Tech for Transparency: New Interviews Posted

Avid readers of my blog (here’s looking at you, Rev) may remember that several months ago I announced that research was beginning for the second phase of the Technology for Transparency Network. The first phase consisted of interviews with over 30 projects around the world who are using technology to promote transparency and accountability in the government and/or private sector. Our goal in the second phase was twofold: to double the number of case studies on the site and to expand the geographic regions we covered.

Since then, I’ve been largely silent about the project — we’ve been working so hard to complete and edit the interviews that I haven’t had much time to breathe. But today I’m thrilled to announce that we have eight new case studies online, with lots more to come over the next few weeks. The case studies that have been posted so far are:

Accountability Initiative
Accountability Initiative researches and creates innovative tools to promote transparency and accountability in India’s public services.

Amatora mu Mahoro
Amatora mu Mahoro (“Peaceful Elections”) is an Ushahidi-based project created to monitor Burundi’s 2010 elections.

Association for Democratic Reforms
ADR India works to monitor national elections through country-wide SMS and helpline campaigns and an informational website. seeks to empower citizens by helping them collectively send petitions and inquiries to government bodies.

Excelências fights corruption in the Brazilian government by publishing data about politicians and government activities online.

Golos (Voice) has introduced several online tools for better election monitoring in Russia.

Mam Prawo Wiedzieć
Mam Prawo Wiedzieć helps Polish citizens access information about their elected representatives in an easy, user-friendly way.

Pera Natin ‘to!
Pera Natin ‘to! (It’s Our Money!) encourages Filipino citizens to report times when they are asked for bribes.

In addition to continuing to post new case studies (you can subscribe to our case study feed via RSS), we’ll also be publishing our final report on both phases of the project by the end of the month. In the meantime, check out @techtransparent and our Facebook page for daily updates and our podcast for interviews with the project leaders!

Mobile Money: A Recap

I’m spending today at the Macroeconomics of Mobile Money conference at the Columbia Institute for Tele-Information (CITI).

Liveblogging. Please excuse misrepresentation, misinterpretation, typos and general stupidity.

James Alleman is giving closing comments. His takeaways:

There is a class that’s underserved by formal banking, and there are a lot of people who are ready to use mobile banking services in the developing world.

The success of existing services like M-Pesa and Menekse Gencer is impressive and lays a good foundation for future efforts. It appears as though mobile banking efforts will need a formal banking partner to be truly successful.

We still don’t have a good idea of what kinds of regulatory systems are going to be required.

Anonymity is a major question: balancing privacy with criminal threats.

Right now, security is an afterthought. This is not good.

There are too many “standards” right now.

User interface is key.

High demand for VoIP; the people who are demanding this (migrant workers, those who want to send remittances back to their families) are also good candidates for mobile banking services.

Walled gardens are a huge problem: everyone wants a piece of the action, but no one wants to cooperate.

Overall: this is a huge, growing, untapped market with many issues left to be resolved.

Mobile Money: Developing Countries

I’m spending today at the Macroeconomics of Mobile Money conference at the Columbia Institute for Tele-Information (CITI). I’ve been eagerly awaiting the final session on mobile money for developing countries, which Raul Katz is moderating.

Liveblogging. Please excuse misrepresentation, misinterpretation, typos and general stupidity.

Katz kicks things off by admitting that “we’ve been dancing around the issue of developing countries” for much of the day. He hopes this panel will give us a chance to dig in to the implications of mobile technologies for economic growth in the developing world.

Mobile Money and Economic Development

Dan Jensen of iWorld Services has been in the business since 1974. iWorld deploys Internet-based, open source platforms, products and services in the developing world, focusing largely on Voice over Internet Protocol (VOIP) and targeting small businesses and low-income/rural areas. Their goal is to foster social entrepreneurship in these countries. iWorld works largely with migrant workers and their families — people who don’t have credit cards, computers or wireless devices.

Jensen notes that much of international voice traffic is transitioning from cell phones to VoIP. They hope to begin developing “virtual callshops” and “small business incubators in a box” to support both small businesses and microfinance organizations.

The Use of Mobile Phones for the Unbanked in Saharan Africa

Judith O’Neill has experience in mobile banking on both the business and legal sides. Mobile banking in sub-Saharan Africa started around 2002, but the hype is happening now. The Kenyan government has pledged to increase the percentage of its population with access to formal finance from 27% to 65% within the decade, and all “MTN countries” are pushing for mobile banking to varying degrees.

The players on this scene include mobile operators, banks, products, human ATMs and consumers. O’Neill is particularly interested in the role of human ATMs, which range from individuals in rural villages to various grocery or department stores in larger cities.

She notes that M-Pesa offers completely anonymous SIM cards, which people like for privacy reasons, but which also open up the system to use by terrorists and other criminals. She mentions that this is something that “will be sorted out eventually.”

(Note: SIM card registration was heavily debated in Kenya after the 2007 elections, when text messages were used to incite violence. In July 2009 President Kibaki ordered the Ministry of Information and Communication to begin registering mobile subscribers within 6 months. Some argue that, in addition to possibly increasing costs, this poses a threat to opposition member and human rights activists within the country.)

MTN or Safaricom are the major mobile operators (there’s some debate over which is the largest). Safaricom rolled out M-Pesa in Kenya, where they have 80% of the mobile market. MTN is attempting to introduce mobile banking to all the countries in which it operates, but development has been slower than expected.

O’Niell believes Mobux has a great plan, but they’re not getting funding because they’re based on a private equity model. Other mobile operators (AfriCel, Zaim, SierraTel) are too fragmented and don’t support their own employees enough to be successful in the mobile banking sector at this point.

Formal banks often have requirements (minimum account balances, etc.) that the very poor can’t meet. South African banks require a minimum account balance of 20-30 rand ($2.70-$4) per month, while mobile banks only require 5 rand ($0.69). Many available channels for remittances are also expensive, taking 3 to 55 percent (55 percent!) of the transaction amount.

Based on historical data about “major change adoption,” O’Neill believes mobile banking should reach a 50% market adoption by 2015.

Development Implications of Mobile Money

Richard Field, who has consulted for the World Bank, the UN and ASEAN, is filling in for a speaker from the World Bank who couldn’t make it.

Field starts by asking what problem, exactly, needs to be solved? Is it extreme poverty? Can we solve this through mobile cash? Is the problem that money is available but too costly to move? Is it the problem of how to expand markets? Is it more government control? Less government control?

Field’s presentation is largely a serious of questions, but he raises some incredibly important issues. A sample:

  • New availability of credit poses some potential risks: the overextension of loans might lead to inflation or erode the strength of the national bank. Most mobile banking products don’t have reserve requirements in the way formal financial institutions do.
  • Another consideration: who issues these loans? Some people believe only banks should have this power, while others believe these services can be provided by microfinance institutions and even organizations like PayPal as well.
  • What kind of safety net is in place?
  • Are payment systems controlled locally or internationally?
  • What about fraud, identity theft, corruption?
  • What’s the effect on society if banking is happening so much more quickly?
  • What kind of additional resources do funders need to support?
  • What about the need for public education?

Lots of things to think about.

Mobile Money: Is the mobile secure?

I’m spending today at the Macroeconomics of Mobile Money conference at the Columbia Institute for Tele-Information (CITI). Columbia University professor Steve Bellovin is moderating the first afternoon session, on security in mobile banking. (Side note: I blogged about Bellovin’s opposition to UN efforts to limit online anonymity for my first-ever post on The Morningside Post.)

Liveblogging. Please excuse misrepresentation, misinterpretation, typos and general stupidity.

Overview of Mobile Banking Threats

Kevin Streff of Dakota State University immediately wins me over by bragging about South Dakota’s Corn Palace. Not at all ashamed to admit I’ve been there.

Streff begins by talking about the top technology concerns for community banks, including managing risks, protecting data, and detecting fraud. He says a 2008 Independent Community Bankers of America survey revealed that community banks are planning to enter the mobile banking field.

Streff says there’s a solid business case for mobile banking: it improves customer service and reduces costs. The biggest reason, though, is “because they have to.” We saw the same thing with online banking in the past decade — customers are increasingly expecting this new technology, but these expectations cause serious worries for community banks. Is it worth the cost? How will they manage it? Where will they find people who have the necessary skills to implement and run mobile banking services?

Streff divides mobile banking into three types:

  • Text systems
  • Thin client model: mobile web
  • Fat client model: client side applications

Streff asks which model we think is the most risky, and the room is fairly evenly split into thirds. It turns out the fat client model is the most dangerous because you have to download code onto a physical device. This introduces concerns about authentication, stolen devices, viruses, encryption and a host of other security issues.

Streff says it’s difficult for experts, let alone risk assessors at community banks, to accurately determine what level of risk is involved in these systems. (For those who are interested, his paper on information security in mobile banking is available online.)

Demand is high, so banks are implementing mobile systems, and security is an afterthought. For this reason, Streff believes that security professionals are the ones who need to drive the creation of solutions for mobile banking systems.

Securing Mobile-money: The Ugandan Experience

Michael Landau of MAP International is up next to discuss MAP’s recent work in Uganda. President Museveni has stated:

With New York-based MAP International, we are rolling out a system we hope will give 90 per cent of our people access to modern banking services—up from the level of 15 per cent today. The new system will allow people, even in remote rural areas, to access their accounts and pay bills via cell phone.

Landau highlights several problems in Uganda: the lack of electronic banking, the lack of a national savings system, and the lack of a sufficient number of local microfinance branches (making obtaining loans and repaying them difficult for people in rural areas). Salaries and pensions are all in cash, opening up a host of problems with fraud and corruption. Poor infrastructure is also a problem.

MAP’s task was to create a sustainable system that would address these problems while also satisfying their needs as a private company. The solution: biometrics.

Simply, biometric info is entered into MAP’s system, and people are issued ID cards with a magnetic strip that contains this information. This is a fairly fail-proof method of identification. This makes enrolling in MAP’s banking system a 90-second process, rather than a several-week process. It also helps with security.

Another aspect of the program is a Point of Sale (PoS) device: these are handheld and battery-powered devices that run MAP’s proprietary software and can interact with SIM cards. They bring a full suite of banking services — deposits, withdrawals, transfers, account statements — to rural areas and function as “human ATMs.”

MAP partners with Uganda Telecom and Post Bank Uganda. Their goal is to provide a fully integrated platform, and they support themselves by charging a commission on each transaction. (I’m curious how much this commission is. Landau’s attitude strikes me as a bit patronizing overall — a lot of “these people” and “these villagers” — but the system seems to be getting a fair amount of good press.)

Mobile Payment Security: What it means and how to implement it?

PayPal’s Hadi Nahari, whose background is in security, cryptography and identity management, starts out by calling smart phones “stupid phones” — “it’s just a little computer.”

Nahari establishes the importance of mobile systems: in addition to being widely available, they have countless uses. Also:

Mobile is the only digital system many people will ever encounter.

Nahari claims there is a “mobile identity crisis”: everyone has a stake in mobile systems, from those who create the devices to the telecom companies to product retailers to microfinance institutions to banks to a plethora of standardization bodies (“do you see an oxymoron here?” he asks) to the networks themselves. These players don’t always trust each other, making for a complex and difficult landscape.

Nahari displays a graph of mobile usage from October 2008 to February 2010. iPhone usage peaked in May 2009 and has decreased slightly since then (while still maintaining a huge chunk of the market), while Android usage has steadily risen. Other systems (WinMo, etc.) have decreased from about 25% of the market to around 5%.

Nahari uses Marc Andreessen’s definition of a “platform”:

“A ‘platform’ is a system that can be programmed and therefore customized by outside developers — users — and in that way, adapted to countless needs and niches that the platform’s original developers could not have possibly contemplated, much less had time to accommodate.
Marc Andreessen

He then describes the “mobile app warehousing ecosystem”: development, deployment to app stores, downloading to devices. This ecosystem is both distributed and open. He believes that different app stores will need to cooperate more in the future. Security has to be reasonable and cost-effective as well as usable. The rest needs to be handled via risk management.

Mobile Money: Legal and Regulatory Issues

I’m spending today at the Macroeconomics of Mobile Money conference at the Columbia Institute for Tele-Information (CITI). I wasn’t able to come to the first session on the macroeconomic impacts of mobile money, but the 11:30 session is on the legal and regulatory issues surrounding the rise of mobile banking and mobile payments.

Liveblogging. Please excuse misrepresentation, misinterpretation, typos and general stupidity.

Overview of Regulatory Issue of M-payments

The lawyers are going to say there’s nothing new, and the regulators are going to say, “yes there is.”
Richard Field, moderator

Benjamin Geva opens the panel by explaining the difference between access devices (which aid in the transfer of funds from one bank accounts to another) and stored-value products (where you load the value onto a prepaid card or something similar). The problem with mobile banking is that mobile phones act as both kinds of devices.

There are three types of mobile payments: SMS, web-based payments using wireless application protocol (WAP), and near field communication (NFC). NFC can only be used when two mobile phones are close to one another (“proximity payments”), while SMS and WAP can be used remotely.

The problem is that different regulatory articles apply in different situations, and mobile phones combine multiple situations in a single device and a single transaction. Neither lawyers nor regulators are sure which regulations to apply. Some of the key questions:

  • Does a mobile transaction actually involve money?
  • Does prepayment constitute a “deposit” in a “bank” of sorts?
  • If mobile money can be issued by a non-bank (like a mobile phone company that sells airtime), then should it be regulated?
  • Should it be protected in the same way that money in a bank is protected?

Geva thinks the best approach is to try to create a new, broader regulation system that would eliminate this confusion by covering all of these situations.

Regulatory Challenges in the Developing World

Leon Perlman, founding chair of the South African Wireless Application Service Provider’s Association, is up next to talk about legal issues in the developing world. He starts with some stats:

  • Over 1 billion people don’t have a bank account but do have a mobile phone.
  • By 2010, 1.7 billion people who won’t have a bank account will have a mobile phone.

Perlman argues that though we’re talking about mobile banking, what’s really happening on the ground is mobile payments. Microfinance institutions focus far more on payments than on a full suite of banking services, though “human ATMs” are becoming more popular.

He notes the “paucity” of existing laws related to mobile money — research currently refers to practices rather than regulatory guidelines. Lots of loopholes — both good and bad — exist for emerging technologies. In Kenya, the minister of finance decided to audit M-Pesa to see if it was legal; in Pakistan, a similar service was shut down by the government.

Many developing countries, including Kenya, Zambia, Pakistan and India, are currently developing laws on mobile banking and mobile payments. These laws vary in terms of how much regulation they’re applying and how much freedom mobile banking operators have to develop new services.

Perlman points out that some sort of coordination is needed with existing telecoms regulations, not just existing banking regulations. Who has jurisdiction? Who will bear the costs involved in accessing banking services? Mobile banking regulations must also be consistent with existing laws on e-commerce, consumer protection and privacy.

Another issue of concern is conflicts with common law views on banking and payments. What is money? What is the status of prepaid airtime? Is it part of your estate? These questions will only become more important as mobile banking becomes more popular.

Perlman argues that regulation should be proportional to the risk involved. Do we really need expensive regulation, or is more simple supervision enough for now? He strongly believes that policymakers should not be allowed to regulate the types of technology or transactions involved.

Perlman believes that branchless banking is a good thing, a way to increase competition against bank monopolies without completely disrupting the existing system.

Perlman concludes that there are no readily available supra-national answers to mobile banking regulation — we need to do this at the country level. We need necessary and sufficient regulation, but no more.

Opportunities and Dangers with E-payments

Carol Van Cleef is up next. She starts with a warning:

The criminals are the first adopters.

Criminals are motivated, Van Cleef argues. They want to know how the system works so they know how to make the most of it. So what does this mean from a public policy standpoint? How can we reduce the risk of misuse?

This networked climate forces us to rethink how best to protect our values and our security in a world where the tools for creating violence and chaos are as easy to find as the tools for buying music online or re-stocking an inventory.
Homeland Security Secretary Janet Napolitano

E-payments are attractive to consumers because they are convenient, fast, secure, cross-border and often anonymous. These same “features” mean that mobile money entrepreneurs worry about criminal (or even terrorist) money coming through their systems. This isn’t an abstract worry: we’ve already seen this happen with drug traffickers and other types of criminals.

Side note about the difficulties of compliance with existing regulations: the US has a law saying that if you put a payment system into place without having a license from the state in which you operate, you’ve committed a federal crime, which can then become the basis for a complete seizure of your assets. On top of this, all of your customers may sue you for losing their money.

Van Cleef argues that there will be criminal activity in a system — there’s no way to stop it — so organizations must focus on risk assessment. They must decide how to identify and verify customers, how to monitor their system, and how to allocate responsibility.