Crypto equity via ICO and the other innovation chasm

 

chasm.png

Are you a bull or a bear on this question?

– Crypto equity via ICO is the secret to unlocking innovation capital and is the bridge across the chasm between crowdfunding and public market liquidity. This is the bull case.

Or:

– Crypto equity via ICO is a haven for scamsters and needs to be heavily regulated. This is the bear case.

Today we shine a light on that question. First we outline the bull and the bear case. Then we ask some experts to give their views. Bias disclosure: I am a bull, but having seen a few waves of disruptive change I know that change takes a LOT longer than people think and that the early unregulated wave of any disruptive change has a lot of what are politely referred to as “sketchy characters” and less politely as scamsters.

The other innovation chasm

The old saw is “if it ain’t broke, don’t fix it”.

The corollary, for entrepreneurs, is “if it is broke, find a way to fix it”.

The innovation capital business is broken.

Most entrepreneurs understand the chasm between MVP (Minimum Viable Product) and PMF (Product Market Fit). The low cost to build MVP increases supply, but real demand does not change that fast, so lots of MVP ventures fall into the chasm (i.e. they fail).

The next chasm is less well understood. This is the chasm between PMF and Liquidity (via an IPO on the Public Markets and failing that via trade sale).

Today, we don’t see this chasm so clearly because there is a very expensive bridge across it – in a few locations. The very expensive bridge is provided by the big PE/VC Funds. Uber has raised over $8 billion and is still supposedly not ready for an IPO. That is an expensive bridge a) for the Limited Partners (aka the LPs aka the real investors who pay the PE/VC Fund Manager their 2 and 20 cut) and b) for the entrepreneurs (faced with all those preferential equity terms that toss founder and management equity to the bottom of the stack).

Not only is the bridge very expensive, but it is only available in a few choice locations. If you are in Silicon Valley, no problem, there are lots of expensive bridges. If you are in New York, London, Singapore, you have a few bridges. Outside those centres you are scrambling and doing so in the knowledge that some entrepreneur in Silicon Valley just raised 10x what you raised and is planning on using that to crush you.

It gets worse. Unless you do your IPO on NASDAQ or NYSE, you will face a discount. Look at the valuation discount of great companies trading on reputable stock exchanges all around the world. So now you have a second very expensive bridge operated by the “bulge bracket” investment bankers (such as Goldman Sachs and Morgan Stanley) who you use to “take you out to IPO”.

So, yes it is broken. The innovation capital business does need fixing. Whether some variant of the ICO is the fix is what we now turn our attention to.

Crypto equity via ICO 101

ICO = Initial Currency Offering.

It makes you think of IPO. That means it also makes regulators think of IPO.

Yet it is C for Currency, not company shares. You buy a Crypto Currency Token that you can use on the network.

Some examples of ventures that have been funded in this way include:

  • Storj
  • Lykke
  • Ethereum
  • ZCash

In all cases, traditional VC were not in control. Sure they could invest alongside everybody else. But they had no information advantage.

The Howey test (from an SEC legal case from 1946) is basically – if it looks and acts like an equity it probably is. Many ICOs fail this test, putting them in the regulatory cross hairs.

Crypto Equity Bear Case

It is very simple to raise money via an ICO. This will bring out honest entrepreneurs who are fed up with the current way of raising capital. It will also bring out crooks. It already has. So far the losers have been people playing with found money. For example if you invested in Bitcoin in 2009, putting some of those profits into Ether in 2014 seems pretty easy, even if you follow it up by losing on the DAO in 2016. It is quite different when Joe Q Public is invested from earnings that took 40 years to accumulate and which he is banking on for a comfortable retirement. If ICO scales, more crooks and more Joe Q Public actors get involved.

Crypto Equity Bull Case

Crypto Equity – done right helps ventures get across both chasms:

  • Chasm 1 between MVP and PMF. The investors are often also the users. They use the tokens on the network. So they help get the venture to PMF.
  • Chasm 2 between PMF and Liquidity. The Crypto Currency Token is traded. Speculators provide liquidity.

The fat protocol thin app thesis

This thesis was articulated by Fred Wilson of Union Square Ventures in August 2016. I urge you to read the whole post and the very informed comments from the community. If you don’t have time, these two pictures paint a thousand words:

IMG_1153

IMG_1154

 

 

The original thinking, from 18 months earlier and, amazingly prescient being  a few months even before the Ethereum ICO, was from Naval Ravikant (founder of Angel List who we have written about here, here and here).

What do the experts say?

The experts we reached out to are in what I call the “Other BBC” space (Bitcoin Blockchain Crypto), so they will be inclined to a bullish case. If you have an alternative view, please let us know in comments.

My questions to them are:

  • Use Case Suitability. Is ICO only suitable to businesses at what USV call the fat protocol layer? This will be very few companies. Or could the ICO, with some modifications and regulations, be used for any company? If yes to the latter, what do you see as the essential modifications and regulations?
  • ICO Lessons. What key lessons should entrepreneurs, bankers and regulators draw from the ICOs that have happened so far?

Use Case Suitability

From Fabio Federici

“I think we need to distinguish between two types of tokens. On one hand, we have the tokenization of equity, where the token does not serve any specific purpose in the product/protocol but rather represents a digital form equity as we know it today. While this will improve liquidity and efficiency, I don’t believe this to be a paradigm shift.

On the other hand, we have decentralized blockchain-assets, ranging from currencies (BTC), over commodities (ETH) to application-specific tokens like Golem (a decentralized AWS) or Storj (a decentralized Dropbox) (see @ARKblockchain). These are just some examples blockchain-based assets, where the value of the network is captured by its users, rather than a centralized entity – and that is what will power the next phase of the Internet. I believe that the most exciting use-cases are yet to come. Just like it was hard to imagine Google, Snapchat or Uber in the early days of the Internet, it is impossible to predict the applications that decentralized blockchain protocols will enable.”

From Oscar Jofre  (see our review of his Korecox venture here).

“I am a bull/bear crossover on this subject because of the lack of oversight even by the industry to make sure proceeds are used in a manner that will not cause a domino affect of disgruntled coin holders in an empty network.

Not everything needs regulations but given that the retail market is just learning of the crypto currency, the industry needs to mature so this can be a very viable method for companies to utilize.  Unfortunately at the moment we are not seeing that and my bear comes out because I am seeing first hand, how companies are using ICO as a form of equity raise and not having a care if the person purchasing their coins makes any return on that investment.”

Richard Olsen of Lykke:

“In future, any company will be able to take advantage of the ICO route. No regulatory changes will be necessary, because Lykke will acquire the necessary legal licenses and future ICOs can happen under the Lykke umbrella, www.lykke.com

ICO Lessons

From Fabio Federici:

“I think it is important to distinguish between the tokens representing pure equity, and blockchain-based assets that serve a purpose in a protocol. While the first is just a digital version of what we know today, the latter represents a new type of asset class.

Also, one should always take a close look at each asset before making a decision, whether it’s building on it, investing in it or regulating it. Many factors play into the evaluation of these assets, from the aforementioned purpose to the fundamentals, the code, the team and many more. We are still in the early days – ontologies and (e)valuation methods have yet to be developed.

The main lesson for me is to keep an open mind and evaluate each token or asset individually. We are in the midst of the rise of a new asset class that will change the world.”

From Oscar Joffre

“ICO’s are here and need guidance. They are not used to harm but to really bridge the large funding gap we have globally for companies.  The industry can choose to be proactive and self-regulate, which in the end will be better than regulators injecting in.”

Richard Olsen of Lykke:

“The new future has started – entrepreneurs, bankers and regulators have understood that ICOs are a new reality and are essential funding tools. They combine cost efficient funding with building a motivated network of supporters.”

 Conclusion

Crypto Equity is a gamechanger – if done right.

Those three little words –  if done right – cover a lot of complex detail.

We can leave that to regulators in each jurisdiction to create their rule books. That can take a lot of time and will devalue the frictionless cross border nature of ICOs today. Or the community can create a self-regulatory code of conduct as Oscar Jofre suggests. We have opened a thread on Fintech Genome where this initiative can be crowdsourced.

http://genome.dailyfintech.com/t/crypto-equity-via-ico-self-regulation/965

 

Image Source

Bernard is a Fintech thought-leader & deal-maker.

Get fresh daily insights from our amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.

Blockchain needs to become technically boring

boring-content1

 

Clay Shirky, in Here Comes Everybody, writes:

“Communications tools don’t get socially interesting until they get technologically boring.”

Two examples of boring technologies having a big impact on Fintech are QR Codes and Prepaid Cards.

Blockchain is definitely not boring. It will probably have a bigger impact than QR Codes and Prepaid Cards, but it may still fade into the sunset of overhyped technologies. It is exciting because that is a huge delta – change the world or dustbin of history.

I incline to the former – that Blockchain will change the world.

However, that promise won’t be fulfilled until Blockchain becomes technologically boring. This post looks at why that is true and at efforts to make it technologically boring.

War is exciting too, but not productive

The internecine wars among Blockchain technologists are really exciting for those on the front lines. For the rest of us, who cannot say anything technically profound about SegWit and Lightning Network and Proof Of Stake, it is alienating. Could we just get a product we can use?

The answer is no, not really, not yet. In this post we looked at the scaling challenges. TL:DR: there is still technical risk here. Or to put this another way, build a proof of concept, attend hacktahons and conferences, issue Press Releases, but don’t bet your company’s future on this – just yet.

The technical debates are pretty ugly. It is like watching Blue and Red states in America. There is no middle ground and a lot of dialogue of the deaf – if I shout louder maybe you will hear me and agree with me. The Bitcoin scaling debate has rightly been compared to a Civil War within the Bitcoin community.

The reason that there is so much heated debate is that this is no longer just a cool computer science open source project. Real money is at stake. That makes people cautious. Yet it is broken today – as it stands, Bitcoin cannot scale.  So there is technical debt and legacy code and innovators dilemma. Welcome to the real world.

Boring is good for employer, not employee

Java, the Cobol of the modern era is a good example. It is boring and for an employer that is a good thing. Java coders are abundant and inexpensive. As an employee, the words abundant and inexpensive signal bad news. It is much more profitable to be an expert in an obscure but hot language. Even better to be an expert in Blockchain. So few people really understand it technically and yet because the upside & downside for huge enterprises is massive and existential they have been spending multi-million $$$$ on Proof Of Concept projects.

The Multi-Million $ Proof Of Concept

Blockchain will make tea for you in the morning. Blockchain will also make you a better lover. Back in the real world, most of the systems that Blockchain is being proposed for could use standard database technology (aka boring technology).

The reality is that in 2016, just the word “Blockchain” unlocked enterprise budgets.

It is a good time to be a Blockchain guru. For companies looking to avoid the Blockbuster fate a pitch that “this could be how we become the next Netflix” is beguiling enough to unlock multi-million $$$$ budgets for Proof Of Concept projects. These projects cannot grow beyond POC, because there is still technical risk around scaling, but the prize is big enough so the budgets get unlocked. The POC is simply an option on the future.

You can take two views on this:

A. It is all nuts, all the money going into POCs is wasted because Bitcoin/Blockchain will never scale.

B. The scale of the opportunity/risk is so great that some wastage is normal and the cost of doing nothing is worse.

I incline to B but also think it could be done more efficiently.

Three Months and Six Figure POCs

Three months and budget in 6 figures is the normal rule for a POC if you cannot use the magic B word to unlock multi-million $$$$ budgets for projects lasting 12 months or more. Coding a prototype to show stakeholders is easy – it can be done in days or weeks. Before that some work to determine business strategy and the level of technical risk is needed. The key job is EAU (Education Awareness Understanding) for senior stakeholders. The ones making the big decisions need to understand Blockchain beyond the simplistic “it’s a distributed ledger” mantra. There is too much at stake to simply leave these decisions to technical people without any understanding of how it really works.

Two things to make Blockchain technologically boring

One should be able to:

A. Create smart contracts aka Blockchain apps as easily as building a mobile app with lots of free components and standard tools that millions know how to use.

B. Deploy to any Blockchain with any cyber currency with any validation scheme (Proof Of Work, Proof Of Stake etc) as easily as deploying to AWS or Azure or any other cloud service.

I can see enough progress both within Bitcoin (Segwit, Sidechains and Lightning Network) and Ethereum to feel confident that this will happen and while I cannot see exactly when this will happen, I do believe it will mostly happen in 2017. If not, then Bitcoin and Blockchain will disappear into the dustbin of history. Yes, there is a lot at stake in those technical debates!

It’s OK, we are Blockchain not Bitcoin

Then there is the enterprise wing of the Bitcoin party. Their line is:

“We don’t need Bitcoin.  That can be a failed experiment and it won’t matter to us because we just need to scale to enterprise level and that is easy”.

Yes, it is easy to scale a Blockchain system to enterprise level, but why bother? This handy decision chart helps you figure out whether you need a Blockchain.

Blockchain Decision

In the vast majority of cases, the answer is no. In those cases, enterprise tech companies like Oracle will happily sell you the technology that gives you what you need without any Blockchain. For a skeptical take on Blockchain by Oracle, read this. Moving from POC to enterprise deployment puts $ billions at risk. That won’t happen while there is technical risk.

That is why the “we don’t need Bitcoin because we are enterprise” line is baloney. If Bitcoin fails, it will drag Blockchain along with it. Technically we can insert a “better cyber currency” but if Bitcoin fails, the sentiment crash will kill Blockchain projects and Altcoins as well. The naysayers on the project approval committee will have a field day.

Google Deep Mind AI and Immutable trust without Blockchain

Boy is that a tough headline guaranteed to lose clicks! The headline where I saw this was in the Guardian and it did draw me in with “Bitcoin-like” in the headline. The use case is healthcare, but it applies also to banking as we will see later.

“Google’s DeepMind plans bitcoin-style health record tracking for hospitals”

Hat tip to famed Femtech leader Efi Pylarinou for sharing this in her Twitter feed.

However when you dig below the surface of the headline, as is our habit at Daily Fintech, you get a more nerdy conclusion that reflects back to our core thesis that enterprise Blockchain is a passing phase that will lead to maybe 1% of the current enterprise Blockchain POCs turning into large-scale deployments.

This was great tech reporting by the Guardian. They related some deep tech to a concern shared by millions – privacy of medical records.

“Google’s AI-powered health tech subsidiary, DeepMind Health, is planning to use a new technology loosely based on bitcoin to let hospitals, the NHS and eventually even patients track what happens to personal data in real-time.

Dubbed “Verifiable Data Audit”, the plan is to create a special digital ledger that automatically records every interaction with patient data in a cryptographically verifiable manner. This means any changes to, or access of, the data would be visible.

DeepMind has been working in partnership with London’s Royal Free Hospital to develop kidney monitoring software called Streams and has faced criticism from patient groups for what they claim are overly broad data sharing agreements. Critics fear that the data sharing has the potential to give DeepMind, and thus Google, too much power over the NHS.”

To understand the tech, dive into the blog post by the Google Deep Mind team to understand how verifiable data audit sounds like Blockchain but does not use a decentralized trust-less consensus mechanism to verify transactions.

What you will see sounds like Blockchain:

– immutable, append only: check

– Verifiable aka transparent in real time: check

– Merkle like tree structure: check

But it does not use a decentralized trust-less consensus mechanism to verify transactions. This makes it more efficient. There are no proof of work miners. Nor are there any as yet unproven consensus mechanisms such as Proof Of Stake.

The cost is some level of trust in institutions.

That pitch will resonate with the CXO suite at these institutions.

This is why I was writing as far back as November 2015 that the permission enterprise blockchain was a mirage beguiling both banks and IT vendors. This is like the Intranet phase of the Content Internet.

Commercial break: get these kind of insights ahead of the pack by subscribing to Daily Fintech – its free.

The big debate about PSD2, which we cover a lot on Daily Fintech, is who owns your banking data – you or the bank. Translate that to healthcare – where consumers care more about personal data and you have what Google is offering. Google is smart to launch first in Europe where consumers (and regulators) are more concerned with data privacy.

It’s binary. Bitcoin (and Blockchain) will either change the world or fade into the dustbin of history. When it does change the world (I think it will), then being a Blockchain guru will be about as exciting as being an HTML or TCP/IP guru today.

Image Source

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.

Japan is another rich developed country where Bitcoin is becoming respectable

magic-the-gathering-tcg

Respectable is a prelude to mainstream. Bitcoin needs to seem normal, legal and safe before it can go mainstream. In this post we look at the signs of that happening in Japan.

Switzerland is another example of a rich developed country where Bitcoin is becoming respectable. Switzerland and Japan also have strong currencies. This is the opposite of the theory that Bitcoin adoption would happen first in countries with failing currencies. Many people were drawn to Bitcoin by dreams of stateless trust based on math replacing more authoritarian governance. So the meme got established that Bitcoin would first go mainstream in countries like Argentina; we debunked that theory here.

Japan is the third largest economy in the world (after America and China), so Bitcoin adoption here is a big deal.

Japan is where we go for some of the early history of Bitcoin. Magic The Gathering Online Exchange became MTGox. From trading cards beloved by nerds, they went to trading a currency beloved by nerds. When MTGox went bust and lots of people lost lots of money, it became a byword for the lawless dangerous world of Bitcoin.

That could be the end of the story, but it turns out it is only the first chapter. In chapter two, Japan has made three moves to encourage Bitcoin adoption:

  • Regulated Exchanges
  • Legal currency status
  • Elimination of sales tax

This has led to some good business results:

  • No 2 in trading volume
  • 5,000 merchants accepting Bitcoin
  • Strong VC funding (in a generally weak environment)

Regulated Exchanges and Insurance

The MTGox failure was explained by a simple old fashioned problem – commingled accounts. When you buy IBM shares on NYSE, you don’t worry that the NYSE can get your IBM shares. That is an easy fix; but it still needs to be policed/regulated.

In 2016, Japan passed a bill that mandates that virtual currency exchange operators have to register with the Japanese Financial Services Agency and submit to on-site inspections and KYC practices.

This level of regulation encourages insurance companies to step up the plate and offer insurance to bitcoin exchanges (a subject we first covered in this post).

Mitsui Sumitomo Insurance cover ranges from ten million yen (US$88,500) up to one billion yen (US$8.85 million). It also covers loss from internal and external threats, including employee theft, mistakes, cyberattacks, and other unauthorized access.

The first customer is Japan’s largest bitcoin exchange, Bitflyer. By working with a highly professional exchange, Mitsui Sumitomo Insurance can also offer best practice advice. After a number of bitcoin exchange blow ups, the best practices are now well established. If a bitcoin exchange follows these, the risk of loss goes down (which is good for the Insurer) and being insured will help bitcoin exchanges to gain consumer confidence.

Fear of getting ripped off is no longer a deterrence to bitcoin trading. Now it comes down to standard risk/reward calculations that traders make every day. Today bitcoin offers two things that traders love – volatility and wide spreads. However, none of this could happen until the exchanges became safe.

Legal Currency status

The new law defines bitcoin as a legal currency that can be used to make payments and an asset that can be transferred digitally. That is simple but game-changing. You may pay for illegal things using bitcoin, but the currency itself is just as legal as a suitcase full of cash in a parking lot.

No sales tax

Later in 2016, Japan defined plans to drop sales tax on Bitcoin.

This is not yet a done deal, but could take effect as early as July 2017, according to CoinDesk. This means customers don’t have to pay tax for each transaction. This is similar to the early days of e-commerce when no sales tax was levied. This will make paying with bitcoin more attractive, by making it cheaper for the buyer and lower admin for the seller.

So much for what has been done to encourage adoption, here are the signs are that adoption is happening:

  • No 2 in trading volume
  • 5,000 merchants accepting Bitcoin
  • Strong VC funding (in a generally weak environment)

No 2 in trading volume

While China is easily the leader in Bitcoin trading volume, Japan is the silver medalist. As in China, a lot of the volume can be attributed to the fact that Bitcoin trading on exchanges is zero cost in China and Japan, encouraging frenetic trading that does not mean that much. Many say that real volume is less than 30% of headline volume.

While the trading volumes may be misleading, there is a wall of money ready to move into bitcoin trading if Mrs Watanabe steps seriously into the game. Mrs Watanabe is the archetypical retail investor in Japan. Culturally, Japanese retail investors have sought safe investment options. However, perpetually low interest rates since the 1990s led many to become active in the carry trade (in which investors borrow a low-cost currency like the yen and buy high-growth currency, netting a profit). It is a short step from that to trading in bitcoin, which is attractive to traders because of volatility and wide spreads.

The real proof of the bitcoin pudding is whether it is being used to buy and sell goods and services.

5,000 merchants accepting Bitcoin

Today more than 5,000 merchants and websites in Japan accept Bitcoin as payment.

We still cannot see merchant transaction volume, a subject we covered in our latest bitcoin ecosystem health check.

Some speculate that the Olympics, due in Tokyo in 2020, will give bitcoin a boost as visitors can pay in bitcoin rather than converting to Yen. This is where the sales tax could be critical.

Strong VC funding

In a generally weak environment for bitcoin VC deals in 2016, Japan saw two significant deals – bitFlyer and Techbureau.

bitFlyer

The third largest VC investment in 2016 happened at the end of April for US$27 million to Tokyo-based Japanese bitcoin exchange bitFlyer. It was a Series C round, bringing their total funds raised to $33.94 million. Investors include Venture Labo Investment and SBI Investment.

TechBureau

TechBureau, which operates a bitcoin exchange called Zaif and a permissioned blockchain platform named Mijin, raised $6.5m in a Series A. Participants in the round included Arara, a financial services firm; online information portal OKWAVE; VC firms Nippon Technology Venture Partners and Hiroshima Venture Capital; and FISCO, a corporate analysis firm. TechBureau bill themselves as a ‘Crypto-FinTech Laboratory.’ Many Japanese startups and projects were born in the lab including the popular Zaif bitcoin exchange.

Regulation does matter – ask Coinbase

Compare Coincheck which has the lion’s share of bitcoin merchant processing in Japan to Coinbase which has that position in America.  While Coincheck operates in a relatively benign regulatory environment, Coinbase is in legal battles with the IRS.

The key part of merchant processing is off ramp ie converting to Fiat. This a function of an exchange. Lots of traders also make for liquidity and price discovery which will be good for merchant adoption and mainstream use. So the Japanese focus on exchanges makes total sense.

Image Source

If you want to see these insights before your competitors, join over 16,000+ of your global peers who subscribe by email and see these trends reported every day. Its free and all we need is your email.

 

Another bitcoin ecosystem health check as we slide into 2017

screen-shot-2016-12-29-at-16-55-39

Gute rutsch is the Swiss greeting for New Year. Translation = good slide. I hope y’all had a good slide into 2017.

 Now for all those resolutions – like going for regular health checks.

As we try to determine the health of the bitcoin ecosystem, some regular health checks are called for.

We have done two bitcoin ecosystem health checks in the past –  in June 2015 and April 2016. We publish those today for reference. All the data we use is in the public domain and we publish our methodology, so anybody can run these tests at home – no expensive medical equipment or training needed. All we ask is that you tell us if you see a way to improve the testing methodology.

Yes, the image is of only one health check, which is price, but the reality is that the price is what gets people’s attention and the price is rising. The biggest barrier to traction is being ignored and we can see the Google Trends and price of bitcoin correlate well. A rising price gets attention and that may impact the other metrics.

Methodology

We look at 4 indicators

  • Indicator 1 = Price. What do investors/traders think? This shows the wisdom of the crowd with skin in the game. Yes, we can also see the madness of crowds in the chart, which is why our health check looks at 4 indicators not one.
  • Indicator 2 = Merchant Transaction Volume. Is bitcoin being used as a currency in the real world? What do merchants and their customers think? This is a good forward indicator – like a blood pressure check. The problem is that this data is tough to get.
  • Indicator 3 = Cost Per Transaction. It ain’t free, but we hope it is cheaper than credit cards. Entrepreneurs will markup cost to provide valuable services, but what is the cost?
  • Indicator 4 = Transaction time. Is this approaching the “human real time” (a few seconds) that consumers expect from digital services? Or will we have to trust centralized intermediaries to make it look like human real time (rather ruining the core proposition of bitcoin)?

For data we mostly use Blockchain.info

Note: in order for this doctor to have a holiday, the health check took place in December 2016.

To discuss and improve the methodology, please go to this thread on the Fintech Genome. We are open sourcing our methodology in order to get contributions from the community to improve it.

Why 4 indicators are needed

If your doctor only ran one test, they would be negligent. The bitcoin ecosystem is complex and therefore also requires a number of tests. I am using this analogy to debunk three memes that took hold in 2016:

  • Meme # 1: Don’t worry about the bitcoin currency use case. The thesis is that bitcoin is just a store of value like Gold (so price is the only thing that matters). This is mostly said by people who own a lot of bitcoin “talking their book”. It is also said by bankers who find the idea of a currency outside their control to be deeply disturbing. It is far from certain that bitcoin will gain mainstream traction as a currency, but I am absolutely certain that bitcoin cannot be a reliable store of value if it fails to become a mainstream currency. It is hard to imagine a store of value (as opposed to a speculative instrument) that you cannot also use as a currency. Tulips is not a good case to cite. Gold is both a store of value and a currency; prudent people use it as a hedge against Fiat currency failure on the assumption that people will accept Gold in return for goods and services if everything goes pear shaped . Speculators will do what you see in that price chart spike in 2014 – if you bought at the bottom and sold at the top, well done; most people did not do that in which case the spike and crash was meaningless. Long term wealth protection clients look for something a bit less volatile with some fundamental value. So, they will also want to see thar the other 3 indicators are healthy. It is hard to imagine the price of gold going to zero. It is not hard to imagine the price of bitcoin going to zero if the other 3 indicators show sickness. Great cholesterol numbers are no consolation if you have cancer.
  • Meme # 2: bitcoin is just the first application use case for Blockchain technology and it is OK if bitcoin fails. If Indicators 3&4 are weak, then it means that all consumer Permissionless applications will fail. Without consumer Permissionless applications, the Permissioned enterprise Blockchain stuff will just get rolled up into the Oracle stack and be a footnote in enterprise technology history.
  • Meme # 3: Cyber currency is inevitable, it just might not be bitcoin.If bitcoin fails, after so much hype, it will take a really, really long time before another Cyber currency gets past the resultant skepticism. This brings to mind the famous quote by John Maynard Keynes in 1923:

“The long run is a misleading guide to current affairs. In the long run we are all dead. Economists set themselves too easy, too useless a task if in tempestuous seasons they can only tell us that when the storm is past the ocean is flat again.”

Indicator 1 = Price

Look at this long term price chart:

screen-shot-2016-12-29-at-16-55-39

The 2014 spike is pure speculation. The 2016 price chart looks more suitable for investors – as long as the other health indicators come out OK.

One of our 2017 Predictions is:

“bitcoin price will go past its all time peak of $1,242 (from 2014) and then settle back just below $1,000 for most of 2017.”

If that prediction is true, then bitcoin will be seen as best performing currency of 2017. That will bring in mainstream investors.

The problem is that you can assess bitcoin as a store of value in three ways:

  1. currency
  2. commodity
  3. startup stock

The latter is where we get the wild forecasts of a single bitcoin being worth $100,000 or $1,000,000 (from about $966 as I put key to pixel). Before dismissing that as crazy, consider the fact that one share of Berkshire Hathaway is worth about $250,000

Like a stock, the supply of bitcoin is fixed. In the case of bitcoin, it is fixed at 21 million. If you own 210,000 bitcoins you own 1%. That is why bitcoin people talk about market capitalization (which is not how you talk about currency).

Bitcoin as an asset class is gaining some momentum. For example, Polychain capital, a hedge fund investing in digital assets has managed to raise $15m from top tier VC such as Andreesen Horowitz and Union Square Ventures.

The near zero correlation to other asset classes is attractive. Volatility and liquidity look fine.

This is where the other tests matter. Investors will happily take a punt on a big upside if the downside risk is protected. If you bought bitcoin in 2009 it was like buying founder stock – you have no downside. If you buy bitcoin in 2017, you spend real money. For downside risk to be protected, bitcoin must be more than tulips. It must be a real currency. Which brings us to Merchant Transaction Volume.

Indicator 2 = Merchant Transaction Volume

We want to track this because we need to see how much are people paying for goods and services using bitcoin. In short, is bitcoin being used as a currency?

To track this we need to subtract the transactions done for speculation or money laundering.

This data is surprisingly hard to find. One data point on Blockchain.info that is helpful is Number of Transactions Excluding Popular Addresses.

This does show some reasonable growth and excludes speculative bursts around events such as Brexit.

Hard data is hard to come by, but we see anecodatal evidence such as (from Techcrunch) that Airbnb CEO Brian Chesky asked for product suggestions for 2017, and accepting Bitcoin payments was the number one most requested feature for the company.

Is there a better data point to track? I imagine that big payment processors such as Coinbase, Bitpay and Circle have this data, but do they put this in the public domain?

Indicator 3 =Transaction time

The Average Transaction Confirmation Time shows this. There is nothing dramatic about this chart, it looks stable as one would expect unless there had been a significant change to the protocol. The problem is simply the numerator, which is in minutes.

This is where we expect to see a lot of change in 2017 as Segregated Witness and Lightning Network roll out. For background on these scalability issues please read this post.

Indicator 4 = Cost Per Transaction

Blockchain.info shows this. The data problem is that this chart is in USD, so the exchange price gets in the way. What we need is cost per transaction in bitcoin (just like we use transaction volume in bitcoin). If anybody knows where to find this, please tell me. Maybe one could compute this from a mix of things like Hash Rate and Difficulty. However, that is a nuance. The big picture is that small transactions are not economic today. Which means some combination of offchain centralized processing and/or use of Sidechains. This is another area where Segregated Witness and Lightning Network rolling out in 2017 will have a big impact.

Past checkups

As you can see, the methodology is evolving.

April 2016

June 2015

Image Source

If you want to see these changes coming before your competitors, join over 15,400 of your global peers who subscribe by email and see these trends reported every day. Its free and all we need is your email.

Strong user authentication could enable big companies to get insurance from cyber crime

 cyber-crime

This is day 4 of Digital Identity Week.

This post is about the theory of the “insured Internet”.

Most people who track cybersecurity agree on: 

  1. Anything that is digital can be hacked. Nothing is secure. It does not matter whether you are a Fortune 500 company, Government, US Presidential candidate, mega Bank or payment network. You will get hacked. It is an arms race that the good guys are losing because every solution, no matter how clever and expensive,  has a shelf life until the bad guys find a way around it (and the payoff for the bad guys is big enough and the Crime As A Service networks use the full power of digitization). Your identity can be stolen with ease and with a valid but stolen identity all the KYC & AML processes are useless.
  1. This is a Board level issue in big companies. They are willing to spend whatever is needed because the cost of a breach is so high. This is an existential threat for the biggest companies on the planet.
  1. User authentication is the key. Eliminating static passwords is essential. That is why the biggest tech companies in the world came together to create the FIDO Alliance. This is too big for one company and is critical to all.

The idea of the “insured Internet” is that the security of a customer’s data is protected to a level that it can be insured at a reasonable price.

Trusona

The company who can deliver this fully secure authentication with one time passwords today is Trusona (one of the members of FIDO Alliance).

You can see their demo on their home page, which only takes a few seconds. They unveiled this at Finovate Fall 2016 (where they won Best of Show). The founder was able to give the demo 4 times during the 7 minutes allocated by Finovate, while still leaving room for a relaxed, jokey talk to make the point about how easy this will be for every mainstream user. This is grand-parent friendly.

For the story behind the dongle based technology, which is free to users, read this post on NetworkWorld.

“The TruToken dongle is the miniaturization of anti-ATM-card cloning technology made by MagTek that reads not the digital data recorded on cards’ magnetic strips but rather the arrangement of the pattern of the barium ferrite particles that make the strips magnetic. The particles are so numerous and so randomly placed that no two strips have identical patterns, says Ori Eisen, Trusona’s CEO. That also makes the strips unclonable, he says.

In order to use the authentication system, the Trusona app on the user’s device connects to Trusona’s cloud. The user plugs in the dongle, and if the dongle ID and device ID have been paired, the user is prompted to swipe a card with a magnetic stripe that has also been paired with the user. That can be a credit card, driver’s license, library card, etc. The barium ferrite particles must match.”

Before starting Trusona, Ori Eisen was worldwide fraud director at American Express. So he knows why credit card companies have to charge so much – combatting fraud is expensive.

This is particularly important in America as it makes the transition from mag stripe cards to EMV (we covered the implications in our August 2015 post).

I imagine the Trusona sales pitch to SWIFT will be well received after the hacks they recently suffered (which we covered here).

Over a year ago we wrote that the only way out of the cyber security nightmare is to move off centralized data centers to a fully decentralized Blockchain based network.

“For Banks to seize this opportunity, they have to discard the notion that centralization = secure. Putting it all in one place with a great big lock has been the accepted way since banks started. Decentralization sounds wild, almost hippy, with echoes of anarchic P2P services such as Napster.”

There are many reasons why the Internet will return to its decentralized roots, but telling a Fortune 500 board that their only hope is to move off centralized data centers to a fully decentralized Blockchain based network would get you some odd looks. A Trusona pitch would be much easier.

Swiss Grand Parents may be first

If you live in Switzerland, you may already use a dongle with one time passwords. Many Banks insist upon it. But each dongle is bank specific and can be rather unfriendly to use, making onboarding harder. So the mass market rollout could happen first in Switzerland.

Not only is it easier for onboarding, but as the Network World article explains, the Trusona dongle adds an additional layer of security.

“The way the card is pulled through the card reader on the TruToken is also a unique identifier, Eisen says. People pull them through at different speeds, at different angles and from different directions in a manner that is readable and unique, he says.”

John Le Carre can explain

In October 2015, we wrote about how tokenization could be the trojan horse that will break the credit card rails.

“tokenization enables the one time password that a student of cold war espionage stories would recognize. If you steal the token/one time password, you can steal the contents of that message/payment and only that message. That is fundamentally different from stealing the Primary Account Number (PAN). If you steal the PAN (by physically stealing a card or reading the mag stripe encoded data from a merchant) you can steal a lot of money.”

Implications for InsurTech

This affects everything that happens online. If customer data is insecure, all the business models based on social, media, analytics, cloud and ecommerce are threatened. Securing data through strong user authentication makes the Internet viable. It is as dramatic as that.

Trusona happens to be first to market with some clever technology, but secure user authentication is much bigger than one company. That is why FIDO Alliance is backed by the biggest global Fin companies and the biggest global Tech companies.

One of the Board Members of FIDO Alliance is Abbie Barbir, who is a Senior Security Adviser at Aetna.

As this article in CIO points out:

“Cybersecurity insurance transfers some of the financial risk of a security breach to the insurer. But it doesn’t do a good job of covering the reputation damage and business downturn that can be triggered by a security breach. “

Also the cost of Insurance is totally dependent on your level of security. Imagine your car insurance premiums if you had to tell the Insurance company that you always left the doors open with the key in the ignition (and the title deeds in the glove box).

As CIO puts it:

“Cyberthreats are so broad that the cost of protecting against them all would be prohibitive.”

This will be a big market for insurance and, being new and tech enabled may leave room for an InsurTech innovator.

Image source

Daily Fintech Advisers provides strategic consulting to organizations with business and investment interests in Fintech & operates the Fintech Genome P2P Knowledge platform.

 

Capital Markets and IDs

id-card.png

In theory, we have been able to design Digital Identity solutions for a while now. However, the costs were prohibitive and interoperability issues needed to be solved.

Today, we can implement technology (hardware) that is cheap and this allows us to experiment and target opportunities that couldn’t be exploited before.

It is cloud computing, cryptography, public key encryption and peer-to-peer networking protocols that are the critical “cooking ingredients” for recipes that can solve costly and basic problems in Capital markets, like provenance, authentication and reconciliation.

In this post, we zoom into the Digital identity issue (whether for an end-user or a corporate entity) in Capital Markets. In traditional financial lingo, this is coined as KYC and it shifted on the very top of the stack of issues that keep up managers at night, mainly after Sep 11.

Currently in Capital Markets we are looking for the following qualities in a Killer Digital Identity solution:

  • Cheap
  • Ability to be accurately updated
  • Accessible and Granular = Interoperability and Granularity
  • Immutable

The last two qualities are critical and encapsulate the practical difficulties of such a service. A Killer Digital Identity solution should offer both individuals and organizations the ability to authorize actions on their behalf. This can range from settling a trade, to registering for a financial product or service like an investment product or a loan.

At the same time, it has to be granular so that only the pertinent bits of the Digital Identity are used.

This is what Pascal Bouvier has been pointed out for a while. It is critical because it enables individuals and corporates to choose how to interact with a merchant or a supplier or a client. Being able to have a secure way to divulge only the granular bits of information is the key. It is also the enabler to be used in different contexts without having to go through the whole process again.

Imagine a world that any individual can open a bank account for their consumer banking needs, a telco account, an investment account, a brokerage account …. with different institutions securely, with all updated info, without having to repeat the whole process (e.g. they all need a copy of passport or a digital picture but the telco account needs much less information than a brokerage account that allows me to trade options and futures and buy stocks on margin). In addition, in order to register a corporate entity for a business, imagine a world where one can avoid repeating the process that overlaps with all the above, the registry is able to obtain accurate Social KYC information around the shareholders and directors of the company (updated real time), and have access to any particular cross-border information necessary.

There is one Fintech based on the Isle of Man that has been focused on developing such apps using blockchain technology. Credits, has been working with the government on the Isle of Man to develop “The Federated Know your Customer” app that was demoed at the recent Misys World Trade Symposium. This sits on the cloud and has the four elements mentioned above. Credits is also in conversations with the UK government for use cases in regulatory reporting and healthcare. Credits has not been at all focused on creating some cryptocurrency or some decentralized app. They have been thinking differently, in that they are focused on solving specific problems in the infrastructure of capital markets. Digital ID has been their first use case.

We are in the very early stages leading towards an invisible ID for individuals and corporates for the variety of functions in Capital Markets.

Daily Fintech Advisers provides strategic consulting to organizations with business and investment interests in Fintech & operates the Fintech Genome P2P Knowledge Network. Efi Pylarinou is a Digital Wealth Management thought leader.

Introducing Digital Identity Week on Daily Fintech

unboundid-digital-identity

Are you really sure I am not a dog? Maybe I am a really smart dog with an AI implant pretending to be a human. Disclosure, Daily Fintech is written by a stealth mode AI venture as a proof of concept.

Seriously folks, you cannot know my Identity. To read a free post you don’t care. If you are going to send me money, you do care. You do not want to send money to my dog.

This week on Daily Fintech is all about Digital Identity (KYC as seen by the bank). This is part of a series where we look at the impact of different disruptive technologies on Finance. In the past we have covered Blockchain, Artificial Intelligence, Regtech, ChatbotsXBRL, Wearables and Open API.

Digital Identity touches on almost everything Fintech. It is the foundation of trust and trust is the foundation of value exchange. In it’s KYC guise, it is core to RegTech. 

Do you hate the trade-off between security and productivity involved in passwords? You can do it properly (long complex passwords that are different for each service and that you change regularly). which gives you security but is too much of a time suck for most humans. Or you can leave your digital door wide open to hackers. 

Do CAPTCHAs annoy you? Ever wonder how secure they really are? 

Do you find the easy way out of entrusting your identity to some big social media service that becomes your gateway to the Internet and knows your most intimate secrets a bit disturbing?

If so, you are not alone. Welcome to the world of Digital Identity, which is trying to find a solution for you.

Today is the briefing about Digital Identity. Then we resume normal programming by focusing each day on use cases within different customer segments:

Tuesday = Wealth Management and Capital Markets

Wednesday = Small Business Finance

Thursday = Insurance 

Friday = Consumer Banking & Finance.

Government Issued Identity Artefacts

In the West we are used to proving our identity with simple artifacts such as driver’s license, passport or social security number. In the Rest (Of the World), verifiable identity is the on ramp to financial inclusion. This was brought vividly home to me when waiting in line at a Post Office in NYC and witnessing the desperation of a homeless person being refused a PO Box because she had no physical address. Without that PO Box she would be refused the job she had applied for. She would be an unperson without any official identity.

What if you are a refugee or live in a failed state? What if a Government Issued Identity Artefact is simply not an option?

In India they are tackling this through the Unique Identification Authority of India also known as Aadhaar. This an example of “first the Rest then the West” (leapfrogging old technology). The Indian Aadhaar system does two key things:

  • first, enrolls people by taking 13 biometrics (10 fingers, 2 iris scans and a photo).
  • then, issues a unique 12-digit random identifier (11 random numbers and one check digit to be precise)

When a person uses their Ardhaar Number (for example to access a bank account), they present their 12-digit number and then the entity they are interacting with does an authentication step (to prove they are indeed the person the number they are presenting points to).  This authentication step then replies back yes/ no (the presented biometric either matches the one on file or it doesn’t).

This is far more secure than something like a Social Security Number in America which is easily hacked by identity thieves.

Biometrics – “what part of your anatomy does Sir/Madam wish to use?”

Biometric security, which aims to replace passwords and CAPTCHA, comes down to a simple question. Which body part do you want to use to identify you?

– Finger. This one scares me. It is hackable, by simply recording somebody’s fingerprint and putting that on thin film. I can change my password if I am hacked, but I cannot change my finger.

Eye: Iris recognition does not seem ready for prime time yet.

Voice. This has a nice old-fashioned ring to it. Voice recognition is like the banker who recognized your voice. The tech has been brewing for a while and seems ready for prime time. VoiceVault and Nuance are the two leading contenders. Voice is probably better for high value transactions than getting a coffee or paying for a subscription. Talking to my phone in the line for my coffee seems too much like the movie Her.

Typing rhythm. I never understood why BioPassword did not do better, it seemed so simple and elegant. Maybe mobile changed typing rhythm and created new rhythms around swipe.

There may be something new that emerges out of smart watches, such as pulse recognition, but that hits the universality problem ie not many people have smart watches.

That is why the Indian Ardhaar system takes 13 biometrics. It also uses low cost, robust/proven technology. This is not a laboratory experiment. It is a mass market deployment where every fraction of a penny counts.

FIDO – authentication with low friction

No, this is not your faithful dog.

The FIDO Alliance is an Identity Management consortium with 250+ members that are famous names in banking, insurance, e-commerce, authentication technology, payments, cellphone SIM suppliers and consumer electronics. The FIDO Alliance develops protocols and standards to authenticate users via their personal devices, so that users can get rid of passwords.

FIDO uses a hardware cryptographic device called Universal Second Factor (U2F), which generates a new key pair for every service that you connect to.

U2F does not rely only on biometrics. That is why it can claim the title Universal.

FIDO is designed to get the balance right between security and friction/ease of use. So FIDO allows for any of the factors of authentication to be used, such as:

– cryptographic tokens (think of this as something your device does for you to help authenticate you)

– biometrics

– somewhere you are (based on a geo-location service)

– something you know – a one-time password that is cryptographically created (and as any cold war espionage buff will tell you, one time passwords work very well).

The U2F protocol does not identify a user, it merely proves that someone has the device with control over a registered key.

Device based authentication from the past has major issues:

  • Magnetic strip card. This is your conventional credit card. These are fading out because they is so open to fraud. It only costs about $50 to buy a mag strip writer, and it’s easy to get your hands on cards to copy them.
  • Proximity card or RFID. These cards transmit stored information via RF (Radio Frequency). It is used more for identifying products (for example in a supply chain) than for people. For people there are privacy issues. For example, a Passport with RFID tags could be used by governments to remotely identify citizens of a given country by physical location (and in the wrong authoritarian hands that is dangerous).
  • Chip Cards. These are sometimes called Smart Cards or more technically Challenge/Response cards and Cryptographic Calculators. They perform a cryptographic calculation. Sometimes the card will have memory, and sometimes it will have an associated PIN (“Chip & PIN”) and sometimes not (“CHIP and Signature”). They are not fully secure on their own – being vulnerable to power-analysis attacks. The mobile money revolution can be seen as chip cards moving from plastic to just another service on your phone (which of course has a chip).

Authentication is not the same as Identification. You still need to identify yourself – for example, key in a 12-digit number if you are Indian. That is a pain point for new services that want to entice you in. You won’t key in a long identifier for a service you don’t know much about. That is why we need Identity Portability.

OpenID Connect – Identity Portability

OpenID Connect is about being able to use a common identifier across multiple sites (identity portability). As Open ID originated pre FIDO, they also did some authentication, but it now we can see FIDO as the solution to authentication and the two should be seen as complementary.

You have come across the idea of identifier portability when you log into a website using a service such as Facebook, LinkedIn, Twitter or Google (referred to as an Identity Provider service in this context). This approach lets users leverage one account across a multitude of sites across the web and gives people control over which attributes of their identity are asserted and to whom in a secure and privacy-controlled fashion.

OIDC doesn’t authenticate the user but rather conveys that authentication across the network. This is where FIDO plus OIDC is so powerful. The user can protect their primary identity using FIDO and use it all over the web using OIDC.

Something You Are and the privacy challenge

Digital Identity is such a thorny problem, fraught with technical, legal, societal and political issues, because your Personally Identifiable Information (PII) aka your digital exhaust (the trails you leave on the Internet) will define how you live your life (whether you get financing, get a job, get citizenship and so on).

This is what can change society and business at a fundamental level. There is a reason why Microsoft worked so hard to get Passport established – the upside is massive. There is also a reason why any company that gets close to this prize – whether it is Facebook or Apple or Microsoft – eventually gets consumer pushback.

As Ethereum’s Vitalik Buterin points out:

“10 years from now it may be harder to change identity providers than it is to change countries”

PII is so critical because this data determines your access to:

  • capital (how credit-worthy you are).
  • a job or customers (what you have done)
  • friends (who you know)
  • Your access to healthcare (your medical records).

The problem with your PII stored in centralized data centers is that data can be hacked and your identity can be discovered through data science technology. For example, one service provider may store your medical records and another your financial records and in both cases your identity may be masked from the service provider, but it is technically possible to identify an individual person from this data.

Maybe that data should be stored somewhere safer such as the Blockchain.

Sovereign Woman on the Blockchain

Blockchain technology can meet two fundamental needs:

  • Trustless and decentralized. Your Identity is not under the control of any institution (either Government or commercial).
  • Immutable. Nobody can change a record; they can only append a new record.

In this vision of the future, the human is sovereign and is in charge.

Consumer control over Identity enables granularity – you can have my driver’s license but not my passport or medical records and you can only have it for this one transaction. This could enable the Doc Searls vision of Vendor Relationship Management (VRM). I have been fascinated by VRM since I wrote about it for ReadWrite back in 2007. Some tech disruptions have to wait for a trigger to turn inevitable into imminent. The blockchain based identity systems may be that trigger. A similar vision is articulated in the book called Pull by David Siegel. This is a fundamental reordering of commerce. For all the talk of “customer first” a world where customers are really in charge will be a wrenching transformation for most companies.

This will challenge all the business models driven by big data. Translation of big data:

“We will assemble data about you so that we (or our customers) can sell to you in a way that suits us and maximizes our profit”.

The reordering of commerce enabled by consumer control over PII changes that to:

“I will buy from you when and how it suits me”.

It is also a fundamental change in our relationship with government. We are used to a world where our identity is granted to us by government. If humans control their own ID our relationship with government also changes.

This fundamental reordering could be made possible by Blockchain technology.

Finally, my thanks to Kaliya Hamlin aka Identity Woman, who helped me come up the learning curve on this subject (but any mistakes and misconception are entirely mine). If you want to really learn about Digital Identity, her site is a gold mine of intelligence.

Image Source

Daily Fintech Advisers provides strategic consulting to organizations with business and investment interests in Fintech & operates the Fintech Genome P2P Knowledge platform.