Token ring – a digital ID solution

The latest event organized by DIG ID (the Melbourne Digital Identity Meetup) featured a Q&A with Steve Shapiro, CTO of Token, moderated by Alan Tsen, General Manager of Stone & Chalk Melbourne. Given the current level of interest in solutions to address online fraud, ID theft, data protection, privacy and personal security, the discussion covered a lot of conceptual and technical topics in a short space of time, so here are some of the key points.

First off, Steve spoke about his start-up and tech journey, that took him from IM (Digsby, Tagged, Bloomberg IB), to cryptocurrency and digital wallets (Case), to digital ID with the Token ring. The pivot towards an ID solution came about after working on Case, where he realized that most consumers don’t understand private key management and the issue of permanence (as compared to the internet, where password re-sets are relatively easy, and often regularly enforced upon users).

If the goal is to provide fool-proof but highly secure end-user authentication, the solution has to focus on the “signing device”, by making it much easier than the status quo. Hence the combination of two-factor authentication (2FA) and bio-metrics to enable Token ring users to live key-less, card-less and cashless, and without having to constantly remember and update passwords. In short, the Token ring works with anything contactless, as long as the relevant permission/authentication protocol layer (challenge and response process) is compatible with the ring’s circuitry.

In assessing the downside risk, gaining consumer adoption is critical, to ensure that users see the benefits of the convenience combined with the credentialing power. Equally, success will depend on the ability to scale as a hardware manufacturer, and the potential to drive traction through virality.

There is still a lot of design work to do on the hardware itself (to enable assembly, customization and distribution as locally as possible). And the platform needs to bring on more partner protocols, especially in key verticals. At the end of the day, this is still a Blockchain solution, with a UX layer for the cryptographic component.

When asked about the future of ID, Steve felt that in the medium term, consumers will no longer have to carry around multiple cards or have to remember multiple passwords. Longer term, governments will no longer be the central authority on managing ID: unlike today, a driver’s license will no longer be the gold standard – instead, solutions will be based on decentralized, contextualized and user-defined ID.

This led to a discussion about Sovereign IDe-government and digital citizenship (e.g., Dubai and Estonia) – and the break up of big government in favour of more city-states. (Which could result either in a “small is beautiful” approach to self-governing and sustainable communities, or a dystopian nightmare of human geo-blocking, as in a film like “Code 46”).

For the tech buffs, the Token ring’s IC hosts a total of 84 components, including the main secure element (as with mobile phones and other devices), finger print reader, optical scan, Bluetooth, NFC, accelerometer, MCU, Custom inductive charging etc.

Finally, there was a discussion about the risk of cloning, mimicking or breaching the unique and secure ID attributes embedded in each Token ring. While it is possible for users to encrypt other knowledge components as part of their individual access verification and authentication (e.g., hand gestures), there is still a need to rely upon trusted manufacturers not to corrupt or compromise the secure layer. And while the public keys to core protocols (such as credit cards and swipe cards) are maintained by the protocol owners themselves and not stored on the device or on Token’s servers, it will be possible for other third parties to on-board their own protocols via a SDK.

Next week: EdTech Pitch Night



YBF #FinTech pitch night

It’s getting difficult to keep up with all the FinTech activity in Melbourne – from Meetups to pitch nights, from hubs to incubators. The latest Next Money / York Butter Factory / Fintech Victoria pitch night was a showcase for three startups-in-residence at YBF. As such, it was not the usual pitch competition – more an opportunity for the startups to hone their presentations.

First up was Handy, an app-based solution that connects trades with customers to streamline the settlement process for property insurance claims. There is an industry-wide low-level of satisfaction with property claims – which can take up to 60 days to process, even though 80% of claims are for less than $5,000. Handy offers a faster solution, and doesn’t require a lengthy estimate or quoting process, using instead fixed-price rates. With a target market of 100,000 claims per annum, Handy expects to generate 25% savings to the insurance industry, as well as having a broader societal impact in terms of speedier claims, better appreciation of service providers, and more consideration of the respective needs of householders and trades. Launching an MVP in November, there are four insurance firms in pilot test mode. Aiming for a white label solution, Handy will charge clients basic setup and maintenance fees, as well as volume transaction costs (although the exact pricing and revenue model still needs to be worked out). There were audience questions about the liability for quality of work and dispute resolution, the trade supplier on boarding and verification process, and the process for communicating to policy holders whether their insurance provider or broker is covered by the platform.

Next was FinPass, a startup appealing to the 40% of the workforce expected to be freelance by 2020 – a key feature of the gig economy. Targeting so-called “slashies“, FinPass is designed to help customers apply for personal loans when they don’t have a single, steady or stable source of income – and therefore, may lack a formal credit rating or personal credit score – while adhering to the five Cs of credit. Using a combination of blockchain and API to validate a loan applicant’s income profile, FinPass would then make this data available to approved lenders (subject, presumably, to consumer credit and lending standards, customer privacy and data protection requirements). To be fair, this project was fresh from winning a recent hackathon event, and therefore is still at the concept stage. However, it was clear that much needs to be done to define the revenue model, as well as designing the actual blockchain solution. Audience feedback questioned the need for a standalone solution, given the existence of various block explorers, APIs, vendors, protocols and bank feed sources. In addition, while blockchain provides a level of transaction immutability, and since only the hash-keys will be captured, the SHA’s will only confirm the hash itself, not the veracity of the underlying data?

Finally, there was Resolve, a two-sided market place for the insolvency services – a platform to buy and sell distressed businesses. Designed to capture turnaround opportunities, the platform has a target market of 14,000 transactions per annum – of which only 1% currently advertised, simply because it’s too expensive to use traditional media (i.e., finance and business publications). In addition, 92% of companies that enter insolvency return zero cents in the dollar to their creditors. Part bulletin board, part deal room, Resolve aims to create a passive deal flow for this alternative asset class. When asked about their commercial model, the founders expect a turnover based on a few hundred businesses each year, and revenue coming from a flat $1,000 per listing – but the key to success will be building scale.

Each of these early-stage startups represent promising ideas, revealing some innovative solutions, so it will be interesting to follow their respective journeys over the coming months.

Next week: Bitcoin – Big In Japan

FinTech and the Regulators

What’s the collective noun for a group of financial services regulators? Given the current focus on FinTech sand box regulation and the cultivation of innovation, but also the somewhat ambiguous (and sometimes overlapping) roles between policy implementation, industry enforcement and startup monitoring, may I suggest it should be an “arbitrarium”?

Whatever, a panel of regulators (ASIC, RBA, APRA and AUSTRAC) came together at the recent FinTech Melbourne meetup to showcase what they have been working on.

First up, ASIC talked about their Innovation Hub and Sandbox, designed to accelerate the licensing process. Most of the FinTech startups engaging with the Innovation Hub are operating in marketplace lending, digital/robo advice, payment solutions and consumer credit services. Meanwhile, ASIC is seeing a growing number of enquiries from RegTech startups, and as a result, the regulator will be running a showcase event in Melbourne in the near future.

Next, the RBA gave an update on the new payments system (NPP), which will operate under the auspices of the Payments System Platform Mandate. A key aspect of this “pay anyone, anywhere, anytime” model is ISO 20022, the data standard that covers “simple addressing” as part of the payment interchange, clearing and settlement protocols. The system is due to go live later in 2017.

The biggest news came from APRA, in their role of licensing Authorised Depository Institutions (ADIs). According to APRA statistics, 26 new ADIs have been approved in the last 10 years. Most licenses come with significant conditions attached, so APRA is looking to simplify the process and encourage more competition. Similar to ASIC’s sandbox model, new entrants will be able to apply for “restricted ADI” status, under a 2-year license, with certain limitations on the size and volume of their book of business. Essentially, there will be a less onerous startup capital requirement, and the new regime is expected to be operational in the second half of 2018.

Finally, AUSTRAC gave an update on their responsibilities under the AML/CTF Act 2006. While AUSTRAC has selective oversight of FinTech startups, it has responsibility for 14,000 reporting entities, including businesses holding gambling permits. Acknowledging there is something of regulatory lag when compared to new business models and new technology, AUSTRAC pointed to the Fintel Alliance, launched earlier this year, and which may run its own pilot sandbox. Currently undertaking a legislative review and reform exercise, a key aspect of AUSTRAC’s work is undertaking product and sector risk assessment.

During the audience Q&A (including some interesting contributions from ASIC Chairman, Greg Medcraft) there was discussion of cryptocurrencies and blockchain solutions vis-a-vis the NPP, and how to address the potential conflict of laws, for example between KYC and privacy and data protection.

Next week: YBF FinTech pitch night


StartupVic’s Machine Learning / AI pitch night

Machine Learning and AI are such hot topics, that I was really intrigued by the prospect of this particular StartupVic pitch night. First, this was a chance to visit inspire9‘s recently established Dream Factory – a tech co-working facility, maker space, and VR lab in Melbourne’s western suburb of Footscray. Second, the Dream Factory, housed in a landmark building owned by Impact Investment Group, was a major beneficiary of LaunchVic funding, and this event could be seen as a showcase for Melbourne’s tech startup sector. Third, with so many buzzwords circling AI, it offered a great opportunity to help demystify some of the jargon and provide some practical insights.

Image sourced from StartupVic

Instead, the pitches felt underdone – probably not helped by the building’s acoustics, the poor PA system, and the inability of many of the audience to be able to read the presenters’ slides. I wasn’t expecting the founders to reveal the “secret sauce” of their algorithms, or to explain in detail how they program or train their “smart” applications. But I had hoped to hear some concrete evidence of how these emerging platforms actually work and how the resulting data is specifically analyzed and applied to client solutions.

With a tag line of “powering the future of mental health” the team at are hoping to have a positive impact in helping to reduce suicide rates. Unfortunately, judging by the way some key statistics are presented on their home page, the data (and the methodology) are not as clear as the core message.

Using technology to help scale the provision of mental health and well-being services, combined with mixed delivery methods, the solution aims to offer continuity of care. Picking up on user dialogue and providing some semi-automated and curated intervention, the presentation was big on phrases like “triage packages”, “customer journey”, “technical architecture”, “chatbots” and of course, “AI” itself, but I would have like a bit more explanation on how it worked.

I understand that the platform is designed to integrate with third-party providers, but how does this happen in practice?

Only when asked by the judges about their competitive advantage (as there are similar tools out there – see Limbr from a previous pitch night) did the presenters refer to their proprietary language models, developed with and based on user trials. This provides  a structured taxonomy, which is currently English-only, but it can be translated.

There were also questions about data privacy (not fully explained?) and sales channels – which may include workplace EAPs and health insurers.


According to the founder, “dashboards and KPIs only diagnose pain, Businest fixes it“. In short, this is intelligence business analysis for SMEs.

With a focus on tracking working capital and cashflow, as far as I can tell, Businest applies some AI on top of existing third-party accounting software. It identifies key metrics for a specific business, then provides coaching and videos to change business behaviour and improve financial performance. There is a patent pending in the US for the underlying algorithm, which prioritizes the KPIs.

Again, I was not totally clear how the desired results are achieved. For example, are SMEs benchmarked against their peers (e.g., by size/industry/geography/maturity/risk profile)? Do clients know what incremental benefits they should be able to generate over a given time period? How does the financial spreadsheet analysis assist with improving structural or operational efficiencies that are outside the realm of financial accounting?

Available under a freemium SaaS model, Businest is sold direct and via accountants and bookkeepers. A key to success will be how fast the product can scale – via partnering and its integration with Xero, MYOB and QuickBooks.


I must admit, I was initially curious, and then totally bemused, by this pitch. It started by asking some major philosophical and existentialist questions:

Q: How do we define “intelligence”?
Q: Are we alone? Or not alone?

No, this is not IBM’s Watson trained on the works of John-Paul Sartre (cf. Dark Star and the struggle with Cartesian Logic). Instead, it is an analytical and predictive app for Amazon sellers. It claims to know what products will sell, where and when. And with trading volumes worth $2.5m of goods per month, it must be doing something right. Serving Amazon sellers in the US and India (and Australia, once Amazon goes live here), AiHello charges fees based on fixed licences and transaction values. The apparent benefits to retailers are speed and savings.

Asked where the trading data is coming from, the presenter referred to existing trading platform APIs, and “big data and deep learning”. It also uses Amazon product IDs to make specific predictions – currently delivering 60% accuracy, but aiming for 90%. According to the founder, “Amazon focuses on buyers, we focus on sellers”. (Compare this, perhaps, to the approach by Etsy.)


A new service from the team at Pax Republic, this latest iteration is designed to avoid some of the policy and reputation issues involved with managing, supporting and protecting whistleblowers. Understanding that whistleblowers can pose an internal threat to brand value, and present a significant human risk, C-SIGHT provides a psychologically safe environment for the Board, C-suite and workforce alike, and can act as an early warning system before problems get out of hand.

Sold under a SaaS model, C-SIGHT analyses text-based and anonymous dialogue, with “real-time data sent to different AI apps”. I understood that C-SIGHT combines human and robot facilitation, while preserving anonymity, and also deploys natural language processing – but I didn’t fully understand how.

In one client use case, with the College of Surgeons, there were 1,000 “contributions” – again, it was not clear to me how this input was generated, captured, processed or analysed. Client pricing is based on the number of invitations sent and the number of these “contributions” – what the presenter referred to as an “instance” model (presumably he meant instance-based learning?).

Asked about privacy, C-SIGHT de-identifies contributions (to what degree was not clear), and operates outside the firewall. There was also a question from the judges about the use and analysis of idiom and the vernacular – I don’t believe this addressed in much detail, although the presenter did suggest that the platform could be used as a way to drive “citizen engagement”.

Overall, I was rather underwhelmed by these presentations, although each of them revealed a kernel of a good idea – while in the case of AiHello (which was the winner on the night), sales traction is very promising; and in the case of Businest, industry recognition, especially in the US, has opened up some key opportunities.

Next week: Bitcoin – to fork or not to fork?