Steve Percy

President, Diolkos Commerce Solutions

Aug 2021

Who is watching us ?

An issue that has made it to the Top 5 of hot topics and might be close to #1 actually. Numerous publications and reporting outlets have been discussing this issue for the past 5 years.

Many assume our personal privacy is protected. Our privacy is automatically safe from interlopers and why would any moral person want to observe as much about our personal day-to-day lives as they can consume ? Marketing thrives on this information and in turn so does most economic success in the G20. But history in the old world has taught us to protect our identities and we have spent many decades debating and introducing laws, regulations, and self-imposed industry wide voluntary standards to limit identity collection to “on a need to know basis”. We did this for long-standing and very valid reasons.

But commerce has always been different and we all rely on it daily. We have always been aware of thieves and fraud. Publications and entertainment media have produced content on this issue since the dawn of radio, even as far back as the early publications of books and newspapers. As a society, we always need to protect against theft and fraud. If not, society will very quickly break down and anarchy will take over.

Money Laundering, Terrorist Financing, and politically driven economic sanctions have jurisdictional governments working to oversee cash flows in and out of their jurisdictions. They have enacted processes to protect their citizens. All of these processes require the identification of all participating counterparties to all transactions. Hence, collection, verification, retention, periodic updating, protection, and destruction of identity information is critical to the safe operation of any exchange system.

Electronic payments are a critical area that needs to be continually monitored. Not only for protection against fraud and theft, and AML/ATF/Sanctions purposes but also in terms of protecting our privacy. Data, or should I say “Big Data”, is King. We look at something on the Internet or buy something and we are subsequently approached through our other online interfaces for complementary product offerings. How do they do this ? The more we think about it, the more we realize the impact. And our concerns are valid. Every time we provide Personal Identity Information [PII] to an organization for payment purposes we expand the footprint of this information. It has become impossible to manage.

Alternatively, the more we give into centralized methods for payments that are tied to our identity on the system, the more they know about lifestyle and daily lives, and the more exposed we are to financial losses. If you make all purchases through a single credit card for instance, this provides that organization with an accurate view of your habits and wealth. And when you provide authorization, you allow them to use and sell that information to others for their benefit, not yours. This is the larger-than-life opportunity sold by “Big Data” proponents over the last 15 years and large corporations and governments have invested in this area. The average folk like you and I however don’t see the issue … until it surfaces and becomes a big issue.

I’m comfortable that the majority of people have heard of Identity Theft. We feel horrible for those that have experienced the problem and generally know that certain pieces of government identification are to be treated with extreme care. For example, in Canada you should only provide your Social Insurance Number (Social Security Number in the U.S.) to your employer or Financial Institution. Both of these organizations are regulated to be responsible with the information and in turn audited to confirm that this security is in place. Other important identification items such as Passports, Health Cards, Birth Certificates, NEXUS Travel Documents are to be treated with the same care. Do not provide copies or images of any of these to just anyone.

Drivers Licenses are one of the only items that are considered usable for general identification of individuals. Other ID’s include memberships and licenses issued by private organizations and NGO’s that are used for very specific purposes only.

Now let’s look at the other publically available pointers to specific individuals. Credit Card Numbers are kept and stored on corporate systems along with their owner’s names and addresses, which are now essentially ubiquitous. In turn, we see hacking occurrences and theft reported monthly in the news media that in turn has spurred the growth of the Identity Protection industry.

More recently, cell phone numbers and e-mail addresses are being used as proxies for specific individuals in electronic payments solutions. These two identity methods are already experiencing fraudulent use issues in the payment systems they operate and have needed some re-design in their security processes.

How do we protect our privacy rights and privileges as free individuals on an ongoing basis ? Who do you trust ?

The Covid-19 pandemic has provided a significant increase in understanding mobile commerce in terms of both merchant and consumer requirements. Transparency around the topics of Security and Privacy moved front-and-center as fraud and theft grew by over 300%. Surveys identified that consumers are more aware of multi-factor authentication and are now more interested in monitoring and authenticating individual transactions. They are more interested in hands-on participation because they want the benefits of mobile commerce.

However, while you would believe that this was a time that the newest mobile payment solutions would capture increasing portions the market, you would observe that the same payment systems, processes, and behaviors’ held back this expected mass transition. Merchants and consumers need trust and reliability and the security solutions provided in new 3rd party payment offerings has increased payment friction and made it difficult to build volumes.

So who do we always turn to ? Who oversees the majority of financial transactions ? And what industry invests the most in security because their existence absolutely that your privacy is protected ?

Yes, Financial Services a.k.a. Banks.

Financial Service companies have, and will always be, required to spend more on Privacy and Security than every other private industry. Any breach will become a major problem.

Financial Services companies are required to meet many regulations to protect our financial wellbeing and protect society as a whole. AML, ATF, and Economic Sanctions demands that Banks collect, use, and periodically update Identification Information from their customers and provide regular reporting to regulatory bodies on same including any suspicious transactions. This is good for everyone.

“The U.S. consumer and her bank have an interesting dynamic.

First, she trusts her bank. PYMNTS has been doing studies of consumers and their attitudes toward traditional banks for more than five years. Nearly all – 90 percent – of consumers say they trust their bank to keep their money safe, their transactions secure and their information private. The headlines that report how little consumers trust their banks are inconsistent with everything PYMNTS has seen for the vast majority of Americans.

At the same time, she doesn’t think of her bank as particularly innovative.”

Karen Webster

The Creative Destruction Of Banking: Aspiration Or Ultimatum?

PYMNTS.com

June 2021

Ingo Money CEO Drew Edwards and Karen Webster in their discussion posted on PYMNTS.com (see “B2B Payments Should Be Like A Conversation Between Payor And Receiver”, June 22, 2021) discuss trust in these systems by consumers and merchants and identify that banks are the natural first choice for front-ending the newest payment methods but they don’t seem to be able to get the job done. This discussion between boots-on-the-ground payments people covers many of the principle issues in the forefront of advanced payment industry for more than 20 years. The darts are hitting the dartboard but no one is scoring the final win.

This will change. Diolkos Commerce Solutions will get all of us to the right place.