The role of Blockchain in the Open Banking era

Over the last year, ‘Blockchain’ has become, by far, the most ubiquitous word in fintech (save for, perhaps ‘crypto’). It has the potential to benefit various sectors, with its immutable ledger of apparently near-unhackable information.

Post-Open Banking and PSD2, Blockchain could be the key to the success of third-party financial services. One of the key concerns from consumers in adopting new financial services is trust – they trust their bank with sensitive financial data, but are reluctant to trust third-parties, as a recent survey from Accenture found.

I spoke to Jed Grant, CEO of Peer Mountain, about the role of blockchain in the Open Banking era post-PSD2, and how self-sovereign identities are set to change to landscape.

Why do you think consumers don’t trust third-party providers?
Third-party providers have continuously proved that they are incompetent and unable to protect consumer data. If a third-party provider has my data, I know that a hacker can access it. Even the US government can’t keep their biggest secrets secret today. If it’s digital, it’s going to become public or taken by whoever wants it. Consumers aren’t stupid, and we need a new paradigm.

How does blockchain remove the concern of consumer trust?
It doesn’t remove the concern – data can still be stolen or lost. If deployed correctly it’s just another tool in the toolbox. It’s a trust engine, if you want to think of it that way, that needs to run among stakeholders who share trust. If I interact in an ecosystem, that ecosystem needs to run on a chain where that trust can be established.

Blockchain creates trust in the sense that it produces an immutable ledger of transactions that is shared among every single stakeholder in that establishment of trust. One of the innovative things about Peer Mountain is that we’ve built its architecture to not only establish trust, but to establish an economy of trust. It’s blockchain-agnostic and positioned above the storage layer. I think the future is going to bring us lean, agile protocols with multiple blockchain instances, which is exactly how we’re architecting Peer Mountain.

What is a ‘self-sovereign identity’ and why will they become more prominent over the next few years?
It’s a concept that you own your identity, which is more than a government-issued document. Your identity is a collection of all the facts you have established about yourself – it’s the choices you make and the behaviours you carry out. It’s not only what you have or what you can show, like the colour of your hair and eyes and your passport – none of which are your identity, they’re only attributes and attestations. It’s not your religious beliefs, political leanings, or other affiliations and values – these are components that make up the second part of your identity, but, again, not your identity itself. The third part of your identity is the observable part, over which you have a certain degree of control. You can choose to take a shower, brush your hair, and put on nice clothes to look decent every morning. However, you don’t have full control over whether you look decent in other people’s eyes, you only have control over your perception of looking decent. These three components of your identity are yours, you own them. They are your self-sovereign identity.

In the Peer Mountain architecture, self-sovereign identity is totally decentralized. You own and manage your identity, and you collect ‘attestations’. An assertion is a fact you assert about yourself, whereas an attestation is an attribute that a third party attaches to you. The combination of the two is what allows you to build, over time, a digital identity that can actually function like a real identity in a community – the way we interact as human beings. The idea is to build a system that facilitates real-world human trust that’s transitive among parties that trust each other, online. So you can enact that trust over great distances without having to be face-to-face with other parties.

How does this function in practice, in a transaction, for example?
First of all, it’s important to understand that there are three actors in this peer-to-peer trust ecosystem: the consumer (the owner of their self-sovereign identity), the service provider (who requires certain information about the consumer), and the trust provider (a third party who can look at the information the consumer has provided and confirm its validity to the service provider).
For example, you see an advertisement for a credit card, and decide you want that card. The ad, which could be in a magazine or online, has a QR code to download the free Peer Mountain mobile app. You scan that code and start the process of getting the credit card company’s service dossier. The service provider requires identity documents, which you may have already loaded into your Peer Mountain profile; that is, your self-sovereign identity. Our platform encrypts all your information; at the same time, the platform sees nothing. You consent to share your information with service providers and trust providers.

Returning to our example, to get the credit card, you use Peer Mountain to give the credit card provider your encrypted identity documents, as well as a copy of your employment contract so they can establish your credit limit. You then agree to their terms and conditions.

All of this is done through digital signatures and images, which are sent to the trust provider, who can validate your details. These attestations are then shared with the credit card provider. Every stage in the process is digitally signed, so there is proof-of-signature on every document. The credit card provider can then upload your new card onto your smartphone. The entire process – from seeing the ad to receiving a credit card on your phone – should take around five to ten minutes.

What other advantages does this ecosystem afford in terms of customer experience and efficiency?
To consumers it’s zero-cost and a better customer experience, though we’re going to look at giving consumers an economic incentive to use it too. For service providers, Peer Mountain reduces the cost of compliance and the level and cost of risk they bear. They don’t have all these PDF files or bits of paper lying around. Everything is digitised, and they’ll be able to see if any files are non-compliant right away. For instance, you’ll see when someone’s passport expires immediately.
It also reduces data protection risk because it gives the consumer full ownership of their identity; they can then consent to share certain parts of their identity with the service provider. The service provider doesn’t have to make, store, or process copies of all this information unless legally required to do so, enabling them to decrease the amount of customer data they store.

How do you predict the financial landscape to change in 2018, following Open Banking and PSD2?
I think we’re going to see more circling of the wagons, because PSD2 puts some banks at huge risk. We’re going to enter in some kind of currency war type, where cryptocurrencies are going to face off against fiat. I think you already see that happening – the UK banks have said they will not open bank accounts for any company that’s dealing in crypto, and they say this is out of regulatory prudence, but I think it’s also a business protection thing. They poured a lot of rain on Gibraltar when Gibraltar announced that they had an ICO framework and that they were ICO-friendly, and the FCA immediately said the correspondent banks were going to shut their accounts if they start dealing in crypto.

I think PSD2 is going to open a huge Pandora’s Box, because a lot of banks are going to have to draw back the curtain and show The Wizard of Oz, so to speak. It’s going to be a situation where banks are going to have to compete on the basis of the quality of their APIs, which means not only the reliability but also the speed, because a lot of the processes that are going to be behind PSD2 are today very manual in some banks. They have API calls that are going to take too long to respond if they haven’t updated, and they’re going to have to settle payments much faster. I think fintechs are going to take advantage of it and the smart banks are going to know how to add value in their API, so it’s going to start pitching the banks against each other – not so much fintechs competing with big banks, but the banks having to become API providers.

Related reading