In the EU banks must open APIs to their services, and banks plan these steps also outside the EU. Some see it as a threat and some as an opportunity for banks. But one question is whether this is so relevant anymore. Some years ago, telcos started to talk about telco 2.0 and open telco APIs, but they haven’t really become anything significant. Can it be the same situation for banking APIs?
Telcos have wanted to open APIs for many years and in that way, for example, enable third parties to offer communications services that are based on telco infrastructure. This never took off, but they have also tried to revise the concept and activate it again. There are probably a lot of reasons for this failure, for example:
Banking API requirements are coming especially from EU’s PSD2 directive that targets to open opportunities for third parties to offer payment, accounts and finance data services by utilizing banking infrastructure and regulated banking services. It is basically intended to increase competition within finance services. At the same time, several banks have seen it as a business opportunity offer open APIs to their services and infrastructure.
We can easily see that there are quite a lot of similarities between telcos and banks in terms of open API business. The question is then, if banks can do it better than telcos have done. Or is it actually the case that those old-world services and APIs are not the way to build any truly novel services?
It is important to remember that the open API business needs much more than open technology APIs. An open API is relevant only if another party sees it is the best way to implement a certain service. To achieve that it requires at least four things:
There have been speculation and rumors as to how some banks might want to make it intentionally difficult to use these services, and in this way, they can limit competition. We have seen similar things in the telco industry, when the telcos needed to offer capacity, facilities and number portability to other service providers. I have also personally seen that in the telco industry it was not enough that a telco and its management were committed to offer these services, but many lower level employees were not willing to really get them to work. They still felt it difficult to offer something to potential competitors, or they didn’t like that the business changed and required new things from them too. So, this is in many ways also a matter of the organization culture.
Considering all the points above, we can see the open APIs to banking services is not such an easy thing to work in practice. The question is especially if those APIs offer a really competitive and trusted way to implement services. Legacy banking IT infrastructure is quite old, it is complex and expensive to make any modifications to it, banks have no technology or business competence for open API business, there are constant new modern technology solutions to implement similar things, and new service providers might have problems in trusting banks so that they really would be dependent on them. At the same time, other alternatives like cloud based finance back offices, payment gateways and distributed ledger type solutions are emerging and might offer more competitive ways to build services.
The ultimate question is if banks really want to get the open API business to work. If they want, they must really consider all aspects of the business and technology. It might require fundamental changes for their competence, technology and culture. They must realize that they won’t be the gate keepers to many of these services in the future. They must offer a real competitive solution and value.
This article was first published on Telecom Asia.
Working with one its large retail bank customers, Crowd Valley (a Grow VC Group company) has successfully passed an enhanced, independent security audit undertaken by one of the world’s leading information security consulting firms.
This third party verification confirms the stability and security for sophisticated users of the company’s products and services, and sets the platform up for even more institutional applications around the world.
Nixu Corporation (www.nixu.com) is one of the world's leading security specialist companies and has been focused on information security since its foundation in 1988. Since then it has worked with numerous banks, telecommunications firms and governments around the world to help them address and improve their approach to cybersecurity.
Nixu carried out a project to assess the security of the Crowd Valley API and Back Office platforms, which was done by attacking the Crowd Valley API and the administrative applications from the point of view of a motivated attacker trying to obtain unauthorized access to Crowd Valley’s customers’ data and functionality.
The API was tested for general compliance with the OWASP Application Security Verification Standard requirement categories: Authentication, Session Management, Access Control, Malicious Input Handling, Error Handling and Logging, Data Protection, Communications Security, HTTP Security, Business Logic, and File and Resource Validation.
Following the process Crowd Valley customers can now benefit from the following functional updates that have been implemented and are already available on sandbox and live environments:
For more information on how you can make the most of these security features in your own applications please get in touch with your primary Crowd Valley contact.
ICO’s are a new form of project financing for distributed ledger technologies or cryptocurrencies. The process involves collecting funds in the form of fiat or crypto currencies in exchange for a “coin” or “token”. In order to fully understand why this financing model exists, we must first understand the fundamentals of distributed ledgers in relation to regular internet protocols, which you can read more about here.
While being seemingly similar to equity offerings, ICO’s typically serve a rather different purpose. An ICO can technically never be used as an exit method for the issuer, as the coins are technically issued during the ICO, meaning that it can be compared to a seed round of financing. In addition to this, an ICO’s don’t typically make use of underwriters, which is a primary characteristic of equity offerings
Investing in ICO’s
Investors may decide to participate in ICO’s for several different reasons, mainly as a pure investment strategy, but there may also be other sentiments at play. Examples or various sentiments may be access to a limited edition product, or even tokens which can be used in online games. If investing with a pure financial incentive, the investor must carefully analyse what drives the price or pay-offs of owning a certain coin or token. Many tokens are built on top of public ledgers such as ethereum, meaning that the value they create may be absorbed by the ethereum blockchain rather than the token itself, other tokens may be value driven by events completely outside of the blockchain space - tokens pegged to the price of USD for instance. In addition to carefully considering the price drivers, and investor must also consider code quality, expertise level of the development team, and any other factors which may impact the success of the DLT. Regardless of the brief history of ICO’s, there are examples of 6-digit returns as well as complete value destruction, indicating that this is a relatively early and volatile market.
ICO’s are used to fund the development and maintenance of DLT’s, so a portion of the funds raised will typically be retained by the development team behind the DLT. The coin offerings themselves may have different quirks depending on the issuers goals, but typically they will have several shared characteristics.
In addition to the aforementioned characteristics, the issuer will typically reserve an allocation of the “coins” or “tokens” for their development team and/or a foundation dedicated to the development of the DLT. The reservation may be made in the form of creating a certain percentage of tokens at inception, or allowing a “pre-mining” period where the issuer can generate tokens for themselves via the regular mining model. This is the “incentive” part of ICO’s, making it a significant determinant to the success or failure of the DLT. As mentioned earlier, each token has a market value based on supply and demand of the token, a successful network will increase the value of tokens since the “goods or services” provided by the token will be considered more valuable, while an unsuccessful network will deteriorate the value of all tokens in the network.
In a successful ICO, there should be a fairly strong alignment of interest between all parties involved, meaning that the issuer will see a value increase in their stake if the technology performs well, and investors will see their stakes increase as a result of good performance.
Are ICO’s legal?
The legality of ICO’s was widely disputed at Consensus 2017. The general opinion within Blockchain circles appears to be that ICO’s should be legal, but also regulated in order to provide investors with a certain level of security and fraud protection. There are examples of ICO’s which have failed due to natural causes, but also cases of outright fraud, which harms the trustworthiness of DLT’s on a general level. As of today, no bespoke regulation has been set when it comes to ICO’s in particular, regulators also have trouble classifying the underlying asset - leading to even more complication.
How to participate
Investors will can typically participate in ICO’s via the issuers own website, simply by signing up and making a commitment towards the funding goal. KYC is seemingly quite light, meaning that investors can participate with as little as an email address, one of the reasons behind a light KYC may be the lack of regulation. Several media outlets such as Smith + Crown maintain curated lists of historical, current, and future ICO’s.
The ICO model is an innovative form of financing which allows both issuers and investors to have “skin in the game” when it comes to the performance and adoption of a distributed ledger. The model itself is not very different from an equity offering when it comes to execution and incentives, but the asset class doesn’t fit into the categories of equity/debt/commodities, as it’s more of an economic system rather than an traditional asset. Regardless of the inherent risks and volatility, I remain cautiously optimistic concerning the future of ICO’s.
This article was first published on Crowd Valley blog.
Telcos and banks struggle with delivering a good customer experience despite being competitive markets. Michael Porter’s competition analysis model could explain why.
I was in Italy and needed mobile data, as I was without a broadband connection. I bought three SIM cards, never got exactly what was promised and one sales person even refused to sell to me because his shift had just ended.
Meanwhile, we have a legal entity in a country where we probably don’t need to have it anymore. I talked with our accountant about it, and she said it probably makes sense to keep it, because it has a bank account, and nowadays it is so hard to open a bank account.
The common thread in these anecdotes is a poor customer experience with businesses that are not monopolies. Think about that: mobile carriers and banks have plenty of competition, so how it is possible that these kinds of customer experiences are typical?
Michael Porter has developed the “five forces” analysis to evaluate competition in an industry. The forces are:
In both banking and telecoms, the threat of new entrants has been quite low. Both industries are regulated, which makes it impossible (especially in mobile business where you need frequencies) or very expensive to enter the market. The needed infrastructure investments are significant, which means very high capital requirements. Customers have also been quite lazy to change their service providers, partly because the customer experiences are often so bad that customers hesitate to do anything once they get something to work.
The threat of substitutes has also been low. There is some substitution, but normally you still need a bank account or a mobile subscription – in fact, just to be included in society, you will likely need a phone number and a bank account. There are additional or related services (such as which messaging services to use, or how to invest money) that have more competition, but the basic services are dominated by the carriers or banks.
The bargaining power of customers has been also been quite low in these industries. Customers need these services, and most services providers offer similar pricing and terms. Regulation also creates limits in terms of how much service differentiation exists. It has also been difficult for customers to compare offerings. Both banks and carriers often have a complex pricing structure, and quite often customers feel they have experienced surprises when they have started to use a service.
Both telecoms and banking have had very big suppliers, especially in technology. Of course, carriers and banks have power when they are big customers for these suppliers, but typically they depend on a few suppliers, and it is complex and expensive to make any significant changes for operations and services. And when investments are really significant, they tend to keep utilizing old systems, which results in the infrastructure becoming very complex, which imposes further limits to change anything.
Industry rivalry is more difficult to evaluate in the telco and banking business. In principle, it exists and companies spend a lot of money on marketing. At the same time, there’s a question of how much they really want to compete, e.g. by having a unique strategy or investment in innovations. At the very least, it often looks like different companies have quite similar strategies and basic products.
Based on this quick high level Porter analysis, it is not so difficult to understand why the customer experiences in telecoms and banking are not great. But could we expect that this will change soon? Or are we doomed to endure this ecosystem and market for a long time?
Perhaps we should draw differences between mobile services and banking services, since they are in separate phases. In mobile services, it is hard to see substantial changes coming soon. Maybe totally new kinds of network infrastructures that significantly decrease market entry costs, and more flexible use of frequency, could change the game. But we have already seen a notable change in the value chain and service structure as a whole. A significant part of money goes to mobile apps, content and other services, while carriers are becoming bit pipes. Customers buy from operators only the minimum they really need, while those other higher value services play in a totally different competitive environment.
Meanwhile, we can see that FinTech is potentially driving banking services in a similar direction – i.e. banks offer only the basic money pipe and money storage services, and all value added services such as lending, investing, wealth management, money transfers and even payments are provided by other competitive parties. But actually this is not yet guaranteed, because banks have still a chance to change, and new banks can also be game changers. Banks can still be significant in the future, if they innovate and play their cards smartly.
Regulation is one element that limits change, but regulators have become more and more open minded to allow innovations – regulatory sandboxes is one way to do it in practice. But another significant factor is IT and infrastructure costs. Really tremendous changes are happening in that area. Nowadays, for example, cloud-based finance back offices can deploy their entire IT infrastructure for 1/1000th of the total costs of legacy banking IT. It could be the single biggest game changer for the whole banking industry.
As we can see, mobile and banking services have a lot of similarities, and their capability to offer good customer experiences, innovations and changes have been poor. At the moment, we expect that finance services can actually change more than mobile services in the near future. FinTech is changing finance services, one way or the other – it can either help banks to reinvent themselves, or it can help other companies to kill them off. Innovative technologies (e.g. back offices and service applications) are among main drivers for these changes – only regulation remains the biggest question mark.
This article was first published on Disruptive.Asia.
Photo: Banking crisis, Wikipedia.
As the adoption of innovative technologies like Artificial Intelligence, Machine Learning, Blockchain, etc. increases, it impacts the rate at which the Fintech ecosystem evolves and affects different markets.
Following are some notable stats and trends within the Fintech industry:
In Q1 2017:
Artificial Intelligence (AI):
Cryptocurrency: (Source: Cambridge Cryptocurrency Report)
Insurance Technology (Insurtech):
Regulation Technology (Regtech):
Read the whole list of 22 trends and stats on Crowd Valley Blog.
Distributed Ledger Technologies (or Blockchains) have gained a tremendous amount of traction over the last couple of years or so, and they are due to serve a far larger purpose than anyone could have imagined in the early Bitcoin days. This article aims to explain how distributed ledgers are changing the modern internet as we know it, on a very fundamental level.
Communication protocols like TCP/IP and HTTP were created in the early days of the internet, which were considered (and still are) great technological advances. These early protocols were developed by scientists and researchers without much financing or economic incentive for outperformance or competitiveness. Distributed ledger technologies (DLT) are essentially new P2P versions of communication protocols, with embedded data and even processing capability between systems. These are being developed and used today for various reasons; store of monetary value (such as Bitcoin), processing power (Ethereum), or data storage (StorJ and Siacoin). New DLT’s are being developed continuously, a handful are raising funding at the time of writing this article.
The important thing to understand about DLT’s is that each have their own embedded economic models, creating incentives for different parties in the system to develop, secure, and run the network of peers (or nodes). For example, Bitcoin is considered a store of value, where the Bitcoin holder pays miners to secure the network in the form of inflation. Meanwhile in Ethereum, network users use Ethereum tokens (Ether) to pay for processing power. This means that each token in each DLT’s network has a monetary value, since it can be exchanged for goods or services.
Distributed ledgers provide a new way of storing, maintaining, and accessing data. Rather than storing data on centralized servers, the data is stored across all peers (nodes) in the network, meaning that there’s a correct copy of data stored in “n” amount of locations across the globe, but how does this add any value? Decentralizing data decreases the risk of data loss, as a failure in a single node will only have a marginal impact on the entire network. Perhaps the most important feature of DLT is correctness, making data alterations in a single node will not affect the general consensus across all other nodes.
Traditional internet companies, like Facebook, Google and Twitter, hoard massive amounts of data, and the vast majority of their revenues and market value is based on proprietary data. Now imagine a world where data and processing power is housed within the internet protocol (i.e. Ethereum Virtual Machine), and the internet application is simply a thin layer sitting on top. This means that most of the value lies within the “fat protocol”, while the internet companies themselves capture only a smaller proportion based on what type of user experience they can provide. In this environment, entry barriers to very capital and data intensive industries are far lower, and we can expect a much higher level of competitiveness, better user experience, and general social benefit. The scalability of distributed ledgers is often debated, but in case the underlying technology catches up, we may even see performance related scale advantages in using distributed ledgers.
There is no guarantee that data and processing will move to a distributed environment, but as more and more data is stored on distributed ledgers, the higher the value of utilizing that technology there will be, this “network effect” may lead to exponential growth in adoption of distributed ledgers.
Read the whole article on Crowd Valley Blog.
Image by Joel Monegro of Union Square Ventures: http://www.usv.com/blog/fat-protocols
Est. 2009 Grow VC Group is the global leader of fintech innovations, digital and distributed finance services. Our mission is to make the finance services more effective, transparent and democratic. The Group includes leading fintech companies in their own areas.
Research Report 1/2018: Distributed Technologies - Changing Finance and the Internet
Research Report 1/2017: Machines, Asia And Fintech:
Rise of Globalization and
Protectionism as a
Fintech Hybrid Finance Whitepaper
Fintech And Digital Finance Insight & Vision Whitepaper
Learn More About Our Companies: