The blockchain evolution has begun
The blockchain evolution has begun
It’s Sunday morning – you check your balance and see that you have earned 200 euros from your house this week. While you have been sleeping and at work, strangers have stopped by your house with their electric cars and used your charger. Also, your neighbor’s son has been doing some heavy gaming with friends this week, so he bought the excess power from the solar panels on your roof.
Both the strangers using your charger and your neighbor paid you for every second of electricity, basically streaming money to you. The taxes you are obliged to pay for this income instantly goes to the government without any paperwork. Maybe you and your better half should go out and treat yourself to a nice dinner tonight? This is all possible thanks to a global infrastructure for trusted interactions – consisting of blockchains.
In early 2017 practically no one was aware of Bitcoin or the word “blockchain”. By Christmas 2017 those words were in every major news outlet. A lot of people are now wondering: what can this technology actually do for me? So let’s imagine we are a few years into the future and exploring your blockchain-enabled day in more detail.
Say you’re looking for a new job and you get a reply from the exact right person, to potentially get that dream job. Her schedule is packed, you had no friends who could introduce you and there are heaps of other people trying to grab her attention. So how did you manage to get the attention of this high-profiled manager? Well, you simply paid for her to reply – the 100 euros you offered were enough for her to take your request seriously. Your money was locked up until it timed out or she replied. You are invited to an interview next week. Your prospective employer has already verified your CV, your university degrees and grades from the US and Australia, plus your former positions in France and Brazil – they were all confirmed to be legit seconds after she read your email.
A fundamental shift
This week you earned money off your house, paid the relevant taxes and got in touch with a prospective employer who instantly verified the legitimacy of your CV. All without touching a piece of paper and almost without any effort on your part. So, what’s the difference between your story here and the current state of affairs?
Accounts, in this story, are not bank accounts but an address in a distributed ledger – a blockchain. A distinction you don’t really have to care about, but a fundamental shift in how we interact financially and trustfully. First of all, your house can’t have a bank account. Bank accounts are for human beings with social security numbers and it takes those accounts a few days to settle a simple transaction. Thus, that stranger buying power could be long gone before you know if she is willing to pay. Furthermore, you cannot program your bank account to autonomously decide whether some stranger pulling up in your driveway is offering an acceptable price for your power. Bank accounts don’t send money across borders depending on whether someone replies to an email or not – they’re not programmable. When you use a bank account you pay your taxes a year or so after the relevant taxable event, bringing down half the rainforest in the process.
It might change your life
Your ID is no longer plastic, it’s an entry into a global infrastructure for trusted interaction. Instead of printing a piece of paper and scribbling your signature at the bottom of it, your university in Australia signs a digital claim about your education. That’s why your potential employer can basically click a button and instantly verify that you have a certain degree and grades. Luckily all the other institutions they need a confirmation from also use the same global infrastructure.
“Your ID is no longer plastic, it’s an entry into a global infrastructure for trusted interaction.
Any technology shift needs some time to evolve before it becomes truly useful. In retrospect it might seem like it happened over night, but it’s very much an evolutionary process with a lot of trial and error. In the year 2000 you probably didn’t predict the rise of Facebook or AirBnB. A lot of people had a huge but vague faith in the internet and invested, even though they didn’t know what it would actually be useful for.
Today, few will deny the massive impact of the internet. Put your phone in flight mode and you quickly understand how much you rely on it. Despite that you probably cannot explain how the internet works. You might not understand how blockchain technology works either, and you might not see clearly what applications it will bring – but it still might fundamentally change the world and your everyday life.
One ID to rule them all
One ID to rule them all
What do 90 percent of all Swedes have in common? They use Bank-ID. In no time, a unified digital identification layer has become a daily savior. But sometimes trust comes at a high cost.
Large consumer banks have rightly been criticized for lackluster digital innovation and poor customer service. Fintech startups are running in circles around these dinosaurs and users are leaving in droves. Or are they? This is a story of one of the exceptions. This is a story of a revolution in accessibility and usability and huge risks. A story of how Sweden’s consumer bank oligopoly (Swedbank, SEB, Handelsbanken and Nordea) handed the keys to the kingdom to startup competitors, a story of radical empowerment, and a story of how a leapfrog in innovation could also turn out to be a technological dead-end on par with the French Minitel system.
Ladies and gentlemen, fasten your seat belts, this is the blockbuster story of Mobile Bank-ID. The story of WHAT?
As easy as touching your phone
Mobile Bank-ID. A secure digital identification, used by 90 percent of Swedes to open bank accounts, sign agreements, transfer money, take out loans and do tax returns. It’s as easy as holding your thumb to your Iphone. Gone are the scanned passport copies, logins, Pa$5w0rDs, confirmation emails, security questions and verification codes. No matter what the service. Even dating? Yep. The first thing many Swedes do when they buy a new phone? Yep, they log into their banks and install the mobile Bank-ID app on their phones. Most likely the service has wider national distribution than Facebook.
“What does it mean when an entire population is digitally identifiable?”
As a society we have adopted an immensely important and empowering technology, equal to GPS or credit cards. With little or no public debate as to the risks and issues. It just happened, with the consent and active support of the government. You see, we Swedes have no to little skepticism of centralization and we jumped like lemmings. We have put our digital IDs, our digital personas, squarely in the hands of banks and a small private company going by the name of “Finansiell ID-Teknik BID AB”.
Well, what do you expect in a country where every citizen is sampled for blood at birth, and where people (on average) like that fact that booze is only sold in state-run monopoly stores? As a matter of fact we love our Bank-IDs – 2.5 billion times yearly and growing rapidly to be precise. At the moment Bank-ID is used on average about once per day per Swede all year around. How did Sweden create a unified digital identification layer, and what does it mean when an entire population is digitally identifiable? It has enabled citizens digitally and made business easier, but how did we come to trust it so fast? Is it because practicality rules, or because Swedes blindly trust authorities and banks? Truth is, it’s really not that safe.
A logical evolution
Let’s start at the beginning. What is identification? Back when societies were small, and technology simpler than today, you knew if Sam was Sam by the looks of his face. Sam got into his bank vault just by showing up at the bank. The passport was invented in the 1400s by the British, but before World War I the use of identification documents was uncommon. As travel increased in the early 1900s the use of identification documents increased as well, among other things to combat espionage, and has been increasing ever since. Today, the banking system has been walled off by Government’s identification demands to stem money laundering. Banks are required by law to accurately identify each and every customer to understand where and why money enters the system. Normally, this identification is carried out by showing your ID card or passport. As banks have come to store most of our valuables in carefully protected digital bank accounts instead of physical bank vaults, accessing these with digital identification is a logical evolution. And so we started using passwords, PIN codes and other digital IDs.
Back in the present. In Sweden, as a market and an ecosystem we have solved a slew of challenges at once. Digital access to government services is solved. Digital signatures of documents is solved. Distribution of new fintech services is solved. PSD2 is solved. Instant payments is solved. From the eyes of fintech entrepreneurs this is heaven. Onboarding new users to a complex financial service is an astonishingly simple and powerful experience.
Surely this is socialist state Sweden forcing technology on its citizens. Or a zeitgeist-attuned entrepreneur inflicting technology on the people. Actually, the banks did it themselves. The incumbent, oligopoly-wielding, consumer banks of Sweden gave away the keys to their kingdom. In an astonishing feat of cooperation and consensus-building, a national digital ID standard was created.
Fuelled by dot-com optimism
The birth of Bank-ID came in the early 2000s, when EU amended the law to equate digital identification to physical identification. Fuelled by dot-com optimism, an unholy alliance of government and banks started driving the digital development of Sweden and in 2003 the first digital Bank-ID was issued. A few key governmental services were adapted and astonishingly enough that same year 27,000 tax returns were signed digitally. During the 2000’s Bank-ID existed mainly as a clunky desktop-PC experience until in early 2010 the first smartphone version was launched. Adoption and usage picked up somewhat towards the fall of 2012 when something spectacular happened: The large retail banks, again in a mind-boggling feat of cooperation, launched Swish, an instant mobile P2P payment solution. Small social payments were solved in the Swedish market. The Swish service required mobile Bank-ID and over the next 4.5 years as Sweden universally adopted mobile payments, we also adopted a secure, mobile digital identification as a consequence.
Carrying around a mobile Bank-ID in your pocket is not only extremely empowering, it is also quite risky. Going back to the brick-and-mortar bank vault metaphor, imagine you had it all in your pocket, the whole vault, all the time. Going to the pub with the entirety of your assets in your pocket sounds crazy. But that is exactly what most Swedes do, effectively. All accounts, all government data, all of it. People have been robbed of their Bank-IDs and even coerced to transfer assets, and it is a phenomenon that will likely increase. With great power comes great responsibility, and so far the Swedish banks and Bank-ID have moved decisively to repair trust. This will be critical for Bank-ID to age well, much like most people are kept unharmed by and even unaware of the ongoing credit card fraud.
Other types of more subtly fraudulent schemes are also challenging Bank-ID. One example is shrewd businessmen who are attracted by the power and simplicity of Bank-ID to lure users to sign up for bad products. Bad deals made easy. As users, our trust in Bank-ID is contagious so we implicitly trust in any service that uses the Bank-ID as it’s ID-layer. Saying yes and signing contracts with Bank-ID is deceivingly simple, and who reads the 20-page terms and conditions anyway?
Another example of swindling is the leakage of very sensitive data to third parties. There is a raft of apps offering consumers “help” to manage their assets or monitor their spending and budget. With a simple Bank-ID login, the entirety of your bank account transaction history can be transferred to the app. These are data that show some of the most intimate details of where, when and who you transact with. Not only which shops and products you like, but also inferred data from a too large cash withdrawal at midnight, or a certain pattern of fast food spending. We have yet to have had a public data breach of this kind, but it will most certainly come. Likely in the form of profiles being sold on the dark web, bought and then published for maximum negative publicity. And huge public outrage.
Is it possible that Bank-ID empowered the people just a little bit too much? Yes, sort of. But likely there is no way back. If the phenomenon of Bank-ID was a person, it would be an innocent seven-year-old, yet to be made aware of the dangers of the world. As it matures we need to brace ourselves for the many tumultuous years of teenage revolt to come.
Money is being reinvented
A more long term threat is the risk of complacency. If we take a short detour from ID into a related, but separate, part of the technology landscape, we can see that digital money is being reinvented by Blockchain and Bitcoin. Using some mind-bogglingly complex mathematics, the key innovation is that trust and ownership is established by total decentralization instead of total centralization. Most of today’s money is based on our trust in banks keeping our data secure in central storage. The same goes for Bank-ID: trust is established by the banks and Finansiell ID-Teknik BID AB keeping our ID data secret and secure.
But if money is decentralizing, shouldn’t identity follow? Many entrepreneurs certainly believe it should. Ashish Gadnis, founder of BanQu, is building a mashup of Blockchain and identity to make “identification borderless and immutable”. Monique Morrow, former Cisco Services CTO and evangelist, has founded The Humanized Internet with a similar goal.
Investors believe too. In Sweden a few high profile startups are trying to make the concept global: “Using our technology one can remove all usernames and passwords and use our app instead,” says investor and Covr Security chairman Anette Nordvall. Covr was founded by former employees from Bank-ID.
In June 2017 the high-profile startup Civic managed to raise USD 33 million in 30 seconds for it’s initial coin offering (ICO). Civic is building a distributed identity using Blockchain and biometrics on smartphones, and when asked if they will become a Unicorn soon, their high-profile CEO Vinny Lingham retorted on Twitter: “We’ll likely become a non-profit foundation before then. We aren’t building a company. We’re creating a new type of public utility!”
Given our runaway success, Sweden will probably be Bank-ID:ing away happily, ignoring the megatrend towards a decentralized, self-sovereign, ID layer. Meanwhile, communities and nations without a Bank-ID-type solution will leapfrog onto the solutions powered by Blockchain. Bank-ID is only a local maximum on the ever-rising ladder of innovation. And early success can be fatal in the long run.