innovation course

As you are aware, we are expecting a guest from VISA Inc. on Monday.  So what is he talking about? I did not ask for too many details because I don't like to impose too much structure on speakers - after all they are doing us a favour.  But I know this has something to do with a "cloud-based payment" announcement by Visa in February 2014.  MasterCard made a similar announcement in February.

So from what I gather this is about HCE (Host Card Emulation) which is an NFC (Near Field Communication - communication within 10 cm.) based system.  Whenever you see words like emulation or virtualization - it's about software replacing (emulating) hardware.  So just to be clear, this is not a Google invention although HCE is incorporated in Google's latest version of Android (V4.4 - KitKat) - so Google can use it in Google Wallet.  The Blackberry could (and can still) do HCE, but the problem is its not all that popular anymore.

Since none of us are tech people - basically prior to the software solution, there was a hardware solution where the NFC card emulation used the SE (secure element) of a cell phone.  This could be the SIM card or a separate chip on the hand set - but from a security perspective this had nothing to do with the OS (so it was difficult to hack relatively immune to malware).  In essence, your card credentials can be stored on or in the SE.  An example is ISIS.  This is an NFC startup.  The website states:

Sensitive payment information is stored on a special chip in your phone called the Secure Element. The Secure Element is designed to allow access only to authorized programs such as the Isis Mobile Wallet.

So what's the problem with SE based NFC - well since the SE could be on the SIM card - you need to talk to MNO's (mobile network operators).  HFC helps avoid that conversation.  The problem however is that it is less secure because the HCE enabled app runs on the phone CPU (central processing unit), as do viruses, spyware and malware.  So it's not a good idea to store your card credentials on the phone.  VISA is proposing to store the card credentials in the cloud.  I suspect HCE based payments (at least for now) are going to be treated as card-not-present transactions - so basically the phone is going to replace your VISA PayWave card and not your VISA card.  But we will find out on Monday.

So what's exciting about this?  We don't need to rely on MNO's to bring forth payment innovations - but there are other issues.  The SE based payments can be conducted with a phone which is out of battery (so long as it does not require user input) - with HFC we need the battery charged and a good internet connection.  For the time being I am going to stick to my VISA card - what if I am traveling and don't have a data connection? and what if my phone is out of charge ... it's happened a few times.

I still like the pay-with-my-hand solution - use hand vein biometrics - I don't need my card, and internet connection - nor my phone - the credentials can't be hacked because they are stored in my hand!

This would be a good place to stop - but I can't - I am not much of a Google fan and I don't own an Android device.  So what about iOS types?  Well we have to wait for Apple to release its iWallet which is supposed to be based on Bluetooth Low Energy or Bluetooth Smart technology.  And guess who is snapping at the heels?  PayPal.  PayPal is supposed to release it's "Beacon BLE technology" so customers can use a PayPal app to pay.  I don't like (or use) PayPal either!

PS: Here is a good white paper on security and HCE.

Read the case American Well and answer the assignment question.

According to the ITC website eChoupal has become "the largest initiative among all internet-based interventions in rural India".  It is also "the world's largest rural digital infrastructure created by a private enterprise".  It now covers 4 million farmers in over 40,000 villages in 10 states through 6500 kiosks.  Products include soybean, coffee, wheat, rice, pulses (legumes) and shrimp.

S. Sivakumar, Chief Executive of ITC Agribusiness, identifies the following characteristics of the model (see first video below):

• Complete end-to-end information technology solution
• Aggregates demand for quality inputs and is also a marketing channel
• It is scalable because it is built on market principles
  
• It is replicable across different crops and geographies
  

Major obstacles are primarily infrastructure: power supply, telecom connectivity and bandwidth.  So as we have seen in so many cases ... What should government do? is neither a profound or a  trick question - government should do what it should have done in the first place - provide basic infrastructure.

Here is a short report from the World Business Council for Sustainable Development on this and other examples of ICT-enabled solutions for development.

And two relatively short videos on eChoupal (parts 1 and 2):

Read the Aadhaar case and answer the assignment question.

Apparently Fujitsu introduced palm vein biometrics (vascular recognition) in Japan in 2004 and this is widely used in ATMs in Japan.  Here is an interesting example from one of the early adopters - a Scottish school.  The technology is also being used at GMAT test centers.  Soon I hope we can dispense with cards and mobile phones for payments and just use our hands.  Here is a POS solution from PulseWallet.

Here is a VISA Inc. press release.  Saral Money is a private sector initiative (app) built on the Aadhaar platform.  The ID number gives you a 'VISA Instant Account' and a pre-paid card which can be used online, at ATMs, shops and to access existing bank accounts.

Nandan Nilekani talking about Economic Access

The enrollment process (footage from an enrollment station) and why people are enrolling.

Do watch this if you have time although are not discussing the NSA and surveillance.  The discussion raises some really important questions which all societies must answer.

If you do ... pay particular attention to the views of the person on the extreme left of the screen (in Black): Yochai Benkler, who IMHO has the best insights and also to the person sitting next to him: Bruce Schneier (although like me Bruce has a tendency to talk real fast sometimes!).

Talking about surveillance ... wonder why you did not read about this in Singapore papers?  Why I am not surprised?

Thanks to Fenny for this.  This is the 2013 report.  Please do have a look and read beyond the summary of the results.  The good (or bad) thing about data is that it can be interpreted in more than one way.

So despite the high growth rates for emerging market economies, rich countries dominate in non-cash payments (volume) and are likely to continue to do so.  Expect to see new innovations coming out of rich countries.  Cards are also quite dominant (though debit is growing faster than credit), so it is unlikely that a new entrant can ignore the incumbents.  If they treat card companies as complementors, the dominance of cards is likely to continue for the foreseeable future. Banks also continue to be dominant players in the M-Payments market.

Also, expansion (and investment) is taking place is less regulated markets.  This is also not surprising for two reasons.  First, new technology roll-outs are like the gold rush.  Initially everyone is just trying to grab some real estate so they can dig for gold - once too many people start doing that there is encroachment - people start worrying about property rights ... putting up fences ... hiring guards etc.  That is the time when industry goes to government and asks for regulation.  The second reason is just that companies like to play the regulatory arbitrage game.  PayPal is a good example - in Luxembourg the company is registered as a bank only because the regulations allow it.  In other markets with more stringent regulation, they could just be a money transfer company.  So they are just playing whatever game the regulations allow them to play.

Yet PayPal is disingenuous enough to lobby APEC/ASEAN etc. for harmonization of regulations.  I suspect it may be a good idea to decide what you do (or don't do) before you ask for the same rules across countries.  And in any case, the way the world is headed, harmonization is a bit of a pipe dream for the tech sector.  Privacy laws and data protection laws vary quite substantially across countries and the Snowdon revelations are going to increase variance across countries.  So dis-harmonization is where we are headed. It is for this reason that Microsoft has decided to allow local storage of data ... in other words every country can have its own cloud ... even small ones.  Which really makes no sense since the cloud is all about scale.  But perhaps it's a recognition of the sociopolitical reality in which business must be conducted.