Digital Pounds - Part 4: Digital Identities

HMT and BoE recently launched a consultation on their proposal to introduce a Central Bank Digital Currency, the Digital Pound. Parts 1 and 2 of this series explore the case in favour of implementation, whilst Part 3 examines the risks to financial stability. This post considers a further key risk.

Questions Of Digital Identity And The Relationship Between Individuals And Accounts 

A distinct class of challenges arises when considering the link between individuals and accounts. The BoE have committed to holding no personally identifiable information (PII) and instead receiving anonymised account descriptors from Digital Pass-through Wallet (“wallet”) providers, who would perform identity checks. These identity checks, for the most basic of accounts, are expected to be minimal to avoid financial exclusion for those without traditional forms for ID. 

The consultation paper is not clear on whether individuals may hold one, or many, distinct accounts, a distinction which will create tensions with other policy goals. 

One individual, one account

If an individual is limited to one account then the BoE must hold enough information centrally to identify instances where the same individual applies for a second account through a different wallet provider. An individual opening an account would therefore, at a minimum, be required to provide and verify enough information to prove that they are not a match for any of the other account holders, or else it will be trivial to open multiple accounts. Name and DoB are unlikely to be sufficient to uniquely identify an individual — some national identifier (passport number, driving licence, NI number) or proof of address would also be required. Cryptography would likely allow the BoE to cross-match this data without seeing the actual content of the information (name, date of birth, etc) as wallet providers could provide BoE with a hash of the information (a one way, secure translation) which could be checked for uniqueness. Nevertheless, the quantity of information needed to verify that an applicant is unique, and therefore which must be collected by wallet providers, will be high. This is true whether the data is shared as the information itself or in an encrypted form. Asking for proof of address or a national ID would raise the identity requirements over those currently needed for basic bank accounts, rolling back work to allow those of no fixed address to access the financial system. As a result, such accounts would also be significantly harder to access than cash. 

Allowing only one account also makes segregation of personal finances more difficult. Cash readily allows for separation into rainy day fund, holiday savings and every day spending money. As does the opening of multiple accounts. If individuals are forced to hold all CBDC in a single, undifferentiated account this will cause difficulty for a number individuals who currently rely heavily on cash. 

One individual, many accounts

The alternative is that individuals are allowed to hold multiple accounts, making proof that you are a unique account holder unnecessary. However, to do this would jeopardise financial stability by providing an easy route to circumvent the account limit. 

Similar questions are raised when considering how many wallet providers are allowed to access (read information, push transactions) an individual's account. If only one provider can access the account then many of the purported innovation benefits will be lost. As at present, large providers will have an effective monopoly over each individual's account and be able to dictate the pace of innovation towards features such as embedded payment functionality. 

More likely is the alternative scenario where several providers can access one person's account. For example, one provider might build a budgeting app, another process micropayments and a third could auto-invest into stock market accounts. This type of innovation is, I believe, what is imagined by the authors when they talk of a single platform allowing innovation from new FinTech firms. 

However, once we move from a single trusted gatekeeper model (“I trust my bank”) to one where lots of firms potentially have permission to move my money around we place a huge burden on the individual to distinguish between trustworthy and untrustworthy providers. The infeasibility of this has been demonstrated by the recent failure of Silicon Valley Bank: individuals and small businesses do not have the time and necessary skills to assess the trustworthiness of institutions with whom they are opening simple deposit accounts. Banks typically avoid this problem by being highly regulated and relatively large in size and few in number. Wallet providers, in contrast, might be none of these. 

Presumably the BoE would enforce some level of scrutiny on wallet providers with permission to move funds from an individual’s accounts, but this scrutiny is certain to stop short of checking that the wallet providers cannot be hacked or are concealing fraudulent intentions. The move from a handful of regulated banks to presumably thousands of providers who could seek to provide wallet services on this new platform would make any vetting processes time consuming and costly. The burden for choosing who to trust with your money would fall heavily on the user, just as it does now with physical cash. The onus placed on individuals would be enormous and they are likely to be incapable, or simply unwilling, to absorb so much liability. 

—

This is Part 4 of a submission in response to HMT’s and BoE’s public consultation. To continue reading Part 5 click here. The further parts are available here.

‍