David Birch is a keynote speaker, a published author on digital money and digital identity, fintech columnist, social media commentator and an international advisor on digital financial services. A recognised thought-leader in digital identity and digital money, he was named one of the global top 15 favorite sources of business information by Wired magazine.
What was the career path that led to you becoming a thought leader on digital money and identity?
It’s quite straightforward. I started out in the world of secure electronic communications. I was working in primarily in defence and safety-critical communications when suddenly the financial sector needed to know about this stuff too, which took me into the world of finance and payments.
I’d edited a book about digital identity and then I was encouraged by the economist Dame Diane Coyle to write Identity Is The New Money. She was the person who pushed me to have a go at writing a book myself. The timing was good, as others were talking about similar ideas.
The book helped people to rethink some of the problems, and I think it’s stood the test of time.
It’s been ten years since you published Identity Is The New Money. Is this a reality today?
On one level it is. Some time ago I started to realize that the big problems in payments were identity problems, not payment problems. It doesn't matter if it's push payment fraud or whatever, the problems all come from the lack of identity infrastructure. Why is Elon Musk spending so much on money transmitter licenses, KYC (Know Your Customer) and AML (Anti Money Laundering)? Is it because he wants to earn a tiny slice when you pay a friend for concert tickets, or is it because he wants to know who you are and what you’re into? The data about a payment is much more valuable than the transaction fee.
But in the sense in which I meant ‘identity is the new money’, it still isn't, and that’s surprising.
What needs to change?
The lack of privacy is one area. Digital payments are too intrusive, though a lot of people don't care. I get a lot of messages about how terrible it would be for CBDCs (Central Bank Digital Currencies) to include not-yet existent features such as the ability to block your spending on certain things, yet when it’s Visa or Twitter being able to see everything you buy, no-one seems bothered.
Authentication is another area. It bugs me that 10 years later I'm still doing password resets. Recently I needed to book a hotel room, so I tried logging into a brand where I've got points. I got the password wrong and didn’t want to wait for the reset email. Instead I logged into a different brand and booked a room. My product choice was based on which password I remembered!
Do you see a role for decentralized identity in fixing these issues?
I like the underlying standards, Decentralized Identifiers and Verifiable Credentials. But the implementation isn’t there yet. From the history of Bitcoin we can see that people lack the competence to manage their keys. When I drop my phone in the canal, how do I get all my stuff back? In a centralized world it’s easy. I buy a new phone and Apple puts all the pictures back. I’ve got my 2FA (2-Factor Authentication) device, so I can easily log into my bank again.
Otherwise, I'd have to put my secret key on a memory stick and bury it in a biscuit tin in the back garden. For 99 per cent of the population that will never work.
How can we overcome these challenges?
I believe the answer is custodial SSI (Self Sovereign Identity), whereby I generate the key on my app and my bank looks after it. That looks like a viable option to me, because banks know how to securely manage keys in distributed hardware, so I trust them not to lose the key. If they do, there’s recourse, as they’re regulated.
Do I want to control my digital identity? Absolutely. Do I want to hold the keys? No, I want my bank to do it for me.
What makes you believe people will trust their bank with the keys to their digital identity?
There’s trust in the legal sense, and then there’s trust in the everyday sense: I trust that my personal data won’t be looted, that I won’t lose access if I lose my phone… I trust the system to regulate my bank and ensure they don’t do stupid things. In the mass market, that’s the kind of trust that matters — the belief that if something goes wrong, it will get fixed.
What does a good digital identity experience look like, in your view?
When I log in to the airline, it should ask “Which ID would you like to use?” If I want to use my Avios app, I should be able to. It might call my EU wallet in the background, but I don't see that, everything is embedded. Personally I'd like to never think about managing my identity again.
In June 2023 you stated that the lack of mass-market digital identity is a drag on the economy. Have you seen much progress since then?
Lots of companies are experimenting. But is anything mainstream happening? We’re not there yet. For example, I can’t download my Barclays ID and use it to log into my HSBC account.
We’re starting to see people storing mDLs (mobile driving licenses) in their Apple wallet, and the EU Digital Identity Wallet is on the horizon. Whether it gets traction or not, it’s driving forward research and development. Does that mean the EU wallet will be all-conquering? I don't know.
You’ve talked about how machine customers or ‘custobots’ will revolutionize ecommerce. Can you expand on this a bit please?
I think there’s a good chance this will happen, starting with financial services. A bot can probably do a better job of managing my finances than I can. On April 6 (the start of the UK tax year) I’ll be looking at what are the best ISAs (Individual Savings Accounts). I will spend hours faffing about, researching, applying, waving my phone in front of my face to prove it’s me, figuring out which account to transfer money from… It’s the kind of thing that could be done in nanoseconds by AI.
I might choose the Martin Lewis bot or the Waitrose bot to do this for me. The idea that they could be regulated by the FCA (Financial Conduct Authority) and operate under relevant duty of care legislation, with the co-ordinated goal of delivering my financial health, is appealing.
I’ve also proposed that companies will soon need to provide APIs to support the needs of custobots rather than people.
Where is digital identity headed, in your view?
There’s energy arriving into the space from two unexpected quarters. One is CBDCs. There’s a need for identity coming from that side, and pressure to get it fixed. The other area is the metaverse. People looked at the lack of obvious progress following Meta’s early pronouncements and thought, it’s not going anywhere. That’s the wrong lesson to take away. For example Apple Vision Pro (Apple’s extended reality headset) is out and there will be no shortage of people wanting to buy it.
Digital identity is fundamental to make the metaverse a safe space. Assuming this is done right and the metaverse has an identity layer built in from the start, it could become a safer, less expensive, and therefore more desirable, place to transact than the “real world”.
Money in the Metaverse: Digital Assets, Online Identities, Spatial Computing and Why Virtual Worlds Mean Real Business will be published in late April 2024. To pre-order, click here.