About Payments On Fire

Latest Podcasts

The podcast where key payment issues are reviewed, dissected, batted around, and, sometimes, turned upside down. In other words, a good conversation between payment geeks.

Episode 71 – The Tech Bringing B2B Fintech to the Mid-tier Bank – Lisa Shields, FI.SPAN

Mid-market financial institutions have enormously strong relationships with their banking customers. But their size makes home grown IT difficult because it is simply too hard, and too costly, to meet all the B2B finance needs of their enterprise customers.

The answer, of course, is deeper integration to third party software systems like SAP, Oracle, JDA and the growing set of fintech providers bringing point solutions to these institutions.

But that’s no simple task. These FIs often run on legacy systems, generally provided by a large bank processor. Integrating software built before the cloud and APIs and these modern point applications is not easy.

Into that gap is a new company called FI.SPAN. Led by founder and CEO Lisa Shields, the company value proposition is to act as an API orchestration platform for banks. In other words, FI.SPAN proposes to be the glue that connects legacy code or a processor’s banking platform to the growing base of fintech point solutions in the market.

The goal of becoming a one-stop shop for new tools for these B2B-focused banks will take time and focus. Connecting up nextgen software and data to older systems demands clever approaches and a lot of spade work. Maintenance of a growing set of evolving API interfaces is non-trivial, too.

A fintech startup serving fintech startups, incumbent bank processors, and mid-tier banks has a lot of work to do. Lisa is no stranger to the start-up world; she also founded Hyperwallet. Take a listen to this conversation about the technical challenges, the business model, and the goals Lisa has for her customers and for her company.

Episode 70 – Real-time Cross-border Payments – Laurence Cooke of nanopay

“Digital cash” has been a dream of the internet age for, well, almost the entire internet age. That goal requires instant payment settlement. It’s more than just sending a message that a payment has happened; it means the money has actually moved.

In this wide ranging conversation with Laurence Cooke, founder and CEO of nanopay, he discusses the platform his firm has built to move value between parties in both real-time and, when necessary, offline modes. More distributed than blockchain systems, nanopay is designed for multiple uses cases including B2B payments using ISO 20022 representation of the payment data.

If you’re at all curious about payment security, blockchains, distributed ledgers, or the instant payment systems now being deployed, take a listen to this conversation between Laurence and Glenbrook’s George Peabody. It’s quite a story and we touch a lot of bases.


Episode 69 – PCI Standard Technical and Geographic Evolution – Troy Leach

Episode 69 is all about how the PCI Security Standards Council is responding to changes in security technology and how it is expanding its role and technology coverage across important new geographies. If payment security is on your screen, join Glenbrook’s George Peabody, partner and host of Payments on Fire, and Troy Leach, CTO for the PCI Security Standards Council as they discuss standards under development like PIN Entry on COTS, other new tools to mitigate data breach risk, and the Council’s work in Latin America, Asia, and India.

A little background…

We don’t need any more evidence for how difficult data security is. In payments alone the number of system components is so high that hardening them all has been functionally impossible. But we’re are making progress. There’s EMV. Data devaluation through encryption and two forms of tokenization – security tokens and payment tokens – reduces the amount of hack-worthy information available.

Guiding, steering, nudging, and corralling the payment card ecosystem toward stronger security is the PCI Security Standards Council. The PCI SSC has developed a 12 step standards program for the secure treatment of payment card data that goes well beyond data devaluation. Various enterprises looking to protect their own data assets, not just card data, use PCI DSS to guide their security program.

The Council’s activity is expanding along with the threats we face. As technologies emerge that benefit security, the Council considers how to employ and deploy them. For example, the Council has a certification program for the token service provider function that handles payment token vaulting and other life cycle management tasks.

Another example is its soon to be released PIN Entry on COTS standard. Commercial Off the Shelf (COTS) devices include the smartphone that’s by your elbow or in your hand right now. The standard makes clear that, with the right card acceptance hardware, PIN entry via a software-driven screen, rather than a physical encrypting PIN pad, is secure.

As you’ll hear on the podcast, this is an exciting time in payments security development. Broad deployment of many important tools will take many years. That’s the real news. As they come online, however, there’s already reason for optimism. We just have to use what we have and get others to do the same.

Episode 68 – Digital Identity, a Mobile App, and a Blockchain – SecureKey

Digital identity is a crisp sounding term that belies a complex layer of concepts. There is identity proofing, identify verification, identity assurance. Each addresses one element of the many questions raised by digital identity.

  • How does a bank really know the digital presence at its banking portal is associated with the accountholder?
  • How can you, as an individual, release only the amount of data necessary to satisfy the parties to the transaction? We share more than we need to. I still get carded at a bar to prove I’m over 21 (what a waste of time!). When I show my license, the barkeep also sees my address, license number, and more. Definitely a case of oversharing.
  • If parties such as utilities, government, and financial institutions vouch for that digital presence, should any of them be responsible for proving that digital presence is right and true?
  • Simplifying complex problems for multiple stakeholders should be a formula for success. SecureKey is a long time player in the identity ecosystem, having built a federated identity platform linking Canadian citizens to government resources using bank-issued credentials.

SecureKey has evolved its system to make use of a mobile app as well as a blockchain-based database that securely points to data stored by banks, utilities, and government entities, all in a zero liability arrangement.

This conversation between Glenbrook’s George Peabody and SecureKey’s chief identity officer Andre Boysen dives into identity concepts, how SecureKey’s Verified Me system works, and its use of blockchain.

For more on digital identity concepts, look at NIST’s excellent set of Digital Identity Guidelines.

 

Episode 67 – The Conversational User Interface – Glenbrook’s Russ Jones

Voice is the natural user interface and the robots are coming to take it on. Enabled by high volume consumer devices like Amazon Echo, Google Home, Apple’s Siri, and powered by artificial intelligence engines like Amazon’s Alexa, Google Assistant, and Apple’s Siri, we are headed toward making voice-enabled commerce and payments a common experience.

Russ Jones is Glenbrook‘s “tech whisperer”, an expert observer of tech evolution and how it applies to payments. Join Russ and George as they discuss the development of the voice ecosystem, Amazon’s leadership, the intersection of voice and IoT, and where voice-enabled payments may flourish.

Episode 66 – Real Time Payments Comes to the U.S. – Steve Ledford of TCH

Payments innovation runs at multiple speeds. Changes in how a payment is initiated happen almost every day. Payments infrastructure change is a lot slower. But it’s happening. Nudged forward by the Federal Reserve’s Faster Payments Task Force, we are seeing the launch of the first entirely new payments system in decades. Called Real Time Payments (RTP) the new system switched its first real-time payment on November 13, 2017.

Built entirely around the rich payment messaging standard ISO 20022, we have a system that can carry both payment instructions and meta-data about the payment. Data rich, essentially instant, bank-based account to account push transactions could be a game changer.

Join George and Steve Ledford, Senior Vice President, Product and Strategy, at The Clearing House (TCH) as they discuss the spread of real-time payments systems around the world and take a deep dive into RTP’s operation, rules, and use cases.

Episode 65 – Gates Foundation and Mojaloop – Kosta Peric

Once upon a time, text messaging systems didn’t interoperate. But when they did, usage skyrocketed. Many of the world’s mobile money payment systems still operate within that old “walled garden” model, limiting the ability of citizens in areas like Southern Africa to send money home to family, pay utility bills, and, most important, enjoy the benefits of an national economy that is payments enabled.

The Bill & Melinda Gates Foundation sees today’s limited interconnection of payment systems as a high barrier to the poor’s participation in that payment enabled economy. Fortunately, those barriers are beginning to come down.

In this Payments on Fire podcast, Kosta Peric, Deputy Director of Financial Services for the Poor at Bill & Melinda Gates Foundation joins George in discussing Mojaloop, the foundation’s open source software initiative that provides interconnection capability between disparate payment systems. Informed by the foundation’s Level One Project, the goal is to encourage a lower cost deployment of this critical payments infrastructure as well as the active collaboration among the operators of mobile money services, financial institutions, each country’s central bank, and national regulators.

Listen for a view into how payments systems can improve the health and well being of millions of people as well as the nation’s they inhabit. This is very cool and important work.

 


Episode 64 – B2B Payments Innovation – Modulr

The intersection of new tech, faster payments capabilities, and forward looking regulation is enabling significant innovation in B2B, and consumer, payment services in the UK and EU. Join Glenbrook’s George Peabody and Myles Stephenson, CEO of business payments platform provider Modulr, as they discuss how modern tech and updated rules have created opportunities for fintech service providers. The challenges to incumbent banks are only getting bigger.


Episode 63 – Payments Come to the Browser – W3C’s Ian Jacobs

Payments standards typically operate deep within a payment system, invisible to most of us. But before long a new standard for web browsers will touch us all. Known as the Payment Request API, it is one of the newer projects of the Word Wide Web Consortium (W3C). Supported by browser builders Mozilla, Apple, Google, Microsoft, and more, this new API should simplify web payments for consumers and merchants alike.

Join the W3C project leader Ian Jacobs and Glenbrook’s George Peabody as they discuss the effort’s goals, transaction flow, and status. It’s coming very soon.