How incumbent banks, particularly Swiss, can thrive thanks to GDPR and cybersecurity, even after PSD2, but need to embrace Bitcoin

data hackers

The usual story line goes that big old slow incumbents cannot compete with agile Neobanks with their hip UX and with their low costs that are unencumbered by branch networks.

If UX is the game, banks can at best play catch up. They can buy the hip UX ventures, only to be left in the dust as a new one emerges that is even more hip. Just when you figure out mobile apps, you have to figure out ChatBots with an AI back end. Just when you figure out ChatBots with an AI back end, you have to figure out…

Doing that with a clunky backend designed in the batch era is not just hard, it is almost impossible.

Playing catchup is a lousy game.

PSD2 made the playing field level

That was really bad news for incumbent banks. In theory, banks can win on that level playing field. In reality, if the game being played on that level playing field is how to create the best UX, banks will lose.  Agility wins that game and a Neobank is more agile than an incumbent Bank. If two teams play soccer/football on a level playing field and one has an average age 25 and one has an average age 55, I am placing my bet with confidence on who will win. If the 25 year old team has a 25 degree upward slope, the odds even up.

Consumers don’t care that much about UX

That is heresy. UX is the whole deal. That is the mantra we have all been repeating, but which I will challenge. Sure consumers care about UX. But how much do they care? How much do they care compared to things like low fees, low interest rates and that simple word – security.

Before getting onto security, look at this from the POV of those hip Neobanks. Read this post by Fred Destin of Accel, one of the best VCs, working at a top tier VC firm. The Customer Acquisition Cost (CAC) for Neobanks is a real issue. This is not like getting users to engage with a free social service. When money is at stake, people take longer to commit. Fear is part of that delay. Will the venture still be around years from now? Will they lose my money?  The fear may be irrational, but even irrational fear kills your CAC metrics.

The biggest fear is, will they lose my money? Will they lose my data? This is where banks could have an advantage – if they play their cards well.

The latest hack – Equifax – creates an inflection point in the market. It could be a disaster for banks. If they don’t take urgent and decisive action it will be. Or banks can seize the opportunity that this creates.

The Equifax inflection point

The Equifax data loss is a huge problem for institutions that live on trust from consumers. It impacts consumers in such a fundamental way, causes so much work and impacts every interaction with the banking industry. 

To anybody who understands a bit about cybersecurity, this was no surprise. Cybersecurity folks hold 3 truths to be self evident:

  1. Anything that is digital can be hacked. Nothing is secure. It does not matter whether you are a Fortune 500 company, Government, US Presidential candidate, mega Bank or payment network. You will get hacked. It is an arms race that the good guys are losing because every solution, no matter how clever and expensive, has a shelf life until the bad guys find a way around it (and the payoff for the bad guys is big enough and the Crime As A Service networks use the full power of digitization and Moore’s Law). Your identity can be stolen with ease and with a valid but stolen identity all the KYC & AML processes are useless.
  2. This is a Board level issue. Banks and other big companies are willing to spend whatever is needed because the cost of a breach is so high. This is an existential threat for the biggest companies on the planet. Attention is not the problem. Budget allocation is not the problem. A viable solution that does not create an awful onboarding UX is the problem.
  3. Eliminating static passwords is essential. With key loggers on mobile phones, everything you type on those phones is visible to criminal gangs. Which is a problem when we all live on our phones. If you drew a matrix with Great UX and Secure as the axes, it is obvious where Mobile phones sit.

There are only two ways out of this:

Scenario 1: everything moves to decentralised self-sovereign identity stored on a blockchain. This will make banks as we know them today irrelevant. The problem for ventures pushing in this direction is “how do we get from here to there, today?” It is a grand futuristic vision, but consumers want a solution today, not at some distant time in the future. The banks also will have trouble buying this vision. Telling a Fortune 500 board that their only hope is to move off centralised data centres to a fully decentralised Blockchain based network will get you some odd looks around the boardroom table.

Scenario 2:banks get their act together. Which brings us to the wonderful world of Cold War spy stories and the one time password.

One time password is the only answer – ask John Le Carre

If you steal the the one time password, you can steal the contents of that message/payment and only that message. And you have only a short time window to do do. This makes it theoretically possible,  but economically impossible for the thieves. That is fundamentally different from stealing data that is a key that thieves can use multiple times (such as a password, social security number, credit card number),

The one time password was extensively used during World War 2 and the Cold War. John Le Carre fans will know it as a key part of “spycraft”.

One time password uses cryptography. Don’t worry, you Bitcoin fans, we will get to that other cryptography later.

That totally messes with the frictionless UX

If you live in Switzerland, you may already use a hardware device that the banks give you (a “dongle”) that uses one time password technology. Many Banks insist upon it. But each dongle is bank specific and can be rather unfriendly to use, making onboarding harder. Once you get used to it, the dongle is fine, but the onboarding experience is lousy.

This is where the opportunity lies. The onboarding pain of a one time password dongle makes consumers reluctant to switch to a new bank if they have to adopt a totally new dongle. The incumbent bank can argue “why not keep all your accounts with us, we can do all the account aggregation and reporting that you need”.

Of course a Neobank can also use a a one time password dongle. It will make them significantly less hip and mess with the lovely UX, but it will be significantly more secure. Personally that is a trade off I am able to live with. 

So how do you find early adopters to use this secure account with a harsh onboarding UX? Up to this point, incumbent banks will be doing the nodding dog act. The takeaway will be “just protect the base by being ultra secure”. 

This is where incumbent banks will start getting uncomfortable because my recommendation is that they offer a secure service to Bitcoin investors.

The newbie Bitcoin investors pain point.

The Bitcoin veterans tell newbie Bitcoin investors to have hot wallet and a cold wallet and the cold wallet needs to be on a hardware device that you put in a  safe. They look with scorn on anybody who thinks this is a pain.

If you have a lot of Bitcoin on your hardware device, put it in a bank vault rather than relying on a home safe.

Does that remind you of the gold business?

The reason I wrote “particularly Swiss” in the headline is that Bitcoin is legal in Switzerland. Sure you have to ask investors/customers for AML/KYC checks, but that is not a problem. Just don’t accept Altcoins designed for the dark web. Dark web users don’t use Bitcoin so much any more because it is trackable. With a bit of work it it is quite feasible to define a service to store Bitcoin that passes AML/KYC checks.

However, once they have done this, banks do not need to give that information to anybody who comes knocking asking for the data, which brings us to GDPR and Switzerland.

Switzerland by law is already ahead of GDPR – customers have data privacy as a right.

Bitcoin investors is a tiny market today, maybe 1% of the gold market. Read Peter Thiel’s Zero To One to see the value of starting with a tiny market that nobody else cares about that may grow in future (for example PayPal started with power sellers on eBay).

Image Source.

Bernard Lunn is a Fintech deal-maker, author, investor and thought-leader.

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.

Mexico, LATAM’s biggest Fintech ecosystem, implement Fintech regulatory framework

Mexico is now the largest Fintech ecosystem in LATAM with over 240 Fintech startups, a YoY growth of about 50%. In the last year it has overtaken Brazil in Fintech growth as per Finnovista’s Fintech Radar (July 2017). But more importantly, Mexico is soon to become the first LATAM nation to have a regulatory framework for Fintechs – a key milestone very few nations have managed to achieve.


Mexico has always been a huge Fintech opportunity with about 60% of the 127 Million unbanked as per World Bank. With the country’s growth forecasts being revised upwards for 2017 and 2018 the momentum has always been there. A high Internet and smart phone penetration, a strong ecosystem of entrepreneurship and e-commerce, and a low banking penetration, are a few of the features of the Mexican market that make the country one of the most fertile areas for the development of the Fintech industry. It is currently the fastest growing Fintech nation in LATAM.

However, setting up a Fintech regulatory framework is stepping into a whole new league. The Mexican financial regulatory set up has the following stakeholders:

  • Comisión Nacional Bancaria y de Valores (CNBV)—National Banking and Securities Commission
  • Secretaría de Hacienda y Crédito Público (SHCP)—Secretariat of Finance and Public Credit and
  • The Bank of Mexico (Banxico)

The regulatory framework for Fintech being proposed covers the following aspects,

  • A Financial Technology Institutions Committee will be set up and will consist of two representatives each from SHCP, the CNBV and Banxico.
  • This committee will be responsible for granting Financial Technology Institutions permissions to operate in Mexico.
  • A standard definition of who would be considered Payments, PFMs, Crowdfunding, Robo-advisory firms would be published.
  • Bitcoins and Crypto currencies would also be addressed as part of the regulation, however its being proposed that Banxico would act as a referee for operations of these firms.

The framework is aimed at providing clarity on rules, and thereby creating efficiencies and cost savings for Fintechs and consumers. The proposed regulation will be reviewed by an external commission, and then be submitted to the Senate to be voted on. If the bill is approved by the Senate, finer details then would be put into secondary laws.

The sentiment around Fintechs in Mexico about this development remains positive. The Mexican regulators can take inspiration from the likes of FCA and their initiatives such as the Sandbox to help Fintechs within the country.

If implemented right, a light touch regulatory framework would go a long way in capitalising on Fintech within Mexico which has already seen 400% growth (highest in LATAM) in the sector in the last couple of years. And they may be the first to do so not just within LATAM but across the developing world.

Arunkumar Krishnakumar is a Fintech thought leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.




What follows is a Chinese translation of today’s InsurTech post on Daily Fintech by Stephen Goldstein, with translation by Zarc from InsurView. This article will also appear in Chinese on the InsurView site. To read more Fintech content in Chinese, you can scan the following QR code by Wechat and subscribe to InsurView’s Wechat account.

以下是今日DailyFintech发布的由Stephen Goldstein撰写的InsurTech文章的中文翻译,由InsurView的Zarc进行翻译。 本文也将在InsurView网站上以中文显示。 要阅读更多Fintech的中文内容,您可以扫描以下二维码,并订阅InsurView的微信公众号。




在关注这些消息的同时,我也在为即将第一次参加的Insuretech Connect会议做着准备。在看了下会议事项和发言人名单,以及其他保险和保险科技领域内的新闻后,我打算列一下我希望在Insuretech Connect中了解的事情以及与各位参会者讨论的议题。



前几天我用谷歌搜索了一下关键词“飓风 保险”,弹出了大量搜索结果,以下是部分标题:

























我很期待在下周的Insuretech Connect会议上和大家见面,探讨上述问题。

Tropical storms pour flurry of topical Insurance news in advance of Insuretech Connect


I do not want the title of this week’s post to upset anyone who has been affected by any of the recent storms we have seen hitting the US or Caribbean Islands.  My thoughts and prayers do go out to those and their families that were caught in these awful storms.

These storms have been in the headlines for weeks, not only for the devastation that they are causing to people’s homes and businesses, but also, how insurance will play into the process of rebuilding in these areas.

In parallel to reading the various articles about this, I have also been preparing to attend my first Insuretech Connect in a couple weeks time.  As I have been reading through the various topics and speakers that will be available, along with other current news relating to Insurance and Insurtech, I wanted to list out some of the things I’ll be looking to learn about more and discuss with those of you attending Insuretech Connect.  

(This is also some foreshadowing to some more detailed topics I will discuss in future posts!)

Catastrophes – reminding us just what is important about Insurance

Doing a quick Google news search of the terms ‘hurricanes insurance’, the other day, a variety of headlines came up, a sample of which included:

Flood insurance rates impacted by hurricanes

How to get the most from your insurance company following a natural disaster

Hurricane Irma will hammer insurance industry — up to $65 billion in damage is projected

As an insurance professional, these articles bring to mind the 3 pillars of Insurance. These three pillars are critical in the Insurance supply chain, and wherever you sit in that chain when it comes to Insurtech, you need to understand these 3 fundamental things (these pillars are applicable to all types of insurance, not just catastrophe insurance).

  1. PricingWas the policy I purchased priced properly to take care of the costs of the insurance company running their business and will they have enough
  2. Reserves – to pay my
  3. Claims – in a timely manner.  Cue…

Smart contracts are the future of Insurance (and everything else)

AXA has launched a new travel insurance product last week which will utilize smart contracts based on the blockchain to payout claims.  AXA is not the first to launch an Insurance policy with a smart contract, but it does represent a trend for both the Insurance and financial services industry as a whole to migrate to blockchain.  The blockchain and it’s uses and benefits for the Insurance industry are a completely separate topic that I will write on in another post.  This trend is so important because of the third pillar, claims.  

In a conversation I had last week with someone influential in the Insurance industry, we agreed that the key inflection point for a customer in the Insurance supply chain is at the point of claim.  While many Insurtech startups and Insurance incumbents are focusing on the purchasing experience of Insurance for a customer, I don’t see enough focusing on the claims process.  Claims have many areas to think about:

1) How do you respond to a policyholder the moment you know they have to make a claim?  Making a claim means that you have just had a potentially devastating moment in your life (health procedure, car accident, death of a loved one, etc).  What is the first reply an insurance company gives to a policyholder when they find out they make a claim?  How do they demonstrate empathy with this customer, who may be dealing with tragedy?

With AXA’s product, a policyholder doesn’t even need to file a claim.  That’s the best reply an insurance company could give me when needing to make a claim…’We realize that your flight was delayed and we’ve credited money into your account as part of the claim for the coverge you have bought.  There is nothing else you need to do now…enjoy the rest of your travels.’  Brilliant!

2) How was the assessment of the claim done?  Was it based on a predetermined set of rules that was clear and transparent or was a decision made by some claims adjustor without any reason?

3) How quickly will the claims get paid?

There are many solutions that are in the market now which address these questions in silo.  Further, it is much easier to address these questions in more common, smaller-sized claims.  As full stack Insurtech moves more into the life and health space, these questions will need to be more closely analyzed and carefully addressed.  

The next topic does not relate to the recent news on Hurricanes, but was in the news last week and are very interesting when it comes to Insurtech, and is a common theme we have covered here in Daily Fintech before

Insurtech doesn’t need Insurance incumbents, right Reinsurance incumbents?

Last week, Metromile announced their partnership with JLT Re.  Since I have been following Insurtech, I was amazed by the amount of work being done by Reinsurers in this space (particularly Munich Re and Swiss Re).  I say I was amazed, because once I thought about it more, it made complete sense as to why they are.  In the most basic of explanations, Insurers use Reinsurers to pass on some of the risk it takes on from the business it writes.  However, if Insurtech, and the various benefits that can be brought to an Insurance incumbent in terms of more efficient and dynamic pricing, better claims ratios with less fraud and less expense overhead with use of digital (to name a few), will those same incumbents still need to pass on that risk to Reinsurance?  Well, it seems to me that Reinsurance incumbents don’t want to know the answer to that question, and that’s why they are so keen to enter the Insurtech space with authority and dominance – to ensure their relevance in the future.  

Speaking of Reinsurers and travel insurance…

I look forward to seeing many of you at Insuretech Connect in a week and a half to discuss these topics and more!

Image Source

Stephen Goldstein is a Rainmaker, Insurance aficionado and Insurtech deal-maker.

Get fresh daily insights from an amazing team of Fintech thought leaders around the world.  Ride the Fintech wave by reading us daily in your email

JP Morgan beefs up small business payments with

Jamie Dimon may think Bitcoin is a fraud, but it seems he’s still Ok for JP Morgan Chase to drop some ‘real’ money on other more mature fintech ideas in the B2B space.

Yesterday announced JP Morgan Chase had made an undisclosed investment into its automated billing platform for small businesses.

Unlike C2C payments, where the likes of Venmo have made inroads – and now Zelle – the B2B sector is still relatively nascent, and little innovation can be found.

Today allows its 2.5 million business customers to email or upload bills directly into its platform, initiate approval workflows if required, then authorize payment from the business’s bank account, removing any need to log in to a separate banking platform.

And for those businesses who’ve made it to the cloud, bill data can also be synced through to an accounting system, like Quickbooks or Xero, eliminating double handling.

What is interesting is that this workflow is essentially reversed here in Australia, and New Zealand. Here business owners typically upload invoices into their accounting platform first, then manually upload payment files to their bank, which is incredibly cumbersome. Very few banks offer automatic syncs between accounting platforms and banks for the purposes of initiating bill payments, making a serious step ahead in terms of functionality.

Alongside its direct offering, is building out a more comprehensive banking play, Connect. The Connect platform launched in 2016, and has allowed functionality to be effectively embedded inside a vanilla business-banking platform. One premise behind this is that it can help banks move a business from cheque to online payments. And not only does this offer the allure of reduced processing overheads, but it potentially presents another fee revenue stream.

Some research bodies suggest up to 50 percent of small business payments in the US are still being paid by cheque, however use is declining. But it is still significantly slower than many would like. According to the Bank of International Settlements, Americans make on average 38 cheque transactions each in 2015.

It’s not clear if Chase will use Connect or will develop a more customized solution for their customers, however the functionality will live inside Chase’s platform, with the potential to reach the bank’s 4 million small business customers. No doubt Chase are hoping it will win them some more too.

Daily Fintech Advisers provides strategic consulting to organizations with business and investment interests in Fintech. Jessica Ellerm is a thought leader specializing in Small Business.

ICOs: Two birds One stone

pablo (1).png

The digitization of financial services means that we are at the very early stages of tackling two significant social impact topics (Jason Bates says “Digital Banking is only 1% done”):

Financial inclusion – mainly in the “Rest”

Tokenization of the economy – on a global basis

Since the tokenization of our economies is really nascent, we are at risk of thinking of different aspects when we hear the term. We are even at risk of dismissal altogether of this emerging reality, from those that see this as fraud, exuberance, a fad. Jamie Dimon, a Greek immigrant that made it on the billionaire list, being one of them. Others, look at the thousands of tokens that have been issued (over 6,000 and growing as we speak) and the ever-increasing ICO rounds (over $250mil lately) and are naturally, worried about this young market.

There is room for all these concerns but the market will grow and advance with or without our opinions, thoughts, and concerns. The reality (including stumbles and crashes) will be exactly as Richard Olsen, co-founder and CEO of Lykke describes it and as David Siegel, CEO of 20|30 and the Pillar Project, quotes in the opening of his in-progress e-book The Token Handbook:

There won’t be millions of tokens. There will be millions of kinds of tokens. Richard Olsen

Today we are mostly focused on the thousands of fundraising tokens with a just a few functionalities, like tokens that represent ownership, or some rights, or rewards, or incentives.

Tokens are not only alternative fundraising (crowdfunding) weapons that make VCs stay up at night because of fear of extinction; as some like to believe.

Tokens will enable network effects and the creation of ecosystems, we cant imagine with the current business processes. These are the “other kind” of tokens that Richard Olsen is referring to, I believe. So, stay tuned.

The Zurich ICO summit organized by Smart Valor

For now, we mostly see crowdfunding kind of tokens and most of them can’t answer the question “Why this token?” without admitting that it is a quick, techie way to crowdfund and “acquire users” or it is an existing app that is tokenizing its self. Actually, in many cases, ICOs look more like Initial User Acquisition Events – IUAs. In some cases, like Civic which already had an app, the ICO was a cheaper way to KYC and onboard users and at the same time finance their growth (Civic can answer clearly the Why question).

What is important to keep in mind is that the technology of ERC20 tokens that has clearly facilitated the explosion of ICOs, isn’t going to help in building a community (be it developers or users) and therefore, there is no magic way in building “Network effects”.

A token sale can be a financing tool and a user acquisition tool! But it is not panacea for network effects.

Smart Valor, founded by Olga Feldmeier (ex-Xapo), organized the first ICO summit in Zurich with an amazing lineup of speakers from around the world. I was able to watch part of the conference which was streamed live. From the opening speech of William Mougayar and then some of the topics and angles during a few panel sessions.

Smart Valor is a blockchain venture that is focused on the tokenization of all kinds of alternative investments (real estate, funds, private equity etc.) on a decentralized platform that can make them accessible to Emerging markets. In other words, private banking kind of financial services for EM. You can hear more about the value proposition in this interview.

William Mougayar, the keynote speaker, reminded us that June 2017 was the first month that ICO funding ($600) surpassed the total seed-angel fundraising ($500mil). He shared his insight that on Sep 1. the market cap of cryptos was around $172billion and the amount from ICO crowdfunding was $1.7bil. This shows that ICOs were 1% of the total market cap. So clearly, there was simply a shift (diversification maybe) of 1% from cryptos into ICOs.

He reminded us that Ethereum ICO’d in the summer of 2014 and Ether started trading only one year later (summer 2015) when the network went live. Will this be one aspect of the self-regulatory standards that ICOs adopt going forward?

Here is my collection of self-regulatory standards to be considered. A few inspired from the panel discussions and a few additions of my own.

  • No more white papers, unless they are exceptional highly computational academic breakthroughs
  • No more token trading before the protocol or the app is live
  • More Smart tokens that release funds as milestones are achieved
  • Allocation of tokens with the whitelist technique (i.e. KYC users-signup and guarantee a minimum token allocation) so that communities are built and whales don’t dominate.
  • Avoid Slack and Telegram for pre-ICO community building because they are vulnerable to phishing (Chainalaysis reports $250mil have been hacked to date).
  • Ventures that can answer the “Why the token?” question with a vengeance, join the IGF.

Miko Matsamura from Pantera Capital (a San Fran. $100M ICO-only fund) highlighted a new self-regulatory effort the ICO Governance Foundation (IGF) which is an international organization and Swiss Foundation whose mission is to protect global ICO investors and facilitate capital formation for ICOs. It aims to create something like S-1 filling for ICOs. The Crypto Valley Association (CVA) also issued recently a code of conduct around ICOs.

Panel participants here. Source of original image

Efi Pylarinou is a Fintech thought-leader, consultant and investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.

Blockchain Bitcoin & Crypto Weekly CXO Briefing for week starting 18th September 2017

The Blockchain Bitcoin & Crypto Weekly CXO Briefing is all you need to know, each week, jargon free for CXO level business leaders and investors who will use this technology to change the world. Each week we select the 3 news items that matter and explain why and link to one expert opinion.

For the intro to this weekly series, please go here.

News Item 1: Bitcoin at crossroads after shedding more than $27 billion in value

Decrypted: Announcements over the past couple of weeks have set off Bitcoin’s price tumble. After its all-time high in the beginning of the month, China notified local Bitcoin exchanges to cease and desist. China ordered Bitcoin exchanges to shutdown, because they operate in the country without an official license

The shutdown of the exchanges coupled with the pressure that was created another announcement by China’s central bank earlier in the month, to ban Initial Coin Offerings (ICO), triggered huge price drops to the entire crypto market.

Our take: Chinese regulators have dealt a huge blow to the cryptocurrency market. These announcements have sent the cryptocurrency markets into a free fall. Early in the month the total value of cryptocurrencies was over $170 billion, while all this news caused panic and pushed it below $100 billion.

One of China’s largest Bitcoin exchanges, BTC China, announced that it will shutdown its operations at the end of the month, after considering the announcement made by Chinese regulators in early September. The BTCChina announcement was followed by OkCoin and Huobi that said they were shutting down their yuan-based trading operations by Oct. 31.

Investors in China have been using Bitcoin as a way to protect themselves should the yuan fall in value. Trading their yuan in for Bitcoin can allow Chinese investors to move funds outside of the country. Traditionally, China’s government has set a $50,000 annual limit on how much its citizens can move outside of the country. Buying Bitcoin was a way to bypass those rules.

The news has sent Bitcoin’s price plummeting. Last Thursday, the cryptocurrency dropped about 9% trading just below $3,500. That’s a significant drop from its all-time high of $5,013.91 on September 2. Along with Bitcoin, all crypto’s were affected. Ether dropped by 11% to around $240, Bitcoin Cash crashed by 17% to $417, Ripple fell 10%, Litecoin dipped to $46, while Dash and Monero each fell about 10%. So far, Bitcoin has lost more than 20% of its value since the Chinese regulators announced the ban on ICOs on September 4.

It is likely that panic-driven traders in China, South Korea, US and Japan caused the sell-off and the sudden price drop. But, I think its important to note that the ultimate plan of the PBoC and Chinese regulators is to provide and offer a licensing program for exchanges, not ban trading platforms. China’s central bank has been testing a prototype digital currency with mock transactions between it and some of the country’s commercial banks. China is seriously exploring the technical, logistical, and economic challenges involved in deploying digital money, something that could ultimately have broad implications for its economy and for the global financial system.

A ban on crypto exchanges won’t necessarily mean the end of trading in digital currencies. Major Chinese exchanges could make significant changes to their trading and offer peer-to-peer trading, instead of centralized exchange services.

Even though Bitcoin’s prices sharply dropped this week, Bitcoin has climbed more than 250% year to date, outpacing many other assets. Also over the weekend the price was relatively stable and rebounding to around $3,580.

News Item 2: Broken Hash Crash? IOTA’s Price Keeps Dropping on Tech Critique

Decrypted: IOTA’s price fell by double-digits due to cryptographic vulnerabilities found by researchers at Boston University and MIT.

Specifically, the researchers claim they were able to break the homegrown hash function “Curl” that IOTA was using as part of its digital signature scheme to secure user funds. The researchers were able to demonstrate how an attacker could forge a user’s digital signature and use it to steal funds.

IOTA in a blog post did not deny its Curl hash function was breakable, and the company has already issued a patch to the cryptocurrency’s code.

Our takeIOTA is a revolutionary new transactional settlement and data integrity layer for the Internet of Things. Its a new cryptocurrency that is focused on Machine-2-Machine (M2M) transactions. The main purpose of IOTA is to serve the machine economy by enabling M2M payments without fees.

The technology behind IOTA is based on a new distributed ledger architecture called the Tangle, which overcomes the inefficiencies of current Blockchain designs and introduces a new way of reaching consensus in a decentralized peer-to-peer system. For the first time ever, through IOTA people can transfer money without any fees. This means that even infinitesimally small nano-payments can be made through IOTA.

Currently IOTA with a market cap of approximately $1.4 billion, counts among its partners VW, Bosch, Innogy and Microsoft, has ambitions of becoming a standardized protocol that becomes embedded into the everyday life activities of users. IOTA also recently made its way into the cryptocurrency casino arena, with BitDice choosing IOTA’s Tangle for its platform.

But IOTA’s price suffered a heavy blow, after Boston University and MIT researchers claimed to have found vulnerabilities to IOTA’s proprietary hash function. DCI Director Neha Narula explained the findings in a post on Medium. She says the DCI reviewed the IOTA source code in July and were concerned when they found that IOTA developers had invented their own hash function:

“We found that IOTA’s custom hash function Curl is vulnerable to a well-known technique for breaking hash functions called differential cryptanalysis, which we then used to generate practical collisions. We used our technique to produce two payments in IOTA (they call them “bundles”) which are different, but hash to the same value, and thus have the same signature. Using our techniques, a bad actor could have destroyed users’ funds, or possibly, stolen user funds.”

The IOTA developers had written their own hash function, Curl, and it produced collisions, when different inputs hash to the same output. Cryptographic hash functions are important for cryptocurrencies because usually a transaction is hashed before it’s signed. If you can break a hash function, you can potentially break signatures as well, meaning that the mechanism used to determine if a transaction is a valid and authorized spend is broken. The mathematical integrity that cryptocurrencies provide hinges on this relationship being secure.

The cryptocurrency is still new, making it vulnerable, and creating price volatility especially when news like this break. But despite the price drop, on a monthly basis, it is still up 16%. Considering that the error was detected and reported by reputable researchers, and the flexibility and speed the IOTA team shown in fixing the bug, will eventually boost confidence. In the long run, robust and useful technologies will emerge from the use of IOTA.

News Item 3: Bitcoin in the Browser: Google, Apple and More Adopting Crypto-Compatible API

Decrypted: Initially conceived in 2013, the World Wide Web Consortium (W3C) has been working with Microsoft, Google, Facebook, Apple and Mozilla, to create a currency-agnostic web payment standard.

The new browser crypto API will allow browsers to easily support cryptocurrencies directly in the browser.

Our take: These days the majority of online shopping is happening on mobile devices and more than 66% are through mobile browsers, not native apps. This is a pain for most users, because each web site has its own flow, and most require users to manually type in their information (addresses, contact information, and payment credentials) over and over again. In most cases, people don’t complete their purchases, and conversion rates on mobile are much lower when compared to desktop purchases. Also, on the development side, its difficult and time-consuming to create and maintain checkout pages that support various payment methods.

With W3C’s Payment Request API, online merchants will be able to use simple standard ‘in-browser API’ to initiate payments from their checkout pages, regardless of what payment method consumers may prefer to use from their side. This exciting browser innovation clearly simplifies merchant-side integration requirements, but at the same time, it completely changes the dynamics on the consumer side as well. W3C’s Payment Request API streamlines the checkout process, making the experience consistent and faster for users.

How does it work? Its pretty simple. The browser saves the user’s personal information, billing address, shipping address and payment information in a safe way. When a shop requests the data the user gets prompted to allow transfer of data. This is done on the client side, meaning there is no communication to third-party providers needed and the data , once approved by the user , is just passed from the browser to the site. A website using Web Payments can request the user’s stored data, provide a list of accepted payment methods, process that data and send it to its server , entirely  skipping the checkout.

The new payment API supports several currencies and browsers. On the currency side it will support Bitcoin, fiat digital currencies and other cryptocurrencies, and for browsers all the big ones: Google Chrome, Microsoft Edge, Apple Webkit, Mozilla Firefox, Samsung Internet Browser and Facebook in-app browser.

The long term potential of this API is exciting, because it will eventually allow users to ditch card numbers, for new, secure and open payment methods. It drastically decreases the steps from adding products to the basket to confirmation of the purchase. In the best case the user only has to grant access to the data, and in the worst case, when no data is stored yet, the user needs to be entered it  once, just the first time, and then never again.

OpinionJamie Dimon: Bitcoin Is a ‘Fraud’

“Frenemy” is an oxymoron of “friend” and “enemy”. It refers to someone that combines the characteristics of a friend and an enemy. Someone with whom we are friendly and at the same time we dislike or rival. The term is used to describe personal, geopolitical and commercial relationships both among individuals and groups or institutions. 

For banks, Bitcoin and other cryptocurrencies are frenemies. On one end banks and governments are exploring and experimenting with cryptocurrencies and blockchain, because they see the innovation and disruptive transformation they bring to the table, but on the other end they see them as a huge rival that can jeopardize their core businesses.

So here comes the head honcho of a major bank, that basically said Bitcoin is a fraud, not a real currency, and that he would fire any employee trading Bitcoin for being “stupid.” Jamie Dimon, JPMorgan’s CEO, has been a long time critic of Bitcoin, dismissing the digital currency’s survival, back in November 2015.

Not long ago, in February this year, JP Morgan Chase, joined a group of 30 big banks, tech giants, and other organizations to create a group, called the Enterprise Ethereum Alliance to demonstrate a pilot of the financial technology and show off a spot trade on the foreign exchange market for global currencies, using an adaptation of Ethereum as the settlement layer.

Banks seem to be far more interested in blockchain, the technology behind Bitcoin. The reason they are so interested in distributed ledger technology, is because they think its a way to respond to the competitive threat that Bitcoin poses to traditional money. Banks and the governments that regulate fiat currencies, recognize that cryptocurrency is one of the few innovations that can securely and efficiently create and handle money, far beyond their control.

Banks want to adopt the efficiencies without the decentralization, the global nature and the low cost without loosing control. But you can’t have Bitcoin’s revolutionary nature, while removing all the things that make it innovative. I think Andreas Antonopoulos explains it best when he talks about why you can’t separate Bitcoin from blockchain:

“The big invention behind Bitcoin is not the currency, but it’s also not the blockchain. The blockchain, as a hash-chain set of blocks, is really not that novel and not that interesting. What is really interesting is the combination of all four things together, and the important thing we haven’t mentioned is the Nakamoto Consensus. The Nakamoto Consensus being the ability to agree on a set of consensus validation rules for transactions and blocks that are then implemented through a competition using proof of work”.

The belief that you can separate Bitcoin and blockchain is flawed. If you remove the reward, Bitcoin, and the Nakamoto consensus mechanism, what you have left is a slow database that needs central control and oversight to work. So how is this different from what is in place today? Sounds to me like an existing centralized system, where you need to trust someone, because they say you should trust them, and not the math (known as a proof-of-work calculation).

Sometimes it’s hard to tell true innovation from fraud. In 1903, the president of Michigan Savings Bank told Horace Rackham, an early stockholder in Ford, that the “the horse is here to stay but the automobile is only a novelty.”

The Internet has forever changed the world, and continues to transform our lives. Bitcoin and blockchain will restructure finance, even though most banks today see it as a big threat that can wipe out how they make money. Banks want to transform their industry, but in reality they can’t imagine disruption that changes the fundamental principles of what they do. Those that embrace change instead of fighting and calling it a fraud, will be the one’s that thrive in the new and emerging financial system.

Ilias Louis Hatzis is a Blockchain entrepreneur who writes the Blockchain Bitcoin & Crypto (BBC) Weekly CXO Briefing each Monday.

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.