July 17, 2014

Casebook for a disaster: google's BebaPay and why it is wrong, wrong, wrong

USA press are starting to poke fun at BebaPay, the google payment system for Kenya's mass transit buses called matatus.

Now the secret's out. BebaPay is a casebook study in how not to do a payment system, but it is still a bit of a challenge to try and show why. This is an effort in as few of my words as I can.

Teaser:

Hitler is a matatu, electric raspberry in color, one of the thousands of minibuses that serve as Nairobi’s subway system. ... Hitler has been misbehaving lately, refusing to adopt a new technology that could revolutionize one of East Africa’s most lawless and lucrative cash-based industries.

Google, which some could argue also has a funny, funny name, has been pushing the new technology: a little green transit card that will replace cash payments and track every transaction on the minibuses, ...

Hitler, owned by someone who hasn't heard of Godwin's Law, is typical of mass transit in Africa. Google wants them to take BebaPay, a smart card (NFC) payments solution, instead of that filthy cash stuff.

Clue:

... owners typically demand from the crews a flat fee for using their buses for the day, the drivers and conductors squeeze every cent they can from passengers by stuffing them in as tightly as possible and getting them to their destination at deadly speed. ... If a cop stops a matatu for speeding or overloading, no problem. The driver just shoves a fistful of Kenyan shillings out the window.

In short: cash-based opportunities for corruption, “kitu kidogo,” Swahili for “a little something” means the market will fight it, not adopt it. The players will sabotage it.

The journo spotted it, why didn't google?

The idea to use technology to tackle the matatu problem started on a rainy day a couple of years ago when some executives at Google were staring out their plate-glass windows at the matatus stacked up on Uhuru Highway, watching passengers pay double for a ride (matatus always jack up fares on rainy days). The Google executives said, What about a transit card?

They invented it in a glass fishbowl. It's as if the 'google executives' didn't go for a matatu ride, or if they did, they closed their eyes and prayed for a quick return.

Surely wiser heads warned?

“People thought Google was crazy to go into Kenya’s transport sector,” said Dorothy Ooko, an executive at Google’s 40-person office in Nairobi. “When we first got involved, nobody wanted to touch this.”

Why didn't they listen? Or at least try and figure out the market, and enter into positive part of it, not a part that will deliberately and systematically sabotage their every step?

One answer is written on the side of another matatu I saw in Nairobi, literally. Unfortunately I couldn't get my android to camera-mode fast enough, but I believe I have the words memorised:

Unless your name is google, stop acting like you know everything

Please, someone, anyone, send me a snap of it!

Posted by iang at 06:49 AM | Comments (3) | TrackBack

July 13, 2014

Clinkle crinkle CLUNK

The shine is off Clinkle, the amazing little app that last year landed 30 million dollars for a demo. What were they thinking, people asked? Apparently we now know, they weren't thinking:

“[Executives] came in thinking, ‘OK, this product is launching soon,’” the former employee explains. “Then they realized the back end is not ready, the front end is not ready, Lucas is re-thinking the design, the architecture is not laid out, there’s no security framework, there’s no fraud detection framework, the bank contract is still being signed, the payment processor still needs a lot of work, and they still haven’t figured out who the credit card processor is going to be. These people got overwhelmed.”

Well, there you have it. For the record, I've never done a demo in those terms. All my tech has always been shown in the raw -- when it shows a payment, it is a payment, it's transactional, secure, crypto all the way down.

Investors take note: financial cryptography doesn't really work with screen-shot style demos, HTML5, Flash whatever your poison. If you're looking at ideas on screen, no matter how beautifully drawn or rendered, you're investing in turtles. All the way down.

Don't go there.

Having said that, it takes a special person to even see the entire architecture of financial cryptography and its 7 layers. Hats off to Lucas Duplan for even coming close to building the demo. We don't know what his secret sauce is, and I'd be suspicious that it's even secret or sauce .... but the man can sell.

If he hooked up with a team that could build FC, he'd be dangerous.

But reality is what it is. Second mistake is to believe that he can do it all; the sad sad truth of the startup world is that the Zuckerberg mythology as so aptly shown in the film _The Social Network_ is a one-off. A rarity proven in the exception. It isn't reality, it isn't likely, and it isn't something we should be fooled by. in practice, it takes a serious amount of knowledge to field an FC product, and Declan should hand over the CEO rule and reduce himself to supporting a bigger team, not directing it.

Before that, however, it seems that we have some more hurdles to get over:

For the first time, all Clinkle employees are finally testing out a basic version of the app and moving money.

Alley-oops! No, I really don't think so. You don't go from "there’s no security framework" to moving money just like that.

How do I know that? Well, the thing is that a model for secure payments is so hard that it basically has to derive from someone who's done this sort of thing before. Otherwise, you're asking for a miracle in the making. None of these things are currently evidenced in Crinkle's publicity, so they almost certainly don't have a model for secure payments.

Therefore, Clinkle employees are testing out opportunities for fraud. The real question is, who picks up the tab when the money gets raided? If it is the back-end processor, that contract won't last a week. If it is the consumer, the reputation will lose its shine, and CLUNK. If it is the investor, the question is likely how long they can last while adding the security on later. Etc.

Better off to invest in a complete tech-business-governance model to begin with, methinks.

Posted by iang at 02:14 PM | Comments (0) | TrackBack

April 22, 2014

podcasts on pre-Bitcoin from Bitcoin UK

Bitcoin UK has done two podcasts on the cryptocurrency history before Bitcoin:

These podcasts were done at the same time as my rant as posted on the blog a little while ago, "A very fast history of cryptocurrencies BBTC -- before Bitcoin." Interesting for those that prefer to listen more than read.

Posted by iang at 09:00 AM | Comments (0) | TrackBack

April 18, 2014

Shots over the bow -- Haiti joins with USA to open up payments for the people

The separation of payments from banks is accelerating. News from Haiti:

The past year in Haiti has been marked by the slow pace of the earthquake recovery. But the poorest nation in the hemisphere is moving quickly on something else - setting up "mobile money" networks to allow cell phones to serve as debit cards.

The systems have the potential to allow Haitians to receive remittances from abroad, send cash to relatives across town or across the country, buy groceries and even pay for a bus ride all with a few taps of their cell phones.

Using phones to handle money payments is something we know works. It works so well that some 35% of the economy in Kenya moves this way (I forget the numbers). It works so well Kenya doesn't care about the banks freezing up the economy any more because they have an alternate system, they have resiliance in payments. It works so well that everyone can do mPesa, even the unbanked, which is most of them, bank accounts costing the same in Kenya as the west.

It works so well that mPesa has been the biggest driver to new bank accounts...

Yet mPesa hasn't been followed around the world. The reason is pretty simple -- regulatory interference. Central banks, I'm looking at you. In Kenya, the mission of "financial inclusion" won the day; in other countries around the world, central banks worked against wealth for the poorest by denying them payments on the mobile.

Is it that drastic? Yes. Were the central banks well-minded? Sure, they thought they were doing the right thing, but they were wrong. Mobile money equals wealth for the poor and there is no way around that fact. Stopping mobile money means taking money from the poor, in the big picture. Everything else is noise.

So when the poorest of the poor -- the Haitian earthquake victims were left in the mud, there were no banks left to serve them (sell them?) and the only way to get value out there turned out to be using the mobile phone.

That included, giving the users free mobile phones.

Can you see an important value point here? The value to society of getting mobile money to the poor is in excess of the price of the mobile phone.

Well, this only happens in poor countries, right? Wrong again. The financial costs that are placed on the poor of every country by the decisions of the central banks are common across all countries. Now comes Walmart, for that very express same reason:

In a move that threatens to upend another piece of the financial services industry, Walmart, the country’s largest retailer, announced on Thursday that it would allow customers to make store-to-store money transfers within the United States at cut-rate fees.

This latest offer, aimed largely at lower-income shoppers who often rely on places like check-cashing stores for simple transactions, represents another effort by the giant retailer to carve out a space in territory that once belonged exclusively to traditional banks.
...
Lower-income consumers have been a core demographic for Walmart, but in recent quarters those shoppers have turned increasingly to dollar stores.
...
More than 29 percent of households in the United States did not have a savings account in 2011, and about 10 percent of households did not have a checking account, according to a study sponsored by the Federal Deposit Insurance Corporation. And while alternative financial products give consumers access to services they might otherwise be denied, people who are shut out of the traditional banking system sometimes find themselves paying high fees for transactions as basic as cashing a check.

See the common thread with Bitcoin? Message to central banks: shut the people out, and they will eventually respond. The tide is now turning, and banks and central banks no longer have the credibility they once had to stomp on the poor. The question for the future is, which central banks will break ranks first, and align themselves with their countries and their peoples?

Posted by iang at 06:07 AM | Comments (0) | TrackBack

November 19, 2013

Bitcoin and how to integrate it into society

Notwithstanding all the bad news I reported yesterday, Bitcoin moves from strength to strength. It hit $1000 in turbulent trading today -- more in China -- and recently surpassed an exaFLOPS in capacity. It's important to analyse both sides of the coin, so to speak, unless one has resigned ones intellectual fate to being an unremitting fan or unrepentant opponent.

(This essay is written to help me get my thoughts in order for Wednesday's Afrikoin conference, where I'm speaking at a panel on Bitcoin and cryptocurrencies in the African context.)

As an economy, the major problem with Bitcoin is trust. The design of a new money system always lives or dies on whether the end-user can trust the results of a transaction. Technically, we can see that Bitcoin does a single transfer of value from Alice to Bob with some sort of aplomb, but this is not enough to gain the trust of the end-user.

A transaction is generally bi-directional. In this case, Bitcoin moves from Alice to Bob, but something also comes back. And it is in the something coming back that Bitcoin struggles.

Let's talk about classical trust mechanisms so we can get a feel for this. When you walk down the street in a strange town, you know you can walk into a shop and buy things -- engage in a bidirectional trade with some currency. This works because the shop is going to be there tomorrow and the day afterwards -- if the shop rips off its customers, the customers will eventually gang up and destroy the shop. Even if you haven't visited the town before, location is a trust signal, permanence is a trust reinforcer, busy custom is a sign of others' trust.

Likewise, when you deal with greenbacks, you know that at the end of the day, there are 300 million Americans that will take them. And, those 300 million know that at the end of the day, their government will take them back in taxes.

There are many other trust mechanisms; but let's turn back to Bitcoin. What makes trade in it trustworthy? Not a lot. There is no statement of value; this is the same weakness that makes PGP's Web of Trust no more than a curiosity. There is no big brother standing behind it, it doesn't look like a national currency. There is no sense of permanence like a brick&mortar shop, and there have already occurred a hundred or so copycat competitors, many of whom have already folded. It is unlike gold with its ancient history of cross-cultural acceptance. There is no sense of the other person you're dealing with, and indeed there is a designed absence of sense -- the unit is supposed to be psuedonymous, which means you're dealing with a key not a person.

Keys don't make deals, people do.

For trust in Bitcoin, there is only supply and demand, which reduces the unit to the trials and tribulations of the market, with no "underlying" or strength. We have a name for that: speculation, as opposed to investment. Bubbles and Ponzies are other words that are bandied around, with more or less stickiness. Either way, this lack of foundation generally means that Bitcoin is not good for long term trade; you can't price ordinary goods in Bitcoin for example, because the price keeps going up, and down.

So, as a rule of the Bitcoin economy, in participating in bidirectional trades, one has to build ones own trust system in.

As a rather good example, this is exactly what the Silk Road did! Bonds were required of newcomers, and funds were held in escrow until delivery of goods were effected. Silk Road worked, trust was maintain, and deals were done.

At least in its short lifespan, before the trust was irrevocably undermined by the attention of the Feds. It's important to understand that whatever you think about the political or legal questions surrounding the capture of the owner and the closing of the market, its demise is synonymous with, or equivalent to, the end of its offer of trust -- its ability to ensure a safe bidirectional trade.

Fans would say that Bitcoin carefully separates out the trust equation from the payments equation, allowing us to build it later in markets like the Silk Road; opponents would say it is fundamentally untrustworthy, I would prefer to say that trust in Bitcoin is unfinished business.

So how do we finish that which is missing? How do we add the trust back into Bitcoin, or in more accepting terms, how do we augment it with the missing pieces?

One normal trust mechanism that businesses do is an old and boring one: collect the details of who the person is, commonly by looking at their passports/national Ids. There are many pros & cons to this method. For many sectors and trades, it is a waste of money, and an invitation to deception, whereas for others it is a leveraging of the state's identity-trust model, for near-free. And, as we've seen, this method leads to the death of privacy as thousands of marketing businesses and dozens of intelligence agencies aggregate your personal life, starting with your ID.

Bad as identity is, it's worth mentioning because for every finance business that needs to make its peace with a nearby government, this is likely what has to be done, whether they like it or not. It is a trust mechanism, or enough of one for many milder purposes, and it is going to be imposed over Bitcoin to a large extent if & when governments figure out what to do.

Pros and cons! How would we then mitigate the many cons to mass identity collection? What about localised circles of trust -- instead of a global facebook for money, perhaps a google-circles for shared wealth? We could share the information locally in small enough circles such that the trust can be vectored to where it is needed, but there is no necessary or single weakness that can be attacked, that inevitably brings the system down.

This is indeed what I'm doing in my business right now. Building a pure transaction system like Bitcoin (which I called Ricardo) was what I did a long time ago; for many years now I've been building trust systems, which is proving to be far more challenging because people are directly involved in ways that they aren't with mere transactions.

Which leads me to my final point: *Trust is people-centric*. Payment systems aren't, they are transaction-centric. Bitcoin takes this separation to new levels by reducing even the Issuer to a non-person called a block-chain, in a sense it is pushing further and further

In contrast, the same process I took in building this trust system, which is now in place, applies both to my Ricardo and to Satoshi's Bitcoin. If you meld a payment system with a trust system, what you get is a working economy. But the challenge is not the payment system, it's definitely the trust system.

Adding Bitcoin to our system then will be fairly easy -- and *worthy of trust*. Which might propose yet another benchmark to Bitcoin. When you hear about us offering Bitcoin, that might signal that there is sufficient demand *in mainstream marketplace* for it. We can do it easily because we have the trust. Watch this space?

Posted by iang at 03:33 PM | Comments (2) | TrackBack

November 17, 2013

Bitcoin news -- malware, bots, raids, all as predicted, oh my!

As I'm talking at a conference next week on inter alia matters Bitcoinian, I did a little research on the darker side of the coin. McAfee reports:

As the Bitcoin rate has increased, malicious Bitcoin miners have shown a growing interest by infecting victims with malware that uses computer resources to mine Bitcoin without their knowledge. While the cybercriminals generate profits, the computers slow down. In May, for example, Webroot posted a blog about a marketplace to customize and buy such malware.

This is aligned with the article I wrote a year or two back with Philipp Güring, entitled "Bitcoin & Gresham's Law - the economic inevitability of Collapse." The press says more (but I haven't found the source):

"The proliferation of digital currencies fuels the proliferation of tools and services necessary for cybercrime. This in turn helps fuel the growth in cybercrime, and other forms of digital disruption," said McAfee EMEA CTO, Raj Samani.

"Further, the challenges facing such currencies go beyond their propensity for use within money laundering—to targeted attacks on financial exchanges, and malware developed to target digital wallets."

Evidence that virtual currencies have become a mechanism for online and physical crime risks the possibility of full-scale intervention by governments.

All stirring stuff, and nice to know that we were the first with the right analysis! Don't forget your credits, guys ;-) Ah, found the primary source.

Brian Krebs provides some evidence of that idea that the Botnets would mint some cash:

So far, FeodalCash has managed to attract at least 238 working affiliates. Here is a copy of the affiliate list, complete with their corresponding bitcoin wallets. According to Xylitol, the host PCs that currently have this botcoin mining malware installed are doing their slavish work at the Eligius bitcoin mining pool. According to the FeodalCash administrative panel, the infected machines have mined only about 140 bitcoins. Each bitcoin is currently worth about $100 at today’s exchange rate, making the program’s total haul only about $14,000. The current bitcoin generation rate is about 4.719 bitcoins per day, or about $340.45 daily.

But those numbers are too small to really confirm the hypothesis, and given the FPGA and customized hardware argument, we may never see it (although I reckon we'll see it for GPUs).

Bear in mind when reading this stuff that sales operations like McAfee is in the business of FUD, as that lifts sales of its products. That said, they present a good roundup of the bad things going on:

  • Newish exchange Bitinstant was raided by attackers who stole $12k worth. Bitinstant closed.
  • Leading exchanger Mt Gox is seeing its new accounts climb "to 75,000 in just the first few days of April."
  • Silk Road was closed by the Feds, and they unmasked the Dread Pirate Roberts. They also busted an alleged drugs distributor and took his BTC.
  • A court in the US ordered the siezure of Mt Gox's USA funds held by Dwolla.
  • WebMoney announced a derivative issue whereby users send them Bitcoins and they receive digital derivative instruments valued 1:1 in BTC.
  • Phishers started targetting Bitcoin account holders at Mt Gox.
  • Global Bond, a trading platform for bitcoins in China amassed $3.3 million of them, and then the operators ran off with the loot.
  • An 18 year old in Australia started a Bitcoin bank and amassed AUD $1.4 million before hackers turned up and taxed the lot.

A long time ago I argued that the only way you knew that a new money was successful was when the crooks started attacking. We've certainly crossed that point now, and by this measure, Bitcoin is successful! Congratulations!

Posted by iang at 11:52 AM | Comments (2) | TrackBack

October 29, 2013

Confirmed: the US DoJ will not put the bankers in jail, no matter how deep the fraud

I've often asked the question why no-one went to jail for the frauds of the financial crisis, and now the US government has answered it: they are complicit in the cover-up, which means that the financial rot has infected the Department of Justice as well. Bill Black writes about the recent Bank of America verdict:

The author of the most brilliantly comedic statement ever written about the crisis is Landon Thomas, Jr. He does not bury the lead. Everything worth reading is in the first sentence, and it should trigger belly laughs nationwide.

Bank of America, one of the nation’s largest banks, was found liable on Wednesday of having sold defective mortgages, a jury decision that will be seen as a victory for the government in its aggressive effort to hold banks accountable for their role in the housing crisis."

“The government,” as a statement of fact so indisputable that it requires neither citation nor reasoning, has been engaged in an “aggressive effort to hold banks accountable for their role in the housing crisis.” Yes, we have not seen such an aggressive effort since Captain Renault told Rick in the movie Casablanca that he was “shocked” to discover that there was gambling going on (just before being handed his gambling “winnings” which were really a bribe).

There are four clues in the sentence I quoted that indicate that the author knows he’s putting us on, but they are subtle. First, the case was a civil case. “The government’s” “aggressive effort to hold banks accountable” has produced – zero convictions of the elite Wall Street officers and banks whose frauds drove the crisis. Thomas, of course, knows this and his use of the word “aggressive” mocks the Department of Justice (DOJ) propaganda. The jurors found that BoA (through its officers) committed an orgy of fraud in order to enrich those officers. That is a criminal act. Prosecutors who are far from “aggressive” prosecute elite frauds criminally because they know it is essential to deter fraud and safeguard our financial system. The DOJ refused to prosecute the frauds led by senior BoA officers. The journalist’s riff is so funny because he portrays DOJ’s refusal to prosecute frauds led by elite BoA officers as “aggressive.” Show the NYT article to friends you have who are Brits and who claim that Americans are incapable of irony. The article’s lead sentence refutes that claim for all time.

The twin loan origination fraud epidemics (liar’s loans and appraisal fraud) and the epidemic of fraudulent sales of the fraudulently originated mortgages to the secondary market would each – separately – constitute the most destructive frauds in history. These three epidemics of accounting control fraud by loan originators hyper-inflated the real estate bubble and drove our financial crisis and the Great Recession. By way of contrast, the S&L debacle was less than 1/70 the magnitude of fraud and losses than the current crisis, yet we obtained over 1,000 felony convictions in cases DOJ designated as “major.” If DOJ is “aggressive” in this crisis what word would be necessary to describe our approach?

Read on for the details of how Bill Black forms his conclusion.

Posted by iang at 05:27 AM | Comments (0) | TrackBack

September 19, 2013

Research on Trust -- the numbers matter

Many systems are built on existing trust relationships, and understanding these is often key to their long term success or failure. For example, the turmoil between OpenPGP and x509/PKI can often be explained by reference to their trust assumptions, by comparing the web-of-trust model (trust each other) to the hierarchical CA model (trust mozilla/microsoft/google...).

In informal money systems such as LETS, barter circles and community currencies, it has often seemed to me that these things work well, or would work well, if they could leverage local trust relationships. But there is a limit.

To express that limit, I used to say that LETS would work well up to maybe 100 people. Beyond that number, fraud will start to undermine the system. To put a finer point on it, I claimed that beyond 1000 people, any system will require an FC approach of some form or other.

Now comes some research that confirms some sense of this intuition, below. I'm not commenting directly on it as yet, because I haven't the time to do more than post it. And I haven't read the paper...


'Money reduces trust' in small groups, study shows
By Melissa Hogenboom Science reporter, BBC News

People were more generous when there was no economic incentive

A new study sheds light on how money affects human behaviour.

Exchanging goods for currency is an age old trusted system for trade. In large groups it fosters co-operation as each party has a measurable payoff.

But within small groups a team found that introducing an incentive makes people less likely to share than they did before. In essence, even an artificial currency reduced their natural generosity.

The study is published in journal PNAS.

When money becomes involved, group dynamics have been known to change. Scientists have now found that even tokens with no monetary value completely changed the way in which people helped each other.

Gabriele Camera of Chapman University, US, who led the study, said that he wanted to investigate co-operation in large societies of strangers, where it is less likely for individuals to help others than in tight-knit communities.

The team devised an experiment where subjects in small and large groups had the option to give gifts in exchange for tokens.

The study
  • Participants of between two to 32 individuals were able to help anonymous counterparts by giving them a gift, based solely on trust that the good deed would be returned by another stranger in the future
  • In this setting small groups were more likely to help each other than the larger groups
  • In the next setting, a token was added as an incentive to exchange goods. The token had no cash value
  • Larger groups were more likely to help each other when tokens had been added, but the previous generosity of smaller groups suffered

Social cost

They found that there was a social cost to introducing this incentive. When all tokens were "spent", a potential gift-giver was less likely to help than they had been in a setting where tokens had not yet been introduced.

The same effect was found in smaller groups, who were less generous when there was the option of receiving a token.

"Subjects basically latched on to monetary exchange, and stopped helping unless they received immediate compensation in a form of an intrinsically worthless object [a token].

"Using money does help large societies to achieve larger levels of co-operation than smaller societies, but it does so at a cost of displacing normal of voluntary help that is the bread and butter of smaller societies, in which everyone knows each other," said Prof Camera.

But he said that this negative result was not found in larger anonymous groups of 32, instead co-operation increased with the use of tokens.

"This is exciting because we introduced something that adds nothing to the economy, but it helped participants converge on a behaviour that is more trustworthy."

He added that the study reflected monetary exchange in daily life: "Global interaction expands the set of trade opportunities, but it dilutes the level of information about others' past behaviour. In this sense, one can view tokens in our experiment as a parable for global monetary exchange."

'Self interest'

Sam Bowles, of the Santa Fe Institute, US, who was not involved with the study, specialises in evolutionary co-operation.

He commented that co-operation among self-interested people will always occur on a vast scale when "helping another" consists of exchanging a commodity that can be bought or sold with tokens, for example a shirt.

"The really interesting finding in the study is that tokens change the behavioural foundations of co-operation, from generosity in the absence of the tokens, to self-interest when tokens are present."

"It's striking that once tokens become available, people generally do not help others except in return for a token."

He told BBC news that it was evidence for an already observed phenomenon called "motivational crowding out, where paying an individual to do a task which they had already planned to do free of charge, could lead people to do this less".

However, Prof Bowles said that "most of the goods and services that we need that make our lives possible and beautiful are not like shirts".

"For these things, exchanging tokens could never work, which is why humans would never have become the co-operative species we are unless we had developed ethical and other regarding preferences."

Posted by iang at 05:24 AM | Comments (0) | TrackBack

July 28, 2013

I’m Still Waiting for My Phone to Become My Wallet

From the humour department, and for those of us who remember the hype of the 1990s over payments, this article from Jenna Wortham is hilarious:

I’m Still Waiting for My Phone to Become My Wallet

DURING the sweltering heat wave earlier this month, it seemed too hot to wear much, carry much or do much of anything at all. Every time I left the house, I tried to figure out where to stuff my bulky wallet. I always had room for my iPhone, even if it meant carrying it in my hand. But the wallet was one thing too many.

A truly mobile wallet — one that would let you easily pay for restaurant meals, subway rides or beers at a bar with a quick wave of your cellphone — has long been described as imminent. But it remains elusive. Some innovations have begun to bridge the gap, but most have been a disappointment or have not yet worked well enough for mainstream adoption.

...

Posted by iang at 04:59 AM | Comments (0) | TrackBack

September 24, 2012

Gold and Tungsten - a fearful mix

News circulating in the physical gold world is about a rash of lungsten-laced bars being discovered (Germany, UK and USA).

The problem here is multi-faceted. The gold market works on trust, and only brief and cursory checks are made, if you are a trusted player. Taking up the story from WaPo:

Fadl said he did his due diligence “by X-raying the bars to ascertain the purity of the gold and weighing the bars, and the Swiss markings were perfect.”

The problem with this is that if too many people follow the same customary model, it makes the entire market vulnerable to a stuffing operation. Too many people, too much trust means you can always find someone to slide in some well-manufactured fakes.

Fadl became suspicious when he offered the salesman a deep discount for the investment-grade gold bars and he quickly accepted it, a source tells The Post. .... To quell his suspicion, Fadl then drilled into the bar and discovered the tungsten — whose silver color is distinctive from gold’s bright yellow hue.

Oops. As I predicted many years ago, we now have a problem - how to test all the bars in all the vaults? Many of them haven't been touched for decades.

Or have they? No matter. We can always ask the government for help:

Raymond Nassim, CEO of Manfra, Tordell & Brookes, the American arm of the Swiss firm that created the original gold bars — with their serial number and purity rating stamped clearly into them — said he reported the situation to the US Secret Service, whose jurisdiction covers the counterfeiting of gold bars.

He said his company “is supporting and cooperating with authorities any way we can.” .... Numerous calls to the Secret Service were not returned.

(hattip to ZeroHedge for these posts.)

Posted by iang at 12:42 AM | Comments (3) | TrackBack

March 16, 2012

Paypal go back to their roots - Paypal Here Again

In what is a development redolent with history, Paypal have developed a way to turn your phone into a credit card register:

Much like Square, PayPal Here will have a card reader that plugs into your mobile phone via the headset jack on your handset. While Square's reader comes in the form of a white square device, PayPal's will instead be a blue triangle. The encrypted reader will be available for free to small business owners and can be used to accept credit card payments. ... While the PayPal Here app is designed to be used hand in hand with the card reader, the app can also be used to accept checks, keep track of cash transactions, and accept credit card transactions in situations where you might not have your card reader present.

Credit card and check transactions can be accepted by capturing a photo of the check or card in question, and customers select a tip amount and sign for the transaction directly on the phone's screen.

Much of the post correctly points out that Paypal are playing catchup against Square which does the same thing.

What older readers will find amusing is the sense of deja vu - Paypal was originally an application on a Palmtop. And the use of sound to transmit the credit card information to the phone is also quite evocative of the old days of phone-coupling models.

Posted by iang at 11:52 PM | Comments (0) | TrackBack

February 29, 2012

Google thought about issuing a currency

Chris points to:

Google once considered issuing its own currency, to be called Google Bucks, company Chairman Eric Schmidt said on stage in Barcelona at the Mobile World Congress Tuesday.

At the end of his keynote speech, Schmidt hit on a wide array of topics in response to audience questions. "We've had various proposals to have our own currency we were going to call Google Bucks," Schmidt said.

The idea was to implement a "peer-to-peer money" system. However, Google discovered that the concept is illegal in most areas, he said. Governments are typically wary of the potential for money laundering with such proposals. "Ultimately we decided we didn't want to get into that because of these issues," Schmidt said.

Offered without too much analysis. This confirms what we suspected - that they looked at it and decided not to. Technically, this is a plausible and expected decision that will be echoed by many conventional companies. I would expect Apple to do this too, and Microsoft know this line very well.

However we need to understand that this result is intentional, the powers that be want you to think this way. Banks want you to play according to their worldview, and they want you to be scared off their patch. Sometimes however they don't tell the whole truth, and as it happens, p2p is not illegal in USA or Europe - the largest markets. You are also going to find surprising friends in just about any third world country.

Still, google did their own homework, and at least they investigated. As a complicated company with many plays, they and they alone must do their strategy. Still, as we move into GFC-2 with the probability of mass bank nationalisations in order to save the payments systems, one wonders how history will perceive their choice.

Posted by iang at 06:56 PM | Comments (0) | TrackBack

February 05, 2012

Why did VISA pull the plug and leave the "little people" high and dry?

Clive asks in comments a long time ago (apologies for late reply):

any thoughts to VISA's extraodinarily abrupt behaviour over stopping all ePassport issued VISA cards?

( http://m.krebsonsecurity.com/2010/09/visa-blocks-epassporte/ )

Aside from the seamier side (which all financial systems attract) a large number of "little" people used the system to be paid for their legitimate labours (code cutting etc) and VISA appears to have left them high and dry.

Hi Clive,
One comment gives a fairly good impression about what to expect. I'd say this is a fairly typical pattern in alternative payment systems.

Aside from that, let me develop it in a series of viewpoints.

Evolution. It goes more or less this way: Some entrepreneur figures out a way to get a hot money product out there that appears to bypass the conventional channels. This is reasonable, economic, and politically appealing.

(By politically appealing, we might recall that quote about Paypal founders telling all their new staff about the end of government, libertarians to rule the world, boundless new efficiencies, etc.)

For a while, whichever payment system we are talking about, it does well.

A new product that provides a completely new way of doing business will always find a market in those that really need that. This will also include a significant proportion of morally questionable activities, being those that are shut out by conventional channels which have decided to impose the morals. So, both "clean" and "morally questioned" users exist, both, and both of them are contributing their revenues to the wellbeing of the new payment system. (Cases in point are: video, ecommerce websites, cheap telephony, certificates.)

The latter group, which we might call the moral arbitrageurs, have an advantage because their business model generally promises higher margins. They tend to grow faster, and frequently become the major force at many levels in new business models.

Attack. At some point, the arbitrageurs in the system start to do too well, and come to the attention of some authority somewhere. It matters not which one, or which product, or which morals. That authority starts investigating, figures out where the weak parts are, and leans on them. In the case of payment systems, the weak points are generally the finance partners.

Once the leaning starts, the partner pulls out. In the case identified the partner is Visa, but more often it is a partner bank. This brings us up to the point where Clive asks, but why!? Why did the partner pull out and leave the "little people" high and dry?

For the partner, it is a question of straight economics, not morals. Let's look at the economics of the payment partner. It is based on fees, many of them, easily collected, without trouble, because margins are tight. Each of those fees that is then reneged upon, or worse, the principal is lost, results in much higher costs to the facilitator. So each partner can only accept a tiny percentage of failures before it starts losing money.

Hence, an attacker (in this case the authorities) only needs to lean on a small percentage of payments before the entire body of payments is seen as a loss by the facilitator.

There doesn't need to be a proof of a crime, or indeed any evidence. Just the knowledge by the bank that it isn't worth the fees anymore is good enough, as any fee benefit is going to be consumed in compliance overload and risks. Also, the bank (Visa) knows that a lot of the traffic that is shut out of this system will find its way back to the "legit" system one way or another, and therefore, the bank often prefers to see the alternative payment system as competition it would rather destroy, rather than honest trade to be defended.

In the alternative payments market, it doesn't need much pressure to get a partner to walk away.

Enemies. Where it goes wrong, or what is wrong with this entrepreneurial process depends on who you ask (and yes I'm getting to your second question :) If you ask the regulators, these systems are made for money laundering (ML), so shut them down, or else. No discussion possible, there, because the claim of ML always sticks like mud. If we ask the banks, they'll say they are unfair competition, as the newcomers don't have to pay the regulatory toll (which the incumbents argued successfully for), and the nasty cheap competitors are too cheap. Shut 'em down, yesterday, already! No interest in negotiation.

On the plus side, if we ask the operators, they will say that the system is fair, adults are entitled to play adult games, and real competition is what consumers deserve. They might also point to their safeguards. Nobody ever asks the consumers, and there is little benefit in asking the suppliers of whichever questioned goods we are offended by :)

All these things are likely true at some level (and false at other levels), so which is which and which are correct or false or relevant or specious tends to be irrelevant, because they can all be used. And often are. The alternative payment system lives in a very aggressive world, they have too many enemies.

Addiction. But, I have a different perspective. If you ask me, I'd say it is because the operators got a little too addicted to the morally questionable business. They should have been smarter, avoided the addiction, and eased themselves off it before the habit turned nasty.

Where, both how much and which drug are defined by their circumstances. As I'm most familiar with the story of gold payment systems, a decade or so back, let me outline that one by way of example, but please also note that the evidence published by Paypal reveals the same forces.

The gold community's morally questionable friends were the ponzi schemes and fast-moving payments games, which on the strength of fees income, took the e-gold business into the black, early 2000. This was around 9 months after the first games (aka ponzis) turned up above the radar, so quite a stunning result. I'd also mention that e-gold wasn't the only one, there were others on all sides of the tracks, but e-gold was the leading indicator, the case study.

At that point (strategically speaking, says I), as they entered the black, they should have shifted strategy to increase other "cleaner" opportunities, and reduced the impact of the arbitrage games/schemes. Instead, it could be said that they seemed to chose to defend the adults in their right to participate in these things. Two things are worth noting. This is the libertarian view, which is quite popular in arbitrage sectors, so e-gold's customers were happy. Secondly, adults do have a right, at some fundamental level to lose all their money. But they also seem to like going crying to regulators after enjoying their right to unregulated carnage. And crybabies punch above libertarians at about 100:1 (take note Ron Paul).

Hence, the pattern is somewhat inevitable. For the gold sector, the steamroller started moving by end of 2002, and within 5-6 years, a lot of players were shut down.

Now, with that in context, your real question was this: why did all these honest people lose their money? Why so sudden? Why so immediate?

I think the answer to that is found in the world views of the players. The Feds/banks have already decided that (a) the system is illegal, or quasi-illegal, and, the people using it are either (i) outright crims, (ii) engaging in immoral or quasi-illegal behaviour, or (iii) should have known better than to associate... Further, it will be an internalised truth for the investigators and the banks that, if there are any honest people, they will come forward and prove a claim to the money. "If you've done nothing wrong, you have nothing to hide."

Some of this is true. There were criminals using those gold payment systems, and it was bad stuff. I don't tend to write about it because (a) I lack strong evidence, and (b) people simply don't believe it when I tell them. "Yadda, more conspiracy talk..." It was bad stuff.

That said, it is also true that not all users are tarred with the same brush. The crims are a minority. Many of the users are honest, and they will still lose. Big time. Here's why, on the demand side:

  • Not all will those honest people will come forward (because they are scared),
  • not all people will be able to prove their claims (because the case is already stacked against them),
  • some of them will have questionable behaviour of other forms, and worry about collateral damage,
  • many of the holdings will be in the order of under $10k and therefore uneconomic to fight, and
  • many of the people concerned will not have enough money to pay for legal help (especially those that lost a lot of their money!).

Of course there will be some claims, and some money paid out. On the supply side, the Agency has the incentive to give it a go, because it keeps the money.

So, to answer your question, it's because of a combination of forces:

  • the bank could not care less, and it would like the competition to go away anyway;
  • the odds are stacked against the people claiming the money back; and
  • the value seizure is done by people who are structured to ignore the issue, because they are going to benefit.

And, to restate my view: the operators took the good times to heart, and didn't clean up their house quickly enough to escape the backlash.

Again, apologies for the long & late reply.

Posted by iang at 05:24 AM | Comments (1) | TrackBack

January 21, 2012

the emerging market for corporate issuance of money

As an aside to the old currency market currently collapsing, in the now universally known movie GFC-2 rolling on your screens right now, some people have commented that perhaps online currencies and LETS and so forth will fill the gap. Unlikely, they won't fill the gap, but they will surge in popularity. From a business perspective, it is then some fun to keep an eye on them. An article on Facebook credits by George Anders, which is probably the one to watch:

Facebook’s 27-year-old founder, Mark Zuckerberg, isn’t usually mentioned in the same breath as Ben Bernanke, the 58-year-old head of the Federal Reserve. But Facebook’s early adventures in the money-creating business are going well enough that the central-bank comparison gets tempting.

Let's be very clear here: the mainstream media and most commentators will have very little clue what this is about. So they will search for easy analogues such as a comparison with national units, leading to specious comparisons of Zuckerberg to Bernanke. Hopeless and complete utter nonsense, but it makes for easy copy and nobody will call them on it.

Edward Castronova, a telecommunications professor at Indiana University, is fascinated by the rise of what he calls “wildcat currencies,” such as Facebook Credits. He has been studying the economics of online games and virtual worlds for the better part of a decade. Right now, he calculates, the Facebook Credits ecosystem can’t be any bigger than Barbados’s economy and might be significantly smaller. If the definition of digital goods keeps widening, though, he says, “this could be the start of something big.”

This is a little less naive and also slightly subtle. Let me re-write it:

If you believe that Facebook will continue to dominate and hold its market size, and if you believe that they will be able to successfully walk the minefield of self-issued currencies, then the result will be important. In approximate terms, think about PayPal-scaled importance, order of magnitude.

Note the assumptions there. Facebook have a shot at the title, because they have massive size and uncontested control of their userbase. (Google, Apple, Microsoft could all do the same thing, and in a sense, they already are...)

The more important assumption is how well they avoid the minefield of self-issued currencies. The problem here is that there are no books on it, no written lore, no academic seat of learning, nothing but the school of hard-knocks. To their credit, Facebook have already learnt quite a bit from the errors of their immediate predecessors. Which is no mean feat, as historically, self-issuers learn very little from their forebears, which is a good predictor of things to come.

Of the currency issuers that spring up, 99% are destined to walk on a mine. Worse, they can see the mine in front of them, they successfully aim for it, and walk right onto it with aplomb. No help needed at all. And, with 15 years of observation, I can say that this is quite consistent.

Why? I think it is because there is a core dichotomy at work here. In order to be a self-issuer you have to be independent enough to not need advice from anyone, which will be familiar to business observers as the entrepreneur-type. Others will call it arrogant, pig-headed, too darned confident for his own good... but I prefer to call it entrepreneurial spirit.

*But* the issuance of money is something that is typically beyond most people's ken at an academic or knowledge level. Usage of money is something that we all know, and all learnt at age 5 or so. We can all put a predictions in at this level, and some players can make good judgements (such as Peter Vodel's Predictions for Facebook Credits in 2012).

Issuance of money however is a completely different thing to usage. It is seriously difficult to research and learn; by way of benchmark, I wrote in 2000 you need to be quite adept at 7 different disciplines to do online money (what we then called Financial Cryptography). That number was reached after as many years of research on issuance, and nearly that number working in the field full time.

And, I still got criticised by disciplines that I didn't include.

Perhaps fairly...

You can see where I'm heading. The central dichotomy of money issuance then is that the self-issuer must be both capable of ignoring advice, and putting together an overwhelming body of knowledge at the same time; which is a disastrous clash as entrepreneurs are hopeless at blindspots, unknowns, and prior art.

There is no easy answer to this clash of intellectual challenges. Most people will for example assume that institutions are the way to handle any problem, but that answer is just another minefield:

If Facebook at some point is willing to reduce its cut of each Credits transaction, this new form of online liquidity may catch the eye of many more merchants and customers. As Castronova observes: “there’s a dynamic here that the Federal Reserve ought to look at.”

Now, we know that Castronovo said that for media interest only, but it is important to understand what really happens with the Central Banks. Part of the answer here is that they already do observe the emerging money market :) They just won't talk to the media or anyone else about it.

Another part of the answer is that CBs do not know how to issue money either; another dichotomy easily explained by the fact that most CBs manage a money that was created a long time ago, and the story has changed in the telling.

So, we come to the the really difficult question: what to do about it? CBs don't know, so they will definately keep the stony face up because their natural reaction to any question is silence.

But wait! you should be saying. What about the Euro?

Well, it is true that the Europeans did indeed successfully manage to re-invent the art and issue a new currency. But, did they really know what they were doing? I would put it to you that the Euro is the exception that proves the rule. They may have issued a currency very well, but they failed spectacularly in integrating that currency into the economy.

Which brings us full circle back to the movie now showing on media tonight and every night: GFC-2.

Posted by iang at 06:54 PM | Comments (1) | TrackBack

September 20, 2010

The Facebook model succeeds. Next steps: copying, responding, losing.

Along the lines of previous reporting, it seems that Facebook has won its spurs. Eliot van Buskirk reports from Wired:

Facebook is making a play to become the dominant player in virtual currency — the funny money you use to everything from digital magazines to Farmville turnips. It’s already a billion-dollar business in which Facebook, the world’s largest social network, will face stiff competition from other behemoths like Apple, Google and PayPal.

Facebook already has a big advantage over those companies: a virtual currency, Facebook Credits, that works across different apps rather than being tied to one specific app or another.
...
Sales of virtual goods are projected to reach $1.6 billion this year in the United States alone, according to an Inside Network report. About half of that will be spent on social games, and the majority of that in Facebook games such as Farmville.

Facebook claims 30 percent of revenue when people buy these credits — the same cut Apple and Google slice off when users buy virtual goods within their apps — but is already the number one app across all smartphone platforms according to Nielsen.

This means that Facebook will earn its investors the return demanded. Because it has an active market place of many thousands of suppliers, it has gained control of the monetisation within its world, and it takes significant margin of that activity, this means that Facebook has cracked the revenue model in a way that few others have.

However, other big Internet players will notice the success, will revisit their flawed models, and will move to adopt the one that Facebook has worked out for them.

Apple has yet to create a cross-app virtual currency, but offers other virtual goods — iTunes songs, for instance — through pre-paid gift cards. Users may start wondering why they can’t use iTunes credits to purchase goods within iPhone apps like Farmville — and vice versa. And because so much money will be spent in this way, this problem could become a source of annoyance for users and app developers alike.

This is of interest to financial cryptography players as it establishes the basic business rules to play in this market. It's also of interest to regulators and incumbents (read: banks) who want to squash the market:

The U.S. has strict laws against creating new forms of currency, but there’s enough wiggle room for Apple (iTunes), Google (Checkout, Android), Paypal, individual developers, and others to join Facebook in creating virtual currencies that work in apps across their respective platforms, even those beyond games — music, movies, productivity apps, and so on. And that’s when things could get tricky, in the huge and expanding market for virtual goods.

Unfortunately the signs auger badly for them. As frequently commented here in this blog, the European Union tried to beat this one back in the 1990s and succeeded so well it lost. Meanwhile, the USA supported, and partly won with Paypal, but then reversed course and is now set to lose. And, unless the banks wave the get-out-of-jail-free card, they won't be getting as much attention as before. Curiously, their favourite "save me" card might be more justified this time (you know your banking, right?) but it's already been spent, and the results weren't good. Patience should be thin.

Perhaps it is time to roll out Goodhart's law as this blog's aphorism ad nauseum? Meanwhile, bringing the two battles together, this means that while the B-list is moving to copying, the A-list now starts its regulatory response phase.

Good luck on that immense strategic battle! Interesting times ahead.

Posted by iang at 09:00 PM | Comments (1) | TrackBack

September 05, 2010

In Santayana's market for alternative money, the future is within the Firm!

Social Networks were the next big thing half a decade back, and to anyone in the field of financial cryptography they were obviously well matched to the money product. Like games, before them.

Those travels are reaching their destination now:

At a time when the likes of Google and Disney are beefing up in the online amusement business, a Santa Clara-based startup called PlaySpan has landed $18 million in third-round funding with plans to expand its services into Asia and Europe.

Vodafone Ventures, based in the United Kingdom, and Japan's Softbank Bodhi Fund led the investment in PlaySpan, a leader in providing services that help publishers of such brands as Neopets, Dungeons and Dragons Online and Lord of the Rings Online make money.

PlaySpan says its patent-pending monetization platform is used in more than 1,000 games, social networks and video sites to generate revenue, acquire new users and build customer loyalty. Game devotees may know it for its prepaid Ultimate Game Card, sold at many retailers.

The investment adds to a trend of venture capital and corporate dollars flowing into the online gaming sector in recent years, a business that has proliferated with the rapid expansion of Facebook and other social networks. PlaySpan supports the popular "freemium" business model, in which publishers enable users to play for free but charge for premium extras.

Earlier this month, Google, facing a growing challenge from Facebook for advertising dollars, acquired Slide for $182 million. In late July, Disney announced plans to purchase Playdom in a deal that could be worth as much as $762 million. PlaySpan counts Disney, Warner Bros. and Nickelodeon among its customers.
...

The problem a lot of us saw was the way in; like the games that came before them, and the retail-space ventures before them, and indeed the banks before anyone, the social money groups tended to pay no attention to the outsiders. So the reliable engineering path was out, and the high-risk fast marketing ramp-up path was in. Throw any schlock accounting system in and call it money!

Much of the work was quite low quality, and in the retail and microfinance sectors it generally failed in part because of these characteristics. But in the games/social side, slapstick accounting dressed up as money can work. For games and social networks, it was possibly no bad decision to go light on the engineering, as they could afford to dump the lot. It was after all "social value," not real money, right?

Which brings us to the somewhat quixotic area of the gaming/gambling market. This is a money that is somewhat in both areas: social and real money, so it is facing both the demand for fast social value as well as the demand for hard monetary engineering. Dave Birch's comment over at Digital Money:

I happened to be at a seminar about online payments for gaming and gambling and sat in on a fascinating talk by Jim Noakes, the Head of Payments at Gala Coral Remote Gambling, on the challenges that he is facing at the moment. It was fascinating because his list of challenges could easily serve at the basis of a requirement specification for a next-generation payment system. Setting aside the challenges of compliance, I thought there were two key challenges that we (ie, the payment industry) might be able to help with. The first is reducing the cost of cash in, and the second is reducing the cost of cash out (ie, winnings). The latter is often where the fraudsters attack, particularly when they get payouts directed to stolen cards. And because the online gambling companies are specific targets for the fraudsters, any solutions must have a high level of security built-in from the very beginning.

What was it that Santayana said? Those who refuse to study history are doomed to repeat it?

We know all this. For my part, I tracked all this in the gold payments era, and how to solve Noakes' challenge is well understood (or at least, many can count on a lot of experience). Nor is this limited information, above, Dave has informed thoughts as well.

What I find fascinating is why Santayana's curse runs so deeply in the alternative payments sector, more so than in practically any other place? Is it the flip-side of entrepreneurship, that we must run a grand lottery of knowledge, and anyone can and should play? As David Theroux puts it:

Numerous economists have shown that without the freedom to learn, discover, and act, the process of entrepreneurship is stymied, and economic progress is not possible. For example, Nobel Laureate F. A. Hayek stressed that because the details of time and place are uniquely perceived at specific moments by some people and not by others, entrepreneurial discovery is decentralized to individuals in a spontaneous, dynamic process. In The Wealth of Nations, Adam Smith understood that having access to this knowledge of time and place of opportunity leads to entrepreneurial discovery. He discussed how such entrepreneurial discovery is necessary for any firm to survive, and when such a process is ignored or hindered by government edicts, the firm’s methods of production can easily become obsolete and the firm left with mounting losses.

Or, is the regulatory monkey so fierce that the curse of innovatory spirit leads to enforced loneliness? Or, is corporate death the punishment for contracting-out, as the costs arising from uncertainty and irresponsibility sky-rocket?

Or, maybe it is just that the entrepreneurial hubris runs deeper. For my own part, I recall that I simply declined to review any competitor's payment system from 1996 onwards, as there was no personal ROI in it. Consequently, my designs were occasionally overtaken by some systems, in some areas, but the experience still didn't change my views that spending time improving my own systems was better than spending time on "competitive intelligence".

No matter the why, it does seem a fairly convincing principle. The payment system is an internal, business-focussed evolutionary animal. With a nod to Ronald Coase's theory of the firm, it may well be that the future of payments lies within the firm, because we'll be darned if we ever discuss it outside the firm!

Just about every innovation in the last decade (including my own) has occurred within this space. The potential for reduction in costs and improvements in Hayekian information flow within the firm are immense, far greater than they are between firms.

And also, those that fight against innovation in money and the digital economy are going to find it harder to fight. After all, it's just another schlock accounting system, right?

Posted by iang at 11:59 PM | Comments (3) | TrackBack

August 17, 2010

Apple to do payments?

Twan asks whether this is an interesting change in the business model of Apple:

As first reported by Near Field Communications World, a trade publication, Apple recently hired Benjamin Vigier, an expert in the mobile payments industry who works with a technology called near field communication.

According to his LinkedIn profile, Mr. Vigier is now Apple’s product manager for mobile commerce. Before joining Apple he worked with a company called mFoundry, developing mobile payment services for PayPal and Starbucks, and also worked on a project called the mobile wallet.

So are Apple moving into payments? Possibly, but there are several caveats to that. Firstly, Apple keep a closed-shop policy, so we won't ever hear it until it is done. Secondly, given the space and people and so forth, it is probably as likely or more likely that Apple is investigating the NFC space:

Near field communication, or NFC, acts like the standard R.F.I.D. chips that are used to scan passports or credit cards today. When an NFC chip is placed within a short range of an NFC reader, the two gadgets can send small pieces of information back and forth. This can be used to perform simple credit transactions, or could be used to pass information between two gadgets.

This isn’t the first person hired at Apple with knowledge and experience in NFC. According to people familiar with Apple’s recent hiring, who asked not to be identified because they were not authorized to speak for the company, Apple has recently hired other phone engineers with experience and knowledge of NFC and similar mobile technologies.

If one was keen on speculating, the facts to look at might be these:

A barrage of NFC-related Apple patent applications have been published over the last few months. They cover a wide range of potential NFC application areas and include:
  • An NFC-based mobile payments service that lets consumers make payments to merchants and other consumers via a credit or debit card, directly from their bank account or using credit stored in their iTunes account.
  • The 'iPay, iBuy and iCoupons' patents, describing a comprehensive mobile payments, mobile commerce and mobile marketing business based around an NFC-enabled iPhone.
  • Products+, an NFC-based product marketing and promotions application.
  • An airline ticketing and boarding pass application that describes an unmanned, automated airport ticketing and baggage counter kiosk and introduces the concept of an automated security checking process where users of the iTravel app could process themselves through the security clearance system and check themselves in at the boarding gate.
  • The Grab & Go patent, designed to make it easy for customers to transfer files between devices such as the Mac, iPhone and Apple TV.
  • An NFC-enabled iPod, games controller, TV and iPhone.
  • An NFC-based concert, entertainment and sports venue ticketing application that includes exclusive bonus features for users of Apple's service.

Which adds further weight to a thrust into all sorts of NFC areas. Personally, I'd speculate that lots of ideas are being researched, and infrastructure is being built internally. Meanwhile, the leading conceptual ideas are being patented (FWIW), but this doesn't imply those ideas will happen. It's simply a land-grab based on giving the company substantial room to manouver when something does roll out.

Those are more expansive views, from the outside. From a more directed approach, there are also pluses and minuses for payments. Here's some analysis:

Firstly, it is a long-standing and well-known plea that we want payments on our mobiles, much more than we want them on our desktops. This is practically dogma in the payments sector.

Secondly, and to counterbalance that, the reason we want it on our mobile/cell/handy/pocket platform is only partly the enormous convenience factor of pocketable money. It's also because there is a presumption that a pocket platform is secure.

Of course, this is a relative statement, as is all talk of security. It's more secure than the average desktop (be it Windows, Mac or Linux) ... but a lot of that is because of the multi-application approach adopted by ones desktop ... and the iPocket stuff from Apple is all multi-application! So the question is, how secure is the iPhone for this sort of thing?

Not very. And not enough for payments, or not enough for hard payments. Maybe enough for soft payments, ones that are reversible when found heading to strange places and strange people. Or one-way payments.

Thirdly, does Apple want to play at being a bank? Surely not .. recall the response that Microsoft got in the mid 1990s when Bill Gates said something like "we only want to take a penny out of each dollar ..." The banks moved swiftly to close that one out.

But times have changed since then, several things have happened. The explosion of payment systems didn't quite happen. Europe's conceptual lead faded away before the fearmongering of banks, which unintended consequence (fading away, not fearmongering) finally caused the regulators to finally rewrite the eMoney directive in favour of experimental approaches to money. And, coincidentally, open up the "real" payments market by means of the PSD, which Dave mentions came into force November last year.

Meanwhile, during Europe's lost two decades, Paypal did happen, and the results were unimpressive in terms of competition policy -- fees on order of 10 times higher than open competitors! Also, the reputation of banks right now is pretty weak, due to their basic failure of governance in the financial crisis, and the seismic shifts in banking are fundamentally moving against them if they want to claim ownership of all money business.

Meanwhile, payments did emerge in the games sector over the last decade. WoW, SL, etc, many tried and many more or less succeeded to create "internal" payment mechanisms to do what payments are supposed to do, provide value accounting for trades between people. From there, it spread across to the social network sector.

The model then that has emerged is that if you do a payments business within your community, this is "ok" ... but outside, opening it to the public, that's not "ok," that's going to face stiff competition from the grumblers. Whereas, inside payments can be snobbishly ignored as game play, not serious.

Is Apple a social network? A game? Yes, it can be seen that way. Is this still a good idea? ApplePay? iBites? That depends on who you ask. If it's just the techheads who built great apps like the ones Apple is famous for, then no, it's too far from core business. Payments is not just technical business and great UIs.

If however Apple can assemble a diverse team, along the lines of the FC7 thesis, then Apple has some of the breadth to support that team.

In a way that Microsoft hasn't and google didn't. Cautiously, I'd say Apple is well-placed to do this, and can do it. If it helps any, I can suggest that doing payments is a lot of fun, a great challenge, and even if you fail, it's experience that will stand good for the future. Good luck, guys.

Posted by iang at 07:44 PM | Comments (2) | TrackBack

July 16, 2010

Perspectives: the difference between the 1990s money guys and the 2000s p2p guys

And, only because I wrote it in the same thread as Zooko's post, here is a retrospective on how the 1990s payments startup guys saw life, as compared to the 2000s p2p generation.


On 18/06/10 12:27 PM, Serguei Osokine wrote:
> > In fact, I thought that this was exactly the hint that Zooko was
> > dropping with his question about MN history. Was kind of surprised
> > to read all the serious history descriptions that followed - though
> > enjoyed them anyway... :)

:) Maybe to add to your surprise, there was a serious history! Perhaps a little more background will help.

In the late 1980s, a guy called David Chaum invented a cryptographic form of cash which he called digital cash. His invention was a variation of the RSA formula that allowed a transfer of something from one person to another, that a third party could prove as valid, but not track the transfer. This allowed the third party to be an issuer of value, and users to transfer coins without being traced.

David was a privacy guy and worked out somehow that the future of the planet depended on robust but private exchange of goods for cash. He saw the bank and the government as the greatest threats to people in their breach of privacy. The basic threat is that if the crooks, governments or banks know where the value is, they won't be able to keep their hands off it for long.

David started a company called DigiCash in Amsterdam which built a system of digital cash (of course) and then in around 1994 he started trying to sell it to banks as the latest hot Internet invention. From a PR point of view, he succeeded dramatically; more was written about the invention of digital cash than practically any other thing with perhaps the sole exception of Netscape.

Which intersected with a large community of anarchists / libertarians / privacy nuts called the cypherpunks. So around 1995 there was an explosion of interest in money systems, wherein money was seen as the solution to every problem. This interest rumbled on, with hundreds of startups taking on different perspectives until 2 events knocked the fun out of the game (2000 dotcom crash and 911).

Now, just about that time, as the money business was being rewired in some post-fun image by dotbomb+911, Napster started up and showed a new model. So a natural shift occurred as people started looking at the p2p market as the solution space.

MN was one of those. The thing to understand though is that the people in MN all came from the earlier generation. Zooko worked for DigiCash and Jim was a cypherpunk, I guess. Well, we all were in some sense, I was too.

So, that generation saw money as the solution. This generation sees p2p collaboration as the solution. Who's right? Who's wrong?

It all depends on your assumptions. Economics will tell you that the money guys are right if there is a scarce resource, and/or the resource is worth real value. But, if not, then collaboration can be done if we can find the sweet spot. Now, it's rather difficult to predict how any particular problem plays out, but it is somewhat easier to say this: if the system is valuable, it will eventually have value. To steal. And if not, maybe we're wasting our time?

So, in such a system, money might solve the accounting of trades of value, but that's not a guarantee -- money is very tricky stuff to get right, and there is plenty of merit in leaving that part to the end. Which is kind of what Jim was getting at: MN tried to solve too much. Out of it came some successes, but they were cut-down, like BitTorrent and Tahoe. As time goes on, more value finds its way into these successes, and the call to add in a money gets louder.

Caveat: I was an observer of those efforts, of the things mentioned above, so corrections from the insiders can be expected!

Posted by iang at 09:03 PM | Comments (1) | TrackBack

NewGenDosh: Flattr

Editor's note: Zooko writes in p2p-hackers forum, and editor gladly copies:


That there is also a new generation of interesting payment systems including The Love Machine and Flattr.

I think Flattr is very interesting. Founded by founders of The Pirate Bay, they do several things that are very promising:

1. The marginal cost to you of clicking on someone's "flattr me" button is zero. This is due to the scheme of subscribing to Flattr.com with a monthly fee and then at the end of the month your money gets split among everyone whom your clicked on. This is the most promising solution to the problem of "mental transaction costs."

2. The pitch is that this is a way to express love to people. ♥ > $

3. Look: content! It is very easy to find things to love on the flattr.com web site.

This has a lot in common with the "tipping" feature that we advertised as a future feature of Mojo Nation (e.g. it features prominently in the write-up of Mojo Nation in The Economist). (Inside Evil Geniuses For A Better Tomorrow we called that feature the "Pay Lars" button, in honor of a certain musician who had publicly criticized Napster for depriving him of well-earned income.)

From a historical perspective Flattr is a fascinating example of the evolution of ideas. The founders of The Pirate Bay are probably intimately familiar with BitTorrent, but as far as I know, they are unfamiliar with anonymous Chaumian digital cash. I wouldn't be surprised if they got the idea for Flattr from their experience with BitTorrent and basically observing that there was a "hole" in BitTorrent where micropayments could go. :-) Does anyone know the inside story on how they got the idea for Flattr?

Regards,

Zooko

Posted by iang at 08:29 PM | Comments (0) | TrackBack

July 04, 2010

Kickstarter and task markets

Back in 1997 I wrote about task markets, where people would propose an idea, collect funds, and when 100% was reached, the contract would be made. Now Kickstarter is more or less doing it. Here's one of their contracts:

A year ago, I began writing poems to strangers on the internet. I would keep a specific person in mind: a blogger, a penpal, a sort-of-lover. Then I'd set a timer for 5 minutes and let the thoughts pour out, unfiltered.

The 5 Minute Poems were sent through email, published immediately on my blog or written in Gchat. They were slices of mind. Internet Intimacy. Poetry as communication.

Some of the people I corresponded with were also living in New York City, but some of them were in Texas, Paris, Melbourne, London. The poems filled the hours at the height of insomnia when my head was stuck in strange frequencies. The year-long experiment amassed enough poems to fill a chapbook.

Instead of traditional publishing methods, I want to do something more organic. I want to get the book into the hands of the readers, friends and strangers who inspired it.

I am using Kickstarter to raise the funds needed to self-publish the book and get it the hands of the people who want to read it.

Now, when I did it, I also built the software and tested it out. The reason I stopped was because of the money. It wasn't that I didn't have enough, but the money -- whichever money one had -- wasn't efficient enough. Transactions cost too much money, and innovative ideas like this used several transactions ... and often had to be unwound. People don't like losing money that way.

So several of these ideas popped up and faded away (it seems). My guess is that the payments ate away at them like a cancer. Consider using credit card, and hitting the CC 6 months after the transaction... who's picking up the cost of mistakes there?

This site however solves the problem by just collecting pledges. So it is entirely a credit operation.

When is my credit card charged?
If this project is fully funded on August 11, 01:00am EDT your credit card will be charged along with all the other backers of this project.
So my card is only charged if funding succeeds?
Yes! That's part of what makes Kickstarter special. If a project isn't fully funded, no one pays anything.

And therefore likely works by assuming that pledges can disappear at the end of the day, but as long as a good percentage come through, the margins can make the rest work.

Our fee is 5%.

Kickstarter collects 5% from the project creator if a project is successfully funded.

Why has it taken so long? Well, the money system is so damn inefficient over the net that everything else has to be very good. If we had efficient monies, we'd have done this 10 years ago, and another 1000 ideas as well.

Big question then is, why is the money so damn inefficient? Well, you know the answer to that already, otherwise you wouldn't be here :)

Posted by iang at 11:55 PM | Comments (2) | TrackBack

January 21, 2010

news v. not-news, the great phone-payments debate rumbles on

Someone told me last night that payments would get better when done on phone! Yessssss.... how does one comment to that? and today I spotted this:

Everyone's getting real excited about Jack Dorsey, the co-founder of Twitter, and his new payments application for the iPhone called Square.

OK, except we've seen it all before. Remember Paypal? No, not the one you now know, but the original one, on a PDA. So the process is being repeated. First, do the stuff that looks sexy on the platform that gets you the buzz-appeal. And then, move to where the market is: merchants who pay fees. And, here's where the founder is being more than normally forthright:

... the biggest friction point around accepting credit cards is actually getting a merchant account. So being able to become someone who actually can accept a payment off a credit card, off a prepaid card, off a debit card, is actually quite difficult, and it takes a long time – it's a very complicated process. So we wanted to get people in and accepting this new form of payments, and this very widely used form of payments in under 10 seconds.

Exactly the same. And the one before that -- First Virtual :) And I recall another after that which was popular in the media: peppercoin. And and and... So when Chris Skinner says

The thing is that Square is good for the American markets, but it is very last century because it focuses upon a card's magnetic stripe and signature for authentication. That's the way Americans pay for things but other markets have moved away from this as it is so insecure.

He's right in that it is very last century. But Skinner is concentrating on the technology, whereas Dorsey is looking at the market. Thus, maybe right conclusions, but the wrong reasons. What are the right reasons?

Last century was the century of Central Banking. One of the artifacts of this was that banks and payment systems were twinned, joined at the hip, latter granted as a favour to the former. However as we move forward, several things have loosened that tight grip. Chief amongst them, securitization, the financial crisis, financial cryptography, the cost of hardware and the rise of the net.

So, the observation of many is that the phone is now the real platform of choice, and not the Xiring, which is just an embarrassing hack in comparison. And, the institution that can couple the phone to the application in a secure and user-friendly way is the winner.

Question then is, how will this unfold? Well, it will unfold in the normal entrepreneurship fashion. Several waves of better and better payment systems will emerge from the private sector, to compete, live and die and be swallowed by banks. Hundreds of attempts every year, and one success, every year. Gradually, the experiments will pay off, literally and ideas-wise, and gradually people will read the real story about how to do it (you know where) and increase the success ratio from 1:100 to 1:10.

And, gradually, payments will stand separate from banks. It might take another 20 years, but that's short in the comparison to the time it took for the dinosaurs to fade away, so just be patient.

Posted by iang at 04:02 PM | Comments (3) | TrackBack

October 18, 2009

The new coin of the NSA is also the new coin of the economy

RAH sends around a review of a new book on the NSA. Just to underscore Chris's the energy thesis mentioned a few days ago, there is this enticing conclusion:

The issue is critical because at the NSA, electrical power is political power. In its top-secret world, the coin of the realm is the kilowatt. More electrical power ensures bigger data centers. Bigger data centers, in turn, generate a need for more access to phone calls and e-mail and, conversely, less privacy. The more data that comes in, the more reports flow out. And the more reports that flow out, the more political power for the agency.

And it isn't just the NSA. The Economist points out that the cash that 3 big players have to go to war with will be spent on data centers (and what you do in them, called Cloud computing in the current buzzword):

Full war chests

This means that all three will have ample resources to spend in the main areas of the fight: data centres, cloud services and the periphery. In data centres, Google is ahead, but Microsoft is catching up in size and sophistication. Apple has most to learn, but this, too, seems only a question of time and money. Just as much of hardware has become a commodity, knowing how to build huge data centres may not be a big competitive advantage for long. And data centres can get only so big before scale ceases to be an advantage.

So you need lots of them, like google's three dozen. Where to build? You build them where the tech people are (because you want lots of technical employees who can drive in and press reset buttons on google's 2 million servers...) and you build them where energy is cheap. E.g., the cutely-named Apple-Google Power Corridor is located in North Carolina's "Research Triangle", a tech-university area located at twin cities of Raleigh/Durham. So they've got the personnel base, and:

“We’ve been working together with pofficials [sic?] from Caldwell County to market this idea for several years,” said Millar. “Duke Energy serves both sites, and is competitive with its pricing,” which is typically between 4 and 5 cents a kilowatt hour for industrial customers.

“One of the things that’s driving the competitiveness of our area is the power capacity built for manufacturers in the past 50 years,” said Millar. “Having that capacity and those redundancies has helped the region. We’ve got other sites and other buildings ready to go as well.”

They've got the energy! Power, of the energy form, underpins the new economy. Energy economics might not be a new idea: it supports China's booming economy (see chart at bottom). So whatever one thinks about the USA's politics of dabbling around from the Middle East to China, playing the Great Game in the energy belt, there are correlations of importance there.

The negotiations are part of a longstanding effort by the West to try to halt Iran’s nuclear program, which many in the West say is geared toward producing weapons. Iran says the program is designed to generate energy.

Geographically, politically and economically, a new currency based on the kWh is not an outlandish idea.

Posted by iang at 10:04 AM | Comments (6) | TrackBack

July 09, 2009

Webmoney's start in the 1998 crisis

In comments, Igor Drokov asked for data points on my claim that Webmoney single-handedly saved the Russian people from their crisis. The problem with Webmoney has always been that the documentation is in Russian, so the story spread slowly and was wildly exaggerated in the telling. I asked Dani Nagy, who is fluent in Russian, for the truth, and here's what he said:

Here is a summary of the official history of WebMoney, as told in 2005 (in Russian) and an interview:

The first financial transaction in WebMoney happened on November 20, 1998, when the shock of the financial meltdown was still raw in Russia. They started their operations with a "Marshall-plan", spending a few tens of thousands of dollars as follows: the first 1000 registered users got 30 WMZ (WM denominated in USD) on their accounts, the first few vendors that signed up for accepting WM got 100 WMZ and invitations were rewarded by 3 WMZ each, if successful.

For about a month, they announced each signed-up vendor as a separate news item on their main page. By December 1998 they switched to batch announcements, as the service was growing in popularity, albeit mostly confined to Moscow due to the (almost negligibly) low residential internet penetration elsewhere in Russia.

The growth was quite rapid. By the end of 1999, businesses operating mostly online, such as ISPs, banner exchanges, hosting providers and web design studios, adopted Webmoney almost universally. It was in 1999 when exchange agents started popping up in major Russian cities. They also got into the remittance business, mostly for Russians working in America's dot com boom.

By 2000, WebMoney was already very popular across Russia. That same year, Oleg Bunas started a branch in Minsk, Belarus. See this (also in Russian).

Of course, in those years, WebMoney was severely constrained by the low Internet penetration in Russia. But among internet users it was a runaway success from the very beginning, as there was no comparable fast and cheap means of payment. The banking sector certainly failed to meet the demand for such.

My (Dany's) comment:

Giving cash to conductors on railroads has been and still remains a popular means of money transfer, but when it's -20C outside (with a raging blizzard to complete the picture), the benefits of being able to wire money from the comfort of one's home or office are difficult to overstate. :-)

The effect of the present financial crisis on WebMoney is thankfully measured by Google.

Posted by iang at 07:55 AM | Comments (0) | TrackBack

July 03, 2009

China regulates virtual money

Jim points to:

China bans online 'gold farming' by Dave Rosenberg

China has unveiled the first official rule on the use of virtual currency in the trade of real goods and services to limit possible impact on the real financial system. The Chinese government also spelled out the definition of "virtual currency" for the first time, which includes prepaid cards of cybergames, according to a joint announcement from the Ministry of Culture and the Ministry of Commerce Friday. It said:

The virtual currency, which is converted into real money at a certain exchange rate, will only be allowed to trade in virtual goods and services provided by its issuer, not real goods and services.

So effectively, the virtual currency is locked into one obvious thing, one scope, that we all feel good about. It is such a feeling of de ja vue that I feel I have to write about it.

In the early 1990s there was a phenomena called digital cash that rode a wave of hype. Superficially it surrounded the DigiCash company and invention in the Netherlands, but it was also driven by the European smartcard invention.

In response to the normal and baseless FUD, the Bundesbank (central bank of Germany) decided that digital cash in all its forms must be banned for all except banks. The reasons for this I won't go into at the moment. So, the Bundesbank led a project to create a Directive (European super-law) to reserve all issuance of money to the banks. It created a sort of exception that said "if you look like a bank, smell like a bank and taste like a bank, then you can be a money issuer."

Nobody much was fooled. Digital money took off in the Americas and other places, where either the powers-that-be understood and left well alone, or they didn't notice, and ignored. Later on came the cleanup effort.

After a decade of waiting, the Europeans realised they'd been tricked. So they rewrote the directive to be much friendly, in 2000. It still wasn't enough because they still thought they knew how to do this, and they still thought that banks had a reasonable case. Now, in 2008, they've just released another directive that significantly opens it up, and allows full virtual money to be issued by a non-bank.

It's still tight, far too tight for innovation. But there are clear signs in there that they no longer believe this should be banking, and we can probably predict that by the time the 2015 directive is released, it will be workable.

Now here comes China, around 15 years behind the Europeans:

The ban is primarily aimed at "gold farming," an Internet-age phenomenon in which players in less developed countries collect and sell virtual gold (common to games like World of Warcraft) to wealthier gamers in the developed world. This enables gamers who have the means to buy virtual gold to get ahead in the games without actually having to accomplish the grunt work.

One assumes that China is not regulating games at all, that would be beyond stupidity for China to say what is fair and what is not in a game. Clearly, this is about getting control of the virtual money market for economics and competition reasons.

Likely it is the same old problem: the banks don't like it, and take their FUD to the central bank. But the banks won't play in it, so a devil's choice is given to the central bank: either you back us and get rid of our competition, or our competition is likely to undermine our control of payment systems. Which means that banks will be undermined, and although we just got through a global crisis brought on by those same banks, nobody much is thinking of a world in which banks are no longer the power.

The trading of virtual currency for real cash generates between $200 million and $1 billion annually, according to a 2008 survey conducted by Richard Heeks at the University of Manchester.

Not a huge market, but consider that everyone one of those fees represents a vote to take a payment away from a bank, a vote for freedom of trade. The unfortunate part of this is that any regulation against virtual money will take the virtual money away from the people. Which means that the people are being taxed to preserve the old banking infrastructure.

This is why the European Commission is slowly realising that virtual money isn't the problem, banking is. And that the solution is found in how to shift the banks, not in how to protect them. Virtual money is part of the solution, not the problem.

China may be a bit newer to this power game. OK, but in another way, it is a long way ahead of the Europeans. Although it is now making the same 1994 mistake that the EC made, it is making it in 2009, *after* the market took off. China's got a market that it can regulate to death, if it so chooses. In contrast, the EC has a bunch of corpses that it killed with regulation-at-birth, and now it's trying to resuscitate them with more of the same. I know which one I'd pick if I was a state planner.

Well, it's an old story, it just happened to be more interesting because I'm reading the new 2008 directive on virtual money, payment systems providers, etc, right now. I'll leave you with this typical western hypocrisy:

The average user will only partially care about this ban. They might be disappointed that they can't buy their way to higher status, but I assume that Tencent and other popular sites will figure out a way to do in-game trades and that eventually the farmers will figure out how to bypass the restrictions.

The ban may scare off smaller shops, but the sophisticated organizations will continue on the same path. It reminds me of Japanese pachinko parlors where you can only win tokens (wink, wink) that you take next door for actual cash.

While I'm not convinced that gold farming is good or bad, there is a very persuasive argument that it's driving economic development in China, and that anything that perpetuates economic stimulus is a good thing.

Rich people playing games will pay more for getting up in the game! Shocking! Poor people will work to provide them the ability to play at a higher level. Exploitation!

Why is it that the world's comfortable elite always bemoan apparent unfairness, and at the same time, are so quick to cut the poor people out of an honest job?

Posted by iang at 12:34 PM | Comments (2) | TrackBack

February 16, 2009

The 20th Century of Central Banking is over.

If there was a post-of-the-month award, this would be it. Over on Digital Money, David Birch reports on how the banking world is waking up to the changing map:

... was [the panel's] position that technology is no longer an issue and that (first) regulation and (second) business model are the key challenges.

You've have to read the lot to get the context. Now, Dave knows all this stuff, but he reports from the center. So unfortunate truths are only allowed to be written about by fringe observers like myself, we have to wait a decade or so before the light from the writing on the wall reaches into the dull committee rooms of the central bankers.

So it transpires that the decade of unfortunate message is now drawing to a close. Bad news is piling up, a bit like a crisis of financial truths. Firstly, the above point that technology of banking is cheap and easily replaceable, if not exactly fungible. And, now the second point: Payments and banking are decidedly different beasts, and can and will be separated from each other:

Incidentally, since Robert was on the panel, I couldn't help but mention John Reed's famous statement that "one day, banking will be a line of code in a big network" when I asked a long and boring question about what is meant by "banking" and what the goal of banking about banks might be (if not something concrete like reducing the total social cost of payments). I was trying to ask whether the narrow banking meme might grow to divide the banking business even further: a kind of narrower banking that doesn't include payments, which would then be regulated separately.

(my emphasis throughout.) Which of course raises the problem for banks of lack of easy access to cheap and easy deposits. Which kind of rips the guts out of the banks' business model. Which likely causes them intense pain. Which was predicted. But predictions aren't food on the table. Now, Dave brings forth the evidence that this is precisely what has happened:

Here you have a scheme that has gone from nothing to five million users and a hundred million euros per month in interpersonal transfer in 18 months. What a fantastic success. Now, faced with this clever use of new technology to deliver a much-needed financial service in an economic and compelling manner, the local banks went to market with more innovative solutions. I'm joking, of course. What they actually did was what too many banks do when faced with a small and nimble competitor, which is to go whining to the regulator to get the competitor banned.
In the marketplace, bankers accuse M-PESA of encroaching into their turf, arguing that its exemption from Central Bank of Kenya’s (CBK) stringent and costly regulations has enabled the mobile phone operator to offer “banking” services on the cheap. [From Business Daily Africa - the international window into East African business opportunities - M-Pesa success stirs banks’ fury as five million subscribers enrol]

The banks have a choice. Either go to the regulator, and whine, or re-invent their business model. The first one might work, short term (read the blog to find out what happened), but unfortunately the cat is now out of the bag.

Payments as a separate business works and works well. Indeed, separated payments work stunningly better than payments as a captured subsidy for banks, but the cost of subsidies was well understood to be acceptable, at least by those who believed in banking as an industrial model. However, consumers have a different view, they have always demanded free and untied payments when available, and won't trade two bits for the concept of banking. So this new view will eventually sweep the world.

Long term, banks must now prepare for a new business model, sans payments. Now, I'd love to help them do that but cannot. Firstly, CHYP always get the fun jobs, and secondly, we still have the problem that they will make more money if they stick their head in the sand and deny it. This is a time-honoured process, and it was the one that led up to the financial crisis. It's even got a formal name: "cash cow." So the problem comes down to whether there is a bank that wishes to act strategically rather than tactically, and the betting is that they won't be looking that far ahead.

But the end result is now clear:

M-PESA has forced a realignment in the market pricing of money transfer services.
Following an aggressive expansion of M-PESA, commercial banks have been forced to eliminate charges on their customers when sending cash. [From The Standard | Online Edition :: Regulator gives M-Pesa a clean bill of health]

We must also throw a nod towards the regulators' position here. In the past, the European Central Bank(s) banked on banks and not people; they kept in place the restrictions of the E-money directive by basically (but deceptively) saying that "payments is banking." Now however the lesson of missed opportunity is clearer (again, predictions weren't food on their table). Europeans use PayPal on ebay, WebMoney continues to do well, there are others. If one cellular operator succeeds why can't others? If we can send an SMS globally, why can't we all join M-SEPA in Kenya? Dave says:

This is why the European Commission is hoping that the new regulated categories of Electronic Money Institution (ELMI) and Payment Institution (PI) will allow even banks to set up highly competitive low-cost payment services.

There are two barriers here, and they both need addressing. Firstly, the iron grip of the regulators over banks is over. Not because they don't still have that possibility, but because they've been revealed as captured by the banks (financial crisis) and the business is changing such that the model of central banking is no longer usefully relevant. The 20th century was the time when the central banks truly ruled all they surveyed, but we see little with eyes that are 100 years old.

The second barrier, this time brought clear by Dave in a way I failed to do is that of the failure of the Anti Money Laundering project. As well as failing to do any damage to ML, it is now clear that the sum result of the project was to raise costs, and as a consequence to alienate the poor. M-SEPA apparently capitalised on this stupidity, in the same way that PayPal, e-gold, WebMoney and other electronic systems did, and has now seized the marketplace in its country.

The AML project breached the laws of economics. Possibly this is best encompassed by Goodhart's law, which says that if you put a control here, the money will flow over there. So don't put the control in, the people will simply bypass it. There is a useful corollary to this law: the money belongs to the people, not to the bureaucrat. It helps to consider this carefully when thinking of putting in controls.

On the other hand, it is easy to see how to give the AML people what they can usefully use, without hurting the poor. Again, Dave nails it:

One phrase that caught my ear, in a very positive way, was "risk-based approach to know-your-customer". In other words, I think, it's time to begin to resolve the implicit tension between financial exclusion and financial inclusion agenda in a common sense way. It's one thing to recognise the legitimate law enforcement and regulatory requirements for identification and authenticaton and another to insist that these requirements are met in the tightest possible way in all circumstances. The truth is that bringing people inside the tent, given the data exhaust from electronic payments, delivers far greater overall benefits to society than trying to keep people out of the tent. In other words, stringent rules about terrorist financing and so forth mean that the poorest people stay excluded because it becomes complicated and expensive to deliver services to them. I think that we should start looking at a global exclusion for pre-paid accounts below a certain level (say 500 euros) in return for increased monitoring to patterns, transfer and behaviour.

It is massively important to follow this path, but who will understand it? Even though Dave considers it now reasonable to challenge the ivory tower of the FATF, the problem is, nobody in the AML world is going to stand up and say "we were wrong. Now what do we do?" It is far too easy to accuse detractors of supporting money laundering (!) and continue to draw salary than to learn real economics and add value to society.

I think on this point Dave is economically correct and will be eventually be totally exonerated, but this time he has gone too far, and will have to explain himself to the secret committee for economic purity. Nobody challenges the fat cats in Paris without being labelled a sympathiser of jihadists, an eater of babies, and a downright nasty chap. Meanwhile, the poor are going to have to wait at least another decade before the anti-money laundering disaster is fixed, and are invited into the world of secure payments run by deftly-regulated institutions.

Not to mention, it just isn't their decade, as the rich are a bit busy right now.

Posted by iang at 06:42 AM | Comments (6) | TrackBack

February 04, 2009

The un-internalised cost of your data breach

Adam points to a report by Ponemon Institute and old friends PGP Inc on data breaches.

data breach incidents cost U.S. companies $202 per compromised customer record in 2008, compared to $197 in 2007. Within that number, the largest cost increase in 2008 concerns lost business created by abnormal churn, meaning turnover of customers. Since the study’s inception in 2005, this cost component has grown by more than $64 on a per victim basis, nearly a 40% increase.

Frequent readers of this blog will recall that I often post numbers of the average end-user cost of events like phishing. The number is about $1000.

Ignoring the obviously simplistic scientific process here, or better yet, leaving it to someone more scientific ... there is a huge difference between $200 and $1000.

We can take several views on this:

  • a "caveat emptor view" has the user taking all the costs, because in libertarian economies, the user takes the responsibility for their choices. The responsible libertarian purchases PGP, of course.
  • a "switching view" would have it that the only kick-back to the company is when a smaller proportion of the users switch to other providers, thus causing lessons of pain. This "churn view" is where the Ponemon report suggests the market is.
  • the "risk sharing view" would have it that the user pays a smaller but still painful part. Call it 20%, or the opposite of what we see above. This should put the user firmly in the security protocol, and address any risks that the user is lax, but puts the onus on the business to provide the right tools.
  • the "insurance view" is that the user pays the first $50 such as happens in credit card purchases. This more or less fixes the user's part in the protocol to little things like "don't lose the card" and passes the rest across to the company.
  • "efficient view" would have it that the cost to the users should be close to $0 and the cost to the business should be closer to $1200. This is because the business is better able to manage all of the risk, knowing the business, as it does.
120011001000900800700600500400300200100000User Pays
Caveat emptor                           user buys PGP
Switching                           "churn"
risk sharing                           small but painful
insurance                           "don't lose that card"
Efficient                           know the business!
Business pays000100200300400500600700800900100011001200

Markets tend to mature towards either the efficient view or the insurance view. The market in your identity is not mature. The reasons for that might be widely debated, but I'll have a quick stab here: we never really wanted to buy and sell our identities. We don't want that market in the first place, so damned if we're going to let it mature.

Posted by iang at 04:51 AM | Comments (5) | TrackBack

January 30, 2009

Brit Frauds, the Bezzle, and Signs of Rebellion in Heartland

Payments fraud seems up in Britain:

Matters found that around 26% fell victim to card fraudsters in 2008, up five per cent on the previous year.

Kerry D'Souza, card fraud expert, CPP, says: "The dramatic increase in card fraud shows no sign of abating which isn't surprising given the desperate measures some people will resort to during the recession."

The average sum fraudulently transacted is over £650, with one in 20 victims reporting losses of over £2000. Yet 42% of victims did not know about these transactions and only found out they had been defrauded when alerted by their bank.

Online fraud affected 39% of victims, while card cloning from a cash point or chip and pin device accounted for a fifth of cases. Out of all cards that are physically lost and stolen, one in ten are also being used fraudulently.

One in 4 sounds quite high. That's a lot higher than one would expect. So either there fraud has been running high and only now are better figures available, or it is growing? They say it is growing.

While researching origins of failure I came across this interesting snippet the other day from Richard Veryard:

The economist J.K Gailbraith used the term "bezzle" to denote the amount of money siphoned (or "embezzled") from the system. In good times, he remarked, the bezzle rises sharply, because everyone feels good and nobody notices. "In [economic] depression, all this is reversed. Money is watched with a narrow, suspicious eye. The man who handles it is assumed to be dishonest until he proves himself otherwise. Audits are penetrating and meticulous. Commercial morality is enormously improved. The bezzle shrinks." [Galbraith, The Great Crash 1929]

If this is true, then likely people will be waking up and demanding more from the payments infrastructure. No more easy money for them. Signs of this were spotted by Lynn:

"Up to this point, there has been no information sharing, thus empowering cyber criminals to use the same or slightly modified techniques over and over again. I believe that had we known the details about previous intrusions, we might have found and prevented the problem we learned of last week."

Heartland's goal is to turn this event into something positive for the public, the financial institutions which issue credit/debit cards and payments processors.

Carr concluded, "Just as the Tylenol(R) crisis engendered a whole new packaging standard, our aspiration is to use this recent breach incident to help the payments industry find ways to protect its data - and therefore businesses and consumers - much more effectively."

For the past year, Carr has been a strong advocate for industry adoption of end-to-end encryption - which protects data at rest as well as data in motion - as an improved and safer standard of payments security. While he believes this technology does not wholly exist on any payments platform today, Heartland has been working to develop this solution and is more committed than ever to deploying it as quickly as possible.

Now, if you've read Lynn's rants on naked transactions, you will know exactly what this person is asking for. And you might even have a fair stab at why the payment providers denied Heartland that protection.

Posted by iang at 05:48 AM | Comments (0) | TrackBack

January 23, 2009

BarCampBank - informal finance rantathon in London

Dear Innovators [writes Thomas B],

It's been a wild six months since the first London BarCampBank - the collapse of Lehman Brothers, sterling falling off a cliff along with the stock markets and even the man in the street talks about the credit crunch now - so we thought it was time for London's second BarCampBank.

As before we will bring together technologists and industry insiders for a day of networking and discussion of the impact of emerging technologies on the financial space.

So if you are an innovator, a disruptor or a professional of the banking and finance industry, if you are excited by or just curious about all the innovations that the new technologies could bring to the banking and finance world or if you want to present a project, confront your ideas or just echo lively debates with your own experience then you should definitely consider joining us at BarCampBankLondon2.

More info and the wiki for the event can be found at http://barcamp.org/BarCampBankLondon2

Registration takes place on eventbrite.

We hope you can join us again for an interesting day examining how meaningful innovations can solve the financial mess we are in right now.

Posted by iang at 07:06 PM | Comments (2) | TrackBack

January 21, 2009

Royal Bank of Scotland Falls 66% in One Day!

Hasan points to this:

Remember just over one year ago? RBS (Royal Bank of Scotland) paid $100bn for ABN Amro.

For this amount it could now buy:

  • Citibank $22.5bn
  • Morgan Stanley $10.5bn
  • Goldman Sachs $21bn
  • Merrill Lynch $12.3bn
  • Deutsche Bank $13bn
  • Barclays $12.7bn

And still have $8bn in change with which you would be able to pick up:

GM, Ford, Chrysler and the Honda Formula 1 Racing-Team.

Posted by iang at 09:14 AM | Comments (3) | TrackBack

December 13, 2008

Ecuador's default: how to tame the angry Rafael Correa

(This article was co-written with Chris Cook; although the final presentation was done by me, so I have mangled his ideas somewhat!)


The basic story: Ecuador's government is pissed & angry with the debt issuances of previous governments: accusations of bribes, misconduct, EHMs, etc. And, they are broke, or broke enough to suggest default. And it was an election promise!

So why not default? Let's run the thought experiment.

Argentina did it, and survived, or at least that theory is popular in some circles. If this were to happen, what do future partners do, like Venezuala, or the emerging Banco del Sur? Kick the Ecuadorean's sorry tail all the way to Galapogas islands, join them in default, or think about how to adopt?

It needn't be that way. The fundamental problem is that the debt has migrated from an honest contract to a dishonest circle of mutually supporting pieces. This structure no longer helps any of the participants. So here's a plan to help any bankrupt country to move to the future:

  1. Default on the lot?
  2. adopt a Peer to Peer system of issuance and trading, as found in this recent FT award, and as epitomised by zopa.com,
  3. move the banking sector across to a service provision model, based on p2p credit
  4. structure issuances as debt/equity sharing (consider LLPs). This means that bond holders are no longer simply holders of debt, they are partners and investors,
  5. back the instruments with guarantees provided by mutual societies; being a member automatically gives you not only the guarantee but the incentive to look after the downstream risks,
  6. then, in the bankrupcy of all the debt, replace all the old broken instruments with new equity/debt sharing instruments.

OK, so maybe we skip point 1 because we want to retain some friends. There are some pretty bad punishments that the financial world can levy you with. But think of the rest.

This is a good future model for banks. p2p investment has higher margins, and the banks do not have to risk their own capital to play. Indeed that's where they want to be, c.f., securitization, and we could argue they are already there.

But, where they are now, the risks are not properly spread to those who care for the instruments, so, say hello to financial crisis.

We just have to go the next step by engaging the players end-to-end. The real essence is to move the financial issuance of debt across to a flexible creation of debt/equity balanced contracts between issuers and investors. The details are for later.

(It goes without stressing, in this new financial structure, we would need the ability for smaller issuers to create flexible contracts together.)

Posted by iang at 02:22 PM | Comments (0) | TrackBack

May 13, 2008

Monetary Ontology

Hasan reports that he has been working on an ontology for currency systems, mainly oriented at builders of local monies. Download is here, in Protege form which probably means you need to use that package to build with it.

  • Monetary_ontology_0.1d.zip: A zipped Protégé project of an ontology for currency creation and use. Also contains an "owl". The objective is an active description of all forms of "money" from barter to clearing systems, from precious metal coinage to debt-based fiat. It is oriented towards designers of payment systems and community currency systems. Here is a preview GIF image ! First begun 2008/05/04 and last updated 2008/05/12. v0.0 Contributed by Martin "Hasan" Bramwell
  • Click to load the full image.

    May 05, 2008

    USD reserve currency shift -- some numbers

    Some figures on the decline of the dollar as reserve currency:

    • emerging-market countries shrank their dollar holdings from 71% (1997) to 61% (2007), while growing their foreign exchange holdings over fourfold.
    • the euro component of emerging market reserves grew from 19% (2000) to 28% (4th Q 2007).
    • Japan's exports are now often invoiced in Yen: 34% (2001) to 40% (now). Back in 1971 it was almost all in dollars.
    • dollars held outside the US: from 1.83% (2002) down to 1.22% (2006), as measured in percentage of world trade.

    For the Americans, this is the maths behind the current too-good-too-bad economy in the USA. For the economists, it is interesting because the monetary tool is not helpful when all these dollars flood back unwanted. For the financial cryptographers, it's a great time to be in the currency business. For the gold community, it's their decade!

    Note that we have predicted this for some time, but these are fundamental shifts and they move so slowly that any discussion is fraught until the numbers come in.

    2003, 2004, 2006, 2006

    Posted by iang at 10:48 AM | Comments (1) | TrackBack

    February 11, 2008

    How does the smart telco deal with the bounty in its hands?

    It is a game of FCers to speculate on how the mobile/cell phone industry is going to deal with the wonderful gift they have in their hands, literally. Will they (a) run a payment system, (b) let banks do it, or (c) see a CellPal emerge? It has to be one of the three, as far as I can see.

    Here's one answer, which I'll let you place in the list above (spotted by Zopa):

    Now, network provider Globe Telecom is offering a mobile credit loan system that caters to its customers’ usage habits. With their Share-A-Load program, Globe allows its users to send (via SMS) their phone credits or “loads” to others running low. The service costs PHP 1 (about US .024) for each transaction and is available to prepaid and postpaid Globe subscribers. Donors simply contact an automated number, punch in their pin code, the recipient’s number, and how much money they’re giving and both parties are notified upon receipt. Share-a-Load is a good example of the applicability of SMS beyond just text messaging - something service providers can use to their advantage if they’re clever enough.

    Another frequent question I ask myself is how much effect these "bleedingly obvious strategy" messages have on the market. We've known since the year dot that this was possible, easy and a real winner. But we also know that the response will be knee-jerk, painful and destructive.

    The philosophical question is, "is there any point in laying out the bleedingly obvious strategies when the only people who are interested want to stop them happening?"

    (Also spotted on Zopa: their comment on how the credit crunch is their bounty ... Oops, there we go again, the curse of being a friend of FC...)

    Posted by iang at 08:43 AM | Comments (1) | TrackBack

    February 07, 2008

    Chip&PIN cards: 1 in 5 cloned?

    More dramatic claims that fraud is reaching endemic (?) proportions in retail payment systems in the UK:

    Fraud is now most common over the internet, where almost 2 in 5 have fallen prey to fraudulent scams. Alarmingly, nearly 1 in 5 people have also had their cards cloned from ATMs and Chip and PIN machines, highlighting the importance of exercising vigilance with your cards and personal details at all times. ... "Card fraud is a serious concern that is still common despite preventative measures put in place to combat this ,including Chip and PIN,” said Zoe Manton, head of Card Protection at CPP. “Fraud levels increased by 26% in the first six months of 2007 compared to the same period in 2006, to reach £264m.”

    Manton said that although we are regularly told to report our lost and stolen cards immediately, on average we are taking nearly ten hours to tell our banks and card companies. The good news is that 56.7% of respondents said they now check their bank statements thoroughly to pick up on any suspicious activity.

    I am not sure what is 'good' about the good news. Let's see if we can break it down.

    In exchange for the right to invest in subprime real estate, the banks had a responsibility to secure the money. Now they've succeded in outsourcing the responsibility back to us, the account holder. If the banks have succeeded in getting the people to no longer trust bank-supplied payment systems, and they consider this good news, chances are they'll be overjoyed if we also remove the cash as well as the trust...

    Yep, looks like a break down to me.

    Of course, we know the underlying systemic cause of all this is the failure of competition in European payment systems. Problem is, every time that subject comes up, the regulators say "SEPA is rolling out very nicely, thank you..." Students of irony take note...

    Posted by iang at 04:29 AM | Comments (3) | TrackBack

    February 02, 2008

    middle banking in a english muddle

    The British bankers are still trying to convince the skeptical public that cash is overpriced, and the "subsidy" should be let go. Although the central banks have lined up behind their banks, and various credible reports have been duly spec'ed, paid for, and rushed out to an audience bereft of other sources, the masses are reacting to something else the banks got a little wrong: Identity. And Payments. And Guarantees. Indeed, everything it seems except the noble pound note.

    Maybe it's a spoof, but I can't tell. Read for yourself:

    It's a middle England commuter town where the chief topic of conversation is usually the weather or train delays. But now the Hertfordshire town of Letchworth is coping with an explosion of identity theft, the victim of gangs of fraudsters who target one community, siphon as much money as possible out of bank accounts then move, locust-like, to neighbouring areas.

    The impact on individuals who have seen their bank accounts cleaned out is devastating. And now evidence is emerging of how whole communities are losing faith in bank cards and chip-and-pin technology - and are turning back to cash-only transactions.

    When Guardian Money spoke to consumers on the streets of Letchworth, we found large numbers of people boycotting outdoor cash machines, and, in some cases, abandoning the use of bank cards in stores.

    Shoppers at the Shell petrol station told us they will never use their bank cards to pay for fuel again, after witnessing the chaos caused to friends who have had bank accounts plundered by fraudsters. Outdoor ATMs are strangely quiet, while inside banks there are queues of customers taking out cash.

    Letchworth has a population of 33,000, but virtually everyone we spoke to in the town centre this week said they had either been the victim of bank card fraud - or they knew of someone who has had money illegally taken from their bank account. Usually the illegal withdrawals take place in Australia.

    Those tricky Australians! Thank heavens we have someone to blame. Now, we all know that the Guardian is not exactly the most credible of sources, but it hasn't exactly been challenged in integrity in anything on the payments blight that I have seen.

    So what's the truth? Are the Aussies turning your plastic cards into ashes? Is middle England being hit for six? Is this the end of the banks' bodyline assault on cash?

    (Dave talks some more on this. Also, see Light Blue Touchpaper which probably isn't a spoof!)

    Posted by iang at 05:34 PM | Comments (6) | TrackBack

    September 14, 2007

    Prepaid cards: offering the ECB a deal it cannot refuse

    Dave asks over on DigitalMoney, perhaps in wobbly exasperation as he tries to walk the logic of the ECB's level playing field:

    One of the ECB's points is that they want to create a level playing field of payments. This is a good idea: so is there a single or simple action that could be taken to do this?

    I know we've played out all these arguments in the past, but on the off chance that anyone really wants to know the answer:

    Yes, there is:

    separate banking from payment systems!

    The reason for the silly limits on anonymous prepaid cards is because banks don't issue them; their business is about identifying people for borrowing and lending purposes, so they need to know who you are.

    However, issuers of pre-paid products do not want to know who you are, just what you do. What you are buying is fine. For them, a traceable-but-anonymous product works perfectly because it solves their privacy issues, and gives them the marketing data to offer you precise deals that are likely to be a win-win for both parties.

    Then, why do the banks care about these products that they don't issue? Simple: a pre-paid card is a payment instrument, and a payment done by the retailer without resort to the bank is a payment lost to the bank. So we can see the lost fees as an issue (ask a bank what proportion of their income comes from payment fees).

    That's bad, but it gets worse: the payment is not only a payment (for the customer) it is a loan (for the retailer). One of the inside secrets of pre-paid cards is that on the balance sheet, they appear as ... customer-provided financing! Which means that the retailer has cut out the bank.

    Now do we see why the ECB is going loopy trying to fit restrictions on emerging payment instruments into contortions labelled "the level playing field?"

    And, if you think that's not good, prepare for double-plus-ungood: consider the *cost* of the financing. On paper, it looks like a zero-percent loan from the customer to the business. That is, the cash put into the pre-paid card this month comes back to the customer at face value when they buy goods. Zero percent!

    Can it get worse? Oh, yes. For various reasons to do with abandoned funds and expiry conditions, the actual expected interest rate is less than zero. Because the cards are also losable or inefficient, that's money the retailer never needs to give back.

    That's right: the customer gives a negative interest rate loan to the business. The basic result is going to be that the one and only chance of banks surviving this is if the Central Banks declare prepaid cards to be totally illegal. We are talking pure economics here, this is a slam-dunk.

    But, the CB cannot simply declare them illegal. Not without asserting some form of jurisdiction over retail processes, and coming up with an argument that will appease the consumer. And that's the rub. As its mission has some semblance of helping the consumer, it is hard to convince the consumer that you are helping them by taking something from them.

    The best the CB can currently do is declare them as essential tools for money launderers, etc etc, and put lots of restrictions on them because they are "tools too dangerous to be let loose on the innocent public." That's what Dave talks about and ridicules in his post:

    If there is going to be a level playing field, then lightening the regulatory burden on e-cash might be an obvious place to begin. One source of costs is the requirement to verify the identity of e-cash users. There is a simplified due diligence procedure for a limited set of circumstances:

    1. nonrechargeable... no more than 150 euro; or

    2. rechargeable... a limit of 2,500 euro in a calendar year, ...

    These limits seem low to me. I think...

    Obviously, they are stupidly low, but Dave has yet to consider how much damage Al-Qaeda can do if they get into M&S with a pocketful of these cards.

    Will it work? No. Even with these limits in place, it still won't be enough to save banking (again, resort to the economics argument to see why). They can even afford to squeeze the limits lower, and retailers will still be on top. This is part and parcel of why I predict that the next 1-2 decades will see the end of Central Banking as we know it.

    I know what I would do if I was one of those players. A bank, or a CB or a retailer. But that's not interesting. What's interesting is to watch how, as negative-interest loans become more "compelling" to the public, how much more wobbly the ECB can make the playing field before people start sliding off.

    Posted by iang at 07:19 AM | Comments (3) | TrackBack

    August 16, 2007

    SEPA meets Money 3.0 -- a trainwreck?

    Over at Dave's digital money blog, he keeps writing financial cryptography posts ... which saves the blog from doing it! Last night he opined on whether he could construct a new high level view of the changes to money:

  • The era of Money 3.0 is just beginning. Its central dynamic is no longer connectivity (since everything is connected to everything else) but community. We can see a glimmer of the future in MySpace and eBay, Zopa and Second Life, Paypal and Craig's List. It's the age of Reed's Law, disconnection technology and the decoupling of currency and the nation state.
  • To which I responded in comments, predictably, Money 3.0 is FC!

    The reason for this is that it allows RTGS assets. ... It goes back to the Baumol-Tobin model on how much money we need. Their model postulates that the driving indicator is the _cost_to_bank_ of the money user. The model has one of these cute divide by zero singularities where everything flips when the cost to get to the bank goes to zero.

    .... what then happens when cost == 0? Or, more practically, below the noise floor? Well, to skip a long story ... assets replace money.

    See that old monpol paper for more. Now, we sort of all have at the back of our minds that "Digicash started this." That's a good headline date, although the credit goes much wider and deeper than that. The key thing here was that Digicash showed zero-cost-to-bank. Lynn also recalls in comments:

    The issue of interchange/association (or lack there-of) also reared its head in the digicash trials ... being limited to a single, common institution that served both the merchants and the consumers. disclaimer ... in the digicash liquidation ... we were called in to evaluate the patent portfolio.

    Some people believed that the Digicash patents had value, but that was their problem. What Lynn was talking about then was really the way the Interchange Association solved one of the big institutional headaches:

    One of the big infrastructure issues in the 70s was interchange and the associations. Before that both the merchant and consumer had to be with the same institution. this was not just a technology interconnect problem but also contractual and legal issues. The value-added networks to address the interconnect problem have somewhat been obsoleted with the growth of the global internet. However, the legal and contractual issues still remain.

    For instance, in some countries, at least in the late 90s, and possibly still true today, required bilaterial, contractual agreements between every accepting merchant and every issuing consumer institution.

    The associations allowed merchants to have (contractual) agreements with their financial institutions, consumers have (contractual) agreements with their financial institutions. Then all financial institutions have contractual agreements with the associations (as opposed to every individual financial institution required to have bilaterial contract with every other financial institution) This reduced N*M problem to a N+M ... aka N are number of merchant financial institutions and M are number of consumer financial institutions (with each on the order of tens of thousands).

    Right. What FC however does (including but not limited to the parts that Digicash introduced) is to solve the legal and contractual issues as well. Not only that, but the result means that the 1970s solution of one global Interchange Association is not needed.

    Why? Because in zero-cost-to-bank, N*M is no problem. Now, obviously, at some point we drill down into that and discover that there is still a very small cost, and N*M matters some ... but let's just hand-wave past that by saying that the result is a paradigm shift of massive proportions.

    Better, or worse, we saw it in operation. N*M with Bc==0 does in fact work, in real, global systems. The solution is not one that anyone except the user public will like, because it is *different*. But, it works. It is contractual, legal, technically sound.

    Which brings us all to SEPA. What are they trying to do? Well, lots of things really, but we can wrap it up like this:

    SEPA is trying to build a Money 2.0 solution in a Money 3.0 world.

    Sorry, guys, the world has changed. SEPA is a train being carefully, slowly constructed to 20th century rules. When they put it on the 21st century rails, if they are lucky it won't move. If it moves, it will gather momentum and at some point SEPA becomes a trainwreck.

    Posted by iang at 04:43 AM | Comments (2) | TrackBack

    August 12, 2007

    The fundamental _barrier to entry_ in the business of payment systems

    Dave Birch reads Leo van Hove's new article "Central Banks and Payment Instruments: a Serious Case of Schizophrenia":

    This article analyses the competition between cash and payment cards against the backdrop of the dual role of central banks - as issuers of cash and as institutions with a mandate to foster the efficiency of payment systems in general. It is argued that this dual role results in a number of policy dilemmas, namely concerning pricing, traceability of banknotes and the choice of denominations of coins and banknotes. On a general level, the article argues that central banks should place greater emphasis on improving the efficiency of retail payments and less on protecting their self-interest. More concretely, the article repeats the suggestion - originally put forward in VAN HOVE & VUCHELEN (1996) - that the ECB should place the upper limit of its banknote series at EUR 50 instead of EUR 500. It is also argued that policy makers should explicitly foster the use of cost-based pricing and in particular create a legal environment that makes it possible for commercial banks to start using it.

    Key words: payment instruments, central banks, cash, banknotes, payment cards, public policy, efficiency.

    And Dave does the summary, which is probably very good if you want a shorter read. (Indeed, I haven't read the paper myself!) He raises one point that I take issue with:

    Meanwhile on the supply side, the barriers to entry are significant. It is simply not the case that anyone can start offering new payment instruments, as distinct from payments processing services.

    I don't think that's true ... although I'm not at first blush sure why. Let's work it through.

    Certainly the barriers to entry are significant. I once counted 8, then lost the napkin. By way of a few seconds thought, there is:

    • regulation, the subject of Leo's article.
    • robust technology, client-side and server-side.
    • network effects, or as described by Dave, the chicken & egg problem.
    • the application choice.
    • sustainable system of value backing (e.g., reserves).
    • governance.
    • border transactions / primary sales.
    • theft.
    • ...

    But, even though it might be granted that those barriers are present, we now have more information on how to do this. Substantially more information, indeed, I claim, solutions abound for each of the problems. We can now count around 10-15 years experience with successful open payment systems, more if you are old enough to remember the various DigiCash and other experiments.

    I claim, if you give a competent FCer any of the above barriers, they'll find you a solution.

    I concluded in or around 1995 that it takes around 1m of capital to put in place a payment system built primarily in software. (I also said, 100 times that amount, if doing it with smart cards or the like.) Since then, I have seen little to change that view. But, we have seen so many systems that have failed in ways that prior systems also failed, so obviously something is wrong.

    Here's what I think is wrong: If there is a barrier in this special field of financial cryptography, beyond the 1m of pocket change needed to build an open payments system, it is in the FC7 thesis: there are too many disciplines to cope with.

    Is knowledge the insurmountable barrier?

    I like to think it simply requires an open mind, and willingness to read the experiences of others. The evidence against insurmountability barrier is over on the right hand side of this blog, where you can see a personal list of those people who've seen enough to know the layers and work through all the barriers.

    But, as time goes on I lose the confidence that more people becoming financial cryptographers is an answer of utility. The evidence for that position is that only a few of those FCers are ever consulted by operators of payment systems. Nor are they often employed by banks, who classically operate payment systems, and occasionally build new ones. Pretty regularly, both repeat the errors of the past, and lose bucket loads of money, but that's no barrier, it seems.

    So I guess Dave is right. There are insurmountable barriers to payments systems, and people can't just enter the business. I still don't know why, but it seems as if this institutional knowledge barrier exists, and is insurmountable, even though we as individuals know how to do this.

    Posted by iang at 02:02 PM | Comments (4) | TrackBack

    August 08, 2007

    WebMoney does a gold unit

    Dani reports that WebMoney is now doing a DGC or gold based currency.

    This is big news for the gold community, as there is currently (I am told) a resurgance of interest in new gold issuers, perhaps on the expectation that e-gold does not survive the meatgrinders, also known as the Federal prosecutors in Washington D.C. (Perhaps as part of their defence strategy, e-gold now run a blog!)

    What's different about WebMoney? They had financial cryptography thinkers in at the beginning, it seems, and they are successful. They know how to do this stuff. They did it, and they maintained their innovation base. They are big. They do multiple countries. They quite possibly dwarf any other gold operator in overall size, already. I could run through the checklist for a while, and it looks pretty good. (oh, and they do a downloadable client which does some sort of facsimile of blinded transactions, as presented at EFCE!)

    Expect them to take off where e-gold left off, with the exception of the Ponzi based traffic. Big strategic question: will they go green or red on Ponzis?

    Posted by iang at 10:52 AM | Comments (3) | TrackBack

    May 15, 2007

    And now the phoney war on cash (a.k.a., give us another subsidy, ma!)

    Dave commented on the "war on cash" ... and Adam picked up on that. Now, that sounds like FC! For someone who once had something to do with the Financial Cryptography community, Adam has a strange comment:

    Having the government provide a means for a reasonable functioning economy, and removing the costs of worrying about the gold content of a coin, or the solvency of DavidBucks adds huge efficiencies. There's quite a few things that I'd take the government out of before I took them out of coining currency. (Know thy customer regulations, for example.)

    Well... to separate out some issues. Private issuance of money has a long and powerful history. Although the evidence is not entirely a slam dunk, for the most part the jury is in on this question. The envelope, please:

    Where private money fails as an industry, it is because of government interference.

    The US free banking tradition is the clearest example, in that several different areas had different results. Scottish free banking tradition has the best history, with a century or more of solid gains, only to be finally destroyed by the English, which had already lost free banking to the long, dark and dismal history of the Bank of England.

    There is, while we are engaged in this old pub topic, one flaw to free banking that no-one can figure out: it and government currencies backed by gold reserves tend to fail in the face of total war. There are approximately 3 of these, being the US civil war of independence, WWI, and WWII, and each resulted in destroyed financial systems as governments raided them for value.

    On to MkKinsey's comments on Dave's blog:

    Cash needs to be priced appropriately. The fact is that, today, the pricing of cash is not in line with its costs. Consumers and merchants in most countries do not pay the real cost of cash, and so merchants and consumers have no reason to reduce their use of cash. One problem is that there is no clear ownership of cash. Another is that governments often position cash as a public good -- to be offered free by banks -- thereby inhibiting an economic debate on cash versus other instruments.

    Adam is right to be skeptical. Basically, it easy to champion their case against cash, as cash is indeed subsidised competition. But there is an easy retort:

    Let's strip both sides of their subsidies!

    Like it? I sure do ... just as surely, every warrior against cash will run for the hills when they figure out how naked they'd be.


    Henry Moore's Fallen Warrior

    Start with the issuance of cash. Make it free to any operator. Leave them their know thy customer regulations, and see what happens.

    (Oops, maybe we already know!)

    Posted by iang at 12:34 PM | Comments (2) | TrackBack

    April 18, 2007

    the plan to save Paypal: Skype revealed...

    Dani spots:

    From within the Skype client, there's a new choice among the forms of communication that a Skype user can initiate with a contact. In addition to being able to chat, make a VoIP call, send files and other contacting information, Skype users can now elect to send another Skype user money via PayPal. Skype and PayPal are both subsidiaries of eBay. So, now, we're beginning to see the bigger picture come together at eBay.

    Basically, the mystery of why eBay thought Skype was valuable is now revealed. There was no apparent synergy between chat and auctions, and in fact Skype could be a danger to the centralised auctions model.

    The answer was elsewhere, in financial cryptography: Paypal, also owned by eBay, was hurting for fraud. To do real hard payments, we've known for ever that we need a real hard client. As fraud was already hard-baked into Paypal due to early, convenient but bad decisions, improving the Paypal fraud problem required drastic steps.

    The first drastic step is to move to a hard client. Skype is the best choice in the world today, as it has a lot of security built in through its crypto, it protects itself from attacks on the local client machine, and it has an already well-grown user base across major platforms. Putting money into Skype is something that any FCer could do; whereas fixing Paypal is a real challenge.

    So the plan is to migrate Paypal into Skype. (What took them so long?) This has other ramifications as it means that in time, Skype will become an identity platform. Paypal money is far too identity-driven at this stage to wind back its exposure to the classical regulatory money system, so Skype has to mold to suit.

    The good days of Skype privacy might be then over, as identity nexus will be demanded and stored in a US datawarehouse, available at a price. The good news is that now that the model is proven, others can come along and build it. The bad news is that those of us who did build it (Ricardo for example does chat/IM and hard payments in the same infrastructure) will never be able to catch up with the user base.

    Posted by iang at 09:53 AM | Comments (2) | TrackBack

    March 08, 2007

    WebMoney Annual Report: competition with Belarus Government

    WebMoney has writes Dani Nagy just posted its annual report. Here's the short summary in English:

    WebMoney Transfer is summarizing its 2006 financial year results.

    Number of registrations during the past year has exceeded 1.1 million — for January 1, 2007 there were 3.145 registrations in the System. Total turnover equivalent to USD, has reached 1.46 billion and has exceeded 2005’ results: WMZ — grew 2 times bigger, WMR- three times bigger, WMU — 4 times bigger. Number of transactions is more than 15 million.

    Our geography: In 2006 70% of our Customers were coming from Russia, 15% — from Ukraine, 4% - from Byelorussia. Other customers were originating from Baltic states, Kazakhstan, USA, Israel and Germany.

    The System has launched a new currency WMB — equivalent to Byelorussian Rubles. The Number of merchants, connected to the System has grown too.
    During 2007 we plan to introduce more WM-Currencies and launch new project with various local and foreign project and service providers as well as cooperate with financial services and payment solutions.

    One of the more interesting details is the success in Byelorussia [I follow WM's spelling here; the country is better known as Belarus in English-language publications], considering repeated attempts by the government to crowd out WM - launching a government-backed competitor (which ended up being just another vehicle for turning your cash into WebMoney [*]), arresting a few exchange agents and general harrassment of WebMoney-related people and businesses. The most important servers serving Byelorussian WM customers are still conveniently located in Switzerland.

    WM-penetration in Russia and in Byelorussia are roughly equal (it is only slightly higher in Russia) and substantially higher than in the Ukraine.

    Considering that WM has just published all their protocols and APIs, it might be worth considering writing open-source libraries for our own payment systems or even making them general enough for, well, general use.

    [*] I think that this story merits more analysis, because it teaches some important lessons. Easypay.by was set up with government backing (it has some government-friendly features, too, like no anonymous or pseudonymous accounts) and it also enjoys some support from the banking sector. There are many easy ways to turn Easypay balance into cash and vice versa. Yet, the most popular use of easypay is buying and cashing WebMoney. And this is despite the fact that WM charges 0.8% per transaction, whereas EasyPay is free. Why do people value their privacy in some cases and not in others?

    Posted by iang at 09:54 AM | Comments (0) | TrackBack

    January 18, 2007

    Nokia and Visa announce handset payment system

    Visa and Nokia have taken the wraps off their handset-based payment system. Details of workings are unclear:

    The wireless standard that will link mobile phones with payment systems in stores and elsewhere will be the near field communication (NFC) chip, which will be hidden under the phone cover and makes contact when swiped over a reader.

    Visa being involved means it is likely to be tied to a classical Visa card, with billing backed into the existing system.

    The initial version of the mobile payment platform, which launched on Monday, offers contactless mobile payment, personalization over mobile telephony networks, coupons and direct marketing. Subsequent versions of the platform, to be made available later in the year, will include remote payment--also using mobile telephony networks--and person-to-person payment.

    What is perhaps more interesting is that Visa are floating themselves as a public company. This cuts the direct tie with the banks, which in the past owned Visa (and Mastercard). So now, we can expect Visa to be (a) not a bank, and (b) not regulated by the ownership method.

    Which will leave Nokia in a more confident position, as it will be Nokia that has the final say on what goes on its phones.

    It's yet more evidence that the payment function is gradually moving out of the banks' sphere of influence, alongside the exploding retail gift card issuance and the slow recovery of interest in net-based payment systems.

    Posted by iang at 10:28 AM | Comments (1) | TrackBack

    January 12, 2007

    Tom Greco's blog

    A new blog on the block: Tom Greco of Reinventing Money fame takes a few tentative steps. Here, he raises an interesting definition of when a currency is issued:

    A currency is not issued until a buyer offers it in payment and a seller accepts it in return for real value. Merely distributing notes to potential participants does not constitute issuance, but only distribution. Notes are not issued until they are first spent into circulation. When accepted in payment, there is an agreement to reciprocate. That agreement may be either explicit or implied, preferably explicit and precise.

    That's an interesting distinction; a contract only achieves the status of an issued right when it trades between buyers and sellers. Which means many of the lesser and flawed contracts that I've mounted on servers over time aren't really issues; they never traded, even though they were minted.

    Tom is author of Money: Understanding and Creating Alternatives to Legal Tender (PDF), one of the more serious books on alternative views on community credit, and he is also a persistent scholar of E.C. Riegel, an early 20th century economist who hammered out much of the thought in community currencies and indeed the theory of money.

    Posted by iang at 02:12 PM | Comments (1) | TrackBack

    January 06, 2007

    Skype drops the payments bombshell

    Canny financial cryptographers will spot the bombshell in the first and last comments of the article mentioned earlier on Skype. Read those paras first (look for "payment") and come back, as the rest won't make sense.

    Skype are adding payments. I may as well now reveal that we brave cryptoplumbers at Systemics built this over the period 2001-2004. (Ooops! I already revealed it.) It took about 3 years to do, as the 6 week "summer edition" by Edwin Woudt proved a need to re-jig many fundamental parts of the SOX & Ricardo architectures. The rewrite (started by Jeroen van Gelderen and Edwin, finished by yours truly) worked, and the chat part worked so well that I can predict that it would be addictive if we ever fielded it. (Why it is not fielded is your mystery and our loss.)

    So what's special about this? Someone else figured it out: Skype. They are in the process of implementing Payments over their infrastructure, which means it is no longer necessary for me to keep quiet about this innovation. We've been overtaken, so I may as well reveal all.

    FTR, we implemented chat over a payments system, whereas Skype are implementing payments over a chat system. If constructed as a core FC application, the result is indistinguishable, for reasons that I am slowly writing down in many parallel documents. I continue to develop the underlying infrastructure in my spare time, as well as document the core concepts, and you have already read many of the facets on these pages ... but the absence of the whole story should give you a hint as to why this is not a fielded app.

    The big picture is this: integrated chat & payments is huge. Immense. It has the potential to be if not the next killer app, certainly the next killer integration. I can show this by analogue: in your last 10 payments, how many messages did you send to your counterparties? Chances are, at least 100. Ergo, the message that carried the payment is the least of the protocol known as trade.

    Trade is a chat application (with a payment message thrown in somewhere around the end).

    The big question for those who appreciate this and are at this minute going long on Skype is ... can they do it? Here's my answer: Yes, if they take small baby steps, then they may avoid the many bear traps of financial cryptography. That is, they at least have the track record for doing this in lower layer terms, and if they don't rush it, they'll pick up the hard higher layer lessons in time.

    Can others do it? Not a chance. Skype have the field fully open. Google, AIM, Jabber, and that MS thing (I don't use it so don't know what it is called) are so unsuited to the financial cryptography needs of chat plus payments that they haven't a chance. To be honest, it will probably require dramatic changes in Skype's architecture too -- the difference is that they have *enough* in place to show they can pick up the rest, and survive the transition. The others have no chance, IMO.

    Even though I failed to deploy this and am competitively annoyed, it is a joy to see these things evolve and for others to pick up the baton. Go skype! What others should bear in mind is that this is an A-grade FatBoy BombShell, for reasons that can't really be explained in a simple blog post, but will be seen when and if Skype deploys it.

    If they falter, we have to wait for the next time.

    Posted by iang at 10:55 PM | Comments (9) | TrackBack

    August 03, 2006

    Payments and Settlements News - No. 42

    http://www.e-pso.info/epso/psnews/06-08-03_psnews_no42.html

    News and events:

    1. European Central Bank – Communication on TARGET2
    2. European Commission – Staff Working Document on the Review of the E-money Directive (2000/46/EC)
    3. France – Banks upgrade security of EMV cards
    4. Portugal – Payments Digitilization Programme “ProDigi” launched
    5. Portugal – Electronic purse scheme PMB discontinued
    6. The Netherlands/Belgium – Fortis builds European IT platform for retail banking
    7. UK – Visa study on “Mystery spending of cash”
    8. MasterCard – PayPass launched in Turkey, performance study published
    9. United States – Agencies propose rules on identity theft and address discrepancy
    10. United States – Turning into a "Debit-Card Nation"
    11. United States – Overview of new mobile payment services
    12. Canada – Dexit cuts staff; explores sale
    13. Brasil – Fujitsu Introduces New Biometric Security Solution for ATMs

    Articles, speeches and reports:

    1. European Central Bank – Speech by Gertrude Tumpel-Gugerell at the European Commission’s Public Hearing on Preliminary Findings of the Retail Banking Sector Inquiry
    2. Belgium – Financial Stability Review 2006 by the National Bank of Belgium
    3. Germany – Study on payment processing on the internet by ibi research
    4. Netherlands – Voice recognition system launched for ABN Amro customers voice recognition system launched for ABN Amro customers
    5. ePaynews – SEPA as a “Mixed Bag For Europe's Payment Industry”
    6. United States – Survey shows increasing popularity of contactless cards to buy inexpensive items
    7. United States – “Is reporting on credit card pricing to the Fed helpful?” An article by the Federal Reserve Bank of Philadelphia
    8. United States – “Prepaid Cards: An Important Innovation in Financial Services” An article by the Federal Reserve Bank of Philadelphia
    9. United States – “Domain-Based Phishing Attacks on the Rise”
    10. Arthur D. Little – “Mobile payments set for tenfold rise”
    11. United States – “Web freebies are mobile moneymakers”
    12. Externalities and Regulation in Card Payment Systems

    http://www.e-pso.info/epso/psnews/06-08-03_psnews_no42.html

    Posted by iang at 01:13 PM | Comments (0) | TrackBack

    July 19, 2006

    ePSO - european Payments and Settlements News - No 41

    Payments and Settlements News - No. 41

    News and events:

    1. European Central Bank - The Eurosystem is evaluating opportunities to provide settlement services for securities transactions
    2. European Commission - Newsletters and meeting minutes of the EU Fraud Prevention Expert Group
    3. European Commission - 5 July the Member States are called upon to sign the Hague Securities Convention
    4. Hague Convention - United States and Switzerland first to sign Hague Treaty
    5. Google Checkout opens for business
    6. Australia - A new report table by Australia's House of Representatives economics committee has called for the introduction of chip and PIN technology to replace the current signature-based card payment

    Articles, speeches and reports:

    1. European Central Bank - Ms. Tumpel-Gugerell's speech at the m-payment conference in Brussels on 29 June
    2. European Commission - Speech by Commissioner Charlie McCreevy: "Clearing and settlement: The way forward"
    3. European Commission - Public hearing on competition in retail banking on 17 July
    4. European Payments Council - Making SEPA a Reality, 28 June 2006
    5. United Kingdom - Financial Stability Report, Issue 20, July 2006
    6. Latvia - Financial Stability Report 2/2005, available in English
    7. United Kingdom - Welfare benefits of stable and efficient payment systems, July 2006
    8. Euroclear - Annual report 2005
    9. EuroCommerce - Annual Report 2005, Action Plan 2006
    10. Financial Services Subgroup - Competition issues in retail banking and payment systems markets in the EU
    11. ACI Worldwide - Global Electronic Payments Market Study and Forecast
    12. Australia - Working paper, Cost and benefits of alternative payment instruments in Australia by S. Lancy and I. Harper
    13. First Data - SEPA deadlines are a significant banking industry challenge

    Payments and Settlements News is prepared by the ePSO team at the European Central Bank. If you have any comments or suggestions for the next newsletter, please send them to psnewsletter-at-ecb.dot.int.

    Posted by iang at 02:02 PM | Comments (0) | TrackBack

    July 06, 2006

    DDA cards may address the UK Chip&Pin woes

    Lynn points to an article that states the French rollout of chipcards uses DDA or "dynamic data authentication":

    The DDA cards store an encryption key that generates a unique number, or signature, for each transaction. This signature is read by the point-of-sale terminal, which has a corresponding encryption key, so a transaction from a counterfeit card is unlikely to be approved. The DDA technology allows banks to more securely approve transactions at the terminal without having to send the transactions over the network for authorization. Most EMV cards in circulation worldwide, including those in the UK, use less-secure "static" signatures, which can be copied onto cloned cards. Unless issuers send these transactions over the processing network for online authentication, terminals might not be able to detect fraudulent cards.

    This looks a little bit like diversified keys or some similar hybrid asymmetric system using symmetric algorithms. In diversified key systems the "merchant set" of receivers can check the signature but no ordinary card can. These were used in one-way triangular money products so that consumer card could prove itself to merchant card; which made the consumer cards less interesting to crack, but also shifted the burden to the merchant cards (anyone who can crack a card can steal a merchant terminal...).

    Microcontroller suitable for an interceptor of SDA smartcard as per UK Chip&Pin.
    Mike Bond University of Cambridge, Computer Laboratory.

    The fact that France is rolling out these more advanced units at the same time as Chip&Pin is being rolled and rolled in the UK is possibly a reflection on competition. In France, the banks probably have more chance to build in the higher cost base of the more expensive cards than in the UK.

    Lynn asks in comments:

    This looks to close the "yes card", "replay attack" scenario with existing static data (skim static data in manner similar to skimming magstripe static data, using it to create counterfeit card).

    An issue raised in the "naked transaction" scenario ... is whether the actual transaction is signed ... ala x9.59
    http://www.garlic.com/~lynn/x959.html#x959
    http://www.garlic.com/~lynn/subpubkey.html#x959

    Or is it an upgrade of the existing static data card authentication to dynamic data card authentication ... aka an end-point authentication ... but leaving the actual transaction otherwise naked ... and possibly vulnerable to things like man-in-the-middle attacks
    http://www.garlic.com/~lynn/subpubkey.html#mitm

    https://financialcryptography.com/mt/archives/000745.html

    My guess is that it is "div-key-signed" but as the signature can only be checked by the fully equiped merchant card, various dumb checks won't work.

    More:

    The mask in question supports all bank card applications in France, EMV and Moneo, and is certified to EAL 4+ level, the toughest card security standard in existence.

    Previous posts:

    Prototype interceptor of SDA smartcard as per UK Chip&Pin.
    Mike Bond University of Cambridge, Computer Laboratory.

    Posted by iang at 06:25 PM | Comments (17) | TrackBack

    June 12, 2006

    Naked Payments IV - let's all go naked

    Dave Birch says let's all get it off:"

    I've got a very simple, and absolutely foolproof, plan to reduce payment card fraud (much in the news recently) to zero. It's based on ... So here goes:

    Change the law. Have the government pass a bill that says that, as from 1st January 2011, it won't be against the law to use someone else's payment card. Result: on 1st January 2011, card fraud falls to zero because there won't be any such thing as card fraud.

    This has two benefits, both of which greatly increase the net welfare.

    Firstly, it would to stimulate competition between payment card companies to provide cards that could not be used by anyone other than the rightful owner.

    OK, logical, coherent and a definate brain tease. Much of the underlying reason that naked payments waft comfortably around inside the network is that the inside network is built of corporations that rely on the crime of misusing a payment, naked or otherwise. With such strong criminal punishments in place, they can push the naked and vulnerable payments around.

    Before you discount the idea totally, consider this: it is already in operation to some extent. In the open governance payments world, there is no effective "law" operating that makes it "illegal" to use some account or other. Rather, the providers live in what we might term the "open governance" regime, and there, they use a balance of techniques to defend themselves and their customers. Those techniques refer often to contract laws, but try not to rely on criminal laws.

    Does it work? I think so. Costs are lower, most such systems operate at under 1% transaction fees whereas the regulated competitors operate around 2-5%. P2p fraud seems lower, but unfortunately nobody talks about the fraud rates that much (and in this way, the open governance world mirrors the regulated world), so it is difficult to know for sure. Succesful attacks appear lower than with regulated US/UK systems, although not lower than mainland Europe. Possibly this is a reflection of the lack of anyone backstopping them, and the frequency of unsuccessful attacks giving lots of practice.

    One thing's for sure - the open governance providers would be quite happy to get rid that law as they don't expect to benefit from it anyway.

    Probably a useful area to research - although I get the feeling that nobody in the regulated world wants to honour the alternate with admission, and the same scorn exists in the governed world, so a researcher would have to be careful not to give the game away.

    Posted by iang at 03:20 PM | Comments (8) | TrackBack

    June 10, 2006

    Naked Payments II - uncovering alternates, merchants v. issuers, Brits bungle the risk, and just what are MBAs good for?

    Over on PaymentNews they point to an article on the rise of alternative payment mechanisms. These they define as PayPal and the like. It isn't easy for merchants to add them:

    On the other hand, DVD Empire’s Berry sounded a note of caution. “Of all the payment methods I had grandiose plans of implementing six months ago when Internet Retailer asked me to speak, I’ve implemented none,” she told the audience. Often, she said, new payment methods demand costly and thorough-going changes to existing operations, making it hard to cost-justify them when looking at their transaction potential. Even new technology from an established payment network--Visa USA’s Verified by Visa user-authentication system--has proven nearly unworkable. Two years after embarking on the project, Berry said, DVEmpire still hasn’t been able to bring the system live. “It took us 14 months just to get this online for one day,” she said, and this with the efforts of six programmers. Visa’s server farms “go down frequently,” she said, while even things like users’ pop-up blockers and non-Internet Explorer browsers can frustrate the system.

    Which is a salutory reminder of an old FC rule - retail sales of merchant goods are the suckiest application to get involved in. Run like your life depends on it. I recently wrote a b-plan sketch for this very area and only after sending it did I realise I'd broken the rule myself. Still, at least my payments aren't naked nor vulnerable.

    More from PN is the "anti-trust" aspects of credit cards versus the rest. A good article from Adam Levitan on the merchant battle to free up the US payments industry from the interchange headlock.

    Antitrust suits present a significant short-term threat to MasterCard and Visa and are spurring the reshaping of the U.S. payments industry. In the longer term, however, the antitrust threat may not particularly matter, as the growth of national bank brands has created the possibility of large banks splitting off and forming their own independent payment networks, while developments in payments technology and Internet commerce have created a competitive threat to MasterCard and Visa. The ultimate outcomes of these developments are uncertain, but one thing is not: the payments industry will look very different in a decade.

    Levitan's thesis is that the merchants are rebelling across many fronts because the lock on the market by the credit card issuers allows banks to push merchant fees higher by one trick or another. Yes, that's what happens when cartels get a strong grip. Levitant also attempts to cast Paypal and other Internet providers (AliBaba, Peppercoin, 2Checkout) into the mould of the conventional banking payments providers, perhaps so that that banking types can compare. Yes you can do that, and he makes some interesting comments on Paypal. But there are other perspectives, and in dealing with Internet / new payments, starting from a position of conventional banking wisdom is doomed (if you feel like betting I'm wrong, pass a few $$$billions over here and we'll get a working payment system).

    Over in Europe there is a lot of talk about SEPA. The Single European Payments Area is a big thing, and it is fair to say that it is the current best European idea of "open". Which in itself presents the old contrast between Europe and the US - as "open" West of the pond means anyone can do a payments system. In the oldy, mouldy East, Europe struggles to get the banks to "open" payments to other countries, so that their citizens can pay cross-border. Moving money across borders in Europe is a disaster - and I often wonder if it would be cheaper to transmit funds by flying with an envelope of cash than using the banks. Not to mention that you get a weekend in an exotic city thrown in for free.

    What Europe needs of course is less of that "open" and more of the other "open." People with Paypal, Moneybookers, gold, etc accounts can already pay across borders as if they weren't there, but those new systems are being blocked for banking protection reasons from widespread usage.

    Next, in Britain, their rollout of the Chip&Pin system seems to have fallen flat on its face. Slowly the evidence trickles in:

    • they are using static cards, not dynamic cards. Which means once some simple authentication like "yes, that's a card" is done, you can ask the card to do whatever, wherever, with whoever...
    • Lynn Wheeler points to a concentration of thought(lessness) in the direction of the smart card. People there seem to be thinking of the security as the smart card. Curious, I thought only salesmen for smart cards fell for that, I've not come across a bank that fell for it.
    • see Lynn's new metaphor of naked and vulnerable transactions - yes that is what they do in the smart card world, partly because they haven't got the grunt to do full signature processing, and partly because they concentrate on banking models.

    So they bungled the risk management. Why is that? They used cards that were much cheaper than the ones used on the mainland, so one could speculate that they took on a higher risk. But the card systems I've seen in use on the continent also pay much more attention to merchant terminal fraud, and it is not as if the Brits then compensated by improving the merchant terminals. Indeed, that was at least one of the attacks - walk in and swap the terminal for another.

    On the face of it, I'd speculate that they didn't do the risk assessment, or it was swept aside by higher management principles as unacceptably pricey. IOW, cheapskates, and now they pay for it. Which means, having spent a billion or more on rolling it out, the banks are likely to have to fork out more and do it properly this time.

    I would love to point to the Russian model here, as I frequently point out that software systems are two orders of magnitude cheaper than hardware systems, which allows for a lot more mistakes. Lynn points to the intention of bankers to add two orders of payload bloat for fun and giggles, but let's call that correlation not causality for now. I gather that WebMoney does great business including with telcos and with purchasing of scratch-it cards in the streets, so they have drifted away from honest software roots. From what I recall, WebMoney turned up at EFCE and presented a fairly conventional "digicash" model and then went and migrated that to "web-site plus digicash client." With a few millions in investment (?) they seem to have shown how to do it. The FC audience craves more historical writings!

    Finally, Decot & Lee, a couple of student MBAs at Haas, wrote their term paper on Google v. eBay. They called eBay cooperation with Yahoo correctly, and these predictions seemed to have earnt them a job at both places. (Funny, 5 points.) John Battelle says "Remember, this is the work of students, not industry experts, but it's quite valuable nonetheless." Nonsense, I say! The MBA brings breadth and integration of many disciplines to the table, and that's even more so when the student is freshly looking at a new industry. The so-called industry expert has already been purchased, bribed, perverted and sold so many times he wouldn't know an unbiased analysis if his life depended on it.

    Seriously though, the lesson here is that it is possible to do much more analysis on public sources than is normally done - all you have to do is .. do the work (having an MBA helps!).

    Much of the predictions you see here in FC are much lighter-weight than found in that term paper, but for all that, it is the same basic stuff, being the integration of other disciplines into the mix. The number of "spot-ons" far exceeds the count of "dead wrongs," much to the chagrin of those buried in their own single discipline think. It's just basic MBA stuff, it is possible to integrate crypto with governance, software engineering with finance, etc. Indeed, if you are doing FC, you'd be either mad or negligent not to. Or naked and vulnerable.

    Posted by iang at 07:51 PM | Comments (2) | TrackBack

    May 22, 2006

    Spring is here - that means Pressed Flowers

    Dave Birch looks for an explosion of disruptive innovation in currency ideas:

    Once digital cash goes into circulation, then the marginal cost of trading (and, for that matter, creating) entirely new currencies (commodity currencies, community currencies, synthetic currencies and the like) will fall substantially. I see that as the second generation -- not digitising existing cash but creating new kinds of cash -- and the potentially disruptive innovation.

    Here's one expression. It's Spring time, so switch to monochrom's blog for Johannes' impromtu interview in the field of currency reserves There is an English and Deutsche page of what they call their "Hippyesque Post-Hippie Approach To Changing the World."

    I've written before about the evolution of the pressed flowers money so here's no more than a quick summary. The Viennese arts community took Sylvia Berndt's digital issuance of pressed flowers (physical and digital reserves) and attempted to create their own over the last year. In pressing the flowers, they combined their arts use of laminates to create the tokens, which in time burst into life as a fascinating experiment on their own.

    A cultural group in Amstetten is repeating the seasonal cycle. This weekend, we collected bunches of wild flowers from the local nature walk, and then repaired to a private club. In there, we arranged the flowers on massive hard boards and pressed them. Their plan is to reconvene in Autumn to laminate - giving them a winter's supply of favour currency.

    Normally, I'm well ahead of discussions in this field - but once people like artists start to issue, I fall behind - I can't predict or understand easily what they are doing. In other experiments, we've found the laminated pressed flowers can work as business cards and identity tokens. The unforgeable pressed flower is fascinating - not cheap in time, but monetarily inexpensive, and it compares in tantalising form to other tamper-resistant high tech devices such as RFIDs or smart cards. For small quantities, it adds somethings special.

    It all reinforces one direction for us as a society that values our shared efforts - let the money go free! The large issue that we have now is that issuance of value is still a mysterious process, and more experiments are required. The small problem I have is that I'm out of flowers.

    Posted by iang at 02:55 PM | Comments (4) | TrackBack

    May 12, 2006

    Money costs: a dollar, a penny, a system, an experience

    John Kyle found some US coin and note costs. For the dollar:

    Rep. Jack Metcalf then began questioning Allison about these issues in more detail. Allison explained that when the United States Mint produces a dollar coin, it spends 8 cents on production costs and issues the coin into circulation at face value (100 cents), depositing the coin in the Federal Reserve for 100 cents. The 92 cents difference is seignorage, essentially profit. In the case of a dollar bill, on the other hand, the cost of producing the bill is 4 cents, and the Federal Reserve issues the bill into circulation at face value, investing the 96 cents difference in U.S. Government bonds. The interest the Federal Reserve receives goes to Federal Reserve expenses (about $2 billion), retained earnings (a few hundred million), dividends to member banks (another few hundred million); the rest goes back to the Treasury. Metcalf noted, "It seems like an arcane system that could have been invented only by somebody who was mentally deranged."

    And for the penny:

    The Mint estimates it will cost 1.23 cents per penny and 5.73 cents per nickel this fiscal year, which ends Sept. 30. The cost of producing a penny has risen 27% in the last year, while nickel manufacturing costs have risen19%. ... But consumers should not hoard coins or melt down the change in their kids' piggy banks, says Michael Helmar, an economist and metals analyst at Moody's Economy.com. He says the process of melting the coins, separating out the metals, then selling would be costly and time-consuming.

    "If they were made out of gold, sure," he says. But "there are just too many other costs."

    OK! It's nice to know it is ok to hoard and smelt the gold coins. For those interested in the cost of payment systems, here's a list of the things that the business plan needs to consider. All standard fodder for the FCer. Over at Oyster, they seemed not to have paid attention to the basic recipe:

    Back in 2005, Transport for London (TfL) announced it had shortlisted seven potential suppliers to transform Oyster from a ticketing system into a means of paying for goods such as coffee and newspapers. Trials were scheduled to start before the end of the year but didn't materialise. And, at the end of April, TfL announced that none of the shortlisted suppliers had been able to meet their criteria and the rollout had been put on hold for the time being. ... So what went wrong? It seems that the technology behind the scheme was not at fault. Dave Birch, director of consultancy Consult Hyperion and organiser of the Digital Money Forum, told silicon.com: "What's become clear is that it's more complicated to sort out commercial arrangements than to sort out the technical arrangements [with e-money]."

    It appears that issues with the payment processing side of the project - division of revenues and payment processing costs, for example - were the main reason the e-money scheme was hobbled before it left the starting gates. The question of who would pay for the cost of deploying the necessary infrastructure was a sticking point. For example, without financial support from the banks, retailers were unlikely to agree to cover the equipment costs themselves.

    That would be numbers 1, 2, 4, 5, 6, in Win Derman's list. I often characterise the question this way: it costs order of a million to build a software payment system, and order of 100 million to build a hardware token payment system. The difference is the tokens, and who you get to pay for them...

    Which leaves us wondering why these lessons aren't learnt? Win Derman says "In looking back over the last 30 years, there’s no question the industry has witnessed (and still is witnessing) tremendous change. But despite the disruption, the same fundamentals still apply. There are 13 questions I’ve learned to ask about any new payment technology to evaluate its potential for success in this space."

    Maybe experience is priceless?


    In looking back over the last 30 years, there’s no question the industry has witnessed (and still is witnessing) tremendous change. But despite the disruption, the same fundamentals still apply. There are 13 questions I’ve learned to ask about any new payment technology to evaluate its potential for success in this space.

    1. Are you solving a problem that needs changes at the point of transaction? Then build a 5-7 year implementation schedule because of terminal replacement cycle.

    2. Are you solving a problem that has limited geographic applicability (for example, the 1980s chip card in France because of the poor telephone network versus the magnetic stripe in the zero floor limit environment of the United States)? Either you will be tied up in politics or limited in scope to a subset of the card world.

    3. Timing is everything. We worked for 30 years to grow the Visa credit card business into a trillion dollar business. The Visa debit card grew to that level in less than10 years because the network infrastructure already existed, the name Visa was already well known, and the political battle between the credit card and debit card groups within the banks was over.

    4. If you are selling a proprietary product or service and hope to extract a royalty on every transaction, you will be trying to push a huge rock up a large hill in an environment where even competitors need to share technology because banks and merchants want standardized services - not proprietary implementations.

    5. If your product or service needs approval from more than one industry group (such as airlines and banks), plan on a very long and complicated negotiation to achieve consensus.

    6. If you expect to change consumer behavior to implement your product or service, remember issuers will be very reluctant to risk making significant changes that could damage a $4-5 trillion business.

    7. If your product or service is aimed at fraud reduction, remember that eliminating 100% of fraud - which is highly unlikely - only changes the issuers' bottom line by a fraction of 1%. That doesn't leave much room if implementation or operational costs are high.

    8. Technology by itself without a surrounding set of business rules, prices, and procedures that make economic sense will not fly.

    9. Any product or service that does not show significant results within 12 to 18 months will take a long time to get anyone’s attention.

    10. After you develop a timeline to get your product or service sold, double it.

    11. Who is your champion in the target organization? (We tried to have the credit card departments where Visa had its contacts introduce the Visa debit card to the banks. We made very limited headway for almost 30 years until credit card people became senior managers in the banks. Then implementation went very quickly.)

    12. If your plan is to introduce your product or service in competition with the existing card products, remember that you either must spend a great deal of money to get a piece of the business (like Discover did) or you will be vulnerable to the big guys overwhelming you during your buildup phase as they easily could have done with PayPal - if they had focused on that market niche earlier.

    13. If your target mark is the bankcard business, the good news is that it is a $4 trillion dollar business and growing. The bad new is that it is a $4 trillion dollar business and growing. There is a potential for a big payoff but it is hard to turn the business in a new direction - kind of like trying to turn the Exxon Valdes in Prudeau Bay.

    Posted by iang at 06:03 PM | Comments (1) | TrackBack

    3 of the big 4 - all doing payment systems

    A snippet of recent news:

    (May 5, 2006) Online search giant Yahoo! Inc. is developing what appears to be a person-to-person payment service and may be weeks away from introducing it, but details of the new service remain unclear. ... Industry speculation about a possible payments product at Yahoo! was fueled last month when the company was granted a patent on a P2P “money-exchange” system for which it had applied nearly six years earlier. Also, Yahoo! is not without experience in P2P payments, having operated a platform, called PayDirect, from July 2000 until it shuttered the service in November 2004.

    So that brings Yahoo into line with Google and eBay/Paypal. We are now looking at a herding structure where all the big players copy each other. Back to the future again! All we need is for Microsoft to join the club.

    The reason Microsoft has not done payments before is because when they mentioned their desires back in the mid 90s, the banks jumped liked they'd been slapped. Banks might not have known what the Internet was, but they knew what Microsoft was, back then, as they had those DOS and Windows3.1 machines scattered all through their offices. DigiCash, First Virtual, and a few dozen other names were no serious threat, but Microsoft? That was distribution. That was scary.

    Off to Washington DC they trotted and fairly soon on, the message filtered back to Microsoft - that's not a good idea, pick on someone else's soft underbelly.

    This time, the structure of the sector is fundamentally different. Then, it was hype and greed and ignorance. This time it's Paypal, user bases, spreadsheets, ROI. Google has been working on it for probably a year or more, using the Paypal model upgraded to remove the bugs, and Yahoo have also no doubt taken the same advantage.

    Washington DC no longer has anything to say, in the banks' defence. Now, the banks are distracted with phishing and trojans and Walmart, and wearily eyeing the security offerings of smorgasbord companies like RSASecurity. They could be forgiven for wondering whether it was worth it.

    Also, it's been a full decade of more progress on securitization, so the banks structure is no longer so rigid. On the surface, the banks might even look as though they are doing this themselves:

    IDC and Financial Insights have announced results from a recent study concluding that financial institutions are increasingly looking to third parties to manage entire payment functions, rather than the process alone. IDC estimates that U.S. spending on payments BPO services reached $3.3 billion in 2005 and will grow at a five-year compound annual growth rate (CAGR) of 4.2% to reach $4 billion by 2010.
    Posted by iang at 03:34 PM | Comments (5) | TrackBack

    May 07, 2006

    Payment systems - the explosion of 1995 is happening in 2006

    Dave Birch reports that money in virtual worlds is well past GP.

    The online security for World of Warcraft is a bad as it is for internet banking, and World of Warcraft has six million subscribers (more than many banks have Internet banking customers). It's just passwords. So now the phishers have provided yet another confirmation that World of Warcraft gold is a real as Sterling by launching yet another wave of phishing attacks! Now, phishing attacks on virtual worlds are hardly new, but the scale and sophistication are growing all the time.

    (Dave, FTR, when was the first phishing attack on virtual worlds?) I've written before about crime in the virtual worlds. Here's more details:

    A few days ago, it was reported that a new Trojan has appeared on the scene: PWS.Win32.WOW.x. Spread via email, IM, and Peer2Peer file sharing - and gamers tend to do a lot of each of these - as well as through our old friend the malicious pop-up ad that exploits Internet Explorer vulnerabilities (and you know you shouldn't be using IE, but perhaps you are a masochist), this Trojan is brilliant in its limited, precise scope. Once installed, Win32.WOW tries to steal a World of Warcraft user's name and password. Armed with that information, the criminal logs in to the user's online Warcraft account, transfers all the player's virtual property to an avatar controlled by the attacker, and then sells the property on a gray-market auction site for real money. By the time the player figures out what has happened, their character is denuded of all his goodies and the villain in this story is long gone.

    (interesting military tricks at the start of that article...)

    Back to the thrust of this post. Over in the telco world, everyone is madly rolling out payment systems. *Everyone*. Why? For the most part the handsets now have sufficient power to run the application, and the systems programming infrastructure is well developed (read: cheap). Also, banks are out of that scene (read: fed up) and they have problems enough in their home turf (read: phished!).

    So anyone can move in and do it without the normal interference - either a startup or the telco itself.

    The early experiments have been made. The errors and the mistakes are all there for the careful researcher. Enough successes exist now that you don't even need to be careful, you just need to avoid being stupid. The b-plan is simple - pick the successful system you want to emulate, change a few paramaters so you aren't in direct competition, go.

    But all is not so rosey. Reports are that the phones are completely insecure as platforms. So back to Dave again:

    Now that you can withdraw virtual money from real ATMs, this is only going to get worse. I'll just replay that part: now that you can withdraw virtual money from real ATMs... The first cards are going to be issued for Project Entropia. Players may now exchange their virtual world currency with real world cash using Versatel-compatible ATMs, according to Entropia developer MindArk. The cards are available exclusively through MindArk and bridge a player's in-game PED (Project Entropia Dollars) with their real (whatever that means!) bank account. The rate of exchange (10 PEDs to $1 USD), according to MindArk, is fixed.

    We may be polite in other circles and pretend that Dave is speaking about games people play. But here in FC we deal in the bitter truth. He's really talking about everything. All payment systems, all sectors, businesses.

    So where are we heading here?

    Back in the mid 90s, David Chaum (the prof who invented digital cash) lit a firestorm of speculation pithily captured as "The End of Money." Of course that didn't happen, in fact nothing much happened at all, but it didn't stop many people jumping on the bandwaggon (until their ticket expired) or regulators rushing in or journalists writing a thousand articles.

    The explosion predicted then is happening now. And it's happening in the way that was predicted back in the 1995 era. Then, it was common for cryptographers (unfinancial) to have the upper hand, saying that if we don't secure this stuff, it will turn into a catfight. So they secured everything and it bogged down.

    Now, the reverse is happening. If we subscribe to GP, then we are learning to live with the red curve being a very close part of our operation - the Paypal model if you like.

    We need to learn to live in a world of continual, fast moving fraud and continual, fast moving payment systems. Obviously, the regulator's nightmare, and the financial cryptographer's bane.

    Unfortunately, the old players only have themselves to blame for this. The lessons from the past are quite clear. One long hard lesson is that you don't fight fraud until you can see it. Another lesson is that you launch your payment system from as far away from the banking sector and the regulators as possible, because you want it to succeed. (Pop quiz - which massive company is launching a huge payment system as far away from the banking sector as possible... today?)

    You don't regulate until you have something to regulate. And it helps to have a good reason, too. So when the Europeans rushed in and tried to clamp down on this evil development, they just killed the innovation within - Digicash and the various strong smart card developments - and sent all the reserarchers off elsewhere. Yes, they reserved it for the banks, which was their intention. No, the banks didn't do it, which was what economics predicted. So the end effect was that the Europeans blew their wad. Now they have to sit back and let the world do payment systems to them.

    Over in the US, the Americans had a secret weapon: Alan Greenspan. History doesn't record in detail what the living god of monetary policy was up to in the world of payment systems, but I saw the tracks everywhere. What he did was to create a decade of peace. From the early days, right up until the last few years, digital money was able to experiment and blossom in the US.

    Those days came to an end with 9/11. Since then, the money transmitter regulations were used to bring all to heel. Paypal, e-gold, all those remittances that drive a non-trivial portion of the latin american economy, they all work for the man, now. And heat is being turned up:

    A House subcommittee today approved legislation today banning all forms of online gambling in the United States. To strike at offshore gambling sites, the panel authorized law enforcement officials to stop credit card and other forms of electronic payments to those sites.

    The US is repeating the errors of the Europeans in the 90s. So expect as a long term prediction to see the centre of gravity to move outside the US. Which isn't to say that Paypal won't make good money, but they won't be doing too much that is different, and they are about to become one player in a crowded market (c.f., b-plan above).

    The new world for payment systems is now outside the US and outside the Europeans. The question is, where is it going?

    Posted by iang at 06:19 AM | Comments (4) | TrackBack

    March 07, 2006

    FraudWatch - Chip&Pin, a new tenner (USD10)

    Chip&Pin in Britain measured a nearly full year of implementation (since February) and found fraud had dropped by 13%. They say that's good. Well, it's not bad but it is a far cry from the 80% figures that I recall being touted when they were pushing it through.

    The Chip and Pin system cut plastic card fraud by 13% in 2005, according to the Association of Payment Clearing Services (Apacs). Losses due to the fraudulent use of credit and debit cards fell last year by £65m to £439m.

    Most categories of fraudulent card use dropped, except for transactions over the phone, internet or by mail. Chip and Pin cards were introduced in 2004, with their use becoming required in shops from February this year.

    The new type of card appears to have brought a decisive turnaround with fraud levels now back to the levels last seen in 2003. In 2004, as the new cards were being introduced, card fraud continued to shoot up, by 20%, costing banks and retailers more than half a billion pounds.

    Sandra Quinn of Apacs hailed the impact of Chip and Pin, which has been rolled out to most of the UK retailing and banking industries since October 2003:

    "Seeing card fraud losses come down is cast-iron proof that Chip and Pin is doing its job. Back in 2002 we forecast that fraud would have risen to £800m in 2005 if we didn't make the move to Chip and Pin so it's heartening to see total losses well beneath this figure" she said.

    So maybe if we factor in such a prediction of 800m, down now to 439, we are seeing a drop of 45%. I'd say that according to GP they moved too late and ended up with an institutionalised fraud at a high and economic level. Clawing that back is going to take some doing.

    And, also from PaymentNews, the US mint continues its sly dance to use other colours than green:

    Security Features
    The redesigned $10 note also retains three of the most important security features that were first introduced in the 1990s and are easy to check: color-shifting ink, watermark and security thread.

    Color-Shifting Ink: Tilt your ten to check that the numeral "10" in the lower right-hand corner on the face of the note changes color from copper to green. The color shift is more dramatic on the redesigned notes, making it even easier for people to check their money.

    Watermark: Hold your ten up to the light to see if a faint image of Treasury Secretary Alexander Hamilton appears to the right of his large portrait. It can be seen from both sides of the note. On the redesigned $10 note, a blank oval has been incorporated into the design to highlight the watermark's location.

    Security Thread: Hold your ten up to the light and make sure there's a small strip embedded in the paper. The words "USA TEN" and a small flag are visible in tiny print. It runs vertically to the right of the portrait and can be seen from both sides of the note. This thread glows orange when held under ultraviolet light.

    To protect our economy and your hard-earned money, the U.S. government expects to redesign its currency every seven to ten years.

    Everything is good fun about that page, even the URL!

    Posted by iang at 05:10 AM | Comments (16) | TrackBack

    March 02, 2006

    Google strives for hard cold cash

    Viking reads the terms of service for Google Payments (discussed here) and discovers:

    Here is the really interesting part though. Google Payments is set up like the DGC industry in regards to user responsibility & payment repudiability.
    "Buyer is responsible for any and all transactions by persons that Buyer gives access to or that otherwise use such username or password and any and all consequences of use or misuse of such username and password."

    "all Payment Transactions processed through the Service are non-refundable to Buyer and are non-reversible [...] fraud and other disputes regarding transactions shall not entitle Buyer to a refund of the Payment Amount or a reversal of a Payment Transaction"

    This ought to be very interesting to watch as they are completely violating the May Scale. They facilitate cc payments from the buyer, but the seller "gets paid & stays paid".

    Indeed. Although, if they can hold the line on that issue, and keep their user base clean, this would mean that they would be well placed for the future. Margins in transactions in non-reversable payment systems range from 0.1% to 0.5% whereas reversible payments charge around 4-5%. Easy meat.

    Posted by iang at 12:05 PM | Comments (2) | TrackBack

    News on payments: mobile/cell, Skype, Google

    America moves a bit closer to using cells (mobiles outside the US) for payment. What I find curious is why banks don't simply use their customer's phones as two-factor tokens. It can't be any more sophisticated than selling a ring tone, surely?

    Skype signs up with Click&Buy and seemingly others. Again curious, given they are owned by eBay these days.

    Google reveals more, as spotted over on PaymentNews. Basically, move the billing systems over to an internal money.

    If you take a look at the history of Google's advertising programs and online services, one thing you notice is that online billing and payments have been a core part of our offerings for some time. To run our ad programs, Google receives payments every day from advertisers, and then pays out a portion of those funds to advertising partners. Over the past four years, Google has billed advertisers in 65 countries more than $11.2 billion in 48 currencies, and made payments to advertising partners of more than $3.9 billion. When one of our consumer services requires payment to us, we've also provided users a purchase option.

    As the number of Google services has increased, we've continued to build on our core payment features and migrate to a standard process for people to buy our services with a Google Account. Examples of this migration include enabling users to buy Google Video content, Google Earth licenses, and Google Store items with their Google Accounts. We also just began offering similar functionality on Google Base.

    If only more companies issued their own internal money and used it for the billing systems. Expect Microsoft to scratch its collective heads and wonder "why didn't we think of that?" It's actually not that much a leap, more a mental twist than a business change. From there, integrating credit card collection is easy. (Credits: I first did this a few years back, but the idea has been around for yonks, I recall Lucky Green explaining it as a potential direction for DigiCash sales, around 1997.)

    For buyers, this feature will provide a convenient and secure way to purchase Google Base items by credit card. For sellers, this feature integrates transaction processing with Google Base item management.

    And if they do it carefully enough, they won't walk into the minefield of regulatory interference.

    The Mountain View, California-based search giant made sure the test got off to a quiet start. Google launched a video store last month, and shoppers found that they could buy videos by signing into their Google accounts. People have also been using their accounts to buy mapping-related products from Google Earth, information on Google Answers, and keywords on AdWords, Google's advertising program, in some cases for more than a year now.

    Huh. Scary but true - hype is not the same thing as strategy. We'll see. Elsewhere, Technews says that Google is a direct shot at eBay and Paypal. I agree, it's on the agenda, but it's a shot across the bows, the actual broadsides will come later. Paypal is very vulnerable, Google won't need to rush. Also see lots of screen shots there, and also see buyer's terms.

    Posted by iang at 08:54 AM | Comments (1) | TrackBack

    February 06, 2006

    Edgar Rice Burroughs on Complementary Currency

    Hasan finds Gutenberg's copy of "A PRINCESS OF MARS," (1917):

    "The brothers had supplied me with a reddish oil with which I anointed my entire body and one of them cut my hair, which had grown quite long, in the prevailing fashion of the time, square at the back and banged in front, so that I could have passed anywhere upon Barsoom as a full-fledged red Martian. My metal and ornaments were also renewed in the style of a Zodangan gentleman, attached to the house of Ptor, which was the family name of my benefactors.

    "They filled a little sack at my side with Zodangan money. The medium of exchange upon Mars is not dissimilar from our own except that the coins are oval. Paper money is issued by individuals as they require it and redeemed twice yearly. If a man issues more than he can redeem, the government pays his creditors in full and the debtor works out the amount upon the farms or in mines, which are all owned by the government. This suits everybody except the debtor as it has been a difficult thing to obtain sufficient voluntary labor to work the great isolated farm lands of Mars, stretching as they do like narrow ribbons from pole to pole, through wild stretches peopled by wild animals and wilder men.

    "When I mentioned my inability to repay them for their kindness to me they assured me that I would have ample opportunity if I lived long upon Barsoom, and bidding me farewell they watched me until I was out of sight upon the broad white turnpike."

    How's that for dredging ;-)

    Posted by iang at 12:07 PM | Comments (1) | TrackBack

    January 17, 2006

    Bill Monk - LETS goes commercial

    The age old idea of LETS just went commercial in Seattle, called Bill Monk as reported in mainstream commercial blog PaymentNews. Oddly, the owners thought it was a new idea! Even odder, the LETS people never thought of opening it up to a wider audience.

    Here's how the blog describes it:

    When John and I talked on the phone, he was as surprised as we had been that, to the the best of our knowledge, there have been no other ventures that offer a centralized way to track informal debts. There have been lots of standalone apps (not to mention spreadsheets) for splitting bills and recording debts, but they weren’t centralized. And there have been several stabs at offering friends the ability to settle-up with one another with real cash or e-cash (of which PayPal is the most successful), but those are formal and pretty heavy-weight. One advantage of informal debts is that you can use a past debt as an informal currency for a future purchase. For example, my girlfriend owes me $100 for a deposit on a ski cabin; since then, she’s been picking up all our restaurant tabs and has beat down the debt to $30.

    Google on LETS, guys. Might not be quite what you expected, but it numbers in the 1000's of systems and the history goes back nearly a century. John mentioned above covered it in the Seattle Post-Intelligencer.

    So how does an open LETS function? Probably just as well as an ordinary one, but with the caveat that you don't have to accept the "social debts" from someone you don't know. So there are sub-communities within the space rather than one cohesive community/space.

    This probably means that GP is reached later due to the lesser cohesion/liquidity as compared to LETS. Mary Fee has proposed that GP is reached around 200 for a LETS (she didn't actually say that, Mohsin Jaffer interpolated her experience). But I would also caution that this is not likely to mean that GP's arisal will be any the less traumatic. One to watch, to prove or disprove the 200 metric.

    In contrast, in Todd Boyle's home town of Seattle, Bill Monk has a business. That could take it a fair bit further. Digging a bit further, I found it uses SMS to communicate:

    Suppose you, Joey, Sarah, and Alice go out for dinner at "The Gilded Truffle", and run up a $163.89 bill (including tip).

    1. You pay the $163.89.

    2. You send an SMS message to b@bmonk.com: 163.89 4. This message means: "I paid 163.94 for 4 people including myself."

    3. BillMonk replies with: You paid $163.89, and your share is $40.97. The bill code is 'blue mug'.
      At this point, we know everything about this bill except for which 3 friends you paid for. You can put your cellphones away and tell us who they are later via the website, or you can do it now by sending us the bill code via your cellphones.

    4. To report that she shared in the bill, Alice sends an SMS with this bill code to b@bmonk.com: "blue mug"
    ...

    That's got to be worth a bull! They integrate with email as well...

    On an a similar note, seeing as I've got the attention of the LETS people, it occurred to me that I could create a new server that had no zero limit. Currently Ricardo rejects when payments would take it below zero. But for LETS this is no use. (As it has security implications I'd have to set aside a separate server and institute additional precautions.) So, is anyone out there interested in running a Ricardian LETS? Write the contract, dude!

    Posted by iang at 04:48 PM | Comments (4) | TrackBack

    Remittances - the bane of the Anti-Money Laundering Authorities

    Adam points to Ethan's musings on the dire need to move many small payments across borders. It's a good analysis, he gets it right.

    Remittances has been huge business for a long time. However it didn't burst onto the international agenda until 9/11 when it was suggested that some of the money was moved using Hawala. Whether that was found to be true or not I never heard - certainly most of it was sent through the classical banking channels. Not that it made any difference; even the Congressional committee remarked that the amounts neeeded for 9/11 were too small easily trace.

    No matter, suddenly everyone was talking about remittances. The immediate knee-jerk reaction was to shut down the Hawalas. Of course, this got a huge cheer from anti-immigrant interests, and Western Union, who provides the same service at about 5 times the cost.

    Unfortunately, shutting them down was never going to work. Remittances is such a large part of the economy it has to be recognised. The effect is so large, it is the economy in some senses and places. (I recall Ecuador numbers its exports as oil, remittances, and fruit, in some or other order. Other countries do something similar, without the oil.) Africa Unchained reports:

    According to a recent report (Migrations and Development) by the International Development Select Committee (UK), over $300 Billion was sent from developed to developing countries in 2003 by diasporas living in the developed countries. Global remittance, the report maintains is growing faster than official development assistance from the developed countries, also global remittance is the second largest source of external funding for developing countries, behind Foreign Direct Investment (FDI), and also accounts for as much as 27% of the GDP for some African countries.

    But these economies and their remittances will always now be cursed by the need to give lip service to the anti-money-laundering (AML) people. Of course money laundering (ML) will go on through those channels, but whether it is more or less than through other channels, and whether it is likely to be more obvious than not is open to question. From what I can tell, ML would be hard to hide in those systems because of the very cautious but "informal" security systems in place, and no operator wants the attention any more.

    What is not open to question is that the attention of AML will dramatically increase the costs of remittances. Consider adding a 2% burden to the cost of remittances, which is easy given the cost disparity between the cheaper forms and Western Union. If remittances happens to generate half of the cash of a country, then the AML people have just added a whole percentage point of drag to the economy of an entire underdeveloped nation.

    Gee, thanks guys! And there is another insidious development going on here, which is also mentioned above:

    Hundreds of creative efforts are underway across the developing world to solve these problems with remittance. To address safety issues, MoneyGram is offering delivery services of money transfers in the Phillipines, bringing money to your door instead of forcing you to come and collect your funds from an office in town. Alternatively, if your recipient has an ATM card, they will transfer the deposit to her account. A new remittance strategy - goods and service remittance - addresses the safety, cost and misuse issues simultaneously. Instead of sending money home, make a purchase from a store or website in the US or Europe, and powdered milk, cans of corned beef or a live goat is delivered to your relatives. Manuel Orozco, an economist with the IADB, estimates that as much as 10% of all remittance happens via goods and services.

    Mama Mike’s - a pioneer in goods remittance - offers online shoppers the ability to buy supermarket vouchers and mobile phone airtime for relatives in Kenya and Uganda, as well as more conventional gifts like flowers and cards. SuperPlus, Jamaica’s largest supermarket chain, goes even further, allowing online shoppers to fill a shopping card for their relatives and arrange for them to pick up the order in one of the SuperPlus stores around the country. SuperPlus is a partner with both Western Union and MoneyGram and has been promoting its supermarket remittance service through Western Union and MoneyGram stores in New York City, home to a large Jamaican diaspora. Goods remittance services generally don’t charge a fee, making their profit off goods sales instead.

    Spot it? The ones who benefit most from the push for AML are the large transnational corporations that come in and provide a "creative effort." They get a free pass, and help from authorities because they say all the right words. Today's pop quiz: is Western Union is more likely to stop ML than informal methods of remittances? Would Western Union be able to close down any troublesome competitor with the right noises?

    Depending on your answers, it's either the noble fight, or just another traumatic security agenda being captured and turned into a _barrier to entry_ to squeeze the small guys out of a very lucrative business.

    Posted by iang at 05:55 AM | Comments (1) | TrackBack

    December 31, 2005

    Paymer Anatomy - anyone an issuer

    Editor's note: Daniel Nagy translates an article on Paymer by N. Senchenko. This system is related to WebMoney, and emulates the "anyone can be an issuer" model.

    Written by Nikita Senchenko in Russian
    ("Анатомия Paymer" at http://owebmoney.ru/paymer.shtml),
    translated into English by Daniel A. Nagy for educational purposes, without permission.

    Contents

    1. What is Paymer and how do they serve it for lunch
    2. More about agents
    3. We are issuinig e-currency agent cheques
    4. Operations with cheques
    5. WM-cards are also Paymer cheques
    6. Additional services
    7. Business at the speed of Paymer

    Why "anatomy"? Why the choice of such a strange title for an article about the Paymer service? The reason is that all users of WebMoney already know about its existence. They know or suspect what functions it is supposed to fullfill. However, as it turns out, Paymer is a subtle instrument, not only having its own philosophy (like everything else within the WebMoney system), but also a whole spectrum of nuances and details, which remain out of sight for superficial observers.

    1. What is Paymer and how do they serve it for lunch

    Any one of you, dear readers, is able to issue your own payment promises using Paymer. In other words, digital money emission is within anyone's reach. What for? This is a separate question, which we will illuminate in the last part of this article. For now, just imagine that youo want to create your own mini-paymen system. Or raise capital, for example.

    How is it going to happen? You are issuing digital cheques -- payment requisites of some sort. Each cheque has its own unique number and code, the number of digits in which are determined by the issuer. You can back your electronic cheques by digital currencies such has WebMoney or e-gold or by US dollars on a bank account. You can also choose not to back them. Paymer records your promises and accepts backing deposits (if they exist). The accounting of your promises, the safekeeping of your backing assets and the redemption of the promises by handing out these assets is done by so-called Paymer Agents, of which there are currently three in our system. We will talk about them a bit later. Each cheque has a nominal value, which is determined by the issuer in the process of emission. The nominal value of the cheque is the amount of money, goods or services that one can receive in exchange for it.

    So, the cheques have been issued, their value is backed either by reserved assets or simply the promise of the issuer. From this moment on, any holder of the cheque (in other words, one who knows both its number and its code) can return it to the issuer and receive the valuables that are due to him: WebMoney, e-gold or those goods/services, which the issuer promised to hand over/render to the bearers of his cheques. This is called redemption of cheques; in essence the exchange of promises for backing.

    The requisites of cheques can be handed over multiple times from one person to another, using any means of communication: e-mail, fax, telephone, ICQ, on a piece of paper from hand to hand -- that is, as you please, over the Net or outside of it. By telling the number and the code of the cheque, you are handing it over to the new holder. Unlike banks' cheques, Paymer cheques do not have any fixed physical embodyment. The requisites can be stored in any way in any place -- on paper, in a file or in the memory of the holder.

    Cheques constitute value, as they imply benefits to the holders. Thus, they can be used as payment. In order to facilitate the acceptance of cheques over the Internet for commercial entities in exchange for their goods or services, Payment provides them with a special interface Paymer Merchant [link: https://www.paymer.com/merchant/default.aspx?lang=en-US], using which the process can be automated.

    Paymer lets the holders verify the validity of cheques and their nominal value using the number of the cheque or the number and theh code. This lets sellers avoid accepting "counterfeit" cheques for their goods. Additionally, cheques can be split into several smaller ones with the same summary nominal value. One can merge several smaller cheques of the same issue into one with the nominal value equal to their summary nominal value. One can exchange the requisits, for example, when accepting cheques thereby becoming the new exclusive owner, as the new requisits will be known to you alone.

    The emission and the servicing of the cheques is paid for by the issuer; Paymer takes 1% of the sum of the emission. However, there is no comission whatsoever for the verification, splitting, merging and exchange of requisits. Therefore, cheques can be handed over from one holder to the next multiple times, verified, split, etc. without losing their nominal value.

    Paymer, in essence, is that same "digital cash" in its purest form, about which its father and chief ideologue, David Chaum has dreamt. Quite possibly, to this date it is the only one of the practically functioning automata realizing almost all functions of digital cash. Its characteristic properties are as follows:

    * Unencumbered access to "emission button" for anyone willing to issue.

    * Innovativeness. Paymer cheques are a new generation of money from a financial point of view.

    * Protection. It is not feasible to counterfeit cheques or quess their codes.

    * Anonymity of digital cheques (a characteristic property of cash).

    * Instantaneous clearing. Redeeming a cheque or paying with it takes mere seconds.

    * Irreversible payment and clearing.

    * Free transactions for users (as opposed to cashless transactions, for example).

    * Workable in any communication environment (online or offline). Paymer cheques can be used for payment within the Internet and outside of it.

    * Openness and accessibility for each person, without any limitations. In order to use cheques, there is no need to show your ID, to register or to open an account anywhere, etc.

    In this article, we will tell you in detail how to issue your own cheques, how to transact with others' cheques and what additional services exist in the Paymer system. Finally, we will tell how is Paymer useful for businesspeople and other enterprising comrades. But first, we describe Paymer Agents in detail.

    Posted by iang at 02:34 PM | Comments (2) | TrackBack

    October 26, 2005

    Breaking Payment Systems and other bog standard essentials

    Many people have sent me pointers to How ATM fraud nearly brought down British banking. It's well worth reading as a governance story, it's as good a one as I've ever seen! In this case, a fairly bog standard insider operation in a major brit bank (not revealed but I guess everyone knows which one) raided some 2000 user accounts and probably more. They did all this through the bank's supposedly fool proof transaction system, and the bank aided and abetted by refusing to believe there was an issue! Further, given the courts willingness to protect the banks' secrecy, one can say that the courts also aided and abetted the crooks.

    This is the story of how the UK banking system could have collapsed in the early 1990s, but for the forbearance of a junior barrister who also happened to be an expert in computer law - and who discovered that at that time the computing department of one of the banks issuing ATM cards had "gone rogue", cracking PINs and taking money from customers' accounts with abandon.

    This is bog standard. Once a system grows to a certain point, insider fraud is almost a given, and it is to this that the wiser FCer turns. As I say, this is a must-read, especially if you are new to FC. Here's news for local currency pundits on how easy it is to forge basic paper tokens.

    In a world of home laser printers and multimedia PCs, counterfeiting has become increasingly easy. With materials available at any office supply store, those with a cursory knowledge of photo-editing software can duplicate the business-card-size rewards cards once punched at Cold Stone Creamery or the stamps once given out at Subway sandwich sho........

    Steven Bellovin reports that Skype have responded to criticisms over their "secret cryptoprotocol."

    Skype has released an external security evaluation of its product; you can find it at http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf (Skype was also clueful enough to publish the PGP signature of the report, an excellent touch -- see http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf.sig) The author of the report, Tom Berson, has been in this business for many years; I have a great deal of respect for him.
    --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

    Predictibly, people have pored over the report and criticised that, but most have missed the point that unless you happen to have an NSA-built phone on your desk, it's still more secure than anything else you have available. More usefully, Cubicle reports that there is an update to Skype that repairs a few bugs. As he includes some analysis of how to exploit and create some worms... it might be worth it to plan on updating:

    The Blackhat in me salivates at the prospect. It’s beautiful security judo, leveraging tools designed to protect confidentiality (crypto) and Availability (peer-to-peer) to better hide my nefarious doings. Combine it with a skype API-based payload and you’ve got a Skype worm that can leverage the implicit trust relationship of contact lists to propagate further, all potentially wrapped inside Skype’s own crypto.

    Too bad the first that most of Skype’s 60 million-and-growing users will ever hear of it will be after someone who does pay attention to these sorts of things decides they want to see if it’s possible to create a 60-million node botnet or retire after making The One Big Score with SkypeOut and toll fraud.

    Hey Skype, Ignoring Risk is Accepting Risk–NOT Avoiding it. Put this on your main page while upgrading is still prevention rather than incident response.

    A little hyperventilated, but consider yourself in need of a Skype upgrade.

    Posted by iang at 03:08 PM | Comments (1) | TrackBack

    October 20, 2005

    Penny Payment Systems

    Google's plans on a payment system are giving some people amusement. (1, 2, 3). Synopsis: it's a merchant oriented system, based on credit card. Direct "Paypal" model in other words. (This is a little unfair to those who invented the model, before Paypal, but hey, history sucks.)

    Question is, would you or I do any different? That's a tricky question. Probably not, because Paypal is about as vulnerable as a unchaperoned princess on the way to her first ball. I'd be keen to migrate that model away for fraud reasons, but the "standard approach" has a lot of merit going for it right now.


    This column waxes on without limit about how the planet will spin faster and the sun will shine brighter when google releases, due to all the hook-ins with other google products. Roight. But seeing as I murmured that eBay was looking ok the other day, I feel compelled to point out this statement: "Since eBay is already in deep trouble, it poses no threat to Google either way." Huh!

    (More on eBay at the end.)

    Introducing:

    WhoPay: : a Scalable and Anonymous Payment System for Peer-to-Peer Environments Kai Wei, Yih-Farn Chen, Alan J. Smith and Binh Vo

    EECS Department
    University of California, Berkeley
    Technical Report No. UCB/CSD-05-1386 2005

    http://www.eecs.berkeley.edu/Pubs/TechRpts/2005/CSD-05-1386.pdf

    An electronic payment system ideally should provide security, anonymity, fairness, transferability and scalability. Existing payment schemes often lack either anonymity or scalability. In this paper we propose WhoPay, a peer-to-peer payment system that provides all the above properties. For anonymity, we represent coins with public keys; for scalability, we distribute coin transfer load across all peers, rather than rely on a central entity such as the broker. This basic version of WhoPay is as secure and scalable as existing peer-to-peer payment schemes such as PPay, while providing a much higher level of user anonymity. We also introduce the idea of real-time double spending detection by making use of distributed hash tables (DHT), which further improves the security level of WhoPay. To evaluate how well WhoPay distributes load among peers, we have run simulations with several different configurations. The simulation results show that the majority of the system load is handled by the peers under typical peer availability, indicating that WhoPay should scale well.

    http://www.eecs.berkeley.edu/Pubs/TechRpts/2005/5650.html

    To which, Daniel comments that "the main idea is simple: rollovers are handled by the first user who received a coin rather than directly by the issuer. If the user goes off-line, the issuer can temporarily take care of the rollovers. This is the innovation of PPay. This WhoPay is basically an anonimization layer on top of PPay." As commented from time to time, a lot of good research is going on in p2p space.

    In more PayPal/eBay news, PaymentNews reports that the AuctionBytes.com's Ina Steiner has commented on the new eBay policy of banning other payment systems from auctions. Ostensibly for user safety, there is some user skepticism, and notions that this is positioning in advance of google are going to be hard to shake. Read this snippet and make your own mind up:

    From time to time, as new payment services arise, eBay will evaluate them to determine whether they may present trust and safety concerns and are appropriate for the marketplace. eBay will consider the following factors, among others, in making its determination:
    • Whether the payment model offers substantial financial, privacy and anti-fraud protection for buyers and sellers
    • Whether the payment model raises the potential for confusion among eBay users, or involves incentives that may present fraud concerns
    • Whether the payment model involves precious metals, or other non-cash (points, miles, minutes, coupons, discounts) as consideration
    • Whether the payment service has a substantial historical track record of providing safe and reliable financial and/or banking related services (new services without such a track record generally cannot be promoted on eBay)
    • The identity, background and other business interests of the payment service sponsor
    • The license/regulatory status of the payment provider in the countries where it provides payment services

    The gold community will get a kick out that one! Also recently reported was PayPal's year summary. Payment News says:

    PayPal's parent eBay announced third quarter financial results this afternoon. The following highlights regarding PayPal's third quarter financial performance were included:
    • Payments net revenues grew to $247.1 million, an increase of 44 percent year over the same quarter last year and up 1.3 percent vs. the prior quarter.
    • PayPal's user accounts grew to 86.6 million accounts, up 53 percent year over year and up 9.8 percent vs. the prior quarter. Active accounts grew to 24.5 million, up 41 percent year over year and 7 percent vs. the prior quarter.
    • Total gross payment volume handled by PayPal grew to $6.7 billion, up 44 percent year over year and 3 percent vs. the prior quarter. Total number of payments grew to 117.4 million, up 41 percent year over year and 4 percent vs. the prior quarter. 69 percent of PayPal's payment volume was eBay-related.
    • PayPal earned revenues of 3.60% on payment volume totaling $247.1 million, had expenses of 1.11% of payment volume totaling $74 million and losses of 24 basis points totaling approximately $16 million.
    Posted by iang at 07:50 AM | Comments (2) | TrackBack

    September 18, 2005

    Dave Birch on Payment Tokens

    Low value hardware tokens being used for simple closed system payments are on the uprise due to success in mass-transit systems. Financial Cryptographer Dave Birch describes in an article over on Principia. Here's an extract on the tech details.

    Payment tokens

    So how do payment tokens work to deliver the appropriate levels of both security and privacy? To answer this question, it's necessary to understand how they work. In the general case, the payment token comprises a microprocessor with hardware support for cryptographic operation and an RF interface. There are various standards in this space, but the one most widely used for payment tokens at present is ISO/IEC 14443.

    In a typical retail environment the retailer's point-of-sale (POS) terminal and the payment token both contain a microprocessor; the microprocessors communicate using a payment protocol (on top of the ISO 14443 protocol for basic data exchange). When it is time to pay, the customer brings their tag close to the POS terminal. The terminal interrogates the card and gets back the serial number and a cryptogram (a one-time code calculated inside the token). It feeds these to the acquiring bank, which passes them back to the issuer. From the serial number, the issuer knows which account to authorise and from the cryptogram the issuer knows that the token is valid. The cryptogram is made up from the serial number and a transaction counter, encrypted using the token security key. This key is inserted in the token during manufacturing; it is derived from the serial number and a bank master key. Once in the token, it is never divulged. This kind of solution provides:
    • Privacy, because the token ID is meaningless to anyone other than the issuing bank which can map that ID to an actual account or card number;
    • Security, because knowing the token ID is insufficient to create a cloned token. Also, a cloned token would not generate a correct cryptogram because it would not have the right security key and if the transaction is replayed the transaction counter will be wrong.

    Please note that this is an example given for the purpose of discussion; it is not meant to represent any of the operational schemes discussed in this article. The security of this typical example scheme is not absolute. There is no cardholder verification (i.e. a signature or a PIN), but all transactions are authorised online, so a lost or stolen card can be blocked as soon as it is reported (although it has to be said that consumers will generally notice the loss or their keys or mobile phone pretty quickly). For this example scheme, it might be useful to add an online PIN only for transactions above £20 or so.

    Posted by iang at 09:39 AM | Comments (6) | TrackBack

    August 30, 2005

    How to Build a Secure Credit Card Authoriser - 5 mins biz plan

    Business 2.0 runs an innovative idea - ask the VCs what they'll spend money on right now! First cab of the rank is FC, with building an app to secure CC purchases from the mobile / cell phone / PDA platform:

    $5M Mobile ID for Credit Card Purchases
    WHO: John Occhipinti, Woodside Fund, Redwood Shores, Calif.
    WHO HE IS: A former executive at Oracle and Netscape, Occhipinti is a managing director and security specialist, leading investments in BorderWare and Tacit.
    WHAT HE WANTS: Fraudproof credit card authorization via cell phones and PDAs.
    WHY IT'S SMART: Credit card fraud is more rampant than ever, and consumers aren't the only ones feeling the pain. Last year banks and merchants lost more than $2 billion to fraud. Most of that could be eliminated if they offered two-part authentication with credit and debit purchases -- something akin to using a SecureID code as well as a password to access e-mail. Occhipinti thinks the cell phone, packaged with the right software, presents an ideal solution. Imagine getting a text message on your phone from a merchant, prompting you for a password or code to approve the $100 purchase you just made on your home PC or at the mall. It's an extra step, but one that most consumers would be happy to take to safeguard their privacy. More important, Occhipinti says, big banks would pay dearly to be able to offer the service. "It's a killer app no one's touched yet," Occhipinti says, "but the technology's within reach."
    WHAT HE WANTS FROM YOU: A finished prototype application within eight months. "I'm looking for the best technologists in security and wireless, the top 2 percent in their industry," Occhipinti says. The team would need to be working with a handful of banks and merchants ready to start trials, in hopes of licensing the technology or selling the company.
    SEND YOUR PLAN TO: jco@woodsidefund.com

    FCers know well how long we've been pushing this idea (Pelle beat me to it by a day, and Odio.us beats anyone any time you push the button). For the newcomers, here are some scratch notes:

    The basic essence of doing anything securely has been known for more than a decade, but the business models in place can best be described as blocking and non- secure, which has led to the current situation with credit cards. We know how to fix this, but it requires a ground-up replacement (a.k.a., ignoring all prior "popular security.")

    Tech would be like this: Create the key on the PDA/cell platform, then register it in a human process with a server. Use that key to then authenticate each transaction. This could be done with a simple token, supplied by the merchant, remitted to a gateway that then matches it into the backends of the CC system.

    Two alternates: No CC info need be transmitted on the net, and the gateway escrows the details in waiting, OR have the CC packet encrypted and sent. Either works as the key is the foundation on which you can build anything you like.

    Phones now have the grunt to do the proper crypto. The problem is not a crypto or tech problem, but a "right crypto and right protocols" problem. It is critical to avoid heavy-weight PKI, or connection oriented technologies, or WAP or like telco gateway server models. None of these will work, for various reasons.

    Beyond that the problem is a business one, being flexible and sexy enough at the *gateway* and for that you need both tech-savvy and CC-savvy people. You also
    need some handy phone hackers, maybe 2-3 and one and only one young opportunistic crypto guy, as long as your core architect can communicate the ideas well enough. Selling into the banks is hard. Look for banking entre and also, consider the securities market as their transaction profile is much more suited to this market. Further, recall that the basis of the phone is lifestyle, so the rollout should be done p2p thus WoT is used as the basic authentication.

    (Names of suitable FCers all available on request!)

    Bear in mind that Paypal started out with this model, and dumped it. Things were different then, they didn't have the phones, nor the security imperitive.

    Posted by iang at 12:40 PM | Comments (1) | TrackBack

    August 28, 2005

    The Rise and Absorption of Paypal - a lesson for offshore

    Over on Cato, there is an article bemoaning the fate of Paypal:

    The company would no longer permit customers to use the service for purchases associated with "mature audiences," gambling, hate paraphernalia, or prescription drugs, along with a long list of other prohibitions. It would also fine its customers up to $500 for attempting such transactions. Those terms apparently applied to donations to blogs with content PayPal found objectionable.

    That's a far cry from the libertarian vision founders Peter Thiel and Max Levchin originally had for PayPal, an online payment service that enables account holders to send money to anyone in the world with an e-mail address. Thiel and Levchin had hoped PayPal would grow to become an extra-governmental system of currency, something reminiscent of the world described in Neal Stephenson's novel Cryptonomicon, in which programmers use encryption to create an offshore data haven free from government control.

    What follows in that article is mostly a review of The Paypal Wars, by Eric M. Jackson. I've not read it, but can offer my opinions: Paypal should have failed a dozen times over, and the book seems to agree. The fact that they survived is good testament to their persistence; hundreds if not thousands of their competitors failed in these and similar ways.

    The book also reads as testimony to the offshore theory of early digital money pundits. Back in the mid 90s when we were building these things, the wiser voices amongst us realised that we should go offshore, not for any conceivable tax benefits, but for the simplicity of regulation and the cost savings in reduction in 'enemies' to use the Paypal meme.

    Offshore is like that - it has a higher startup cost in capital because everything is more expensive there. But if you are to succeed, then it quickly becomes more effective, simply because there are far fewer external problems to deal with. It makes a difference when the jurisidiction is small: not only are the regulators somewhat limited in pandering to whoever has their ear, but you can also meet the entire team around a small coffee table.

    So what about the payment systems that did go offshore? Primarily this would be the gold units (or, these are the ones I know well). e-gold, the leader in transactional volume, branched offshore in late 2000, splitting into e-gold Ltd as the issuance company in the Caribbean and G&SR as the trading company in mainland USA. In practical effect, e-gold then contracted all operations back to G&SR so the physical move was not of great import, but the jurisdictional move was quite significant.

    It worked out quite well, notwithstanding the frequent criticism. Considering always that the market of choice was mostly the US and the major market maker was a monopoly provider there, this move created just enough of a jurisdictional separation to establish a suitable distance between the 'enemies' and the operators; there always remains a possibility that if an enemy pushes too hard then the stuff will really move offshore.

    In a similar timeframe, goldmoney started up and is now the leader by value under management. It had a more fullsome offshore arrangement, including a more or less complete range of 5PM governance partners. An early decision to place itself in the heavy jurisdiction of Jersey put goldmoney under the beady eye of the regulators there, which I would count as a mistake. For this benefit of brand name offshore finance center, it had to adopt a very stringent due diligence regime that slowed spread down dramatically. As the DD was regrettably far more severe than a mainland USA bank or that of any other operator, this placed its survival in doubt in the critical years 2-4.

    However, goldmoney may have overcame this deadweight drag by coupling up with Kitco, and now something like 80% of sales go through that US coins and bullion seller. Does the DD still slow them down? Yes, and in spades, but it would seem that the Kitco channel is so strong that it has overcome these difficulties.

    What then to conclude for new operators? Doing the partial offshore thing seems like a good compromise. It's not a completely safe choice, as even e-gold faced many life threatening challenges (and, finding good offshore advice is like asking Don Juan to chaperone your daughters). But if you can appreciate the statistics of the Paypal story then it still makes sense to consider.

    And, as a side note, the Financial Cryptography conference returns to Anguilla, our spiritual home for the 10th edition in 2006. Back in 1997 it seemed that Anguilla had a chance of being somewhere special, but two things killed the excitement that the conference generated: lack of any real net (Cable and Wireless had/has a death grip on Anguilla, say no more ...) and the dramatic difficulties in importing financial cryptographers past the normal anti-immigration policies (common around the world) meant that no serious operation could take root. (Addendum: Pelle also comments in general.)

    I calculated that the interest generated would have naturally led to about 100 FCers by 2000 and created a very welcome third sector for the island, but for those factors; at one stage we were seeing serious plans for half a dozen FCers every month. Only a few brave fools were stupid enough to ship in, in spite of the two big barriers, and by about 2002 they were all gone.

    Posted by iang at 08:36 AM | Comments (0) | TrackBack

    July 31, 2005

    The Favour Economy - Pressed Flowers get Laminated

    In the world of community currencies, Pressed Flowers have resiliance. To my continuing surprise, the humble floral unit has legs! Last night, under the add-on, flowers were reserved, catalogued and most importantly traded.

    Some months ago the Vienna artists' community took children to the hills near Baden to collect flowers. These were pressed in the sleeves of books and a more crude version of a flower press awaiting tonight's events. Now, the pressed flowers have been reserved by recording them all and preparing them for distribution.

    Yet such a community setting. Overhead in the scaffolding in Wallensteinplatz, a performance by a popular Astrian warbler AustroFred (singing songs by Queen in German. "Under Pressure" sounds like "Amadeus" ...). Underneath, a gang of artistic financial cryptographers catalogued and laminated hundreds of pressed flowers. They are now official floral reserves of the FlowerBank.

    This crazy little thing called trade. A dance group was paid in pressed flowers. Their dance presented flowers to the audience, and each audience participant was encouraged to take the fresh flower and bail it in to the FlowerBank for pressing and future conversion for more liquidity.

    Pricing the laminated pressed flowers was an issue that wasn't resolved beforehand. After the performance (and flower bank revitalisation) a lengthy negotiation meandered between the supply factor of time for complete flower pressing in volunteer labour (about an hour) and the investment of the performers (about 2 hours each). Eventually, trading parties settled the price at PF8, or PF2 per performer.

    (The rain started but nobody cared. The wind blew the stock of reserves around. Pandemonian, but ... The show must go on!)

    This is Europe so the kids are out on the streets until the early hours. At least, this was the Turkish community. Keeping children focused turned out to be a simple matter of pure bribery (anything for sugar). In exchange for writing out the leaflets describing the terms of trade, flowers were paid and kids were well behaved, for once.

    The reserve units were accepted for meals and icecream and I converted my wages in laminating into a dinner of fried meat, noodles, basil, and peanuts. Delish! A plate cost PF2 and icecream only PF1 although there was some debate about that.

    In the event, the flowers economy all went to pot. Some insisted on keeping their flowers and forewent the benefit of the further trade. Kids on the other hand raided the local park for flowers, traded them in for precious reserves and then traded those for meals but not the icecream. Snip, snip, snip. Another myth bites the dust.

    It gets more Austrian. Rumour has it that one of the kids, Nenad of age 10, has responded to the critical shortage of flowers and has started his own bank with pressed leaves. Already adults are speculating on when pressed insects will emerge, and the rate of exchange between leaves and flowers.

    Opinion aside, the essential metaphor here is a 'favour currency' which records our good deeds. This is a soft issue in that it really doesn't matter if we get the exchange rate askew or the float adrift. What matters is that the system supports the actions - when a favour is paid for, it stays paid. When it isn't paid, the system does not get in the way of denying people's intent to avoid a direct recording of the event.

    Posted by iang at 04:44 PM | Comments (3) | TrackBack

    July 25, 2005

    Payment news - two classic story endings and a new start

    In payment news, two stories are ending. Jim reported on the Blind Signature patent expiry party:

    Guest of honor David Chaum challenged us: How to change the world for the better by implementing new protocols.

    I like to think that is what FC is about; but I'm also old enough and bloodied enough to know that without revenues we can't sustain the cash flow to employ the programmers to write the protocols to change the world for the better....

    And, over in Congress, the CEO of CardSystems is moaning that his company might be out of business if Mastercard were to follow Visa and Amex in dropping them from the credit card processing business.

    The head of a payment processing firm that was infiltrated by computer hackers, exposing as many as 40 million credit card holders to possible fraud, told Congress yesterday that his company is "facing imminent extinction" because of its disclosure of the breach and industry's reaction to it.

    "As a result of coming forward, we are being driven out of business," John M. Perry, chief executive of CardSystems Solutions Inc., told a House Financial Services Committee subcommittee considering data-protection legislation. He said that if his firm is forced to shut down, other financial companies will think twice about disclosing such attacks.

    A curious response - as the company offers little or nothing positive to the damage that it has potentially done to 240,000 credit card holders, I'm not sure what there is to say! (What was the average cost of identity theft to the victim, again?(

    There's little help from the credit card companies:

    Credit card companies say they are trying to stave off unneeded panic. And costs are an issue as well; if a new card costs $30 to create, 40 million cancelled cards would cost $12 billion to replace.

    "Obviously." Seriously, this company must die. Like Arthur Andersen, the message has to be sent. Regulation didn't work. The Regulator didn't do anything. Contracts didn't work. Audits do not work, whether it was by Cable & Wireless or Mickey Mouse. Pontifications by a myriad of security experts didn't work.

    Nothing worked - and it's time to form a hanging party and go get us some bandits. (If it's any consolation, when the users get to a-lynching in civil courts, CardSystems will appreciate the humane way out.) The Chistian Science Monitor goes on to report that considered thought and intelligence seen in Washington DC:

    But state lawmakers were skeptical. "It seems there's a very paternalistic theme to those comments, which is 'We know what's best for consumers,'" said Massachusetts state Rep William M. Straus.

    He said the issue should be turned over to the victims of ID theft: "Would they trade a 10 percent discount from Sears for everything they've been through?"

    Now there's a thought! In closing, looks like ePoints made a big splash in the New Scientist:

    The ePoints system set up by Agnes Koltay and Daniel Nagy is different. It allows anonymous person-to-person transactions over the web, and though the software itself costs money, Nagy says every subsequent transaction will be free. Charles Cohen, founder of failed e-currency Beenz, supports this thinking. People will only adopt new payment systems if they are free, he says.

    To use ePoints, a person requests an ePoint "note" - in reality an encrypted code that represents some amount of ePoints - from an ePoints issuer. The issuer is the person or body that administers the system and ensures that ePoints aren't duplicated. The issuer cryptographically signs each ePoint note in exchange for some money of equivalent value in another currency, say pounds or dollars, or for some work done, or as payment for some other service.

    When someone spends ePoints, the person receiving them in payment contacts the issuer to verify they are not counterfeit. The cryptographic algorithms ensure the issuer cannot tell where the ePoint originated, nor the chain of hands it has passed through, only that he has been asked to confirm an ePoint is authentic.

    But anonymity alone is not going to make people use it. If ePoints is going to catch on, it will have to find a niche that makes it attractive to a large pool of users. That's where ePoints' cheap and borderless nature comes in. ePoints can be seen as an international electronic currency and this, Nagy and Koltay believe, along with security and anonymity, will provide the niche it needs.

    ePoints may also be attractive to companies that want an electronic method for handling payments of a few pennies. Credit card companies charge a minimum fee for each transaction they process, and for transactions of less than a few dollars this can represent a large slice of the total. In return, credit card companies provide a high level of security. But as Nagy points out, this is overkill when only small sums are changing hands. A penny transaction should not need a lot of security, Nagy says. A thief will gladly invest five pennies of effort to steal a credit card, but no smart thief will spend five pennies to steal a one-penny ePoint.

    Nagy and Koltay are not the only ones aiming at the micropayments niche. In spite of the rocky beginning of digital cash in the 1990s, several alternative micropayment systems have sprung up, including Peppercoin, PayCash and Open Money.

    And recently a big name has shown interest. Nagy says a test version of the entire ePoints software system was recently downloaded by engineers at Google. News reports suggest the company will soon launch a competing service to PayPal. As with a cash transaction, only the two parties to the transfer need know each other's true identity.

    The rest of the article is well worth reading as well.

    Posted by iang at 04:18 PM | Comments (2) | TrackBack

    July 21, 2005

    London to issue own money

    Ian Brown let me know that London's Oyster program is looking to expand from a mass transit ticketing application to a fully blown small payments system. This follows in the footsteps of the Hong Kong Octopus program, and has been predicted by FCers for years.

    Transport for London (TfL) announced the shortlist of potential partners for the development of e-money today:
    alphyra
    Barclays
    BBVA/Accenture/MTR/Octopus
    EDS/JPMorgan
    Nucleus/Dexit/Ericsson/Hutchison 3G/Euroconex
    PayPal
    RBS

    ....

    This marks an important step forward for TfL's aspiration to extend the use of its successful ticketing and payment smart card, Oyster, to low value payments for goods and services at newsagents, parking machines, fast food restaurants, supermarkets and other locations where the importance of transaction speed and the inconvenience of cash are recognised.

    Jay Walder, Managing Director of Finance and Planning at Transport for London said: "The use of contactless smart cards for low value payments is growing in popularity around the globe."

    "Such schemes are now well established in Hong Kong and Japan and significant trials are taking place in the United States."

    If anyone wants to predict who gets to do the job, recall the Frank Trotter observation that the prime candidates for digital money issues are telcos, couriers and mass transits. Frank now runs an Internet bank, and pointedly does not issue digital money.

    Posted by iang at 09:19 AM | Comments (1) | TrackBack

    July 15, 2005

    Cash - so hard to trace, so hard to untrace

    The blinded signature patent of Prof. David Chaum, father of financial cryptography, expires:

    U.S. Patent 4,759,063 ("Blind Signature Systems") to David Chaum is the core invention enabling privacy-protecting electronic payment systems and credentials. It was a truly ingenious, ground-breaking contribution. Unfortunately the existence of the corresponding patent, which was notoriously difficult to license, prevented this great invention from receiving the wide use that it so very much deserved. For a copy of the patent, see [here].

    Unlike copyrights these days, patents do expire. The blind signature patent will expire on July 19, 2005, next Tuesday. Since weekends tend to fit better with the schedules of potential party goers than weekdays, we are holding the party this Saturday instead.

    If you understand what that's all about, you are invited to the party, writes Lucky Green. Beer is on him, and if you can deliver some working code, he'll buy your meal! WebFunds has some Chaumian code somewhere which Edwin wrote one fine summer, but collecting on the meal also involves a flight :-)

    Meanwhile, tracing cash is back in fashion:

    Officials at the Idaho National Laboratory say one of the devices "sniffs" the air for the chemical odor of paper currency, while another utilizes electron beams to look for metals in the green ink used to print money. Scientists are also in the process of developing a device that would store the individual serial numbers of all bills.

    And as a sneak preview, I've seen a draft of how a particular group of users want to use token money but they want it explicitly traceable instead. I.e., blinded tokens with the blinding turned off. Hopefully the authors will have their draft ready for #3 of FC++ but perversely they are untraceable at the moment.

    Whenever discussion of these things takes off, google can't be far out of the gossip. Mostly, we've not covered the speculation one what they are going to do, but Max Levchin, founder of Paypal, was recently caught speculating. This is interesting because Paypal perfected the art of hype and blather fairly early on and their pronouncements were not of any great use, but Max on a potential new and serious competitor gave him a chance to say something.

    [Max] The fundamental business model of PayPal is "seller pays for the right to acccept payments in a risk-free (or at least risk-reduced) transaction", and the fundamental game is can you charge the seller low enough rates to keep things interesting for her, while losing little enough money on the risk management part to keep things interesting for yourself!

    Which is why the core PayPal "skill" is risk management.

    [ElReg] And this is quite a different skillset. Is it one that's a core Google competency right now?

    [Max] No, it's not, and Google needs to recruit. I think their key recruiting challenge will be risk management people. which is trickier than one might think. Risk management people come from old-school places like retail banks, and they favor conservative-first approaches, which almost always ends up being expressed as risk policies that favor old, established customers, and turn away transactions from new, riskier customers. Even people from sub-prime card issuers and lenders frequently have that attitude, which can be deadly for your growth.

    The advantage that PayPal has...

    For which advantage you should read the rest of the Register's article. It's worth reading by any budding payment systems entrepreneur (including for a rather odd comment by the Register on 'rights holding'.) Oh, and we commented on what Google's challenge would be and it's quite close to Max's view.

    Posted by iang at 07:21 AM | Comments (2) | TrackBack

    June 22, 2005

    Google payment system confirmed - let the trimming of tall poppies begin

    Google confirms they are doing a payment system. It may be like Paypal's but I wouldn't bet on it. Google claims it will be unlike. Either way a new sport is about to erupt in the payments systems world - sniping at Google's payments system.

    Let's just be clear about this - it already has a name, it's called chopping down the tall poppies. This is a game of envy and spite. It comes because a successful player uses its money and muscle to take on a new field in which others have failed, when all the smart people knew how to get in there but couldn't muster that money and muscle (in this case, I'm referring to cognitive muscle as well as user base muscle).

    It's going to happen so get used to it, guys. I'll go first: I'll bet you didn't think of this:

    I was opening up my almost brand new Dell 600m laptop, to replace a broken PCMCIA slot riser on the motherboard. As soon as I got the keyboard off, I noticed a small cable running from the keyboard connection underneath a piece of metal protecting the motherboard.

    I figured "No Big Deal", and continued with the dissasembly. But when I got the metal panels off, I saw a small white heatshink-wrapped package. Being ever-curious, I sliced the heatshrink open. I found a little circuit board inside.

    Being an EE by trade, this piqued my curiosity considerably. On one side of the board, one Atmel AT45D041A four megabit Flash memory chip.

    On the other side, one Microchip Technology PIC16F876 Programmable Interrupt Controller, along with a little Fairchild Semiconductor CD4066BCM quad bilateral switch.

    Looking further, I saw that the other end of the cable was connected to the integrated ethernet board.

    What could this mean? I called Dell tech support about it, and they said, and I quote, "The intregrated service tag identifier is there for assisting customers in the event of lost or misplaced personal information." He then hung up.

    A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a Keyghost hardware keylogger.

    The reasons Dell would put this in thier laptops can only be left up to your imagination. It would be very impractical to hand-anylze the logs, and very CPU-intensive to do so on a computer for every person that purchased a dell laptop. Why are these keyloggers here? I recently almost found out.

    I called the police, as having a keylogger unknown to me in my laptop is a serious offense. They told me to call the Department of Homeland Security. At this point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It was surreal.

    So I called them, and they told me to submit a Freedom of Information Act request. This is what I got back:

    Google are entering into the payments system world at a dangerous time. This could be a unique time in the history of payments systems, simply because all those theoretical threat models that we have all trained with, sweated over and loved for a decade or more, now, are coming true. There's one you'll have to deal with, and you won't have the luxury of saying "oh, that's not our problem" this time.

    This change has occurred in these pages mostly under the cover of a runctous attack on the idle ostriches of the browser world. Phishing is just the headline, but the real story is that there is now an industrial scale threat to payment systems. Some very few engineers know how to deal with these threats on a real basis - primarily those grounded in European banking experience - but for the most part a lot of the payments systems are learning the hard way right now.

    For google, the lessons will be different. There will be no breathing space, no easy ramp up to the critical mass. It is I predict highly likely that from day one, attention will bear down on them from the phishing attackers. I suspect google will weather the security storm, but that's only a guess. The problem here is that there is a difference between facing statistical or safety threats and the aggressive crook. Security goods are different because they have an unruly third party in the transaction.

    It will also shoot all the profitability figures to outhouse. Because the attacks will take up a larger support component per transaction than expected then there will be only a loss-leader rationale for the payments system for many a year. I would still do it, but I'm a strategic kinda guy, still if google are in this for anything but the long term, save yourselves the trouble and exit stage left now. Or cull your team of short term thinkers.

    (There is a perfect face-saving way out, but it'll cost the price of a Dell *equivalent* laptop ;-) )

    (Expect Dell laptops to drop like a stone if this pans out...)

    (Expect all hell to break loose if this is true...)

    (Are we living in interesting times again?)

    (But even if not true, it's the perfect description of a "today" threat model!)

    (Looks like we have confirmation ... see comments below!)

    Posted by iang at 09:21 AM | Comments (9) | TrackBack

    June 20, 2005

    US Banks lobby to enter Real Estate - Hubris or an Invitation to end the Franchise?

    In a stunning display of hubris, the American Banking Association is lobbying to let banks enter into the real estate business.

    Quick refresher: banking is the business of borrowing and lending money to and from the public. Unlike almost all other goods, loans can go south due to circumstances beyond the control of the parties, to whit the economy. For this reason banks are regulated in a special way, because, so the theory goes, if they are not regulated they will be tempted to ignore the future dangers of an unbalanced balance sheet in pursuit of short term profits. In banking there are always short term profits there for the taking...

    Banks therefore are granted a franchise. In economic terms, a subsidy. Banks are protected from competitors so as to make the regulation easier. This also makes it easier to make profits, as there are no nasty little upstarts coming to cherry pick and make trouble. But such a subsidy comes with limits - banks are supposed to only be in the business of banking.

    Which then turns on the definition of banking. As I suggested, banking is the borrowing of demand deposits and lending them out as loans to the public. If it is not the public, then it is a building society, S&L, credit association or the like - the members only borrow and lend to themselves, so that's not banking, nor is it so deserving of special treatment. If they are not taking deposits or not making loans, then they are not entering the special risk scenario where the term nature of the deposit does not match the term nature of the loan. That is, the bank borrows funds on demand terms and loans them out on long terms. Clearly a mismatch there, and that's part of the rationale for the regulation and subsidy.

    The problem with this is that banks then grow big and powerful within their communities and also come to know a little about lots of things. They have dramatic power over their community in that they have access to the balance sheets of their borrowers. Where does this lead? Of course it leads to cherry picking.

    Banks know that real estate can be profitable. They figure that with their local knowledge they could swipe those lucrative percentage fees - generally from 5 to 10% of the house sale price around the world. A very rich, luscious juicy cherry, that.

    Problem is, it flies in the face of the subsidy. And in order to get around that, enter 'definition of banking, number two!' In many countries, the practical, de facto and sometimes legal definition of banking is not as I described it above, but it is this: Banking is what banks do. And, banks are those that do banking.

    Whoops! A circular definition, which means there is no definition. And this is what is happening in the US banking structure at the moment:

    "Duke said that the Realtor's insistence that Congress block banks from entering the real estate market would reverse the progress made by the 1999 Gramm- Leach-Bliley Act. The act adopted a process where the Federal Reserve and Treasury Department would determine which activities are financial in nature and therefore allowable for banks to pursue."

    In a sentence, the Fed and the Treasury determine banking as "activities [that] are financial in nature!" Which of course is everything, pretty much, as anything with a price sticker is financial at some level.

    As an invitation to drop the banking subsidy and give all businesses the right to enter into banking, it doesn't get much clearer than that. If the subsidy is to have any meaning, it must be tightly curtailed. If not, then it should be dopped as a matter of public policy. You simply don't let one group do A & B, but another group only do B.

    It may seem even odder, but this is indeed the way things are going in the US. Several institutions can enter parts of banking already:

    "Duke said that combining real estate brokerage and banking services is not a new concept in the marketplace, citing that real estate firms, insurance companies, and securities firms already have the authority to do so. She added that state-chartered banks in more than half the states also can offer real estate services."

    And the theory of banking - especially that of Free Banking - decidedly supports the notion that there is no economic rationale for the subsidy, only the combined weight of historical mistakes.

    Maybe, then, this is what we are seeing: the long term dismantling of US banking as a franchise.

    Posted by iang at 09:17 AM | Comments (4) | TrackBack

    June 18, 2005

    USA credit system is totally compromised, security-wise

    I wondered when we'd see this. Tao points to news that 40 million card data units have been breached:

    MasterCard International reported today that it is notifying its member financial institutions of a breach of payment card data, which potentially exposed more than 40 million cards of all brands to fraud, of which approximately 13.9 million are MasterCard-branded cards.

    MasterCard International's team of security experts identified that the breach occurred at Tuscon-based CardSystems Solutions, Inc., a third-party processor of payment card data."

    This AP story mentions "the security breach involves a computer virus that captured customer data for the purpose of fraud" and MasterCard "did not know how a virus-like computer script that captured customer data got into CardSystems' network, which MasterCard said was infiltrated by an unauthorized individual."

    At this point, Americans may as well get used to the fact that their entire data set is probably in the hands of criminals. (Up until this one broke, the running totals showed about 5 million.)

    In my humble opinion, the credit system of the United States of America is totally compromised, security wise. Given the size of the infrastructure, the complexity, the amount of money being made, the existing mess of laws, and the hidden assumptions, it will take decades to clean it up.

    No amount of government intervention is going to make you safer, and will probably make things more dangerous for you. Companies have no interest in your security, only in your continuing payments. Get used to it. About all I can suggest is that each and every American learn how the credit system works; take your own steps to secure your identity - there are some cunning tricks. You are on your own, for the foreseeable future.

    Also see Emergent Chaos for likely more pervasive coverage. Slashdot has a rash of jokes:

    there are some numbers hackers can't steal

    for everything else there's MasterCard

    (Accepted all over, even if it's not yours.)

    And then there's:

    Interest rate: 20%

    Annual Fee: $40

    Randomly being declined because the machine is on the fritz: $1-$1000 purchase down the drain.

    Being the target of fraud through no fault of your own: Priceless.

    Posted by iang at 08:55 AM | Comments (9) | TrackBack

    Google to do a payments system?

    Bob Hettinga points to two articles that report that Google is about to release a payment system modelled on PayPal. This makes sense. They have the user base, they have the Finance Application, and what's more they have a scientific basis that has consistently allowed them to avoid nonsense and hype, almost unique in the field.

    I suspect they will give Paypal a run for their money. Paypal was always shaky, always an easy target for a good competitor. The fact that only dumb competitors tried to take them on should not be taken to mean that Paypal are a stable well run company with many feet on the ground.

    Where Google will fall short is in the higher layers. Particularly, their regulatory and relationships side is likely to be their archilles heel, that being a reflection of the company as full of geeks that think there isn't a problem that can't be solved by a neat algorithm. They will shine in the lower layers and muddle along in governance and accounting.

    I don't think this will shake their eventual success, but it will shake their cosy world views. What is more interesting is what happens when and if Google succeeds. Microsoft will then move in as well and then it will get very interesting. The reason Microsoft aren't in is that they can't afford to antagonise the banks; those with long memories might recall that they made a few choice comments in the mid 90s that caused a few upset lunches. But with Google protecting their flank, there's no force in the argument that the banks don't want competition.


    Also here.


    Google to Offer Payment Service To Compete With eBay's PayPal

    The Wall Street Journal

    June 17, 2005 7:54 p.m. EDT

    By KEVIN J. DELANEY and MYLENE MANGALINDAN
    Staff Reporters of THE WALL STREET JOURNAL
    June 17, 2005 7:54 p.m.

    Google Inc. this year plans to offer an electronic-payment service that could help the Internet-search company diversify its revenue and may heighten competition with eBay Inc.'s PayPal unit, according to people familiar with the matter.

    Exact details of the search company's planned service are not known. But the knowledgeable people say it could have similarities with PayPal, which allows consumers to pay for purchases on Web sites by funding electronic-payment accounts from their credit cards or checking accounts. Some consumers like PayPal for the security it offers, since it allows them to share their banking or credit-card numbers only with PayPal without having to divulge the information to merchants.

    Spokespeople for Google and PayPal declined to comment.

    For Google, Mountain View, Calif., a payment service could represent a significant expansion beyond online advertising, which generated 99% of its $3.2 billion in revenue last year. Online-payment providers typically generate revenue by taking a commission on each transaction.

    Depending on the exact details, Google's move could potentially threaten eBay's successful PayPal service, which generated $233.1 million, or 23% of eBay's revenue in the first quarter. PayPal has been widely adopted by buyers and sellers on eBay's auction marketplace as a way to pay for purchases. Recently, eBay has been trying to expand PayPal's presence as a payment system for other Web sites. In the first quarter, 71% of PayPal's revenue came from eBay auctions, the company says.

    "It could be a pretty big negative for eBay if it happens," says Safa Rashtchy, Internet analyst at Piper Jaffray. Mr. Rashtchy said he believes Google is also working on a classified-listing service, which also would compete with eBay, San Jose, Calif.

    The moves would highlight the growing rivalry between the two Internet companies, even while eBay itself is a big buyer of Google's online ads. For example, many eBay sellers now also sell through their own Web sites, to which they attract shoppers by buying search-related ads on Google.

    Google has offered a hint that it might set up an online-payment service. Its Web site says the company will eventually allow consumers to pay to view videos online. But Google to date has not provided any details of any payment-service plans. Google currently accepts credit-card payments for some services, including advertisements and customized research.

    Rumors about a new Google payment service escalated following a panel discussion at a Piper Jaffray Internet conference on Thursday. At the conference, Scot Wingo, chief executive of ChannelAdvisor, a Morrisville, N.C. e-commerce consulting firm, said he believed the payment service would be launched soon. In an interview, Mr. Wingo said he based his statement on questions from retailers with which his company works. Mr. Wingo said the retailers have asked him whether ChannelAdvisor would support the service, which some believe goes by the code name Google Wallet.

    During the discussion, Patrick Byrne, president of online retailer Overstock.com Inc., recalls saying, "Yes, this Google Wallet sounds like it might be great. But is all this public yet?" In an interview, Mr. Byrne says he has not had any "substantive discussions" with Google about a payment service.

    Beyond a possible additional revenue stream, an electronic-payment service could give Google more insight into the effectiveness of its core advertising service. Google might be able to better track whether users who click on search-related advertisements make purchases from the advertiser.


    Google plans pay service to rival PayPal

    WSJ Fri Jun 17, 2005 08:42 PM ET

    NEW YORK, June 17 (Reuters) - Google Inc. (GOOG.O: Quote, Profile, Research) this year plans to offer an electronic-payment service that could help the Internet-search company diversify its revenue and may heighten competition with eBay Inc.'s (EBAY.O: Quote, Profile, Research) PayPal unit, the Wall Street Journal reported on Friday.

    Exact details of the search company's planned service are not known, the report said, but quoted people familiar with the matter as saying it could have similarities with PayPal, which allows consumers to pay for purchases on Web sites by funding electronic-payment accounts from their credit cards or checking accounts.

    A Google spokesperson contacted by Reuters declined comment.

    For Google, based in Mountain View, Calif., a payment service could represent a significant expansion beyond online advertising, which generated 99 percent of its $3.2 billion in revenue last year, the Journal said. Online-payment providers typically take a commission on each transaction.

    Depending on the exact details, Google's move could potentially threaten eBay's successful PayPal service, which generated $233.1 million, or 23 percent of eBay's revenue in the first quarter, the newspaper reported.

    Rumors about a new Google payment service escalated following a panel discussion at a Piper Jaffray Internet conference on Thursday, the newspaper said.

    At the conference, Scot Wingo, chief executive of ChannelAdvisor, a Morrisville, N.C. e-commerce consulting firm, said he believed the payment service would be launched soon, according to the newspaper.

    In an interview, Wingo said he based his statement on questions from retailers with which his company works, according to the Journal.

    Wingo said the retailers have asked him whether ChannelAdvisor would support the service, which some believe goes by the code name Google Wallet.

    Posted by iang at 08:01 AM | Comments (1) | TrackBack

    June 06, 2005

    Save Thyself - Russia's WebMoney Payment System (translated)

    by Nikita Sechenko

    Translated from the Russian by Daniel Nagy

    There are two approaches to one's personal safety. The first one is difficult: never leave the iron plugged in, never smoke in bed, do not place the gas stove near the window. The second approach is a lot easier: you don't follow any rules and hope that there will be no fire. Same with WebMoney. There's a difficult way: for example, read "Security Encyclopedia" and follow all the rules in there. This, of course, requires time and effort, which is unacceptable for many. The other method -- not reading anything, ignoring all the warnings in the Keeper (WM's wallet application), indiscriminately opening all your email, launching all sorts of suspicious programs, not using antivirus software and firewalls. This article is dedicated to those who have chosen this easy way. Since there is a substantial risk that the money from your pruses will be stolen, it's useful to know how to get them back. That's what we'll talk about below.

    So, the bad guys have "planted" a virus on your computer (you like opening email attachments, don't you?), found the *.kwm key-files on your harddrive (you don't keep them on removable media, do you?), caught the passphrase as you typed it, and sent all of that to their mailbox (your *.kwm files weighed a mere 50K, didn't they?). Then he connects to your WMID using his computer (you have, of course, turned pre-activation by email and IP blocking off) and stole all the title certificates in there. What can you do?

    First, don't panic. You should know that the staff of WebMoney, in particular the arbitration service and tech support, are responsive to pleas of help in case of stolen keys and assets from purses. Be assured, they will do everything they can. Secondly, the solution of the problem should not be postponed. You should act as fast as possible. Every minute counts. Your main task is to get ahead of the bad guys. Taking into account their head start, it will be difficult, but still possible. Finally, the third rule is not giving up. From my experience as an arbiter, I can tell that returning your assets is often possible even in situations that look hopeless at first.
    And now for the concrete measures. Your actions will depend on several factors. First and foremost whether or not you have lost access to your identifier.

    If you do have access to your WMID and you can check your transaction history and find out the WMID of the offender, the most effective way of proceeding is filing a complaint under "unauthorized payment" against that WMID at the website of the arbitration service (http://arbitrage.webmoney.ru). At this point you will need to pay the arbitration fee immediately, as doing so automatically block payments from the WMID with a certification level lower than "initial" (note of the translator: basically, it means blocking anonymous accounts). This way, the assets on the defendant's account will stay there until the arbitration comission rules on the case. WMIDs with an initial level certificate or a registrator level certificate can be blocked only with a sanction of the arbitration comission, but holders of such certificates are not in the theft business, as a rule.

    In order to file an "unauthorized payment" complaint, a pseudonym certificate suffices (note of the translator: these are given to whoever asks without any verification). The arbitration fee is 10% of the contested payment. First, it can make sense to file a minimal complaint, as low as 1 WMZ and pay a 0.1 WMZ fee. Filing the complaint will take only a few minutes.

    However, as the funds could have been transfered a number of times in order to confuse the investigation, after filing the complaint, you can immediately contact the arbitration service's administrator (WMID 937717494180, arbitrage@webmoney.ru) and ask him to trace the chain of payments, should one exist. The administrator (after careful consideration), may block all the accounts along the chain and will send you a report on how much money has been "caught" where. You will need this information for further arbitration proceedings. Keep in mind, however, that arbitration is a service for resolving conflicts, not a 911 service. They work from monday to friday between 10am and 6pm.

    If the offender has left, for some reason, funds on your WMID or you have other WMIDs for the security of which you cannot vouch after the attack, contact the tech support (+7 095 727-43-33, support@wmtransfer.com, WMID 941977853154) and ask them to temporarily block outgoing payments from your accounts as well.

    As we have said, filing a complaint is the best solution in this situation. But what can be done if everything has been stolen up to the last penny, and quickly finding a few WMZ to pay the arbitration fee is not an option? In this case, you should email and telephone tech suport and arbitration asking them to block the WMID of the offender, after which you should, nevertheless, file a complaint initiating arbitration proceedings as quickly as you can. Keep in mind that tech support can only block WMIDs, but they have no means of tracing the payment chain along which your money has been siphoned off. The arbitration sercive, on the other hand, can block accounts, trace payments and check balances.

    But, as you understand, thieves typically do not transfer funds to their purses or if they do, they don't leave them there for a longer period of time in order to buy ebook classics, should they get bored, but try to hide their traces and get rid of evidence as quickly as they can. In order to do so, they exchange stolen WM for assets in other payment systems, typically e-gold. Then exchange them back to WM and repeat a number of times. In this case, the problem becomes significantly more complex. You should contact the administration of the automated exchange through which the exchange has been transacted and find out the fate of your assets (filing a complaint against the exchange makes no sense, see below). Later the administrator of the arbitration service will send a query to the other payment system, but that seldom helps. E-gold, for example, having received a request from WebMoney, blocks offending accounts, but gives transaction information out only at the requests of courts and law enforcement.

    In the worst case, the offender uses an "offline" exchange, cashing the stolen assets. In this case, arbitration cannot help: the exchange did their job and had no means of knowing about the origin of the funds. Hence, the accounts of the exchange won't be blocked and they are under no obligation whatsoever to return your funds. This is when you should turn to law enforcement and hope that the exchange has checked and recorded the passport data of their clients as required by the rules of our system.

    If, however, you have lost access to your WMID (the attacker has changed the password or the key file), then you should immediately contact tech support and ask them to block your WMID, just in case there is some money left there. In addition, you should contact the administrator of the arbitration service and report the loss of access to your WMID. It is desirable to correspond using the same email address that is indicated in your certificate and in the Keeper's personal data section. In your email, you should give information as comprehensive as possible in order to establish that you are, indeed, the legitimate owner of the WMID in question. Namely, your WMID, the purses' numbers, the last transactions complete with dates and so on. The administrator, in turn, will tell you the current balance of your purses, where funds were transfered and whether they were successfully blocked. The rest of the procedure is analogous to the one described in the previous section.

    That's all. I hope, you will make the right conclusions and choose for yourself that difficult way of protecting yourself from calamities. Remember: lost nerve cells cannot be recovered.

    * * *

    Note from the translator: This is a translation for which I have not received a permission from the author, completed for purely educational purposes. I have done my best to provide an accurate translation, but take no responsibility for its correctness.

    Posted by iang at 02:11 PM | Comments (1) | TrackBack

    June 01, 2005

    Software Licensing and the Know-how to Issue

    Software charging for big ticket sellers is getting more complex again, as dual cores from AMD and Intel start to invade the small end. Oracle, which made billions charging on the muscle power of CPUs, will have to do something, and we've by now all seen IBM's adverts on TV suggesting "on demand" with its concommitant charging suggestion: You demand, we charge.

    I've done a lot of thinking over the years about how to licence big ticket items like issuance software. In practice it is very difficult, as the only revenue model that makes sense for the supplier is for large up front licence fees to recover large up front capital and sunk costs. But for the demander (issuer and user of the software) the only model that makes sense is to pay later, when the revenues start flowing...

    Issuance software has all the hallmarks of an inefficient market and I don't think there has been successful case of issuance licencing yet, as those two "sensible" options do not leave any room for agreement. This may be rational but it's very frustrating. Time and again, we see the situation of people wanting to get into the issuance market who think they can produce the software themselves for a cheaper price. And they always end up spending more and getting a lesser quality product.

    In practice what we (Systemics) have been doing is this: running the software ourselves as "operator", and charging operating costs, with some future licencing or transaction flow revenues. Yet, the deal for future revenues is always based on a promise and a prayer, which is already asymmetrical given that most startups do no more than start up. (And it isn't just me bemoaning here - if you look back through history there are literally hundreds of companies that tried to build value issuance and sell it.)

    Which leads to the freeware model. In the freeware world, big ticket items are given away and money is made on the consulting. This has worked relatively well in some areas, but doesn't work so well in issuance. I'm unclear of the full reason why open source software doesn't work in issuance, but I think it is mostly the complexity, the sort of complexity I wrote about in FC7. It's not that the software can't capture that complexity but that the financial cryptography business often finds itself so squeezed for management complexity that partnering with a strong software supplier are beyond capabilities.

    What will potentially help is p2p issuance. That is, "everyone an issuer." We've always known this model existed even as far back as 1995, but never really considered it seriously because too many questions arose. Little things like how we teach grandma to sign a digital contract. We've now done enough experiments in-house to confirm that the corporate internal issue and the individual issue are workable, sustainable economic models but we have to get other companies and individuals to do that and for the most part they still don't do anything they don't understand.

    I'm guessing the way forward here is to turn client software into issuance software. This brings up a whole host of issues in financial cryptographic architecture. For a start it can never seriously scale simply because people do silly things like turn off their laptops at night.

    But, more and more, the barriers to issuance and financial cryptography in general I believe are spreading the knowledge, not the tools and tech. Every year our tools and tech get better; but every year our real barriers seem the same - how to get users and customers to make their first tentative issue of a currency of value. Oh, and how to make money so as to keep us all alive, which was the starting point on this long rant of liberal licence.

    A couple of footnotes: In a similar thread over at PGP Inc, Will Price reveals how they've managed to get out of the legacy freeware version trap:

    "When the 30 Day Trial version of PGP Desktop Home expires, it reverts to a set of functionality comparable to what used to be known as Freeware, and said functionality remains available indefinitely -- under the same license conditions as Freeware used to be under."

    Nice one. That works for client software, not for server software.

    Here's a further article on how the big companies are also working out how big ticket software isn't the way to go:

    Posted by iang at 09:48 AM | Comments (0) | TrackBack

    April 08, 2005

    Forbes - The Wages of Sin

    An article from Forbes' Lea Goldman on who is filling the gap from Paypal's avoidance of 'tainted' transactions.

    Other piglets are feasting at the trough abandoned by PayPal. GKBill.com of Antigua services at least 11,000 porn sites. Moneybookers of London has already signed up 800,000 customers, including a fair number of online porn outfits. "It's been a huge opportunity for us," says David Roe, Moneybookers' chief operating officer.

    The Wages of Sin
    Lea Goldman, 04.25.05

    PayPal won't touch online gambling, porn and other vices. That's just fine with Neteller.

    No buxom cocktail gals distract the 40,000 or so gamblers on PokerStars.com at any given time, where high rollers plunk down an average of $100 to $200 per transaction. So popular is the site that it doubles its player pool every six months. Some of that business slides right into the pocket of a company called Neteller Plc., the largest handler of financial transactions on the site.

    PayPal, the Ebay-owned e-payment financier, used to control that rake--until it swore off the business in 2002, citing legal risks. A year later PayPal paid $10 million to settle Justice Department allegations that it violated provisions of the Patriot Act barring the transmission of funds known to have been derived from a crime. (Federal law effectively bans online gambling sites from operating in the U.S., but it doesn't prevent American gamblers from using them.) With $18.9 billion in online transactions last year, PayPal has also disavowed the sale of material for "mature audiences," which it says poses a high risk of chargebacks, where a customer refutes a charge. Says a spokeswoman, "We decided to focus on more traditional businesses."

    And punish the sinners. Last summer PayPal announced that merchant violators of its "acceptable use policy" risked a $500 fine. The company threatened to freeze out little guys like Perry Brass of Bronx, N.Y., who used his own site to sell his erotic fiction, and Rod Shelley of Independence, Mo., who peddled old issues of Playboy.

    Crumbs for PayPal, perhaps, but Black Forest cake to an outfit like Neteller, headquartered on the Isle of Man. It claims to handle transactions for roughly 90% of all online gaming sites and compensates for chargebacks by getting as much as 8.9% per transaction versus PayPal's 2.9%. To date the company boasts 1.5 million customers (versus PayPal's 64 million accounts) and enrolls 3,000 new members every day. Last year it netted $33 million on $82.6 million in sales. In the last year its shares, traded on the AIM London Stock Exchange, have tripled to the equivalent of $11.56.

    Other piglets are feasting at the trough abandoned by PayPal. GKBill.com of Antigua services at least 11,000 porn sites. Moneybookers of London has already signed up 800,000 customers, including a fair number of online porn outfits. "It's been a huge opportunity for us," says David Roe, Moneybookers' chief operating officer.

    Online gambling, now $9.8 billion a year, will grow an average 13% annually through 2010, estimates industry tracker Christiansen Capital Advisors. Neteller is eyeing more conventional businesses, too. Last month the company paid $12.5 million for Quick Access International, a debit-card processor in Macau that handles $50 million of transactions a year in Asia, most non-gambling-related. Taking the moral high ground may yet prove costly to PayPal.

    Posted by iang at 11:34 AM | Comments (2) | TrackBack

    March 15, 2005

    More Pennies

    Stefan posted a bunch of materials on a phone based ecash system.

    On Identity theft, America's cartoonists are striking back. Click here and then send me your credit card number....

    On the HCI thread of how users view web security, Chris points out that "Simson Garfinkel's dissertation is worth looking at in this context." This relates to the earlier two papers on what users think on web security.

    Scott reports ``Visa International has published a white paper titled "Financial Flows and Supply Chain Efficiency" (sorry, in PDF) authored by Professor Warren H. Hausman of Stanford University.'' It's interesting if somewhat self-serving, and feeds into the whole message is the payment thread.

    Stefan via Adam pointed me to a new blog on risks called Not Bad For a Cubicle. I shall pretend to know what that means, especially as the blogger in question claims knowledge of FC ... but meanwhile, the author takes task with persistent but poor usage of the word security, where 'risks' should be preferred. This makes a lot of sense. Maybe I should change all uses of the word over?

    Because it's more secure becomes ... because it's less risky! Nice. But, wait! That would mean I'd have to change the name of my new paper over to Pareto-risk-free ... Hmm, let's think about this some more.

    Posted by iang at 02:06 AM | Comments (0) | TrackBack

    March 10, 2005

    For download: Draft manuscript on Electronic Money and Privacy

    Stefan writes:

    "Back in 1996–1998, I worked in my spare time on a book titled Electronic Money and Privacy. Due to career priorities from 1999 onward, I never got around to finishing the book alas. Since I will not have any time in the foreseeable future to get back to working on the book, I am hereby making the first four draft chapters freely available."

    My own story is similar. Back in 97 or so I started a book with a working title of FC. In 98 I rewrote it along the lines of the then evolving 7 layer model of financial cryptography. Unfortunately I did not get the time to wrap the book up, and it remains somewhat incomplete.

    Perhaps I should put it on the net. I recently put all my draft papers up on the net, as some are a year or more old and aren't getting closer! Comments? Maybe there is too much stuff on the net already ...

    Posted by iang at 07:58 AM | Comments (0) | TrackBack

    March 09, 2005

    PayPal plus eBay - it's FC, not banking

    FCers will recognise the confusion in this article by Kevin Kelleher about how to analyse eBay + Paypal:

    "Here's a little-known fact about eBay (EBAY:Nasdaq) : It's not one of the most successful e-commerce companies in the world.

    It's actually two of the most successful e-commerce companies in the world -- eBay, the global network of auction and retail sites, and PayPal, its online-payment technology subsidiary that fuels the bulk of eBay transactions. Of the two, PayPal may emerge as the bigger phenomenon in the long run."

    FCers see further than trying to model a payment system as a bank; it is a financial cryptography system that happens to have branded its Value structure. The Finance component is the auction, and the fact that the two companies grew up apart and together is simple reflection of the FC observation that you need both the finance and the value.

    Posted by iang at 11:42 AM | Comments (3) | TrackBack

    March 06, 2005

    Airlines Aim for Expense Reduction in Payments (FC != banking)

    Jim points at this article by Ivan Schneider on the attempts of airlines to reduce payment cost.

    Airlines Aim for Expense Reduction in Payments
    ...

    After labor and fuel, the passenger airline industry's largest expenses involve distribution costs. These are comprised of travel agency commissions, fees to global distribution systems such as Sabre and finally, the merchant discount rate paid to their banks.

    Already, the airlines have effectively slashed their distribution costs through hard negotiations with travel agencies and the global distribution systems, yielding a 26 percent decrease in average annual distribution costs from 1999 to 2002, according to Edgar, Dunn & Company (EDC, Atlanta), a financial-services and payments consultancy.

    Now, the airlines are targeting the estimated $1.5 billion it spends on accepting credit cards from its customers. "The airlines definitely have payments on their radar screens," says Pascal Burg, a San Francisco-based director at EDC. Airlines Aim for Expense Reduction in Payments
    ...

    After labor and fuel, the passenger airline industry's largest expenses involve distribution costs. These are comprised of travel agency commissions, fees to global distribution systems such as Sabre and finally, the merchant discount rate paid to their banks.

    Already, the airlines have effectively slashed their distribution costs through hard negotiations with travel agencies and the global distribution systems, yielding a 26 percent decrease in average annual distribution costs from 1999 to 2002, according to Edgar, Dunn & Company (EDC, Atlanta), a financial-services and payments consultancy.

    Now, the airlines are targeting the estimated $1.5 billion it spends on accepting credit cards from its customers. "The airlines definitely have payments on their radar screens," says Pascal Burg, a San Francisco-based director at EDC. "They used to look at accepting cards and paying merchant fees as the cost of doing business, and now they're trying to proactively manage the cost associated with doing payments."

    The first approach is for an airline to have a friendly chat with its affinity card co-brand partner. But that's often a difficult conversation to have, both for the bank and for the airline. "Traditionally, the co-brand relationships have been managed in the marketing department, while the acquiring merchant side has been handled through the corporate treasury," says Thad Peterson, also a director at EDC.

    ...

    http://www.banktech.com/news/showArticle.jhtml?articleID=60401062"They used to look at accepting cards and paying merchant fees as the cost of doing business, and now they're trying to proactively manage the cost associated with doing payments."

    The first approach is for an airline to have a friendly chat with its affinity card co-brand partner. But that's often a difficult conversation to have, both for the bank and for the airline. "Traditionally, the co-brand relationships have been managed in the marketing department, while the acquiring merchant side has been handled through the corporate treasury," says Thad Peterson, also a director at EDC.

    ...

    http://www.banktech.com/news/showArticle.jhtml?articleID=60401062

    Posted by iang at 09:06 AM | Comments (6) | TrackBack

    February 28, 2005

    Money Matters and the Modern Webcomic

    Jim points at a good story surveying the slow arisal of payment mechanisms and revenue models - Subscriptions! Donations! - the market for online comics. It's in places like these that the business models are set for main street.

    Posted by iang at 11:54 AM | Comments (0) | TrackBack

    February 20, 2005

    Vero - using ATMs to automate cheque cashing

    An article on Vero tells the story of a new service to the 'unbanked' for feeding their cheques (checks) into an ATM to get them cashed on the spot, based on a one-time sign up process.

    "The check is inserted into the machine, scanned electronically for signs of fraud, and either cashed or rejected, all in about the time it takes for a regular ATM transaction. According to Grano, the Vero system completes the transaction for between $1 and $1.50, much less than the up to 3 percent of a check's face value charged by check cashing companies or the $5 to $7 charged by some banks."

    It's certainly a service that's needed, but can it be made to work?

    Posted by iang at 10:40 AM | Comments (0) | TrackBack

    January 28, 2005

    The Coming Collapse of the Dollar

    I expected to be disappointed and frustrated at the new book by Turk & Rubino, but I have to say I was positively surprised. It's good. This is a book that will be read avidly by all American journalists seeking for the answer before today's deadline as to why the dollar bombed so badly. (Links 1)

    It's concise, it's well written, and it's also pretty darn accurate. Of course, it is a little loose in the economics, but given its conciseness that can be expected, and nothing is fatal in its layout of the basic story. Lots of nice graphics, and neat sections at the back telling you what to do about it.

    The central message is this: Americans borrowed too much, exported too many dollars and too few goods. Hey, it was good while it lasted, but now the combined effect of the rise of the Euro (only 5 years old and already as big as the dollar!) and the ribald profligacy of the Bush Administration have given the world an alternate as well as a reason. By my guess, there has been an adjustment of about 10% in dollar reserves worldwide, with another 10% to come. Doesn't sound like much? Consider that about 60% of those dollars were overseas, 10% already went looking for a new home and another 10% to come.

    The bad news is that you (yanks) don't own your own currency. The worse news is you're about it own more of it! Oh, and add to that the pent up pressures of decades of central bank manipulation of the gold unit, the sell-of of reserves, mucked up leasing programs and no doubt other scandals, and gold might just burst its sensible barriers.

    How low will the dollar go? It's tough to say. It's currently out of balance, and another 20-30% seems reasonable. I however do not believe "it's all over" for the dollar. The reason is simple; no matter how badly the people have borrowed their future away, there are still 250 million of them sitting on top drawer capital assets and possessing a capability to work. Yes it will readjust, but no, it isn't all over, unless they close the borders like they did in the 1930s. If they start shipping the Mexicans back, then watch out, America (do the maths, there are more Mexican workers than there are unemployed "americans").

    Anyways, I digress slightly. If you are an American, and if you're looking for a view of what's happening without having to spend your days being depressed by what passes for American media, pick up _The Coming Collapse of the Dollar_. It's only $27 at the local book store, and the clear and concise message will give you valuable pause for thought. Even if you don't quite subscribe to the message, consider it a valuable thought exercise in where America is going next.

    Posted by iang at 10:57 PM | Comments (8) | TrackBack

    January 27, 2005

    Unintended Consequences and the Case of the $100 Superbill

    Axel points to a rather good article on Unintended Consequences with lots of good examples for the security thinker. If there is one cause that one had to put ones finger on, it is this: the attacker is smart, and can be expected to think about how to attack your system. Once you think like an attacker, you have a chance. If not, forget it.

    Notwithstanding that minor ommission, here's the rather nice FC example, that of the mysterious $100 superbills.

    Back in the 1970s, long before the revolution that would eventually topple him from power, the Shah of Iran was one of America's best friends (he was a dictator who brutally repressed his people, but he was anti-communist, and that made him OK in our book). Wanting to help out a good friend, the United States government agreed to sell Iran the very same intaglio presses used to print American currency so that the Shah could print his own high quality money for his country. Soon enough, the Shah was the proud owner of some of the best money printing machines in the world, and beautiful Iranian Rials proceeded to flow off the presses.
    All things must come to an end, and the Shah was forced to flee Iran in 1979 when the Ayatollah Khomeini's rebellion brought theocratic rule to Iran. Everyone reading this undoubtedly knows the terrible events that followed: students took American embassy workers hostage for over a year as Iran declared America to be the "Great Satan," while evidence of US complicity in the Shah's oppression of his people became obvious, leading to a break in relations between the two countries that continues to worsen to this day.
    During the early 90s, counterfeit $100 bills began to flood the Mideast, eventually spreading around the world. Known as "superbills" or "superdollars" by the US Treasury due to the astounding quality of the forgeries, these $100 bills became a tremendous headache not only for the US and its economy, but also for people all over the world that depend on the surety of American money. Several culprits have been suggested as responsible for the superbills, including North Korea and Syria, but many observers think the real culprit is the most obvious suspect: an Iranian government deeply hostile to the United States ... and even worse, an Iranian government possessing the very same printing presses used to create American money.
    If you've ever wondered just why American currency was redesigned in the 1990s, now you know. In the 1970s, the US rewarded an ally with a special machine; in the 1990s, the US had to change its money because that ally was no longer an ally, and that special machine was now a weapon used to attack the US's money supply, where it really hurts. As an example of the law of unintended consequences, it's powerful, and it illustrates one of the main results of that law: that those unintended consequences can really bite back when you least expect them.

    Read the rest... Unintended Consequences.

    Posted by iang at 09:11 AM | Comments (2) | TrackBack

    January 02, 2005

    Chip&Pin liability shifts from UK bank to retailer

    This weekend, there was apparently a big shift in liability in the UK retail payments market. From the BBC. Over the last year (2004) something like 600k of the 860k automated tills have been upgraded to use a new chip&pin method of account authorisation. This method is new to the UK at least, the Continentals have been using it for yonks.

    What was interesting was that those who have not yet upgraded have now been lumbered with the liability. This is one of those vexing issues that circulate around soft money transactions; when the transaction gets rolled back, who carries the cost?

    Traditionally, it has been said that the larger party is "more responsible." In more than one sense of the phrase. But, banks have always balked at this, and have always sought ways to shift out of the liability as much as anyone lets them.

    In this case, the deal appears to be that the retailers upgrade to chip&pin, and in return they no longer have to check for signatures and identity on signed transactions. That's worthwhile. But if they choose to not upgrade, then they incur the shift in liability. (Quite how this was done in legal or contract terms is probably not something they want anyone to poke into.)

    So banks are still on the hook for transactions through upgraded terminals, which would amount to most of them, they hope. I guess we would now expect to see a lot of hacker attention in how to copy the cards and steal the pins; given the inherent _two_factor_ security involved here, that will be a lot harder. But not undoable.

    http://news.bbc.co.uk/1/hi/uk/4139211.stm
    http://www.everywoman.co.uk/technology/article.asp?id=1630&switch=true

    Posted by iang at 09:00 AM | Comments (8) | TrackBack

    October 29, 2004

    Nokia to trial integrated phone/RFID payment system

    Reading an article on RFIDs, those wonderful little things that will surely be used for everything, next year (like smart cards), I came across this gem:

    "Nokia (the largest cellphone manufacturer in the world) is about to release a cellphone that incorporates an RFID reader based on the ISO 14443 standard. The combination allows callers to scan posters and stickers that contain an embedded tag and buy the depicted products with the charge appearing automatically on their next phone bill."

    Nokia have experimented with payment systems before, using their cellphones to bill for carwashes and cokes. This makes a lot of sense, as the mobile phone operators have the billing, the communications, and also a secure (to them) token in the hands of the consumer.

    It's also in accord with Frank Trotter's observation that the three sectors best placed to develop new payment systems are telcos, couriers and ISPs. One to watch.

    Posted by iang at 05:41 AM | Comments (1) | TrackBack

    October 26, 2004

    Check 21 - "What's a check?"

    An article from Seattle Post-Intelligencer (??) has a nice view on the changing scene in Bank retail payment systems. These institutional pets have been changing slowly around the world based on marginal improvements and the occasional invention like the ATM. Then, in the early 90s, the Internet surfaced, and a chap called David Chaum said he could do it better on the net. No more sleepy changes within the club, as we saw a rush into half baked solutions like SET, SSL and a string of 3-party closed systems.

    Check 21 (century 21 - get it?) is the US effort modernise american retail payments. A decade late(r), the Economist calls the effort half-hearted. One question confronting the Americans with their new Check 21 initiative is whether the consumer gets his "check" back. Here's how Bill Virgin describes it:

    Check 21, the new federal law on processing paper payments, takes effect Thursday, making this an appropriate moment to ask this generation-defining question:

    Do you get your checks back?

    If you are of a certain age, your response is more likely to be: "You bet I do. Having the checks is how I reconcile my statement and my checkbook every month, and in the event of a dispute, having the original check is crucial in proving that I made a payment and the check cleared."

    Should your birthdays number a few less than those of the previous group, your response would be more along the lines of: "Oh, I used to, but it wasn't worth the bother and expense; I never used them, the information I need is on the statement and if I need a copy I can always order one."

    Still younger, and the response would sound like: "You can get your checks back?"

    And the youngest generational cohort, maybe one that hasn't reached banking age yet, might answer: "What's a check?"

    To the rest of the world, this may need some explanation: American banking accounts deliver the stamped and settled cheques back in the mail, with the statement. It's a fat envelope, sometimes. So every month, you can use the original cheque to reconcile the statement.

    Of course, the rest of world probably did that once, too, but it was before my memory. Which would put it before the 70s I'd guess.

    Getting back to David Chaum and his invention of digital cash, with his system there are no cheques. Only coins, which once settled were of no value. Not only was he replacing the paper, he was replacing the whole settlement concept.

    It doesn't have to be all that drastic. Ricardo uses cheques as a form, as well as coins. In the cheque form, there is a digitally signed instruction to move value. In the coin form, it is a withdrawn token of value, perhaps using a blinding formula, perhaps not. When the settlement is done, the server returns a receipt, which again is signed. Digitally, you can have your cake and eat it too, then.

    Which leaves one question: do you get your cheques back?

    Of course you do. We wouldn't have it any other way, as otherwise you don't know if the Issuer is telling the truth. The cheque, or the coins, are part of the signed receipt, providing an end-to-end confirmation in one packet.

    "Customer who want the checks back want the piece of paper, clearing and routing stamps and all, in hand. If there's a dispute about whether a payment was made, or a check cleared, they've got the paper to prove it. And they don't have to pay a fee to retrieve that piece of paper."
    Posted by iang at 09:25 AM | Comments (0) | TrackBack

    October 22, 2004

    Austria issues 100,000 Euro coin

    In a rather inspired marketing move for gold, the Austrian Mint has issued a EUR 100,000 coin. Its dimensions are 37cm across (nearly 15") and its weight is 31kg (68lb). Street value about half a million USD, so the dollar has a way to fall before it matches the face value.

    And, to cap it off, the Austrians enlisted that quixotic supporter of gold, Robert Mundell, to present the oversized Philharmonic to Wall Street. What can one say, other than .. inspired!

    Austria unveils on Fifth Avenue what bankers call world's biggest gold coin
    By VERENA DOBNIK
    Associated Press Writer

    October 5, 2004, 9:33 PM EDT

    NEW YORK -- It would take an Arnold Schwarzenegger to lift his native Austria's new coin: 68 pounds of 24-carat gold worth about $500,000.

    On Tuesday at a Manhattan art gallery, the Austrian Mint unveiled Big Phil, calling it the world's biggest gold coin _ and a powerful investment tool for today.

    "The world needs a common currency beyond each national one," said Robert Mundell, a Nobel laureate in economics whose ideas lay the groundwork for Europe's common currency, the euro.

    The Columbia University professor joined the chairman of the Austrian Mint in Vienna, Wolfgang Duchatczek, in presenting the coin at a Fifth Avenue gallery, in a room where multimillion-dollar paintings by Gustav Klimt surrounded armed guards in civilian suits.

    White gloves were handed to anyone in the invitation-only crowd who wished to touch or hoist the coin, which is almost 15 inches in diameter.

    Two other such coins were introduced Tuesday in Tokyo and Vienna, and a fourth was to be unveiled Wednesday in Munich.

    Investing in gold acts as a hedge against the roller-coaster global economy.

    "You can buy a car these days with the value of about the same amount of gold as in, say, the 1960s," said Kirsten Petersen, an Austrian Mint spokeswoman. "Gold is truly a storehouse of value."

    Only 15 of the gleaming discs were created this year by the 800-year-old Austrian Mint, each with a face value of 100,000 euros (about $121,000) and bearing a replica of the Vienna Philharmonic Orchestra's famed hall on one side and orchestral instruments on the other. (Hence the nickname Big Phil).

    While a face value of 100,000 euros is etched into the coin, its retail price of about $500,000 reflects the price of an ounce of gold on any given day in London _ $415.40 on Tuesday _ plus a minting premium to cover the manufacturing cost.

    On Tuesday, the Neue Galerie on Fifth Avenue, which houses entrepreneur Ronald Lauder's collection of Austrian art by Klimt and Egon Schiele, was busy with representatives of top Wall Street firms who came to see the financial novelty. Most of the limited-edition coins already have been sold to investors and institutions whose identities remain private, Petersen said.

    A more common purchase is the 1 ounce denomination of the Austrian Philharmonic coins, now selling at $400-plus each. Roughly comparable to the American Gold Eagle and the Canadian Maple Leaf, the smaller Austrian gold coin was released in 1989 as Europe's first 24-carat legal tender bullion.

    Most governments no longer base their treasuries on the so-called gold standard in effect for centuries. However, the United States, Austria and many other countries have kept a gold reserve.

    "Gold doesn't yield dividends like bonds, and it fluctuates a lot," Mundell said. "But the other side of the coin is that gold is a measure of national reserves, more than ever."

    With the U.S. dollar more "shaky" in today's world, the Nobel laureate said, countries like China, Taiwan and Japan are looking to buy more gold.

    Besides, Mundell added, rubbing his fingers across the gleaming gold, "they look so nice."

    On the Net: Austrian Mint: http://www.austrian-mint.com

    Copyright © 2004, The Associated Press
    http://www.newsday.com/news/local/wire/ny-bc-ny--mammothmoney1005oct05,0,4315269.story?coll=ny-ap-regional-wire

    Other articles at:
    http://www.iol.co.za/index.php?set_id=1&click_id=29&art_id=qw1097069941434A236
    http://edition.cnn.com/2004/BUSINESS/10/06/austria.gold.ap/

    Posted by iang at 05:36 AM | Comments (1) | TrackBack

    October 21, 2004

    Neal Stephenson on Money

    Over on slashdot Neal Stephenson was interviewed on a range of slashdotters' questions. His relationship to FC is cemented in his classic novel on digital issuance, Crytonomicon (reviewed), which appeared around the same time as the first example was hitting critical mass.

    7) Money - by querencia

    One of the major themes in Cryptonomicon that carried over (in a big way) to The Baroque Cycle is money. You introduced some "futuristic" views of currency and of where money might be going in Cryptonomicon, and you skillfully managed to do the same thing, while explaining some of the history of modern monetary systems, in the most recent books.

    You've obviously spent a lot of time thinking about money lately. Is there anything going on in the modern world with monetary systems (barter networks, for example) that you find particularly interesting?

    What do you see on the horizon with respect to money?

    Neal:

    Actually, what's interesting about money is that it doesn't seem to change that much at all. It became fantastically sophisticated hundreds of years ago. Back before people knew about germs, evolution, the Table of Elements, and other stuff that we now take for granted, people were engaging in financial manipulations that seem quite modern in their sophistication. So if I had to take a wild guess---and believe me, it is a wild guess---I'd say that money and the way it works is going to be a constant, not a variable.
    Posted by iang at 07:44 AM | Comments (1) | TrackBack

    September 15, 2004

    Paypal fines arbitrageurs

    Paypal, the low-value credit card merchant processor masquerading as a digital currency, moved to bring its merchant base further into line with a new policy: fines for those who sell naughty stuff [1] [2]. Which, of course, is defined as the stuff that American regulators are vulnerable too, reflecting the pressure from competitive institutions duly forwarded to the upstart.

    This time, it includes a new addition: cross-border pharmaceuticals that bust the US-FDA franchise. Paypal is the new bellweather of creative destruction, although strangely, no complaints by the RIAA as yet.

    [1] PayPal to impose fines for breaking bans
    [2] PayPal to Fine Gambling, Porn Sites

    Posted by iang at 06:13 PM | Comments (3) | TrackBack

    August 31, 2004

    Hayek says "Buy Dinar"

    Here's a fascinating article about speculators snarfing up the Dinar unit in Iraq, in the hope that Iraq stabilises and recovers! Of course, Iraq could collapse and burn, in which case so do these speculators' holdings.

    Thus, we have an indicator. If the best guess of what people on the ground in Iraq think is stabilsation, the price of old dinar goes up. If collapse is imminent, watch it crash. This is what prices are for, said F.A. Hayek.

    Dinar Brokers Boom in Iraq Chaos
    By Joanna Glasner

    02:00 AM Aug. 17, 2004 PT

    From the safety of a computer terminal halfway around the world from battle-weary Baghdad, Bill Burbank is betting that political and economic stability will reign in Iraq some day in the not-too-distant future.

    He has a lot riding on that hypothesis. Since October, when Iraq began circulating a new currency to replace its old bills, most of which contained images of Saddam Hussein, Burbank has spent close to $200,000 buying up new Iraqi dinar bills. Through a website based in Alpharetta, Georgia, the day trader and former Navy Seal runs a side business selling the new currency to the public.

    "It's just so cheap at a tenth of a penny (per dinar)," he said. "If it just goes to a penny you make a thousand percent. I think there's not too much downside in owning the currency and just holding."

    While most are betting far more modest sums on the hopes of economic recovery in Iraq, droves of investors are following a similar logic in buying up dinars. In response, a host of websites have cropped up to cash in on demand, most selling the currency at a steep markup.

    Enter the phrase "buy dinar" into a search engine, and the results contain more than a dozen online outlets, most based in the United States, that are willing to sell freshly minted bills. Rates range from about $1,000 to $1,300 for 1 million dinar.

    Brokers' prices don't reflect Iraq Central Bank's published exchange rate, because street prices for dinar are usually substantially lower, according to Burbank. Demand for dinars surged in the run up to the June 30 handover of power from the U.S.-led Coalition Provisional Authority to the Iraqi interim government, said Marshall Donnerbauer, owner of the website Investindinar.com. During that period, he was selling around $20,000 worth of dinar a day. In the weeks following the handover, sales slowed to about $5,000 a day.

    Donnerbauer says his biggest customers are U.S. soldiers and employees of Kellogg Brown & Root, a subsidiary of the contracting firm Halliburton that has a large workforce in Iraq.

    "They are over there seeing the growth and believe that Iraq will be much better in the future," he said.

    Still, no one's calling the dinar a risk-free investment. Given that the Iraqi dinar is not yet traded on major global currency exchanges, there's no guarantee that buyers of the bills will be able to easily sell them.

    "This is an extremely speculative investment -- there's no question about that," said Richard Lyons, a finance professor at the University of California at Berkeley's Haas School of Business.

    History does provide examples of economies and currencies rebounding in the wake of turmoil, such as Kuwait and the Kuwaiti dinar following the 1991 Gulf War and Germany and the Deutschmark following World War II.

    However, Lyons noted, history is also replete with examples of currencies whose value deteriorated sharply in the wake of conflict. One case close to dinar investors' hearts is Iraq itself, which saw its currency's value fall apart following the 1991 Gulf War as international sanctions took effect and Saddam maintained his hold on power.

    According to several online dinar sellers, the typical investors spend $1,000 or $2,000 to acquire Iraqi currency. In most cases, investors say they want a large enough holding to make a tidy profit if the currency soars, but not enough to bankrupt them if the dinar declines.

    "I always advise people: 'Don't invest more than you can afford to lose,'" said Christine Anderson, operations manager for New-Iraqi- Dinar.com , which sells a million Dinars for $1,240.

    In weighing whether buying dinars is a sensible move, Lyons believes investors need to consider political factors more than economic ones. Simply stated, if one believes the current chaos engulfing Iraq will eventually be replaced by a stable, effective government, then the dinar ought to be a good buy. If turmoil continues, even the vast reserves of oil under Iraq's sands probably won't be enough to prop up the dinar.

    Another factor prospective buyers should consider, Lyons said, is whether the Iraqi government is likely to increase the money supply to pay for things it can't otherwise afford. If a vast quantity of new dinars enters the economy, it would devalue the existing stock.

    Burbank, for his part, is exploring the possibility of adding the Iraqi dinar to one of several established, private networks for forex, or foreign currency trading. If people had a single place to both buy and sell dinars, he believes they'd be more comfortable investing in the currency.

    Of course, such an idea has its drawbacks as well, at least for websites that sell dinars. If investors could buy the currency from an established bank or trading exchange, most of the upstart online dinar brokers would likely be out of business.

    ¿ Copyright 2004, Lycos, Inc. All Rights Reserved.
    http://www.wired.com/news/business/0,1367,64565,00.html

    Posted by iang at 05:44 AM | Comments (0) | TrackBack

    August 27, 2004

    Privatising Cash

    Trends in the physical cash world - notes and coins issued by central banks - indicate that the CBs are moving to privatise the distribution and handling of cash float. The Federal Reserve has announced that it will no longer willingly (read: cheaply) take in surplus cash and ship it out on demand.

    This makes a lot of sense, and what's more, it echoes the experiences of the DGC world, where back in 2000, the first independent market makers sprung into life and captured the bulk of the retail trading in digital gold. Leaving the issuers with the much more core job of looking after the tech, governing the issue and only doing occasional big movements of digital and metal.

    I draw your attention to one aspect: if the CBs are getting out of the heavy end of carting cash around, I wonder if they are also posturing to get out of issuance altogether? It's not inconceivable - it's been permitted in NZ for a decade or more (and thus, is a plausible play for Australia as well), and the Federal Reserve has permitted all sorts of crazy experiments to go along. The Bank of England has been mildly supportive of the idea as well.

    Who knows, check back in another decade.



    Cash handling changes on the way

    by Ann All, editor * 13 August 2004

    The Federal Reserve is poised to make some policy changes that will force many financial institutions to change the way they think about money.

    In an effort to reduce its cash handling costs, the Fed has announced its intent to introduce a custodial inventory program which will encourage FIs to hold currency in their vaults rather than shipping it to the Fed.

    In 2006, it also plans to begin imposing fees on depository institutions that deposit currency and order currency from Reserve Banks within the same week, a practice it calls cross shipping.

    Morris Menasche, managing director of the Americas for Transoft International, a provider of cash management software and consulting services, said the proposed changes "will force practically every financial institution to look at its downstream supply of cash and figure out how they can consume more of their cash inventories."

    "The Fed is saying 'enough is enough,'" said Bob Blacketer, director of consulting for Carreker Corporation, another provider of currency management software and consulting services. "It wants to get out of currency handling operations and focus more on policy making and risk management."

    World view

    The Fed's position is far from unique, Blacketer said. Central banks around the world are adopting a more privatized view of cash handling.

    In Australia, the Reserve Bank has virtually exited the role of depository and distributor, leaving commercial banks fully accountable for cash on their balance sheets. As a result, three of the country's leading banks formed a shared utility called Cash Services Australia to provide currency transportation services for FIs.

    In the United Kingdom, the Bank of England adopted a Note Circulation Scheme in which verified and sorted notes are segregated to specified NCS inventories, with banks receiving credit for balances placed in the NCS.

    As a result, most British FIs began outsourcing cash handling operations or formed joint ventures with other FIs. Only one of Britain's largest banks continues to perform cash handling in-house, Blacketer said.

    During 2002, U.S. Reserve Banks processed 34.2 billion notes at a total cost of approximately $342 million, according to the Fed. The number included 19.4 billion $5 through $20 bills -- nearly 6.7 billion of which were followed or preceded by orders of the same denomination by the same institution in the same business week.

    Most cross shipping, "probably 75 to 80 percent" occurs at the nation's 100 largest depository institutions, Blacketer said.

    Based on the 2002 data, the Fed estimates that it could avoid currency processing costs of up to $35 million a year by cutting down on cross shipping of $5 to $20 notes, the only denominations that would be initially included in the new policy.

    The plan

    The Fed's plan includes two parts. First, FIs will be allowed to transfer $5, $10 and $20 bills that they might otherwise cross-ship into custodial inventories. The currency will be owned by a Reserve Bank -- even though it will remain at an FI's facility.

    The second part is a proposed penalty of $5 to $6 for each bundle of cross-shipped currency in the $5 to $20 denominations. FIs would not pay a penalty for the first 1,000 cross-shipped bundles in a particular zone or sub-zone each quarter.

    According to the Fed, the exemption will limit the impact of the cross-shipping policy on institutions which may not be able to justify investments in sorting equipment, and will help FIs deal with unanticipated customer demands for cash.

    To become eligible to hold a custodial inventory, an FI must commit to recirculating a significant amount of currency. Participating FIs also must have facilities large enough to segregate the currency from their own cash.

    It's possible, said Blacketer, that some large banks with well developed cash handling infrastructures may be able to provide cash processing services for smaller FIs and other customers -- much as they have provided check processing services for years.

    "Instead of a loss leader, they could break even or even make a small profit with their cash handling operations by providing cash products and services for customers like retailers, ISOs and credit unions," he said.

    But Menasche said it may be difficult to eke profitability out of cash handling operations -- particularly if transportation costs are included.

    "More than anything else, this is a logistics issue," he said. "It's easy to underestimate the costs of transporting cash. They could end up transporting the same cash three or four times."

    The good news for cash management software providers like Transoft, Menasche said, is that the proposed changes are driving an increased interest in their products.

    "Our decision support tools can help financial institutions assess cash processing and transportation costs, and show them when it may be cheaper to send cash back to the Fed and pay a penalty," he said. "If they allow those decisions to become subjective and decentralized, they could get into serious trouble."

    The ATM effect

    The tremendous growth of ATMs, from 200,000 machines in 1998 to some 370,000 machines today, has helped drive the increased demand for fit currency.

    The Fed's proposed policy change could unduly impact FIs' ATM networks, particularly non-branch machines, according to Amy Dronzek, national manager of Cash Vault Services for KeyBank.

    "Most cross shipping of currency in our industry results from the need for currency fit enough for automation, such as for ATMs. Large scale need for this type of currency requires automated fitness processing to be cost effective, historically proven more cost effective in a centralized versus a decentralized environment," Dronzek wrote in a letter submitted to the Fed.

    Some FIs will have to invest in more currency sorting equipment to support their ATM networks, Dronzek wrote. The alternative will likely be paying higher fees to ATM service personnel.

    "If the armored courier companies obtain currency from depository institutions, then they will increase ATM service fees for the additional handling of the currency that will be required," Dronzek wrote, "as Federal Reserve currency is viewed as 100 percent accurate due to the state-of-the-art, high-speed currency sorting equipment which many depository institutions will be unable to afford."

    In KeyBank's comment letter, Dronzek urges the Fed to exempt ATMs from the new policy.

    For more info on the Fed's proposal: http://www.federalreserve.gov/boarddocs/press/other/2003/20031008/attachment.pdf
    And to read comments on the proposal: http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm
    (posted under Federal Reserve Bank Currency Recirculation Policy)

    "Enable depository institutions the opportunity for limited cross-shipping activity to support their ATM networks using a separate endpoint or other delimiter," she wrote. "This will minimize impact to the consumer by allowing institutions the opportunity to maintain existing ATM networks, especially those that are remote."

    In its comment letter, Huntington Bank raised the possibility that "using recirculated money that does not meet strict fitness levels could cause ATM downtime or additional costs for emergency cash transportation."

    Alternative approaches

    Some FIs would like to see the Fed adopt an alternative approach.

    In a comment letter, Greg Smith, a senior vice president at SunTrust Bank, encouraged the Fed to approach cash processing "in a similar fashion to check clearing and electronic payments types by helping to create a processing utility among the banks and armored carriers that would act as an intermediary between depository institutions and the Federal Reserve."

    Jim Roemer, senior vice president of Cash Services for U.S. Bank, said in his letter that U.S. Bank is involved in discussions with other FIs to explore the idea of establishing a "cash clearing house," similar to Cash Services Australia.

    "In order for the cash clearing house concept to be successful, the participating depository institutions will require some level of cooperation from the Federal Reserve," Roemer wrote.

    In its comment letter, Wells Fargo also signals its intent to "proceed with the creation of a non-profit organization in conjunction with other financial institutions."

    The Fed began a pilot of the custodial inventory program earlier this month, with 14 pilot sites and 10 participating depository institutions. According to a Fed spokesperson, the pilot program will run for six months, however "the clock will not begin until the last pilot is set up," likely in September.

    Copyright 2004 NetWorld Alliance LLC. All rights reserved.
    Terms and conditions of use.

    Posted by iang at 02:14 PM | Comments (1) | TrackBack

    August 09, 2004

    DoCoMo releases first 3G mobile wallet phone

    Japan's NTT DoCoMo (writes "Mobile Pipeline News") will release Saturday (Aug. 7) what it calls the first 3G phone that is capable of serving as a "mobile wallet" for making purchases and for conducting ATM withdrawals and credit card transactions [1].

    The company said its F900iC uses a smart card to work with its FeliCa mobile wallet service. That service enables users to use the phone's near-field wireless technology to make credit card purchases and conduct other transactions.

    For security, the smart card functions can be locked using either a password or fingerprint sensor, the company said in a statement. In addition, the smart card function can be locked remotely using other phones.

    The phone also sports a built-in 1.28 megapixel camera and a 2.4-inch high-resolution color LCD. It also has a built-in miniSD memory card slot.

    The device works with DoCoMo's 3G service, although the electronic wallet also requires a subscription to the company's consumer i-mode service.

    [1] Warning - the URL for the article generates some form of popup:
    URL: http://www.commsdesign.com/showArticle.jhtml?articleID=26806340
    [2] Here is a better article:
    Japanese get first mobile wallets

    Posted by iang at 06:35 PM | Comments (1) | TrackBack

    June 30, 2004

    Peppercoin - credit card facilitations

    This article has finally pointed me into the right direction with Peppercoin. Call me slow, but the trick is to totally ignore the tech. Being a techie by nature, this does not come naturally, one keeps searching for a modicum of sense behind it.

    Peppercoin are positioning themselves as yet another credit card facilitation company. Like Paypal. In fact they are duplicating Paypal's business model to a T: First swamp the space with lots of "cool tech" noise and bring out some versions. For Paypal, this was their long forgotten Palm Pilot money feature, and for Peppercoin it is some statistically inspired token scheme. Second, buy customers. Paypal paid $10, then $5, using what looked like half their investment money to do this.

    Third, migrate users from the cool tech to the basic tech and from the credit card to the debit card: web front end, everyone has an account, everyone feeds their account from their bank account. (Actually there's another step in there, between 2 and 3, but it doesn't add any to the explanation.)

    Hey presto, we have a user base and a transaction flow and we're set for the billion dollar buyout.

    It's not as silly as it seems. Banks have shown they can't do this, as have the credit card companies. Why not copy what worked in the past? Paypal did when they copied First Virtual and rectified their mistakes, and their recent actions leave them wide open for an alternate.



    Yahoo! News
    Credit Cards Enter the Micropayment Game
    http://story.news.yahoo.com/news?tmpl=story&cid=528&e=2&u=/ap/20040628/ap_on_hi_te/micro_paying_with_plastic
    Mon Jun 28,10:24 AM ET

    By MARK JEWELL, AP Business Writer

    BOSTON - If your image of a typical video-game arcade customer is a teenager emptying quarter-filled pockets into a machine to do battle with space aliens, think again. Today's high-tech games increasingly appeal to an older set. And soon those customers will be able to use credit or debit cards as a payment option.

    These so-called "micropayments" are gaining currency on the Internet (news - web sites) as a way to perform small-ticket transactions such as downloading a song or accessing other online content.

    But most micropayment systems require customers to establish prepaid accounts, to get around the hassle and transactional costs of entering card information for each purchase.

    Now, however, one player in the micropayments market, Peppercoin Inc., has come up with a system that also facilitates the more familiar way of buying things - by credit or debit card at the time of service.

    One early customer is Incredible Technologies Inc., a manufacturer of coin-operated video games like the Golden Tee golf game. It has selected Peppercoin 2.0 to process credit card transactions in its future lineup of games, which will be able to take credit card swipes.

    Peppercoin expects customers offering online music and other products will sign up for the service as well, said co-founder Perry Solomon.

    The biggest obstacle to using credit cards for micropayments is the cost of transaction processing. Typically, a transaction costs 20 cents to a quarter, plus 2 percent to 3 percent of the price of the item being sold. For very inexpensive products, the transaction expense can wipe out any profit.

    Peppercoin 2.0 has reduced the transaction expense to less than 10 cents, Solomon said.

    With some sophisticated games costing a dollar or more to play, that cost structure is affordable.

    The cost reduction is possible, he said, because of a patent-pending method of lumping together individual transactions into one transaction to reduce the cost to the merchant.

    The method was devised by Ron Rivest and Silvio Micali, two Massachusetts Institute of Technology (news - web sites) faculty members who are Peppercoin investors and board members.

    With the average American's wallet now holding five credit cards, the micropayments market could increasingly turn in the direction Peppercoin is heading, said Ed Kountz, a technologies analyst at the research firm TowerGroup in Needham, Mass.

    "Clearly, the ability to leverage an existing consumer habit - the credit card - we think is an important one," Kountz said.

    Posted by iang at 06:15 AM | Comments (0) | TrackBack

    June 27, 2004

    Taxing Issuers

    G&SR/e-gold, an issuer of digital gold currencies, faces a new tax from the Florida state within which it has located its network operations [1]. (Or, an old tax, newly applied?) It's hard to see the logic of this one, but I suppose one has to bear in mind that Florida is one of the small handfull of states in the USA that has no state income tax.

    Governments will tax, and one has to accept, grudgingly, that they a) exist and they b) provide some modicum of services that are quite convenient and well utilised, even by the most rabid of anti-government types. Given that premise, a question much debated in economics circles is what is the best way to raise taxes? Skipping the difficult questions of what goals we are seeking, and how we measure, it does seem that most thought these days has moves from income based taxation to transaction based taxation.

    I.e., VAT, where hopefully it is used to displace other forms of taxation. (And, Russia, Slovakia and other countries successes in levying flat income taxes also count as a move in that direction.)

    How then to tax Issuers? Any tax should be proportional to the activity, so it would seem that the fee based value is the place to look. Most taxes are based on the total value of the transaction, but this is insufficiently precise, as the company never sees the total value of the transaction, it only sees its component. Hence, VAT is constructed in a waterfall of adding and subtracting down the value chain. It results as a netted small slice that is proportional to each supplier's activity, which is a good thing. Against this, the bad thing about VAT is that it is a nightmare to administer.

    No such need exists with Issuers - the fee income is quite clear and easily calculable. Issuers therefore should think in terms of negotiating a transaction tax on the basis of a percentage of all the fees collected. In this way, Issuers are free to lower and raise fees according to business perogatives, and they won't be so easily tempted to move operations to some lesser jurisdiction that offers no transaction tax.

    Still, the day when transaction taxes apply to Issuers is far off. First, they have to be successful enough to be household names, and the legislators take notice. Which means we have to get some size and some robustness, both things lacking in the current IG market.



    [1] Wired News - Florida to Tax Home Networks
    By Michelle Delio
    Story location: http://www.wired.com/news/business/0,1367,63962,00.html
    02:00 AM Jun. 24, 2004 PM

    Florida state officials are considering taxing home networks that have more than one computer, under a modified 1985 state law that was intended to tax the few businesses that used internal communication networks instead of the local telephone company.

    Officials from Florida's Department of Revenue held a meeting on Tuesday to see whether the law would apply to wired households, and exactly who would be taxed. About 200 people attended, including community and business representatives.

    In 1985 the state passed a law to tax businesses using their own communications networks, because otherwise the state could not collect tax revenue on the businesses' local telephone service. In 2001, that law was expanded to make "any system that is used for voice or data that connects multiple users with the use of switching or routing technology" taxable up to 16 percent.

    The law is so broad that it would apply to networked computers, wireless services, two-way radios and even fax machines -- or "substitute communications systems," as the state calls them. The tax would be applicable (PDF) to the costs of operating such a substitute communications system, not to the purchase of the system's components.

    In some cases, it appears the tax would be collected by the providers of communications services such as wireless companies or voice-over-IP firms. The tax would be added to the user's bill and then turned over to the Department of Revenue.

    But some substitute communications services don't require a service plan. For those, the state could take the tax from the amount deducted on business, and perhaps personal, tax filings.

    "According to my accountant, the way the law is written, if my tax filing includes deductions for the repair or maintenance of my two computer and one printer network, those costs will be subject to state communication taxes," said graphic artist Linda Kellman, who works from home. "Self-employed people get slammed with insane taxes everywhere, and I've sadly but grudgingly accepted that. But this tax, if they ever try to collect it, would be the last straw. Can I outsource my network to a more sensible state, do you think?"

    Florida businesses and residents -- and even some officials in the Florida Department of Revenue -- agree that the wording of the law is too broad.

    In May, the Florida Senate unanimously passed a bill that would have prevented collection of the tax until 2006, during which time the law could be carefully reviewed. The bill was then sent to the House, but wasn't voted on before the summer break, clearing the way for officials to begin collecting the tax.

    As a result, the Florida Department of Revenue, which, according to local newspaper reports, was in favor of the bill to delay the collection of the tax, must now begin to address how the tax should be implemented.

    "The tax language is so broad that virtually any communication technologies in your home or office could be subject to this tax," said Chris Hart, spokesman for ITFlorida, a not-for-profit industry organization for the state's technology professionals. "It's difficult to imagine a more anti-technology, anti-business tax. It directly attacks the efficient use of information technology."

    Florida businesses aren't in favor of the tax.

    It also could tax almost any Florida resident who uses any sort of modern communications technology, something that Florida's battalions of retirees on fixed incomes have just begun to become aware of, according to Hart.

    "Information on this issue is starting to reach the general public, and it probably isn't widely understood just yet," he said. "However, once people do realize how this tax could impact them on a personal level, they wake up very fast."

    "All my life, I've willingly paid my fair share of taxes in exchange for community services," said 73-year-old George Fedoro, a retired engineer who now lives in Boca Raton. "But this tax is not fair and could turn senior citizens into criminals, because no one that I know can or will pay it."

    Florida Gov. Jeb Bush would have to approve any rule the tax department suggests. Bush has said he isn't in favor of the tax, but many fear he may be swayed by city and county government officials. The tax would go, in part, toward school construction and other projects.

    Additional meetings on the proposed rules for the tax will be held in other locations around the state later in the year, Department of Revenue officials said.

    If the law is implemented, Florida would have the most wide-reaching state tax on technology. But it may not be the last -- state officials estimate enforcement of the tax could bring in more than $1 billion a year in revenue for the state.

    Posted by iang at 06:43 AM | Comments (3) | TrackBack

    June 25, 2004

    Micropayments, Nanoprofits, Macrolosses

    Craig Spencer has created a live fee revenue calculation page for e-gold. This is the sort of analysis we need for the next stage of maturityfor DGCs: taking the live data feeds of the major parties, and extracting the business intelligence that creates confidence.

    It's also a major governance asset to be able to collect the information and lock down the issuer into lesser and more complex opportunities for fraud. We can see this simply from the fact that Craig has been collecting these pages for many months now, which ensures an auditable trail of activity in an open governance sense, not a rules-based sense. In comparison, we just don't know how many transactions the other systems did, so who can tell if the issuer decides to back date some?

    We can get lots out of these tables? See below for today's example (which for some reason is stuck a long way down the page, anyone know why?):

    This calculation uses data taken
    6/25/04 6:25:48 PM GMT
    from the e-gold site.
    e-gold Fee Structure
    (new as of 1/1/2004)
    Range Count Weight Revenue
    5% + 0.0002g0 mg - 1 mg34052.85 g0.823 g
    1 mg - 10 mg 6324 25.91 g 2.560 g
    10 mg - 100 mg 7142 272.04 g 15.030 g
    0.1g to 0.5g: 1.25% + 0.00375g
    0.5g to 1g: 0.01g
    100 mg - 1 g 3894 1.52 kg 31.373 g
    1g to 5g: 1%
    5g to 10g: 0.05g
    1 g - 10 g 2771 10.06 kg 92.316 g
    0.05g 10 g - 100 g 832 26.93 kg 41.600 g
    100 g - 1 kg 198 57.84 kg 9.900 g
    1 kg - 10 kg 24 57.83 kg 1.200 g
    Total Spend Fee Revenue for the previous 24 hours 194.803 g


    This is the best evidence of micropayments seen so far. If we arbitrarily say that a micropayment is anything less than a penny, then we can see the top column giving us revenue of 0.823g from 3405 payments (my italics above). What does that mean? Micropayments suck - after 8 years in operation, sub-penny payments are doing about 1 gram a day. What's worse - the infrastructure requirements for micropayments are the same as for any other form of payment. More or less.

    So, sell any stock in startups doing micropayments. Faster than anyone else does, hopefully, but if you get stuck holding the baby, then you move to where the smart money is: Payments. If you are going to put that infrastructure in place, make it work for *all* value payments, and don't get caught looking like you stole your business plan from an old copy of Wired magazine.

    What else can we extract? Well, we can see the cash flow to the organisation. So a competitor can work out how much money e-gold are making, which is why companies generally don't like doing this. (But, don't kid yourself, a savvy business plan writer can work it out anyway, close enough.)

    Great page, Craig! Now if we can only figure out a way to get sector by sector merchant numbers, our cup would runneth over.

    Posted by iang at 02:45 PM | Comments (2) | TrackBack

    April 17, 2004

    LD3 - At the Breakfast Table

    A few months back, I was showing the Liberty Dollars to some children, as an adjunct to a conversation about money. I really don't recall what that topic was, but the LD is a great demonstration of the concept of independent issuance. And they are so pretty!

    The two children insisted on buying some, being numismatic of mind. After a few moments of indecision (should I gift them or sell them? socialism or capitalism? responsibility or rapacity?) I decided to sell the LD at the face value, that number in dollars printed on the two top corners. One child purchased a $5 note, with hard-earnt allowance, the other a $1.

    And, just a week or so ago, came the announcement of the recall and replacement of the LD with new paper bearing a number twice the size. This morning, the following conversation took place at the breakfast table.

    [elided discussion of counterfeiting]

    "I think the Liberty Dollar is silly," suggested the 12 year old (the other is 9).

    "Why is that?" I asked, in a study of emotionless pasivity.

    "Because it is done on silver and dollars. It should be one or the other."

    "Ah." Some conversation ensued, and I launched in: "And, there is some news about that. The Liberty Dollars might be recalled and replaced with new notes bearing a number twice as large." I'm not sure of the words I used, but I had started taking notes by this stage. I also tried to be strictly neutral - I find it best to keep secret my own opinion, except in private and obscure forums such as DGCChat, where armchair monetary architects lurk and ponder such things.

    It took a while to explain the change being suggested, but we got there. "Why is that?" asked the worried 12 year old. Anything effecting her money was bad.

    "Because the price of silver has gone up. Each $10 has an ounce of silver. And when they first issued it, the price of silver was $4 or so per ounce. Now it has gone up to almost $7.50."

    "Oh..." More conversation ensued. Stuff about whether the note would come back, etc, to which I ventured the opinion that the new note so promised would probably come back.

    Now, I am not a literary person. I don't buy that business about sparkle in the eyes, seeing people's faces light up, and all that they talk about in novels. But, at some point in the conversation, our 12 year old's eyes bulged, and her face spread wide, eyebrows, mouth, cheeks, in excitement.

    She looked at me, and asked "Can I buy your $10 note?"

    "Oh?"

    "Can I buy your $10 note with my $5 note and $5 of other money?"

    "Ah." Our combined gears where churning here... "I'll have to think about that."

    "Me too." And, she thought about it as she raced off to go and get the cup that held her allowance, in escrow, pending resolution of fines and other demerits. Today was Saturday, being the day that fines got reset, money distributed, and new trades could be made.

    So much for thinking about it. The Liberty Dollar is on a roll, and is certainly popular with some.

    Posted by iang at 01:20 PM | Comments (0) | TrackBack

    LD2 - Liberty Bimetallism

    In response to the most fanatical and interesting debate in recent monetary times, I published the following rant on the LD. (You should read the prior announcement to pick up the context, and also the 3 score or so responses, if you can get the archives of DGCChat.)

    I don't claim to have nailed it, but nothing that was said later or before shook my suspicion that Liberty Dollar have architectured a flimflam currency, and are headed for a fall, some way, some day.

    -------- Original Message --------
    Subject: [dgc.chat] Liberty Bimetallism
    Date: Sun, 11 Apr 2004 16:20:03 -0400
    From: Ian Grigg
    To: dgcchat@lists.goldmoney.com

    It seems to me that Liberty Dollars are Bimetallic.

    One metal is the silver, and the other is the USD.

    Ignoring the fact that there isn't any more metal in a USD than a shiny strip these days, the notion of a currency trying to balance itself between the movements of two diverging metals may explain the turmoil.

    Bimetallic currencies all come to a bad end, some day. This notion of trying to maintain the face value of the Liberty Dollar at something above the cost of silver, and around the price of dollars, has to have a bad end, according to anything I've ever read or heard about.

    It's nice that a distribution chain can take a margin of approximately 100% before getting to the user. Really good that someone has figured out how to sell the concept of metallic currencies to the users out there, in a nice easy pretty package.

    But, that doesn't mean that we should all drop our economic marbles and squeal for joy like a bunch of teenagers. There's more to music than a good looking pop star.

    Apparently, the face value can go up, and we are exhorted to rush in and collect up the old ones. Because, when the change happens - phones ringing hot, must be soon now - we can all change our old notes to new notes. And, *double* our face value, in one deal.

    Now, it seems to be a good deal. We seem to gain, coz the users will then take the face value and give us twice the benefit. Sellers are obligated to do some trading, so there is support at some level for this face value.

    Great deal. The problem is, if there is money made by some, then there is money *lost* by others. Hence, this is a non-productive move of wealth from one group to another.

    As it is non-productive, then it can't be sustainable. It flies against the sense of economic thought much prized in these places; on the face of it, and it is very much a facial issue, this is no better than the taxes, scams, cons and other evils that we bemoan.

    Why is Liberty Dollar offering something for nothing?

    Or, am I wrong? Is there any viable case to be made, in an economic sense, to support the notion that a solid, important currency can just turn around and rewrite a number from 10 to 20?

    iang

    subscribe: send blank email to dgcchat-join@lists.goldmoney.com
    unsubscribe: send blank email to dgcchat-leave@lists.goldmoney.com
    digest: send an email to dgcchat-request@lists.goldmoney.com
    with "set yourname@yourdomain.com digest=on" in the message body

    Posted by iang at 12:40 PM | Comments (0) | TrackBack

    LD1 - Inflation Proof Currency Set to Double

    A week or two back, the Liberty Dollar architect, Bernard von NotHaus, published the following announcement. In essence, he is close to announcing that the paper issue of Liberty Dollars is to be recalled and replaced with notes being a number twice as large. This is because silver - the reserve of one ounce behind every $10 of Liberty Dollars - has gone up in price from $4 or so up to nearly $7.50.

    Subject: [dgc.chat] Inflation Proof Currency Set to Double
    Date: Thu, 8 Apr 2004 06:51:52 -0400
    From: Bernard von NotHaus <bernard@libertydollar.org>
    To: GoldMoney chat <dgcchat@lists.goldmoney.com>

    On Friday, March 19, silver crossed over $7.50 per ounce and the phones started ringing. "Silver is over $7.50!!! Have we crossed over to the $20 Silver Base? Have you DOUBLED the face value of the Liberty Dollar?" You could feel the excitement over the phone. So we asked Bernard von NotHaus, the monetary architect who designed and developed the new gold and based currency, and he confirmed that the "Crossover Point"* is without a doubt "the most exciting part of the Liberty Dollar currency".

    Von NotHaus explained that just as gasoline has doubled, the price of silver has doubled from $4 to over $8 per ounce. Now the Liberty Dollar is also about to double. That means every Liberty Dollar you have - will double in face value when the Silver base crosses over from the $10 to $20 Silver Base. In other words, if you have a one-ounce $10 Silver Liberty or Certificate - you will able to exchange it for a new $20 Silver Liberty when the Crossover Point is reached.

    Head turning? Maybe to some and to the new initiates into the world of emerging currencies. Welcome to the Liberty Dollar 'already the second most popular currency in America' that is distributed by NORFED - a national, nonprofit, educational, organization. It contends that the Liberty Dollar is not head turning, but an example of classical economics at it finest that has been turbocharged with the speed of the Internet and emboldened by massive government spending.

    As the dollar continues to fall, and the price of silver rebounds from a half-century of manipulation and control, the Liberty Dollar is being driven by market forces to double the face value of the currency. Again as von NotHaus explained, "The Liberty Dollar is a 'free market currency' as described by Friedrich von Hayek, a Nobel Laureate economist. It is simply responding to the market. As silver doubles, the Liberty Dollar must double. thereby exemplifying a truly 'inflation proof currency' that is the essence of a free market currency. And the best part is that everybody can participate. Everybody can profit as Americans begin the arduous process to return our monetary system to value."

    David Morgan, the 'Silver Guru' who publishes "Silver Investor" agrees with von NotHaus. "That is why I became a Liberty Associate with NORFED. I like the Liberty Dollar because it makes economic sense and using it is the right action for our country. We need a currency backed by real substance, backed by gold and silver. Real value for real American."

    That feeling seems to parallel the NORFED position which professes not only to know the problems caused by the depreciating Federal Reserve Notes, it also proposes a simple positive solution that pays the participant to use the new currency. Again NORFED leads the edge of economic thought by putting classical economic principles into daily action. Fortunately, von NotHaus has proven to be an able manager during the Liberty Dollar's first five years and seems to reflect his 30 years in the trade.

    Richard H. Timberlake, an octogenarian PhD in Economics from the University of Chicago, has keenly followed the emerging story of the Liberty Dollar for years. He said he has been fortunate to have von NotHaus' numerous overnight stops at his estate outside of Athens Georgia. And while Timberlake notes that his guest is often outspoken and intense, he defends the Liberty Dollar model as a functional substitute to the depreciating Federal Reserve Notes. He chides the Federal Reserve for its policy: "Its money has no connection to gold; its activities are unconstrained by any law or principle; its policies are at the discretion of men (and women) who bear no responsibility for the results of their actions; the Fed is as unconstitutional as any institution can get."

    So while an increasing number of economists warn us about the economic war between the falling dollar and rising precious metal prices, and the monetary crisis to follow, the Liberty Dollar has become increasingly popular. Already there are over 100,000 people now using the $5 million Liberty Dollars in circulation. And that is about to double to $10 million dollars of purchasing power.

    With double the price for gasoline, we may all need some extra purchasing power. Well the NORFED folks have just the answer, especially if you get the Liberty Dollar before it doubles. And even after it doubles, you can still continue to get the new silver based currency at a discount and use it at a profit. NORFED simply points out that as the US dollar has lost 40% of its value in the past two years in comparison to the euro, and silver has doubled just like gasoline, doesn't it make sense to use a currency that not only reflects the current market prices but one that you can use at a profit?

    * The Crossover Point of the Liberty Dollar from the current $10 Silver Base (one Troy ounce of .999 fine silver backs $10 Liberty Dollars) to the new $20 Silver Base (one Troy ounce of .999 fine silver backs $20 Liberty Dollars) will occur when the thirty day moving average (30DMA) for silver stays over $7.50 for thirty consecutive calendar days.

    As the Crossover Point is so important, NORFED uses an independent, third party source for its 30DMA so there are no doubts. Just like the monthly audits, there is total transparency for the econometric features that were designed into the Liberty Dollar model to guard it against being whipsawed by an erratic silver market. You can follow the 30 DMA and watch it develop by simply going to ScotiaMocotta at http://www.scotiamocatta.com/prec/pdfs/pm_daily.pdf. Scroll down the Gold & Silver Market Watch. The 30DMA is at the bottom of page two.

    Von NotHaus urges everyone "To get as many Liberty Dollars as possible before the base doubles. Your family's financial life might depend on it! Either change your money or lose your value - that is the choice."

    As of April 2. 2004 the 30DMA was $7.23

    Bernard von NotHaus
    Monetary Architect


    subscribe: send blank email to dgcchat-join@lists.goldmoney.com
    unsubscribe: send blank email to dgcchat-leave@lists.goldmoney.com
    digest: send an email to dgcchat-request@lists.goldmoney.com
    with "set yourname@yourdomain.com digest=on" in the message body

    Posted by iang at 12:13 PM | Comments (0) | TrackBack

    March 14, 2004

    Backing - Defined

    Over on the DGCChat list, where new currency engineers haunt, squabble, and rebuild the financial system every Sunday, the question of "backing" has arisen.

    Economists in the field of money issuance have long known that "backing" is an imprecise term, and they insist on definitions whenever they feel dialogue becomes contaminated by the word.

    One plausible response is to avoid use of the word, but, as frequently pointed out, the rest of the world declines the forebearance. For this reason, I use the following definition:

    Backing is the sum total of all assets that give rise to value in an issue.

    Assets, in the context, include physicals (metals) and balances (cash) held at institutions, as well as intangibles like reputation, and non-physicals like future cash flow.

    Reserves, then, are tangible or accountable assets that are held in escrow for the sole purpose of backing an issue. E.g., the gold held by a DGC counts as reserves, and these reserves are perhaps the major component of backing for a DGC.

    Additional components of backing include reputation, faith in governance structures, law, and various derivatives such as tax receipts or a book of business. Also included might be network effects such as customers holding an issue and using it for that purpose - their expectations have momentum, and that helps the value, albeit in a fashion that might be thought of as circular.

    It is, then, right and proper to say that the US dollar is backed by the-full-faith-and-credit-of-the-United-States-government (said very fast), as well as by an expectation of future receipts (which might be the same thing!).

    Posted by iang at 08:22 AM | Comments (0) | TrackBack

    March 03, 2004

    Cash no longer free?

    In the chinese curse department, Simon's blog also reports that the Dutch tax authorities are now charging to accept cash for tax payments.

    As he points out, this is the thin end of the wedge; when the government stops supporting its own free loans from the people, they start thinking about alternates.

    This is like that old chinese curse - be careful with what you wish for, you might get it... This is not the first step. For a long time, governments have been adding barriers and restrictions to cash transactions of larger value.

    Great news for alternate currency fans.

    Posted by iang at 09:13 AM | Comments (1) | TrackBack

    February 18, 2004

    OPEC Has Already Turned to the Euro

    Today's GoldMoney Alert from James Turk postulates that OPEC oil sales are already priced in Euro terms.

    It's based on correlations over three years...

    Three data points is not enough to draw a conclusion, but it's a very interesting postulation. One would need to look at the quarterly or monthly figures to develop any confidence in the claim.

    Mind you, it is to be expected. If OPEC started pricing in Euros, they would have maybe not announced it, given the sensitivities. There's nothing like allowing the aggressive dollar traders to discover the fait accompli.

    Still, the real question, as James pointed out, is whether they are invoicing in Euros, or accepting payment in Euros without undue conversion penalty. If Oil is in the process of switching from dollar trading to Euro trading, or even a hybrid, this reduces the need for central banks to hold so much dollar reserve, thus releasing more dollars to go back home to the US of A.

    Posted by iang at 07:18 AM | Comments (0) | TrackBack

    October 14, 2003

    The Value of Issuance

    Issuance has been at the core of FC since the time dot. It's either the entire 6th layer - which I called Value - or it is an application in its own right.

    Finance - the 7th layer, of applications that have financial intentions - includes as pure issuance plays currencies like the gold community, self-issuance by companies of internal monies and shares in operation, and various gift or voucher style issues. That is, the application of the company is primarily its issuance, opposed to other things like trading.

    How much is this worth?

    A question oft asked! And there are few definitive answers, as there are few enough Issuers with a wide variety of models. So comparisons are hard.

    For example, e-gold have a sustainable issue with a 1% storage fee per annum, and a 0.5% transaction fee that is capped at USD 50 cents. Is this sufficient to calculate its worth? No, as they are joined at the hip with their primary exchange maker, and not only do they have to deal with weakened governance because of it, they also have to soil their balance sheet with the filthy lucre of exchange: average of 2-4% per transaction!

    Other DGCs are less well-heeled, as they are the challengers, so let's skip them for now.

    For comparison, the Visa/Mastercard empire charges about 2% to all its merchants for every transaction. It goes up and down, depending, but it's a lot of money in anyone's mathematics. And it skyrockets when you get into the societal arbitrage industries like Adult and Gaming... With chargeback ratios of 50%, you just know that the credit card companies are taking a serious slice.

    I've heard that the US Mint estimates the cost of coinage at about 1%. That sounds high to me, but they get to keep the other 99 cents on every dollar, so we can tell why they're smiling. But, national currency issuance is a special case of monopoly, so it's not a viable comparison.

    Still, national currencies do compete! And, in the great competition of this decade, the dollar v. the euro, here's a very interesting fact:

    Over on El Zorro Plata Bob diligently scans the markets for silver news, and reports this article:

    Russia to price oil in euros in snub to US

    which talks about the Ruskies switching their oil trading to Euros. It aslo quotes this:

    If the dollar were ever displaced by the euro, it would lose the enormous freedom it now enjoys in running macro-economic policy. Washington would also forfeit the privilege of exchanging dollar notes for imports, worth an estimated 0.5pc of GDP.

    That's astounding! 0.5% of the GDP for an export called having the international unit of account. Talk about a windfall. Talk about an embarressment if it all comes flooding back!

    But, leaving aside the amazing shift that will occur when or if the dollar loses its international unit of account status, consider this: a nation-state is more or less simply modelled as a company with its citizens as employees. Its product is its exports. The GDP is the internal market to produce that product.

    So, if one were to use the above figure as a guide - and bear in mind, this is a very loose single point of data - one could postulate that a self-issuance of your own corporate currency may be worth 0.5% of everything you do. Depending on how similar you are to the US economy, of course.

    It's a number, like any number. Only time will tell how optimistic or pessimistic it is.

    Posted by iang at 02:26 PM | Comments (2) | TrackBack

    September 29, 2003

    The Origin of Money and its Value

    http://www.mises.org/fullstory.asp?control=1333

    The importance of the Austrian school of economics is nowhere better demonstrated than in the area of monetary theory. It is in this realm that the simplifying assumptions of mainstream economic theory wreak the most havoc. In contrast, the commonsensical, "verbal logic" of the Austrians is entirely adequate to understand the nature of money and its valuation by human actors.

    Menger on the Origin of Money

    The Austrian school has offered the most comprehensive explanation of the historical origin of money. Everyone recognizes the benefits of a universally accepted medium of exchange. But how could such a money come into existence? After all, self-interested individuals would be very reluctant to surrender real goods and services in exchange for intrinsically worthless pieces of paper or even relatively useless metal discs. It's true, once everyone else accepts money in exchange, then any individual is also willing to do so. But how could human beings reach such a position in the first place?

    One possible explanation is that a powerful ruler realized, either on his own or through wise counselors, that instituting money would benefit his people. So he then ordered everyone to accept some particular thing as money.

    There are several problems with this theory. First, as Menger pointed out, we have no historical record of such an important event, even though money was used in all ancient civilizations. Second, there's the unlikelihood that someone could have invented the idea of money without ever experiencing it. And third, even if we did stipulate that a ruler could have discovered the idea of money while living in a state of barter, it would not be sufficient for him to simply designate the money good. He would also have to specify the precise exchange ratios between the newly defined money and all other goods. Otherwise, the people under his rule could evade his order to use the newfangled "money" by charging ridiculously high prices in terms of that good.

    Menger's theory avoids all of these difficulties. According to Menger, money emerged spontaneously through the self-interested actions of individuals. No single person sat back and conceived of a universal medium of exchange, and no government compulsion was necessary to effect the transition from a condition of barter to a money economy.

    In order to understand how this could have occurred, Menger pointed out that even in a state of barter, goods would have different degrees of saleableness or saleability. (Closely related terms would be marketability or liquidity.) The more saleable a good, the more easily its owner could exchange it for other goods at an "economic price." For example, someone selling wheat is in a much stronger position than someone selling astronomical instruments. The former commodity is more saleable than the latter.

    Notice that Menger is not claiming that the owner of a telescope will be unable to sell it. If the seller sets his asking price (in terms of other goods) low enough, someone will buy it. The point is that the seller of a telescope will only be able to receive its true "economic price" if he devotes a long time to searching for buyers. The seller of wheat, in contrast, would not have to look very hard to find the best deal that he is likely to get for his wares.

    Already we have left the world of standard microeconomics. In typical models, we can determine the equilibrium relative prices for various real goods. For example, we might find that one telescope trades against 1,000 units of wheat. But Menger's insight is that this fact does not really mean that someone going to market with a telescope can instantly walk away with 1,000 units of wheat.

    Moreover, it is simply not the case that the owner of a telescope is in the same position as the owner of 1,000 units of wheat when each enters the market. Because the telescope is much less saleable, its owner will be at a disadvantage when trying to acquire his desired goods from other sellers.

    Because of this, owners of relatively less saleable goods will exchange their products not only for those goods that they directly wish to consume, but also for goods that they do not directly value, so long as the goods received are more saleable than the goods given up. In short, astute traders will begin to engage in indirect exchange. For example, the owner of a telescope who desires fish does not need to wait until he finds a fisherman who wants to look at the stars. Instead, the owner of the telescope can sell it to any person who wants to stargaze, so long as the goods offered for it would be more likely to tempt fishermen than the telescope.

    Over time, Menger argued, the most saleable goods were desired by more and more traders because of this advantage. But as more people accepted these goods in exchange, the more saleable they became. Eventually, certain goods outstripped all others in this respect, and became universally accepted in exchange by the sellers of all other goods. At this point, money had emerged on the market.

    The Contribution of Mises

    Even though Menger had provided a satisfactory account for the origin of money, this process explanation alone was not a true economic theory of money. (After all, to explain the exchange value of cows, economists don't provide a story of the origin of cows.) It took Ludwig von Mises, in his 1912 The Theory of Money and Credit, to provide a coherent explanation of the pricing of money units in terms of standard subjectivist value theory.

    In contrast to Mises's approach, which as we shall see was characteristically based on the individual and his subjective valuations, most economists at that time clung to two separate theories. On the one hand, relative prices were explained using the tools of marginal utility analysis. But then, in order to explain the nominal money prices of goods, economists resorted to some version of the quantity theory, relying on aggregate variables and in particular, the equation MV = PQ.

    Economists were certainly aware of this awkward position. But many felt that a marginal utility explanation of money demand would simply be a circular argument: We need to explain why money has a certain exchange value on the market. It won't do (so these economists thought) to merely explain this by saying people have a marginal utility for money because of its purchasing power. After all, that's what we're trying to explain in the first place—why can people buy things with money?

    Mises eluded this apparent circularity by his regression theorem. In the first place, yes, people trade away real goods for units of money, because they have a higher marginal utility for the money units than for the other commodities given away. It's also true that the economist cannot stop there; he must explain why people have a marginal utility for money. (This is not the case for other goods. The economist explains the exchange value for a Picasso by saying that the buyer derives utility from the painting, and at that point the explanation stops.)

    People value units of money because of their expected purchasing power; money will allow people to receive real goods and services in the future, and hence people are willing to give up real goods and services now in order to attain cash balances. Thus the expected future purchasing power of money explains its current purchasing power.

    But haven't we just run into the same problem of an alleged circularity? Aren't we merely explaining the purchasing power of money by reference to the purchasing power of money?

    No, Mises pointed out, because of the time element. People today expect money to have a certain purchasing power tomorrow, because of their memory of its purchasing power yesterday. We then push the problem back one step. People yesterday anticipated today's purchasing power, because they remembered that money could be exchanged for other goods and services two days ago. And so on.

    So far, Mises's explanation still seems dubious; it appears to involve an infinite regress. But this is not the case, because of Menger's explanation of the origin of money. We can trace the purchasing power of money back through time, until we reach the point at which people first emerged from a state of barter. And at that point, the purchasing power of the money commodity can be explained in just the same way that the exchange value of any commodity is explained. People valued gold for its own sake before it became a money, and thus a satisfactory theory of the current market value of gold must trace back its development until the point when gold was not a medium of exchange. *

    The two great Austrian theorists Carl Menger and Ludwig von Mises provided explanations for both the historical origin of money and its market price. Their explanations were characteristically Austrian in that they respected the principles of methodological individualism and subjectivism. Their theories represented not only a substantial improvement over their rivals, but to this day form the foundation for the economist who wishes to successfully analyze money.

    Posted by graeme at 09:16 AM | Comments (2) | TrackBack