Wednesday, March 27, 2013

Why banks will have to change to remain relevant

This is a blog that I wanted to write some time ago after having read an interview with Don Callahan, Chief Technology and Operations Officer at Citi. (Read here). In the article he discusses the learning curves that the bank had in working with the Google Wallet team. He highlighted the learnings (difficulties) that the bank had to keep up with the rate of development and innovation from Google. Quite interestingly, he shared his frustration as a client of the bank that he is an executive of. He indicated that he need a more integrated view of his financial position as a client of Citi.
This was quite insightful to me. While the executives of the bank could actually identify client needs accurately, they seem powerless to change it. (The fact that they had difficulty keeping up with the development of the Google Wallet may give some clues to why). The overhead, cost and sheer effort of keeping everything running as it is in big banks consume so much resource and management time, that it is just not possible to change things. And if it gets changed, it takes a long time. We all know this about banks.
 
The problem is that if banks are confronted with an inflection point, where the environment is going to change at a massive rate, or when they are confronted with more nimble competitors, they might not be able to respond. If this is not going to happen in the future, banks have nothing to fear as they would be able to just carry on as they are used to do, but....

Tuesday, March 26, 2013

Why I love movies - lessons for mobile payments

The beauty of movies is that one can reflect on the meaning of life through models and with indirect examples and do this in an entertaining way. Dharmesh Shah recently wrote an brilliant and entertaining blog on the lessons that could be learned from Moneyball. (Read here). It is really a worthwhile read.
Of all the lessons documented, it is probably important to reflect on the last lesson: "It's about changing the game. It's about seeing something that's not quite right in the world, and deciding you want to fix it." It is important to consider that mobile money is changing the game on a global level. While it is interesting to discuss some of the detail or get involved in some of the complex nuances, it is also important to consider that this is something that is "changing the game" in many markets.
 
As was the case with Baseball, we will have to consider that we are moving into a world that is different and that we will probably never convert back. The banking and payment industry is changing as cash will start to reduce. The role of banks and where profit can be made is shifting and only those that see this and adapt will keep on winning the World Series.  
 

Wednesday, March 20, 2013

A financial revolution in Africa.

The Foreign Policy Centre is a UK-based, independent, progressive foreign affairs think tank. Participants typically are from political parties, private sector and academia. If an organization like this produces a document referring to the "Financial revolution in Africa", one can take it that some kind of revolution is happening. (Read and download here). Or when Killian Clifford write about the "Rising Africa" in his blog (Read here), then there must be something there. There is very little doubt by people in the industry as well as close observers that something amazing is happening in Africa with financial services, but why and what is next?
The biggest reason for the spectacular growth in mobile financial services is because there is a need and that it is possible to meet the need with technology that actually work. There is also a spirit of optimism and a willingness to try out things that one do not see as much in other places. The degree of rampant innovation is almost unheard of. Also a new breed of consumers are starting to emerge with an open mindset and with big dreams. These consumers embrace new innovations and what is being made available as far as financial services are concerned, is proof of this trend.
 
While Africa consist of more than fifty countries, there is a high degree of regional integration. Because of historical political instabilities many people have been displaced across borders, or have willingly moved. Members of the same families often live in different countries and trade is often conducted across borders. A common currency is being used in some countries in West Africa and many trade blocks are being established in the region. The next wave of financial innovation will cut across borders and will accelerate the revolution. We have seen nothing yet.   

Wednesday, March 06, 2013

Some implications of placing the secure element on the phone

With more and more phones shipping with NFC radios, the possibility of actually seeing mainstream payments migrating into mobile phone tap-and-go, is getting more real. Of course the possibility of identity theft can't be under-estimated and will make the risk of fraudulent transactions even bigger. The key (of course) is to make sure that the credentials on the phone can not be tampered with. The only way that this can be done securely is to place one (or preferably many - so that one can have some expiry management in place) cryptographic keys in or on the phone. These keys would typically be derived from some secret root key and some characteristic of the phone or the MSISDN. IN this way, it is mathematically possible to prove that the payment transaction originated from the phone and that the card used was the card intended for the transaction.
 
The debate raged about where this cryptographic keys should reside (also referred to as the secure element). Some mechanisms were used to place these keys on removable memory devices or stickers, but until recently it was commonly agreed that the best place is actually on the SIM card as this is a very secure repository, it ties the keys to your phone number (the number is tightly integrated with the SIM card) and provides a proven mechanism to distribute the keys, physically.
 
Probably because of difficulty getting carriers to play and to increase the relevance for them, mobile phone manufacturers have now unveiled plans to place the secure element in the hardware of the phone. In this way, you would not need carriers to really be involved in the payment eco-system. While initially this seems like a great idea, thinking about it, this can potentially lead to many problems:
  •  Payment credentials are now tied to your physical phone and not your mobile number. While not so critical any-more, one cannot take out a sim card and transfer the payment credentials to another phone. The wallet would now be attached/tied to the actual phone hardware.
  • Version and change-management will be extremely hard. As an illustration, when your secure element has been compromised/corrupted, one will have to replace the phone (even though it may still be in perfect working order) and not just the sim card.
  • One will have to provide secure tools that can be fully trusted to remove a secure element or re-install new ones when a phone changes ownership for instance. Sim cards almost never change ownership, bit phones do. 
  • The process of buying a phone will now have to be controlled from a KYC perspective, as it would become critical to know who owns which secure element. We have this process already in place for sim cards, this will now have to become a double whammy process. Mister client, now that we have done the KYC for your sim card, we will also have to do it for the phone.
I think that placing the secure element in the phone, rather than in the sim card (where it belong), is a step backward. Stakeholders are messing up things because they are not making compromises to work with each other.