Big Banks in Australia and Canada Are Leading the Way on Digital Identity

This is Naked Capitalism fundraising week. 574 donors have already invested in our efforts to combat corruption and predatory conduct, particularly in the financial realm. Please join us and participate via our donation page, which shows how to give via check, credit card, debit card, or PayPal. Read about why we’re doing this fundraiser, what we’ve accomplished in the last year,, and our current goal, rewarding our guest bloggers.

Canadian and Australian lenders will be the perfect guardians of people’s digital identity, thanks to their high levels of public trust. At least so say the banks.   

Australia’s “big four” banks — ANZ, CBA, NAB and Westpac — are about to branch into a new line of business: “identity as a service”. According to an article published by the Australian Financial Review (AFR), a newly created entity called Australian Payments Plus will co-ordinate the four banks’ investments. The move will apparently help them fend off competition from international payments giants moving into digital ID — presumably a reference to Mastercard which has indeed been making big moves in the digital ID space.

A New Revenue Stream

The AFR article says (emphasis my own) that the banks apparently “see ‘identity-as-a-service’ as an incremental revenue stream that will allow them to charge retailers, utilities or fintechs for validating customer details, given banks are highly trusted in the digital economy”. In the words of Australia Payments Plus (AP+) CEO Lynn Kraushe, the service will offer a “seamless online identity verification experience”.

AP+ sent out the following message the same day as the AFR article:

Now, a little bit of background. AP+ was set up in 2021 to bring together Australia’s three domestic payment organisations — BPAY Group, eftpos and NPP Australia — under one roof, while apparently allowing them to continue operating as separate businesses with distinct brands under a single Board. So what are these organizations and who do they belong to?

  • BPAY is an electronic bill payment SaaS company which facilitates payments made through a financial institution’s online, mobile or telephone banking facility to organisations that are registered BPAY billers. It is a wholly owned subsidiary of Cardlink Services Limited, which, in turn, is owned in equal parts by Australia’s “big four” banks.
  • EFTPOS (stylized as, “eftpos”), whose initials stand for  “electronic funds transfer at point of sale”, is an electronic payment system involving electronic fund transfers based on the use of debit or credit cards, at payment terminals located at points of sale. The current members of EFTPOS Payments Australia Ltd include, again, the “big four” as well as a mishmash of international banks (e.g. Citigroup, ING Australia), fintechs (e.g. Paypal) and retailers (e.g. Woolworths).
  • NPP Australia is an open access system for fast payments set up in 2014. The system’s infrastructure was built and is maintained by the 12 founding members of NPP Australia Limited, which include all of the “big four” except CBA, as well as Citigroup, ING, HSBC, the London-based fintech Wise (formerly known as Transferwise), and the Reserve Bank of Australia.

ConnectID is scheduled to launch next year. Already accredited under the federal government’s Trusted Digital Identity Framework, its applications could end up extending far beyond the digital payments space. At least that’s the goal. According to the website Fintech Australia, the ConnectID team is working alongside governments, businesses, online merchants, banks and other identity providers with a view to building identity into the national payments infrastructure, as well as other commercial applications for all Australians and Australian businesses.

Australia is also heading up the Digital Identity Working Group (DIWG), an eight-country consortium whose mission is to make digital identity a key component of the global digital trade and travel ecosystem. Chaired by Australia’s Digital Transformation Agency, the working group’s other members are Canada, Finland, Israel, New Zealand, Singapore, the Netherlands, and the United Kingdom.

Where’s the Trust?

There are plenty of reasons why this latest development down under should be a cause for concern (and not just for those living down under). Firstly, the idea that Australia’s “big four” banks can be trusted to roll out digital identity in Australia is beyond risible. These are the same four banks whose CEOs had to apologize to parliament in 2016 for a litany of scandals including the “mis-selling” of insurance products, interest rate rigging and bank-lending shenanigans aimed at continuously inflating the country’s housing bubble.

The resulting Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry (RC), set up in 2017, revealed “an epidemic of crime.” It also showed the lengths to which the banks were willing to go to sustain Australia’s multi-decade housing bubble, which could be in the process of finally bursting:

Australia’s house price growth model revolved around Ponzi-like leverage, with lenders systematically accepting the unrealized capital gains of a property as a substitute for a cash deposit to borrow to purchase another property during the boom period. This has resulted in many property purchases using 100% financing, forming a clearly excessive cohort of speculative buyers that otherwise wouldn’t exist if lenders had adhered to responsible lending obligations.

It is also highly debatable whether Australia’s big banks can be entrusted with even more of their customers’ data — including quite possibly their biometric data. In recent days the Australian Banking Association (ABA) has joined forces with US technology giants Google, Facebook and Amazon in opposing the idea of housing Australian customer data exclusively onshore, despite growing safety concerns among security agencies, regulators and consumer advocates.

As a matter of fact, the ABA is calling for a reduction of digital trade barriers, such as data localisation requirements and data flow restrictions, arguing that “cross-border movement of data can be beneficial to data security and thereby national security.” To put this in an international context, it is worth recalling that the US Department of Homeland Security (DHS) is offering select foreign governments, including Australia’s, access to its own vast biometric database of its own citizens — but only on a quid pro quo basis.

Killing Cash, Killing (Some) Banks

Another reason why this development is deeply troubling is that the big banks in Australia, like big banks just about everywhere, have been trying to kill off cash for decades, mainly by shrinking their regional networks of banks and closing their ATMs — for obvious reasons: cash operations can account for as much as 10% of total bank operating costs. No more cash would mean no more expensive ATM networks to run, no salaried tellers and no cash vans waiting to be robbed. It would also mean more income from fees.

It’s also true that central banks all over the world, including the Reserve Bank of Australia (RBA), are looking to develop their own digital currencies — so-called CBDCs (central bank digital currencies). In fact, the RBA is further along that path than many of its Western peers having just launched a year-long pilot scheme to explore “innovative use cases and business models” for a CBDC.

Of course, as previously covered on NC, CBDCs could lead to a whole host of gnarly consequences, including loss of privacy and anonymity, much greater surveillance and control over one’s financial activity, and the potential disintermediation of commercial banks, large and small. Some economists have even warned that commercial banks could disappear all together.

However, it is somewhat hard to imagine central banks intentionally putting large retail banks out of business (small retail banks would probably be a whole other matter). After all, big banks are their number-one constituency. In the US, commercial banks that are members of the Federal Reserve System even get to hold stock in their district’s Reserve Bank as well as elect six of the nine directors that sit on the Reserve Bank’s board.

Finding a New Role

This is why the new that banks in Australia are leading the roll out of digital identity is so important, since it would suggest that large banks are already carving out a new role for themselves in the newly emerging paradigm. That role will essentially involve managing at least part of the digital identity system. As the FT reported last year, without digital IDs CBDCs would be all but impossible.

Australia isn’t the only Anglosphere economy where large lenders are leading the way on digital identity. In Canada, the big banks have been talking about the need for banks to spearhead the roll out of digital identity for at least four years. In a 2018 report the Canadian Bankers’ Association called on the federal government to create “a legal framework
to enable the creation and usage of digital ID solutions under one national strategy by leveraging the capabilities of the private sector.” And Canada’s “strong financial institutions must play a key role”:

The World Economic Forum stated in its report that financial institutions should champion efforts to build digital ID systems and lead the creation and implementation of identity platforms. Financial institutions and banks are held to a high standard to maintain and protect personal information and are subject to rigorous oversight. Canadians trust banks to hold and maintain personal data accurately and securely. Banks also have the infrastructure to operate across provinces and internationally to underpin digital identity solutions in Canada.

In late February 2022, just as some Canadian territories including Ottawa began withdrawing their digital vaccine passports, the Canadian Bankers’ Association posted the following video message by its president and CEO Neil Parmenter. In it Parmenter reiterated the need to create “a federated digital ID system — developed in collaboration with Canada’s best and brightest talent from our banks, telecommunications companies, law enforcement and government.” And Canada’s banks are “perfectly situated to help lead the way” because they are “highly regulated and trusted.”

Judging by the comments below the YouTube video, not everyone is as enthused by the idea as Parmenter. Nor, indeed, is Ann Cavoukian, Ontario’s former privacy commissioner and executive director of the Global Privacy and Security by Design Centre.

“I would never want a digital ID,” she told the Toronto Sun earlier this year. “We know that out of all the brilliant hackers out there it’s going to be a race for who breaks in first. You need a national discussion about this — with all of the provinces participating and indicating how they’re going to protect the data.”

There are also serious issues with system fragility, as we are reminded on an almost daily basis. Just last Saturday the technology for reading card and digital payments at the fully cashless Aviva stadium in Dublin went down for two hours. The 43,000 spectators gathered for a US college football event were unable to pay for anything and the caterers had no back up plan. In the end, they were forced to give away three-quarters of their stock for free, running up an estimated loss of €500,000

Canada has already suffered two major telecommunications outages in the past year and a half. The most recent one, the Rogers outage of early July, affected 12 million subscribers,  and prevented all businesses nationwide (regardless of their internet service provider) from being able to accept debit card transactions. Some stores ended up closing their doors until the outage had ended. For some, that did not happen until days later.

Now, imagine the sort of chaos that could have ensued if everyone needed digital identity to do just about anything? And there wasn’t any cash?

The problems do not end there. As the article in the Toronto Sun points out, “even if the ID program works seamlessly, we should also talk about what kind of a direction the further digitization of our lives take us in and what comes next. Some of the possibilities are frightening.”

Unfortunately, just about the only debates taking place about digital identity are in the C-rooms of the companies that stand to gain the most from a fully digitized economy as well as public-private gatherings such as the World Economic Forum. There is a good reason for this: a fully digitized, cashless economy would grant an unprecedented level of power and control over our daily lives to banks and other huge corporations, particularly in the tech sector, as well as government.

Print Friendly, PDF & Email

17 comments

  1. Ahimsa

    Can always tell a NC piece is written by Nick just from the title and topic ;)

    Thank you for probing and reporting on these issues!

    Reply
  2. Eureka Springs

    All of this feels like the machine eating its creator. As well as make work, more needless bean counting shit jobs, creating energy sucking useless revenue streams. Brazil was a warning, not a how-to manual.

    The cost of cash is laughable. What’s the cost of credit cards again, or bitcoin? The tax on my time and fees with digital identity continuously skyrockets. Both government and corporations make I.D.’s less trustworthy with every ‘new’ type of identity, new manager of identity, they create. Homeland security getting into the game is bad enough. My birth certificate is probably the safest because it’s on paper, rarely shown to anyone. Maybe passport and social security have a copy of it. Our face, dna, retina, fingerprints are everywhere! Could be digitally moved by dawg knows who to anywhere. The next time someone wants one of those I’m going to demand they take a fresh stool sample with it.

    With so many entities determining who we are, buying and selling us, pigeonholing us, can’t we at least get something like an occasional free look at credit reports. 1-800- whothehellami

    I had a 5.00 monthly subscription to a streaming service for a time. When I wanted to cancel I could not find a way to do it on their web site nor a number to call. So I ask my bank to stop the automatic transaction each month and they tell me the only way they can is to change my debit card number, issue me a new one. At that point the time tax was already ridiculously high but a week of having no card and then time spent changing info with a new number on all the other business I use the card was maddening. That streaming service is probably still selling my info. If so my accidental clicking on *ithches and ho type songs surely put me in the wrong department. But yes, Doses and Mimosas made me cut the living room rug.

    I cannot imagine any good coming from canceled accounts who would still have much of my unchangeable identity info as this proposed system would demand. Can you imagine how high fees and time taxes will go when this is all a lock?

    How can we know all info kept on us, by whom, judgements made, and much more have errors corrected? And who pays for our time if this is all deemed necessary? It’s bad enough now.

    Reply
  3. The Rev Kev

    A really great post, Nick. Of course, living in Oz I have never heard about any of this. Our media is very good about maintaining radio silence. In any case, I would have no trust in any security such digital IDs would have. A coupla years ago they were trying to sign everybody up for a healthcare ID and while my wife and I were at a hospital, a person came around with a clipboard trying to sign people up which I absolutely refused to do. It had come out a few days before that the government was trying to push people to sign up but that the security systems for this network was not even finished so easily hackable. I guess that the Minister wanted numbers to boast about in Parliament but that incident made me even more mistrustful about online IDs. Besides, if this came into general use, how would I ever be able to hide my secret subscription to ‘Sexy Nuns In Rubber Suits’ magazine?

    Reply
  4. orlbucfan

    Thanks, Nick. What a load of more nosy (family blog)! Plus, the digital currency itself is ridiculous! I live in prime hurricane territory. When we get slammed with a big one (category 3-{eventually}6), the power goes out for not just days, it can go out for weeks. What are we supposed to pay with in that situation? Our looks? I know change is part of life, but this whole digital rollout is beyond the pale. Seriously. Hackers. ID Theft. What’s next?

    Reply
    1. JBird4049

      Same with earthquakes and the occasional flood in California. And I would assume as much anywhere in the Ring of Fire. Forget about too big to fail, it is built to fail.

      Reply
  5. flora

    Thanks for this post. I have one small edit to offer. / ;)

    Big Banks in Australia and Canada Are Leading the Way on Digital Identity Into Hell.

    Reply
  6. Anthony G Stegman

    The propaganda machine starts getting us conditioned to accept as “normal” things they want us to accept. So, this chatter about digital IDs, and nascent attempts to get the ball rolling are an integral part of the game plan to condition us all that digital IDs will be inevitable and that resistance to them will be futile.

    Reply
    1. skippy

      Per Hudson banks are just a reflection of elite desires and such not the well spring of all social woes … but yeah … money crankery …

      Reply
  7. Jeremy Grimm

    Things just keep getting better and better. One day we are discussing the fragility of the Grid and a few days later, digital identity and CBDCs [Central Bank Digital Currencies]. The powers that be seem intent on building the most fragile world possible.

    Reply
    1. Gumnut

      In Denmark everything -tax, bank account, pension, garbage collection feedback, insurance, you name it – was on a single I’d/pw account called NemID (easyID), now MitID (MyID) (the naming is not even creepy, just stating the obvious that convenience was the bait to trap you into what was always intended). Super efficient, granted, but man, wouldn’t want all that surveillance & power get in the wrong hands…(without access to Your account, no banking – DK is heavily cashless, no public service whatsoever).

      Oh wait, in some neolib public-private fetish party, the system was outsourced to Nets, a private company. Beside an awe inspiring holding company branching diagram, it came out that via PE purchase higher up that tree diagram, the trusting Danes suddenly had their most private data on servers in Turkey outside EU privacy laws.

      The Danes trust in the front that is their government. Hygge is Danish for copium/hopium.

      Reply
  8. Fastball

    It makes perfect sense that the board rooms of banks and digital id companies are wholly divorced from public sentiment. For if they were not, they’d comprehend that they are considering trying to assume total control of people’s financial lives while at the same time the working public is fantasizing off and on about “torch and pitchfork remedies” for the runners of banks for chutzpahs of the past, never mind the present and future.

    Or maybe they do comprehend, and having the ability to cut people off from being able to spend money is envisioned as self protective in a “The Hamptons are not a defensible location” sense.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *