49. Compliance as a service
API’s
KYC & AML checks
Transaction scanning & monitoring
Frameworks & procedures
Licenses
Editor's Notes
Did 15 years of system integration software development.
Logistics & Financial data.
Good times, but frustrating:
Simple things tend to made into really complex things
Slow, one comma separated / XML mutation would sometimes take > 4 sec.
Around 2011: looked at Bitcoin.
Get rid of banks (didn’t see that happening)
Pay for usenet access and other things you wanted to do anonymously
… Continued with life
Fast forward 2016, 2017
Some blockchain payment initiatives
More attention for international payments & blockchain
Of course: interesting
Bitcoin: slow, expensive & wasteful
Somewhere 2016, intrigued;
“We should be able to move value as easily as we move information”
[appear]: by Ripple
— that struck me
Oh yeah, and they were using blockchain tech.
Let’s play with it.
So. Deep dive into the XRP ledger.
////>>>
So. Deep dive into the XRP ledger.
Had a node running in a few minutes
JS: all starting devs can start coding XRPL in minuts
Transactions in JSON format: practically the standard for web apps (and other apps), so that’s easy (and readable)
Websockets: all programming languages and all browsers (internet explorer, edge, chrome, safari, firefox)
Consensus: not wasting energy, »»»»»»»»
Ledger closes in 4 seconds.
Now that’s the time you can ask consumers to look at a “payment in progress” loader :D
That’s 5 zeroes and a 5.
(Yes, that’s 200k transactions for 1$)
… THAT’S INTERESTING
Can use it for web projects straight away.
XRP Ledger let’s you do some awesome things, no need for smart contracts;
Multi sign, security; husband and wife or more complex recovery / security scenario’s
Escrows, lock money for some time
Memo’s: send information with payments
>>> Quick example
Pretty cool,
Escrow & Memo’s
[] TX type
[] Memo’s
[] Outcome
[] Outcome circle decoded hex
Now that’s really nice, but this could of course also be used for additional meta info for payments, like invoice no, product ids, serial no’s, or just a reference for internal accounting.
IOU’s: issue currencies on ledger and allow transacting in that currency
Decentralized exchange: allow people to trade between native asset …… (> autobridging)
allow people to trade between native asset …… (> autobridging)
XRP and IOU, or IOU/IOU
- Autobridging
.. That’s interesting ..
… And on top of that there was also Interledger (ILP)
Routing money blazingly fast, cross ledger, cross currency.
Actually: so fast, so cheap, it allows for instant, global STREAMING PAYMENTS
Now ripple focusses at banks & FI’s,
But this tech is actually REALLY interesting for consumer / SME use cases as well
Can think of a few use cases;
Let’s BUILD
Build for fun, right?
Along the way:
Some open source libs
Some tutorials
>>> Hardware-Software things >>>
Raspberry Pi + ILP = turn something on/off based on streaming payments
All fun, but first real global micropayments experience started as a hobby project
>>> TipBot
XRP TipBot 500k USD sent to date EOY 2017
Lots of traction.
>>> CF stats
People started to pay for stuff using the TipBot.
(Not what I expected, not for payments but small tips)
But apparently blockchain tech + simplicity + easy to access user interface (social, app) works, right?
Feels like this should be used for more than a social media tipbot ;)
What if this would not be a TipBot, not a hobby project, but actual cross border payments!?
Like sending some amount of your own currency to a friend, in a few seconds, to whatever other currency. Which would technically be really easy
— (Especially the code)
on the XRP Ledger thanks to auto bridging on the decentralised exchange.
Cryptocurrencies and crypto wallets allow you to do this. It’s easy: just enter a long destination address or scan a QR code, and enter an amount, right?
However; how many payments are actually working like that?
How may payments are going from person A to person B?
Most payments are actually “pull” payments. You want to buy something (in a store, or webshop)
and the store wants _you_ to pay _some amount_.
So. We decided we had to “reverse” the process for crypto payments.
With a UX like online banking instead of those scary crypto wallets.
>> (and while we’re at it (ILP))
And while we’re at it, enable users to start and stop streaming payments on the go.
To charge your car, pay for the parking meter, to play a movie, etc. Low value, time use and time based payments.
So.
We were planning on building a user friendly way to send payments and payment requests, in any currency
On the XRP Ledger or over ILP.
[appear]: in any currency
And then Ripple’s ecosystem investment initiative XPRING funded us to actually build it.
OPEN SOURCE platform + app
Allow devs & users to connect
>>> No user error, payee defines transaction details
Send a payment request, with a memo like tx id for your own accounting.
YOU define the currency you request to receive. The sender may just send any other currency.
Sample: memo with TX identifier, …
XRPL: Memo’s, etc. :D
< XUMM >
Many crypto wallets already. But we’re not building one.
We’re building a BANKING APP experience.
[Next: sign request]
To understand what this means, let’s first look at the way a transaction is composed today,
And how it ends up on the XRPL.
The account (XRP) owner signs a transaction, and the client (wallet app?) submits it to the XRPL.
Transaction contains source, destination, tag (routing), amount, and some other stuff to make sure the transaction can be delivered. »»»
<<< NEXT: What the end users knows »»»» >>>
…. Now the END user knows some of the details, not all of them.
Beneficiary knows the other parts. So now there needs to be some kind of exchange. Entering data, scanning QR, copy pasting: prone to mistakes, not user friendly.
Not really efficient. Not really easy. So how about moving this process to the developer/beneficiary? »»»»
Developer knows the destination, probably the amount (pull), but doesn’t know what account the end user would like to use for the payment, and cannot sign, not his key
so. »»»»
XUMM solves this by being the hub where the developer/beneficiary and the end users can meet, each one adding what they know to the flow.
So what would the paying + signing process look like with XUMM? »»»
First the developer/beneficiary composes an incomplete transaction. Only the known parts are filled. Not a valid tx for the XRPL, but we’re not sending it to the XRPL, but to the XUMM platform. »»»
Now the XUMM platform generates a payment request QR, and if the user did business with the developer/beneficiary before —and decided to trust them— the request may even be sent directly to the end user with a push notification.
So what does the process look like for the end user?
First the user will see the sign request.
Either by scanning a QR,
By seeing the new request pop up in the sign app
Or by receiving an actual push notification.
The user will review the transaction. “Do I really want to sign this?”
Payment: sending funds for payment, or fund request by exchange
Offer: Can be decentralised exchange, token exchange, token to stable or the other way around.
AccountSet, …
The user may have multiple accounts. Hot wallet for payments, savings account, partner joint account, …
Now the blanks in the transaction can be filled in, and only the signing is left »»»
Depending on the level of security for the selected account, the user will have to authenticate.
Eg. Hot wallet for payments, relatively low balance, lower security: easy to use: just scan face or finger
Savings, lots of funds, not for daily payments: additional security: passphrase (doesn’t really work in a store or parking garage to pay for the ticket, so that’s why we believe a hot+cold wallet model will work well for most users)
Now thanks to the XRPL there’s just a 4 second wait until the transaction has been processed, verified and included in a new ledger.
Developer was passive during the entire process.
Developer gets active notification (don’t call us, we call you)
End user: Signed, submitted, back to originating app and flow.
And this entire process happens without the secret keys ever being sent over the internet, and without the user ever having to expose them to the developer, beneficiary or the open source XUMM platform.
So. Nice plans. Just build it, right?
However, we quickly realised that to offer a great user experience,
People want to use their own currency. The other side wants to receive THEIR own currency. Possibly XRP in between (or maybe someone wants to send / receive XRP, why not)
And you want to send streaming payments without draining your battery or halted payments when you run out of phone battery. So we’d need to offer some kind of prepaid ILP balance.
[‘That’s easy to develop’>>>>>]
Easy to develop, bank with API, XRP ledger, take care of security, but…
This is custody.
Now what… We’re devs.
Hello licenses, hello regulation, hello compliance, hello all kinds of non-dev things!
[ >> So. Nice challenge. Let’s see where we get?!!? ]
Journey so far. Which licenses?
NL (called, difficult, not clear)
Estoina (crypto licenses)
Lithuania (banking — welcoming, great info, on boarding processes)
Crypto license? Banking? EMI?
And that’s just one country, EU. We’re talking software. Global reach. We’re talking 2019. Global payments.
But actually the hardest part was (<CRIMINAL RECORD>)
Hardest part: getting your criminal record when you’re Dutch
>> Anekdote
Certificate of conduct
categories
Only if relevant
ECRIS
UK
Poland
So. While we’re going through all kinds of paperwork,
getting help from specialised consultancy firms,
learning all about KYC, AML, AML, procedures, licensing, …
One can dream.
- Tech is there
- Devs are there
- Funding is there
… But building something really cool and putting it to use is getting harder and harder (or it was already, but: unclear, uncertainty)
((Or maybe I’m just lazy (you know, devs like to automate everything)))
>> NEXT: CaaS
Wouldn’t it be great if Compliance as a Service would exist;
One stop shop (API’s, embed in your own platform and software)
KYC & AML checks
Transaction scanning & monitoring
Frameworks & procedures
Licenses
>>> Next: FINISH
So we will be building, as will many other companies and devs,
And we’re sure many things will change, really rapidly,
The coming years. Fast, cheap, global payments. Streaming payments.
I can’t wait for when governments, regulators, startups & devs get together so we can all fully unleash the
“INTERNET OF VALUE”