DAO “hack” of last year.  Plus, the price of Bitcoin continues to display considerable volatility, which makes it harder for some investors to embrace. And if anyone is wondering why this week’s blog features an image of a Hong Kong cake shop owner, it relates to the Asian Currency Crisis of 1997-98. Maria’s Bakery was a famous chain of shops that sold coupons at a discount, that could be redeemed for cakes at any time in the future. It was a practice that spread to other retail sectors. But during the market jitters caused by failing currencies and a tightening of credit, there was a run on Maria’s coupons, which coincided with a 2% fall on the Hong Kong stock exchange. This may have been coincidental, but it also demonstrates that financial markets can be sidelined by the most unexpected events. Like, who would have made the connection between over-extended home owners in parts of the USA with the worst global financial crisis for 80 years…?

NOTE: The comments above are made in a purely personal capacity, and do not purport to represent the views of Brave New Coin or any other organisations I work with. These comments are intended as opinion only and should not construed be as financial advice.

Next week: Expert vs Generalist