BankInfo 2019 retrospective
For the second year in a row, we attended the BankInfo conference organized by the Association of Serbian Banks. BankInfo is an annual gathering of all the key stakeholders from public institutions, banks and other financial institutions, IT companies, and academia with interest in the financial sector in Serbia. 26th BankInfo had the goal of providing the latest information about technology achievements and topics from the banking world with the participants. Likewise, the goal was to explore and consider improvements of the legal framework in which the banking sector operates. The conference was organized at the Grand Hotel Kopaonik between 9th and 11th October. Key topics were digital banking, payment systems, IT, information, and cybersecurity.
Miloš with the Secretary-General of Association of Serbian banks
We had the pleasure of having the opportunity to host two panels on two separate days. Our founders Miloš and Miroslav represented our technical solutions and held the panels in front of a large audience of participants.
Miloš hosted the first Blinking panel “Account transfer: New service on our market” during which he presented a technical solution we developed to tackle the requirements and obligations resulting from the changes and amendments to the Law on payment services in the Republic of Serbia. These changes stipulated that the subjects providing the payment services are obliged to provide citizens with an easy, simple, fast, and informative way of transferring their checking or savings account to any bank on the market. The sudden changes to the law that were added caught many off guard, while we saw an opportunity to create and develop a technical system providing and automating the required service and were actively doing so for some time now.
Miloš giving a talk about the account transfer service
Together with the Association of Serbian banks, we worked on developing the system for a little over a month, taking into consideration all the requirements resulting from both the Law on payment services and Law on the protection of private data. Association of Serbian banks would be the provider of the service of account transfer while our company would be the technical provider of service.
Focus on the PoC with ASB and Serbian banks
To reach the production phase, two phases need to be completed successfully: The proof of concept phase and subsequently the Pilot phase. We’ve had a big interest in the Proof of Concept phase with six banks from the Serbian market joining the PoC. Together with ASB we defined the test scenarios covering the possible situations, and are working on establishing network communications to start testing the system as soon as possible. The proof of concept phase is being conducted in a closed environment with secure connections and fake data. As agreed, banks were to delegate one employee in charge of project coordination. The focus of Miloš’s talk was on these issues while providing also an overview of the graphical interface for the system.
Miroslav providing an overview of problems surrounding the current approach to digital identity
On the 2nd day, Miroslav held the talk “Digitization of financial market: Digital identity” in which he approached and tackled many issues that led us to the development of Blinking. Namely, he touched upon the key problems surrounding digital identity up until now from the problems of identification by institutions, those surrounding privacy, and personally identifiable information, and especially focusing on security and our approach that until now resulted in always relying on the more simple identity checks rather than those which are more secure.
“If we are to move most of our activities from the physical to the digital world, establishing digital identity is necessary. However, since online tech enables us to create a lot more connections, the possible ramifications on our private data grow immensely. That is why we need to establish what we call Strong Customer Authentication, representing at the same time combination of something the user knows, has, and is. Each user should always have control of his own private data. Each user should give consent to private data access and sharing while retaining the right to be forgotten and the option to delete the data if deemed necessary. We consider private data to be very sensitive, that service providers should protect it with the highest possible degree of protection, and access to it should be highly secure. At the same time, we still use the most simple identity checks, smart cards are becoming obsolete, we keep and even write down passwords, keep our phones unlocked, not to mention the small population of people using 2FA. For a truly secure, reliable, and usable digital identity, we should explore adopting a solution that provides the balance of all the aforementioned factors.”
The second part of Miroslav’s talk was on the approach that we adopted in developing Blinking. Namely, creating trusted identity networks which should connect public and private institutions in a single, common, digital ecosystem for the exchange of data and documents which enables the end-users ie. citizen to create a digital identity to own and control their private data in a secure and safe manner.
We already touched upon the product we were developing in our previous blog posts and articles. In short, he talked about an overall solution for user identification (authentication) and access authorization that also provides a KYC utility for private data sharing with consent and secure storage of that private data. Our solution is SCA (Strong Customer Authentication) which means it is based on something the user KNOWS, HAS, and IS (biometrics) ie. user identity confirmation and authorization are based on creating a digital representation of a real person. After a brief talk on system functionalities and particular product features, Miroslav moved on to the approach we developed for digital onboarding in the financial system with the possible inclusion of any retail industry citizens rely on.
Lastly, he wrapped up his talk with the basic information as to why we relied on blockchain technology in creating our solution, the benefits and functionalities enabling us to create a true digital identity, and overall more secure way of accessing various services we need in our each and every day.