updates from australian payments network - nick cliff
TRANSCRIPT
Nick Cliff
Australian Payments Network
1 June 2017
2
What can we not see today and why?
We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.”
Roy Amara, past president of The Institute for the Future
The future is already here – it's just not evenly distributed.
William Gibson.
The reason big new things sneak by incumbents is that the next big thing always starts out being dismissed as a “toy.”
Chris Dixon (based on Clay Christianson’s disruptive technology theory)
1988
What can we not see today and why?
Drivers of Change
7
Integrated EmbeddedDigital
Dig
ital
Iden
tity
Dat
a A
cces
s
Software & Cloud
SDKs
Microprocessors
Smartphones
Contactless Cards
Apps
Open APIs
Customer Experience
Fintech
Data Management
Biometrics
Real Time
Artificial Intelligence
Augmented Reality
Virtual Reality
Blockchain
Internet of Things
Smart Contracts
Data is a Building block
Kabbage makes small business loans using APIs from PayPal and eBay
Regulation Horror
PSD 2 will be legally enforceable in Europe before the mechanisms to align security, liability and commercial interest are in place.
Opportunity
Some banks are investing in APIs to ensure future relevance.
ColemanProductivity Commission
Financial Services
FocusAustralia
Wide
Regulator ASIC Industry & ACCC
Coleman & Productivity Reports
Drivers of Change
12
Integrated EmbeddedDigital
Dig
ital
Iden
tity
Dat
a A
cces
s
Software & Cloud
SDKs
Microprocessors
Smartphones
Contactless Cards
Apps
Open APIs
Customer Experience
Fintech
Data Management
Biometrics
Real Time
Artificial Intelligence
Augmented Reality
Virtual Reality
Blockchain
Internet of Things
Smart Contracts
13
Digital Identity Delivers Convenience & Security
1993 2017
What is Digital Identity?
“The deal at the moment is that we trade personal information for access to services. This has to change.”Adrian Turner. CEO
Identity Provider Landscape
For the internet giants, identity is dynamic and probabilistic. They acquire constantly changing information about consumers through service usage (including social graph and federated logon) from which they can infer knowledge of the consumer. This knowledge is “self asserted” (or more accurately “passively disclosed”) & therefore low assurance.
Banks and governments tend to acquire a much more static set of information about consumers which is verified following defined and measurable rules and procedures. This knowledge is “verified” and therefore of higher assurance.
The Identity Provider Landscape
The Payments Plan, responded to the FSI where the industry committed to
The FSI identified a weakness and recommended that government and the private sector must address it.
“Australia has no clear strategic vision for digital identity management and, consequently, little coordination and limited ability to attain potential network benefits that would lower costs and reduce duplicative processes”
December 2014
Australian Payments Plan
Digital ID is central to payments innovation and Australia’s focus on digital ID is rooted in 2
initiatives
“Develop Principles for Digital Identity and Data Management and work with the Government in the development of a national digital identity framework”
December 2015
Drivers For Digital Identity in Australia
Attempts Have Fragmented the Market
Government Mandated
• China, Estonia
Benefits
• Critical mass almost instantly
• Easier to bring regulation into line
Challenges
• Alignment of competing priorities of government and private sector
• Slow to develop, required to meet all use cases at launch
• In Australia lack of trust of government identity
Private Sector• Norway, Sweden, Netherlands
• Apple, Facebook, Google
Benefits
• Corporate value proposition can be clearly defined
• Voluntary, not required to meet all use cases at launch
• Can be expanded to other use cases (e.g. Government) once critical mass is reached
Challenges
• Critical mass more difficult to achieve without mandate
• Benefit needs to be clear to consumer
• Require self-sovereign identity to meet Australian regulation
Creating Identity
Threat
Emerging regulation mandating greater access to data requires strong authentication• The primary control of access to data is digital
identity. If banks don’t offer identity services, competitors will
Increased payments & identity fraud plagues digital payment• CNP fraud grew by 38% last year and identity
fraud was calculated at being $1.6 billion. Digital ID is seen as an enabler of security and convenience that can help mitigate fraud.
Opportunity
KYC improvement & cost reduction• On going cost of identity-related compliance
has been estimated as being between $299 million to $435 million to the industry
• Identity-related compliance can be as high as 50% of acquisition costs for new customers
• 3rd party identity checks have a failure rate of up to 20%
• Recent business KYC regulation requires the KYC of all individuals within a business
New revenues• Potential to sell identity services to other
private sector organisations, including Fintech
Rationale for Action
Participants from government and private sector organisations identified 5 key issues.
• Anchoring Trust
• Identity Models
• Consumer Experience & Lifecycle Management
• Privacy and Control
• Technology & Standards
Cross Sector Collaboration
Category Principle
Regulatory Promote Privacy
Regulatory Give Individuals Choice
Regulatory Require Transparent Accountability
Regulatory Allow Flexible Disclosure
Technical Enable Inclusive Access
Technical Use Open Standards
Technical Be Convenient
Technical Be Appropriately Secure
Commercial Ensure Commercials Support Privacy
Commercial Enable Transparent Exchange
Commercial Provide Clear Commercial Benefit
Commercial Build on Core Competencies
12 Principles of Digital Identity
Identity Building Blocks
Attribute Value
First Name John
Surname Smith
Age 42
Citizenship Australian
Email [email protected]
PEP Yes – Sister: Jane
An individual’s identity online is simply a list of facts about an individual
Identity
Claim
@
Proof Attestation
Email Address Access
Citizen Passport DFAT
Reputable Business
Anchoring Claims
Identity is a list of claims that can be shared by the individual on demand
23
Digital ID & Data Deliver Convenience
“Amazon’s Alexa is now your bank teller”Fortune. March 2016
“Alexa, turn on Welcome Home”
“Alexa, turn on the TV”
“Alexa, turn off my Bedroom Sonos”
“Alexa, what is my bank balance?”