Category Archives: Identity

BankID Norway – Evolution and Success

Posted on by
1

If you follow my 80+ blogs on identity, you should like this success story today.  The Norwegian digital identity scheme, BankID, serves as the #2 best financial identity case study (behind India’s UIDAI) with a penetration rate of 97% across 4.7 million citizens. What could US banks learn? What are their challenges in replicating this model? 

Today I’m giving the background on what BankID is.. In part 2 I’m going to interview my good friend Eric Woodward, former president of Early Warning and the creator of Zelle_ID (see youtube), at least until it was killed as the new CEO asked “what on earth does identity have to do with payments”. OMG

The FIDO Alliance is hosting a Webinar on Bank ID Norway tomorrow at 7am pacific.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

AP2 as Merchant Signals – 4 Scenarios 

Posted on by
2

Today I’m outlining three near-term scenarios (24 months) for how AP2 signals will work in agentic commerce. Per my blog last week, AP2 is the agentic payment scheme with the most momentum (160+ partners), but in the immediate term (2026–2027), it will operate primarily in a “signals” metaphor for 3 main reasons:

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Blog – AP2 Operations: Near Term – Long Term

Posted on by
Reply

© Starpoint LLP, 2025. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted, in whole or in part, in any manner without the permission of the copyright owner. Also, see our Legal/Disclaimer(this is a highly opinionated and partially informed blog). Enterprise readers, please consider Enterprise Subscription (not required for Starpoint Clients).

As most of you know, AP2 is an open spec with over 160 partners. Today I’ll discuss 2 scenarios for how AP2 will integrate with card payments (with consumer Authorization). While most understand the technology behind these scenarios, the politics and strategies may provide the best insights. Identity needs a network, but network effects create stasis or equilibrium as existing participants make investments based upon current operation. Cards are the incumbent, and networks have a great plan, the biggest hurdle isn’t tech, it’s getting everyone in the boat with the right controls, governance and economics.

  1. Scenario 1 – Near Term – AP2 credentials are one of many “signals” that work with merchant owned fraud. Signals will be consumed by Merchants and MSPs as they maintain responsibility for fraud risk, and by networks/Issuers for authorization (and tokenization). 3DS has been around since 2008, I wouldn’t expect us to move at lightspeed to scenario 2 until consumers (and new fraud vectors) drive us there.

  2. Scenario 2 – Long Term – Bank issued credentials inside the device bound secure Storage (Apple Enclave, Goog Titan M2, Samsung Knox) with Issuers (thru networks operating) as the governing authority. This will involve a liability shift, a new role for mobile in managing credentials, and a new governance regime. 

  3. Scenario 3 (not covered) is walled gardens that control all standards, operations and own the risk (ex Amazon).

A nice chart covering these scenarios is in this link, courtesy of Notebook LM and Julie Fergeson.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

2025: The Great Decoupling

Posted on by
Reply

Year-End Payments Recap

Summary: B2B Stablecoin and The End of the Interface Era

As we close the books on 2025, the payments industry finds itself at  a moment that future historians will likely designate as the end of the “Interface Era” and the dawn of the “Agentic Era.” For the past three decades, the digitization of payments has been defined by the migration of human intent from POS to digital screens. From the first e-commerce transaction to the ubiquity of mobile wallets, the fundamental atomic unit of the economy remained the same: a human being, interacting with a graphical user interface (GUI), making a conscious decision to exchange value for goods or services.

Continue reading

Europe’s Siege – Digital Sovereignty Strategy

Posted on by
Reply

Summary

EU’s  payment and identity landscape is currently the theater of a high-stakes conflict between regulatory ambition and commercial reality. For the past decade, European legislators have pursued a strategy of “regulatory innovation,” attempting to break the dominance of US-based technology platforms (Apple, Google) and payment networks (Visa, Mastercard) through legislative mandates. From the failed efforts of 2015 IFR (regulating excess profits), PSD2, PSD3 and eIDAS 2.0, the pattern is consistent: enforce technical openness in the hope that competitive markets will spontaneously emerge.

This strategy is fundamentally flawed because it conflates technical connectivity with commercial viability. While the EU has successfully legislated open APIs and is now forcing open the phone SE architecture, it has consistently failed to address the “commercial constructs” (governance, liability, and economic incentives) that make these systems work. Without a radical shift acknowledging the necessity of commercial constructs over regulation, the EU’s initiatives will result in compliant but commercially irrelevant infrastructure, that no one will monetize (or invest in), further relegating the EU to a second tier market and leaving US platforms to dominate.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Governance in Payments

Posted on by
1

© Starpoint LLP, 2024. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted, in whole or in part, in any manner without the permission of the copyright owner. Also, see our Legal/Disclaimer (this is a highly opinionated and partially informed blog). Enterprise readers, please consider Enterprise Subscription (not required for Starpoint Clients). 

Long blog – Paid Content

Executive Summary

I’ve been writing about governance, trust, transaction costs and payments for a long time. In my view THE KEY to understanding how stablecoins, agentic, DeFi, Open Banking, tokenization and other payment innovations is governance. I seem to be the only one writing about it, so I don’t see a reason to stop now. Governance is the BIGGEST competitive moat for Visa and Mastercard, and its also the heart of their biggest break out growth opportunity. If you thought AI was transformational, radically reducing transaction costs (TCE per Nobel work of Ronald Coase) will dwarf it. In fact the monetization of AI is a Gordian knot of governance issues (see Agentic Commerce and Governance). 

Today I’m expanding on “value exchange” governance with 5 core themes.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

ApplePay’s 11th birthday in iOS 26 – What’s New?

Posted on by
Reply

ApplePay turns 11 yrs old this month, a wallet that has gone from 0 to 84 countries and 11,000 banks. Hard to believe, my blog was the first to break the news of ApplePay in iPhone 6 back in 2014.  Back then I was on the advisory board of Money2020, and asked M2020 co-founder Johnathan Weiner to hold a place in the agenda for Apple Pay. September rolled around and we still had an “empty” slot, I told him to trust me. It worked out well, as Apple finally rolled it out on September 9th 2014.  There was so much innovation in the initial wallet from tokenization, provisioning, credentials in the secure enclave, … and of course the game of chicken Apple played with Issuers on their 15bs (in US, 7bps in EU see story). 

I just installed iOS 26 this morning, so what’s new in iOS 26 w/ ApplePay

Continue reading

APIs – More Banks to Follow JPM – Pricing Implications

Posted on by
1

As I stated in my Monday blog, Open Banking is dead in the US. Pay by Bank (and open banking) is effectively dead in the US. This follows JPMorgan’s move to push out its new API pricing structure to data aggregators and other third parties in the first week of July. This development comes as the “new” CFPB seeks to vacate its Section 1033 rule.

The latest is that we can expect most other major banks to roll out their own pricing within the next two weeks. These banks will have different pricing, as there was no coordination among banks. JPM has always been the most forward in protecting consumer data. A new pricing floor for data access has been established. Now that other analysts have weighed in, I can recap the pricing framework. 

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Stripe Acquires Privy – Link expands as Does Stripe’s “Gatekeeper” Position

Posted on by
Reply

Stripe’s announcedits acquisition of Privy yesterday, web3 wallet infrastructure platform that enables developers to easily build and integrate secure, self-custodial wallets into their applications with well defined APIs (consistent with everything Stripe does). 

IMHO this signals an acceleration of Stripe’s strategy to dominate the intersection of eCom, wallets, Finance and stablecoin, with a likely product focus on embedding user-friendly stablecoin wallets directly into merchant checkouts and developer platforms. This will greatly expand and “juice” stablecoin adoption in eCom, particularly when combined with LINK. While it COULD present a slight challenge to cards, I don’t see near term impact there (per blog last week). US and EU consumers prefer card, merchants do as well (due to governance and customer support), ROW, micro payments, cross-border, small merchant acquiring/payfacs (and other edge UCs are a different story). 

Continue reading