Q-Pay could mark the next sea change in finance

It’s possible that, as you read this, I.T. personnel at Bank of Shanghai are experimenting with trading and splitting tokenized coins with regulatory counterparts at the People’s Bank of China.

Coins that contain inherent identities and conditions.

Coins that could be strings of ones and zeros that define them as, say, comprised of 50% renminbi and 50% U.S. dollars, values that can then be divided and swapped solely, all with a single identifier tracking those movements.

Coins that could be exchanged peer-to-peer across mobile phones, with no need of an internet connection; or, if the telecom network fell, could be represented as printed-out QR codes that phones could read. And the values would be transacted immediately because the electronic message in those QR graphics is the equivalent of money itself.

Coins that could be used not just to hail a taxi, but to buy a car with your phone. Coins that don’t rely on a server or a cloud of servers to be exchanged, but on tiny amounts of power in a distributed world of mobile phones.

Coins whose identity is developed not by an algorithm but by “quantum randomness”, reflecting “pure” randomness that leaves no pattern, so that not even a quantum computer could ever use brute force to crack it – unlike crypto-currencies.

Coins that could be traded over a blockchain, if you wished, but are generated and authenticated by a central issuer, be it a bank, or a company, or a government.

Coins that could let China’s commercial banks compete today against Alibaba and Tencent, and global banks tomorrow.

Rethinking digital payments
Those are the possibilities that Bank of Shanghai is hoping to pioneer. It is in alpha test mode of a payments service it calls “pay like cash”, and which its foreign technology partner, Israel’s BitMint, calls Q-Pay, given its reliance on authentication that can resist the threat to encryption posed by quantum computers.

What makes Bank of Shanghai, a modestly sized commercial bank, think it can stop hemorrhaging customers to internet companies?

Amnon Samid, CEO of BitMint, can respond with a roster of product features, but these are ultimately underpinned by two guiding principles of the company’s. First, digital cash is about assigning identity, not just value. Secondly, it must be secure, which means there cannot be any pattern in how identities are assigned. (See here for our profile of BitMint from two years ago.)

Those principles have been applied to Q-Pay. Whereas internet competitors execute payments in the cloud, Bank of Shanghai customers can move money from their accounts to a mobile wallet, in which the tokens are represented digitally in much the same way that a serial number identifies a cash bank note. This is unlike most crypto-currencies, where the sequence of bits (ones and zeroes) only represents value, and the blockchain is required for authentication.

“BitMint payment applies to peer-to-peer, to business-to-business, and to government payment,” Samid said. “It’s a unified payment platform that applies equally to credit management and financial instruments of any kind.”

A different kind of security
Samid argues this makes it safer and easier to transact payments via mobile phones than, say, Bitcoin. And the ability to either split tokens or assign them conditions (similar to smart contracts) means Q-Pay is far more versatile than physical cash.

Moreover, these tokens are not generated on a blockchain. They need a central authority to mint them and assign IDs. This can still protect user identities in the way that WeChat users see one another’s chosen IDs without knowing their phone number or account name.

Of course, this is not the same as end-to-end encryption: the Chinese government can look at WeChat’s underlying customer data, while a Q-Pay system could also involve a central authority, depending on how it’s designed. But this also means that there’s no need for smart contracts relying on consensus; conditionality is embedded in the coin itself, so there are no issues around scale.

Samid argues, moreover, that Q-Pay is more secure than AliPay or WeChat Pay – or Bitcoin – because it is designed with “quantum randomness”. In these other systems, identities and passwords are generated by algorithms. In today’s world, these are secure, but passwords and private keys are cumbersome: they can get lost or hacked.

Quantum-proof
Q-Pay’s security is firstly embedded in the tokens themselves – there is no password or private key. Secondly, identities are derived through “pure” randomness that not even a quantum computer could hack.

“If you have pure randomness, not even the smartest computer can find something that doesn’t exist,” Samid said.

Generating a password that leaves zero pattern to find can only be done by tying it to physical phenomena that are beyond the ability of humans, or computers, to ever predict.

A physical solution to pure randomness relies on tiny, specialist nano-chips being designed to power the Internet of Things, which BitMint have configured for its own technology. Because the firm can’t embed chips in users’ smartphones, it has designed a software proxy that Samid says is almost just as impossible to crack.

This starting point allows BitMint to embed identities in the coins themselves, which means they can be traded among smartphones without ever traveling to a server.

For users in rural areas with spotty cellphone coverage, or in the event of a disaster like an earthquake that interrupts telecom networks, Q-Pay can still allow people to transact within a phone’s own signal range.

“The future is putting digital payments on the mobile itself, with quantum-grade security on top,” Samid said.

He says there will be purely commercial advantages to this approach that will become more apparent.

The future of “free” payments
Because Q-Pay transactions take place on a P2P basis (phone to phone), the energy consumption is distributed among users’ phones. That is a huge cost saving to the company running the network. Alibaba and Tencent have to finance servers and lots of functions to enable their payment systems, such as messages to confirm account balances and to settle.

Today, these companies have not charged users for payments, because they have used payments as gateways to other services. But they are no longer able to rely on spectacular growth to justify free payments: everyone in China uses them now. So unless they somehow find a way to grow overseas at a similar rate, Samid argues, they will start to charge users for payments, or they will see their profitability erode. But banks using Q-Pay will not face this problem. (See our story on what Ripple’s Brad Garlinghouse told DigFin about pricing payments.)

Samid makes a fascinating argument for BitMint’s technology and the direction of mobile payments, identity, and security. But will consumers actually use it? Bank of Shanghai, by itself, is too small to make such a change happen.

The question is whether the big-four state-owned lenders decide to adopt it, and then whether the PBoC – and the government – decides to use it to issue a digital renminbi.

These are both medium-term prospects. Bank of Shanghai is still in the alpha phase of testing it, although Samid says it is in talks with retailers and other companies about beginning beta tests this spring. The entire project could always be scuppered if the PBoC or the government gets cold feet.

But Samid is optimistic that the project is going to make its way into production. Bank of Shanghai has allowed the project to be publicly known, which suggests the PBoC is comfortable with it so far. (Bank of Shanghai executives declined to be interviewed.) And if it works, bigger banks will adopt “pay-like-cash” technology.

“Commercial banks urgently need to improve their offerings to customers,” Amnon said. He argues that the banker’s playbook, in China and around the world, has so far been to partner with third-party fintechs to attack niche products or issues around user interface. But he says this isn’t enough if banks want to compete against Alibaba and Tencent for cashless mobile payments.

Is digital money next?
Then there’s the question of whether the government will adopt his company’s technology to mint its own digital money (see our story suggesting they will wait).

He says BitMint has spent years discussing sovereign digital currency with many central banks, and the PBoC is the most advanced.

“They have the smartest, deepest understanding of the technical issues,” he said. Most other central banks view it in the context of cyber-security or monetary policy, but haven’t invested the time to learn the tech itself.

Besides: “The government is aware of what quantum can do, because they’re also developing those computers.”

Given its confidence in the project, BitMint is now boosting its commercial activities. It is setting up a China business. A Beijing investment firm, Joseph Investments, has taken an undisclosed minority stake in the onshore entity.

The firm’s portfolio companies include Taikang Life Insurance, Xiaomi Group, and names in other industries.

BitMint is also in talks with partners in Hong Kong about setting up an office there to take advantage of its new Faster Payments System, Samid said.

In 2004, he and his brother Gideon (the company’s CTO) set up the security foundation that today underpins Q-Pay. In 2008, they filed a patent for BitMint digital money, a few months before Satoshi Nakamoto published his groundbreaking white paper.

This month represents the 10^thanniversary of the creation of Bitcoin’s genesis block. Could it also mark the beginning of the next big innovation in digital finance?