Skip to content

ACT Canada Driving Insights – November and December 2019

Welcome to the November and December 2019 edition of ACT News – Driving Insights. This complimentary service is provided by ACT Canada.  Please feel free to forward this to your colleagues.

In This Issue

Features ACT Canada Member Scotiabank
Features ACT Canada Member Central 1 Credit Union
Features ACT Canada Member Discover
Features ACT Canada Member Discover
Features ACT Canada Members Gemalto and G+D Mobile Security
Features ACT Canada Member Walmart
Features ACT Canada Member Payments Canada
Features ACT Canada Member Global Payments
Features ACT Canada Member Scotiabank
Features ACT Canada Member Discover
Features ACT Canada Members Gemalto and MasterCard
Features ACT Canada Members MasterCard
Features ACT Canada Members MasterCard and Tangerine Bank
Features ACT Canada Members MasterCard

ACT Canada Partners

Payment Network Partner

Interac Corp. operates an economical, world-class debit payments system with broad-based acceptance, reliability, security, and efficiency. The organization is one of Canada’s leading payments brands and is chosen an average of 16 million times daily to pay and exchange money. For more than 30 years, Interac Corp. and its predecessors, Interac Association and Acxsys Corporation, have facilitated secure financial transactions through the development of innovative and convenient debit and money transfer solutions. A leader in the prevention and detection of fraud, the organization has one of the lowest rates of fraud globally.

Mar19 II (1)
Principal Member
member since 2013
General Member
Visible Commerce Connection Inc.
new member!



Looking For good people?

There is a lot of movement in the market, so if you are looking for new employees, we are always aware of some great people. Please contact ACT Canada for more details -

looking to hire

Calendar of Events

Money20/20 Asia
Mar 24-26, 2020
ACT Canada Members receive a
$250 discount
Payments Canada SUMMIT
Montreal, QC, Canada
May 25-27, 2020
ACT Canada Members receive a 30% discount



Source: The Daily Hive (11/6)


Toronto is one of the top cities in the world for entrepreneurs looking to launch a tech venture. According to a new report by relocation experts Movinga, Toronto ranks the 8th best city for entrepreneurs moving abroad to start a business. Movinga launched a series of studies looking into the best locations for opportunity, and in its recent study, it focused on those looking for new business opportunities abroad.


They looked at 75 cities from around the globe, selecting those that “are renowned for their entrepreneurial spirit, business opportunities and economic growth.” In terms of the list, they looked at the entrepreneur ecosystem in each city, which also included start-up costs, opportunities for female founders and the typical timeframe for setting up a new business.


“The main industries for growth in the tech/digital venture category is one of the most interesting datasets in this study. With Artificial Intelligence taking top spot and Blockchain making a noticeable appearance, digital entrepreneurs are clearly leveraging future-facing technologies more than ever,” said Marta Blanco Amez, Vice President of Marketing at Movinga.


“What those planning to launch their own business need to decide, is do they go with a city containing an established network of people in the same field, or do they go where there’s less competition? We hope that this index can help technology startups to make these difficult decisions.” San Francisco came up on top as the best city to launch a tech startup, with a flourishing tech ecosystem, large access to talent and venture capital. London and New York take 2nd and 3rd place, respectively.


Toronto was the only Canadian city on the list, and ranked 8th overall.


Source: The Star (11/4)


Metrolinx plans to start testing an open payment function on its Presto fare-card system as early as next year — but it could still be some time before TTC riders are able to use the long-awaited feature. Open payment would allow transit users to pay their fares by tapping a contactless credit card, debit card or mobile phone on a Presto reader. It’s seen as key way to modernize transit systems by enabling passengers to pay for their rides without having to purchase specialized products such as tickets or fare cards. Metrolinx, the provincial transit agency that owns Presto, has for years been promising to implement the feature but hasn’t provided a firm timetable for doing so. Now, the company says it plans to test the payment method on GO Transit buses next year.


Metrolinx CEO Phil Verster revealed the trial Monday at a press conference in Etobicoke with Mayor John Tory and Premier Doug Ford. The event was called to mark the city and provincial governments reaching a major transit agreement last week.


“We are very excited about an open payment trial that will start somewhere during 2020, that is going to start open payments on Presto,” Verster said in response to a reporter’s question about the fare card. He defended Presto in the wake of fresh concerns raised by a city auditor general report released last month. It concluded oversight of the system is so lax it’s impossible to know how much fare revenue the TTC is losing as a result of malfunctioning Presto machines. Verster said his agency is working with the city to address those issues, but argued transit riders have adopted Presto in large numbers and customer satisfaction is “exceptionally high.” Presto plans to install new Presto devices on GO Transit buses in November that will be capable of open payment, but a software upgrade required for the feature won't be in place until 2020.


Yet he acknowledged the fare card risks becoming outdated. Open payment has been available on London, U.K.’s transit system since 2012, and was introduced on Vancouver’s TransLink system last year.


“We need to move the Presto product as it stands now into the new age,” Verster said.


“We are busy finalizing a way forward that would put Presto on your mobile device, allow for open transactions with credit cards on the system, and a couple of exciting features that would take Presto into the next generation.”


Metrolinx spokesperson Anne Marie Aikins clarified after the event that the agency plans to start installing Presto readers that are capable of supporting open payment on GO Transit buses later this month. But a software upgrade required to actually introduce open payment isn’t expected until sometime in 2020, at which point the agency would launch a trial of the feature before rolling it out more widely. Aikins couldn’t say when open payments could be available on the TTC.


“We have very exciting plans for modernizing Presto, and we’ve been actively sharing and discussing these plans with all of our transit agency partners, including the TTC. We are still working to finalize these plans and will have more information to share in the future,” she said.


Source: ThreatPost (11/22)


Although the data was legitimately scraped by legally operating firms, the security and privacy implications are numerous. An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet.


First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes of data. It consists of scraped information from social media sources like Facebook and LinkedIn, combined with names, personal and work email addresses, phone numbers, Twitter and Github URLs, and other data commonly available from data brokers – i.e., companies which specialize in supporting targeted advertising, marketing and messaging services.


Taken together, the profiles provide a 360-degree view of individuals, including their employment and education histories. All of the information was unprotected, with no login needed to access it.


“It is a comprehensive dataset collected from B2B [business-to-business] lead-generation companies’ lists,” Diachenko told Threatpost via Twitter. If accessed by cybercriminals, the data, which includes scores of related accounts tied to each individual, could be used for highly effective, targeted phishing attacks, business email compromises and identity theft, among other things.


“Information like this is extremely useful to criminals as a starting point in hacking a number of related accounts and also lends itself the potential for increased credential stuffing attacks,” Carl Wearn, head of e-crime at Mimecast, said via email. “This information obviously also provides a fantastic treasure trove of information for the means of industrial, political and state-related espionage and there are multiple malicious uses for the data leaked from this breach.”


For affected consumers, remediation is no picnic, either.


“Data breaches that expose information such as phone numbers to personal accounts like email or social accounts are just as serious as ones that expose payment information,” Zack Allen, director of threat operations at ZeroFOX, told Threatpost. “Luckily for payment information, you can change your credit card, or your password to your accounts. But what can victims of this breach do when their phone number and Facebook profile is leaked? Changing your phone number can cost money with your carrier, you also have to update all of your contacts with your new phone number, plus all of your two-factor accounts.”


Data Broker Sources


Diachenko and Troia’s investigation uncovered that the data sets came from two separate lead-generation companies, whose business it is to assemble highly detailed profiles of individuals: People Data Labs (PDL) and OxyData[.]io.


“The majority of the data spanned four separate data indexes, labeled ‘PDL’ and ‘OXY,’ with information on roughly 1 billion people per index,” the researchers wrote in a writeup on Friday. “Each user record within the databases was labeled with a ‘source’ field that matched either PDL or Oxy, respectively.” After notifying both companies, both said the server in question did not belong to them. However, the data certainly appeared to.


“In order to test whether or not the data belonged to PDL, we created a free account on their website which provides users with 1,000 free people lookups per month,” the researchers explained. “The data discovered on the open Elasticsearch server was almost a complete match to the data being returned by the People Data Labs API. To confirm, we randomly tested 50 other users and the results were always consistent.”


OxyData meanwhile sent Diachenko a copy of his profile, and the data fields also matched. The researchers said they were unsure how the data came to be collected in the now-closed database. Could it be a customer of both PDL and OxyData, they wondered? Or, was the data had been stolen and placed in the storage bucket by hackers? The only clues as to the owner of the server was the IP address (, and that it was hosted with Google Cloud.


Liability and Privacy Concerns


While the incident is not a data breach per se (but rather a story of yet another misconfigured server), it brings up two different concerns. First, what liability do the data originators (PDL and OxyData) have to the people whose profiles were exposed? And two, even though the information is aggregated from allegedly public sources, what does this kind of “data enrichment” mean from a privacy perspective?


To the first concern, Kelly White, CEO at RiskRecon, believes that the lead-generation companies are on the hook for the exposure.


“Data…is easily and perfectly replicable,” she said via email. “Every location where the asset exists must be known and protected. This requires that purveyors of sensitive data know their customers well and for what purposes they will use the data. Regulators are increasingly holding the original aggregators of sensitive data responsible for the protection of sensitive information, regardless of where it is stored or to whom they share it with. As such, while the originator of this data may not have been breached, they will likely suffer blowback.”


Diachenko took a similar view: “One could argue that because PDL’s data was mis-used, it is up to them to notify their customers.” To the second concern, the privacy implications around rich personal profiles continue to be a source of discussion. “Collected information on a single person can include information such as household sizes, finances and income, political and religious preferences, and even a person’s preferred social activities,” noted Diachenko and Troia, in their posting.


Worryingly, some of that information can come from sources that are decidedly not public. For instance, one of the phone numbers returned for Diachenko’s profile was an old landline that came as part of an AT&T TV bundle. “The landline was never used and never given to anyone – I never actually owned a phone, yet somehow this information appears in my profile,” he said.


The most famous example of the mis-use of such profiling is the Cambridge Analytica scandal, in which Facebook allowed a third-party application to hand over the data of up to 50 million platform users to the company. That was then combined with other data to create highly detailed profiles that the Trump campaign used to micro-target population segments with 2016 election messaging. This latest revelation of the breadth of such data-enrichment underscores that even after Cambridge Analytica, privacy practices have not moved forward, Diachenko noted.


“Due to the sheer amount of personal information included, combined with the complexities identifying the data owner, this has the potential raise questions on the effectiveness of our current privacy and breach notification laws,” he said.


Mimecast’s Wearn agreed: “This particular breach highlights the trade in personal details which takes place and the inherent risks to this normalized and relatively uncontrolled practice,” he said. “Due to its scale, it will undoubtedly add to calls for better regulation and security in relation to the storage of personal data.”


Source: The Office of the Privacy Commissioner of Canada (10/31)


On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).


Organizations subject to PIPEDA are required to report to our office any breaches of security safeguards involving personal information that pose a real risk of significant harm to individuals. They also need to notify affected individuals about those breaches, and keep records of all data breaches within the organization. Previously, data breach reporting to our office was done on a voluntarily basis.


Since reporting became mandatory, we’ve seen the number of data breach reports skyrocket. Some of those reports have involved well-known corporate names, but we have also seen significant volumes coming from small- and medium-sized businesses. With nearly a year of experience under our belt, we’ve noticed a few things we’d like to share, and given we are at the anniversary of this important milestone, we couldn’t think of a better time to do it.


The Numbers


Since November 1st, 2018, we have received 680 breach reports. That is six times the volume we had received during the same period one year earlier. It’s a staggering increase and higher than we had anticipated given the experience of our counterparts at the Office of the Information and Privacy Commissioner of Alberta when their mandatory reporting laws came into effect. These reports have also been revealing and have offered a clearer picture of the challenges faced by Canadian businesses.


According to those reports, the number of Canadians affected by a data breach is well over 28 million. That number includes, of course, some of the huge breaches that have made the headlines – Desjardins and Capital One, for example. Our work and observations to date have highlighted the importance of taking steps to reduce privacy breach risks. Here are a few of those tips:


Know what personal information you have, where it is, and what you are doing with it. When and where do you collect personal information? Where does that information go? Who can access it, and what do they do with it? You must understand your data before you can protect it!

  • Know your vulnerabilities. Conduct risk and vulnerability assessments and/or penetration tests within your organization to ensure that threats to privacy are identified. Don’t just focus on technical vulnerabilities, though. Are third parties collecting personal information on your behalf without appropriate safeguards? Are your employees aware of risks and their privacy responsibilities? Over the last year the OPC has seen each of these scenarios lead to a breach. Identify your organizations’ weak points before a breach identifies them for you!
  • Be aware of breaches in your industry. Attackers will often re-use the same attacks against multiple organizations. Pay attention to alerts and other information from your industry association and other sources of industry news. Don’t be the next vulnerable target!
  • By way of example, a trend we have seen in the telecommunications industry is fraud through impersonation, where bad actors have convinced customer service agents into believing that they are an account holder. They do this by drawing from publicly available information, information from other breaches, phished information as well as social engineering techniques. Once they’ve convinced the customer service rep, they make changes to the account, such as requesting that a phone number be assigned to a new SIM card, ultimately allowing them to access other accounts. We understand fraudsters target one company and, as the company addresses the issue, the attackers move on to another company.


Early breach trends


The majority of reported breaches – 58 per cent – involved unauthorized access.


We have seen a significant rise in reports of breaches affecting a small number of individuals – often just one and sometimes through a targeted, personalized attack.  This is the correct approach to reporting: there can be risk of significant harm even when only one person is affected by an incident. Employee snooping and social engineering hacks are key factors behind breaches resulting from unauthorized access. In fact, roughly one in four of the incidents reported to us involved social engineering attacks such as phishing and impersonation.


Fraudsters and other bad actors use increasingly sophisticated tactics to convince employees at an organization that they are someone else. For example, they employ a variety of psychological techniques, try multiple avenues to get at personal information, use publicly available information and information disclosed in other privacy breaches. More than one in five data breaches reported to our office over the past year involved accidental disclosure. This would include situations where documents containing personal information are provided to the wrong individual (for example, because an incorrect email or postal address was used, or an email was sent without blind copying recipients) or are left behind accidentally.


Situations where information may have been disclosed due to the loss of a computer, storage drive or actual paper files accounted for 12 per cent of the breach reports we saw. Theft of documents, computers or computer components, which led to a data breach, accounted for 8 per cent of the breach reports.


Tips on responding to a breach:

  • Contain it! (e.g., stop the unauthorized practice, recover the records, shut down the system that was breached, revoke or change computer access codes or correct weaknesses in physical or electronic security).
  • Designate someone to lead the initial breach investigation. This individual should have appropriate authority and knowledge to conduct the initial investigation and make initial recommendations. If necessary, a more detailed investigation may subsequently be required.
  • Determine who needs to be made aware of the incident internally, and potentially externally, at this preliminary stage. Escalate internally as appropriate, including informing the person within your organization responsible for privacy compliance. Make sure to review our document What you need to know about mandatory reporting of breaches of security safeguards to fully understand your obligations.
  • Be careful not to destroy evidence that may be valuable in determining the cause or allow you to take appropriate corrective action.


When to contact our office

  • Only a breach involving a real risk of significant harm to individuals needs to be reported to our office. Real risk of significant harm is determined based the sensitivity of the personal information involved in the breach and the probability that the personal information has been, is being or will be misused.


Wait, there’s more!


Commercial organizations that are subject to PIPEDA should know that it’s not just reporting data breaches that is now mandatory. Commercial organizations must now keep and maintain a record of every breach of security safeguards involving personal information in its possession.


While there’s no need to report a breach to our Office that does not present a real risk of significant harm, companies must maintain a record of every breach that occurs within their organization, and keep those breach records for a minimum of two years.   And importantly, the OPC has the authority to proactively inspect those records.


To that end, the OPC has just completed a record review exercise, examining organizations’ breach records to assess compliance, and get a better sense of the plans, tools and approaches organizations are using to meet their breach record and reporting responsibilities. The full analyses of this inaugural exercise is underway, but we are confident it will help us learn not only about compliance with breach record maintenance, but also the challenges and pain points that may exist for organizations. Once the analyses is complete, we plan to share our results, and reflect on how it can inform existing and/or future guidance on mandatory breach responsibilities, including assessment of the real risk of significant harm.


Through both the exercise and the breach reports we have received to date, it has become clear that breaches remain an ongoing threat for all organizations. Businesses need to be aware of the myriad of potential risks and tackle them through a combination of technology, training, policies and processes.



Source: 9To5Mac (10/30)


Apple Pay has been growing at a brisk pace recently, and Tim Cook is making a point to emphasize that fact. During Apple’s Q4 2019 earnings call today, Cook touted that revenue and transactions for Apple Pay doubled year-over-year as the service continues to outpace PayPal.


During Apple’s Q3 2019 earnings call earlier this year, Cook pointed out that Apple Pay was growing faster than PayPal. This time around, Cook continued that comparison – but with some more data.


In total, Cook says that there were 3 billion Apple Pay transactions during Q4 2019. Apple Pay transactions and revenue both doubled year-over-year, Cook added. What about PayPal? In comparison to PayPal, Cook says that Apple Pay exceeded PayPal transaction volume and is growing 4 times as fast. All in all, Apple’s Q4 2019 represented an “all-time record revenues from payment services.” Here are Cook’s full remarks about Apple Pay: We had all-time record revenues from payment services. Apple Pay revenue and transactions more than doubled year-over-year, with over 3 billions transactions in the September quarter; exceeding PayPal’s number of transactions and growing 4x as fast. Apple Pay is now live in 49 markets around the world, with over 6,000 issuers on the platform.


We believe that Apple Pay offers the best possible mobile payment experience, and the safest, most secure solution on the market. We’re glad that thousands of banks around the world participate. Apple also announced on the call that Apple Card will soon added a new 0% interest financing option for iPhone purchases.


Source: PYMNTS (11/20)


With more than 4.1 billion user credentials exposed in the first half of 2019 alone, financial institutions (FIs) are rushing to artificial intelligence (AI) to prevent fraudsters from using them. Yet, for fraud prevention, Scotiabank Executive Vice President Rania Llewellyn says banks must take a more selective approach than applying AI to every use case. In the latest Digital Banking Tracker, she discusses how the bank revamped its fraud strategy by adopting AI innovation at a slower, but more deliberate, pace.


FIs’ fight against fraudsters is growing ever more complex. It is estimated that more than 4.1 billion user records have been exposed in the first half of 2019, and more than 20 breaches are reported every day. This rampant availability of users’ data makes it easier for bad actors to wreak havoc and commit fraud.


Many FIs have looked to mitigate this growing threat by deploying advanced learning tools such as artificial intelligence (AI) and ML, but fraudsters are quite familiar with them. Cybercriminals are commonly using the same technologies to design and develop nefarious attacks, such as the botnet Mirai and malware like Deep Locker, which used AI and facial recognition to identify targets through factors like geolocation and online behavior.


It has therefore become imperative for FIs to rethink their use of AI and ML to successfully fend off these attacks. They must completely understand the problems they intend to solve before implementing AI and other automated tools, according to Rania Llewellyn, executive vice president of global business payments at Scotiabank. She recently spoke to PYMNTS about how Scotiabank has revamped its fraud strategy in recent years.


“I think one of the key learnings is that we actually need to take a step back before leveraging these new technologies,” Llewellyn said. “We need to reimagine these processes from an end-to-end perspective before we apply AI and ML to them. Otherwise, you are introducing a technology to a process that is broken to begin with and just automating it, so you are not getting the operational efficiencies and the pickup that you could potentially get out of it.”


Scotiabank’s Three-Pronged Innovation Strategy


The increasing sophistication of fraud attacks has led Scotiabank to reassess how it employs AI, ML and automation. That includes utilizing AI for not just consumer-facing use cases and back-end processes, but also for fraud protection.


“At the end of the day, security and safety are absolutely crucial, so we need to make sure we understand what the fraud patterns are and what’s changing in our industry and make sure we’re protecting our customers and keeping them safe,” Llewellyn said. “The fraudsters out there are becoming very sophisticated, so it’s always top of mind as to how we get ahead of them.”


The FI is combating global fraudsters’ sophistication with technology like AI, as well as educational seminars for both its business and retail banking customers. Banks keeping pace with fraudsters developing new data access techniques cannot approach AI development in a simple, regular way, so Scotiabank is moving its technology and implementation strategies outside of its own innovation lab.


“Most of the use cases where we are currently using [AI and ML] — and we have been using AI [and] ML for a while at Scotiabank — have been internal use cases to create operational efficiencies, or [to] look at data for customer analytics and insights or for risk decisioning,” Llewellyn said. “But we have a three-pronged approach in terms of how we are looking to identify opportunities for AI and ML, and [the approach] is not just for AI and ML. It is really for any new innovations and trends out there, which would include fraud and cyber.”


This three-pronged approach includes partnering with academic institutions, FinTechs and venture capital firms through developments like the Scotiabank Centre for Customer Analytics at the Smith School of Business. The FI works with graduate students and subject matter experts at the school to solve for future pain points, Llewellyn noted. Scotiabank is also searching for in-house experts who may be able to provide a more in-depth look at the bank’s use of new technologies, but in doing so it competes with all other banks on the global stage.


Scotiabank’s approach has led to insights into customers’ behaviors and how AI may be best utilized to differentiate legitimate users from illegitimate ones, providing a key way for the bank to bolster its fraud defenses. It also allows the FI to access up-and-coming fraud-fighting technologies, as well as a pool of experts who can help apply the tools and identify any weak points.


That advantage is key because the competition among talented specialists is especially fierce, Llewellyn explained. Having such employees on hand is critical not only to keeping fraud-fighting efforts running smoothly, but also to ensuring that advanced learning tools are deployed for the right use cases.


AI is a term that has been defined increasingly broadly, according to the recent PYMNTS AI Gap Study. Many FI decision-makers use it to describe techniques that can run through databases and collect insights, while others define the technology as rules-based systems that are intelligent enough to identify rule-breaking observations. Still others use the term to describe ML, wherein algorithms can learn from new data patterns.


This gap between perception and reality makes it all the more important for FIs to have access to experts.


“[AI] is definitely a space where everyone is fighting for the same amount of talent, so [we need to] make sure we’re recruiting, [that] the skillsets are up to snuff [and that we’re] making sure we’re continuing to be ahead of the trend,” she said. “I would say talent management is definitely top of mind.”


Llewellyn added that banks are looking for experts in anti-money laundering, cybersecurity, data analytics and payments.


Talent and the Growing Fraud Problem


The competition for more sophisticated AI leaders is key as fraudsters continue to find their ways onto online banking platforms. Some bad actors have even taken advantage of the demand for fraud specialists, posing as the very individuals tasked with catching them. Fraudsters have more opportunities to access privileged data as consumers start to seek access through a wider collection of channels, with cybercriminals posting false banking apps or sending misleading text messages to manipulate legitimate consumers.


An AI talent pool thus needs to be built up quickly, but it remains to be seen how exactly banks can accomplish this. FIs like Scotiabank will need to work quickly to keep pace with the competition, especially as skilled AI and fraud protection experts remain relatively rare. The key to developing a robust fraud team may lie in partnerships, not only with other banks but also with technology firms and research institutions.


The goal of such alliances will remain the same in any case: to make sure fraudsters do not infringe upon legitimate customers’ banking experiences.



Source: CBC News (10/31)


Waterfront Toronto's board voted unanimously Thursday to move ahead into an evaluation phase of Sidewalk Labs' proposed Quayside development  — a so-called "smart city" that would be built on the shore of Lake Ontario in the city's east end. The two sides had set an Oct. 31 deadline to resolve issues including the project's scale, public transit commitments, developer selection, and privacy and data issues before going further in the process. With approval of the terms, Sidewalk's proposal will move to a formal evaluation and further public consultations with a final vote on whether to approve the project set for March 31.


Sidewalk Labs has agreed to realign the size of the development to a 4.8-hectare site, rather than the 77-hectare site it proposed in June, which would have incorporated the Port Lands which are already being redeveloped. The Google sister company had also wanted Waterfront Toronto to publicly commit to fund and deliver the Waterfront LRT before moving ahead with the construction of Quayside. But Waterfront Toronto, as a tri-government agency, does not have jurisdiction over public transit funding allocation and therefore no promise of the transit project's delivery is included in the agreement between the two sides. Sidewalk Labs has also dropped its plan for an urban data trust and instead will adhere to existing laws and store all public data collected in Quayside in Canada.


Further, Waterfront will lead a competitive bid for vertical development teams for the project, rather than Sidewalk. Toronto Mayor John Tory released a statement welcoming news of the vote result.


"We all know that we must develop our waterfront in the right way — that's why we are moving through this process so carefully," Tory said.


"I believe this process has led to an exciting proposal for Quayside that has the potential to create new jobs and economic development opportunities, a carbon-neutral neighbourhood, and more affordable housing units. It is a real opportunity for Toronto."


Source: Financial IT (11/14)


The payments industry is seeing a massive global surge in the implementation or modernisation of Immediate Payment systems. These systems challenge the status quo, and when used effectively create real opportunities for financial institutions to improve service and/or develop new business opportunities. In Ovum’s 2018 Payments Report (2018 Global Payments Insight Survey: Cross-vertical) there were some telling statistics demonstrating the direction of travel for the payments and banking industry:


  • At a global level, 51% of all merchants, billing organisations, and retail banks will increase their IT budgets for payments-related projects in 2018.
  • Real-Time Payments are now central to planned customer service improvements for the majority of retail banks, billing organisations and merchants.
  • Over three quarters of organisations expect, or are experiencing, customer service gains from real-time payments.
  • At a global level 78% of banks, 72% of billing organisations and 68% of merchants think that the combination of Real-Time Payments and Open Banking will see the importance of payment cards decline over time.
  • Whether the ubiquity of Immediate Payments ever develops to the point that national schemes become linked internationally is yet to be determined. However, that certainly seems a possible next step for some of the initiatives.


Success of Immediate Payments


Take up lies at the heart of the success of Immediate Payment schemes, wherever they are deployed, and this is itself linked to the on-boarding process. The schemes need members to get on board as rapidly as possible to create the necessary groundswell of use that sees Immediate Payments adopted as ‘normal’ for consumers and businesses.


One of the things that interests me about this is that the schemes often ignore the challenges members face to prepare themselves for connection and live operation. Indeed, most of the on-boarding processes executed by schemes focus on certification, and occasionally pre-certification. Our experience in developing and testing new payments systems tells us that some areas of development are often overlooked. The area of greatest difficulty in adoption is not certification, but is actually internal testing.




An Immediate Payments system deployment demands that banks integrate multiple systems, many of which were not even designed to co-exist. We spoke to one bank recently with 45 internal systems linked into its RTP gateway. Readying these for an expansion of Immediate Payments is a major undertaking, but it doesn’t stop once the bank is integrated with the scheme. The scheme must accommodate new releases, and the connecting systems will themselves experience seemingly constant change.  This means that there will have to be continuing regression and new state testing, often at the same time.


How to overcome the challenge


The challenge for the industry is to remove friction from the on-boarding process.  Simply providing a relatively basic standalone test simulator may tick the certification box for a scheme. However, it does not address the banks’ concerns, which is where the real friction lies. Schemes need to recognise that the key to removing friction and accelerating adoption is a testing platform that enables banks to concentrate on the process of joining the Immediate Payments environment, rather building out masses of test assets that will themselves become redundant in time, and costly to maintain. The schemes which acknowledge this fact, and expend time and effort to help the banks by offering internal testing as well as certification, will see their investment repaid many times over. By providing support for the first critical stage of the process, the schemes will ensure a more rapid, controlled and assured deployment. Everyone benefits.


The ability to do this exists; the schemes now simply need to embrace it, consider the industry challenge and avoid focusing simply on certification.


Source: Central 1 (11/5)


Ontario’s growth prospects are hampered by slowing global economic growth and persistent trade uncertainty, which will temper export activity and capital investment, according to Central 1 economists in the latest Ontario Economic Forecast for 2019-2022.


The report, authored by Central 1’s Deputy Chief Economist Bryan Yu and Ontario Regional Economist Edgard Navarrete, says growth in gross domestic product (GDP) is forecast to remain mild at 1.8 per cent in 2020, following a disappointing 1.6 per cent expansion in 2019. GDP is estimated to firm to around two per cent in 2021 and 2022.


“Divergent economic conditions in Ontario are expected to persist,” said Yu. “Global uncertainty will weigh on traditional goods sectors while new economies in high-tech, advanced manufacturing and professional services will grow at a moderate pace.” Ontario’s goods-producing sector is expected to contract slightly this year and underperform during the period, reflecting a subdued export growth of one to two per cent. The services-producing sectors will expand at a moderate pace closer to two per cent, led by the private sector. Above average growth is forecast for professional and technical services, retail trade and accommodations and food services.


Employment growth slows to less than 1.5 per cent over the forecast period following a 2.6 per cent growth this year. Unemployment will hold near 5.5 per cent of the labour force, owing in part to an aging population and increased retirements.


Ontario’s population is estimated to grow at an average rate of 1.5 per cent, well above the yearly average from 2000-2018 of 1.2 per cent.


“Elevated population growth will continue to play a strong part in supporting economic growth, driving housing activity and consumer demand,” added Navarrete. “A swelling population is providing underlying support for the economy. For a second consecutive year, the province’s population rose by more than 1.7 percent. The strongest rise since 2001." Increased momentum in the housing cycle will increasingly add to growth following this year’s pullback amidst a declining mortgage rate environment, population growth and tight rental markets.


Housing starts are forecast to rebound in 2020 to 75,300 units following this year’s pullback and hold near 78,000 units in 2021 and 2022.


“After low growth in 2019, residential investment is expected to grow by five per cent in 2020 and 2021,” said Navarrete. “Most of the growth in residential investment will be new home construction but a sizeable portion is expected to come from renovation spending.”


Retail trends are growing at a three per cent rate, reflecting stronger domestic demand, driven by job gains, wage growth and high population expansion.


Highlights from the Ontario Economic Forecast 2019-2022:


  • Growth in GDP forecast to remain at 1.8 per cent in 2020 and estimated to firm to around two per cent in 2021 and 2022.
  • The goods-producing sector expected to underperform, reflecting a subdued export growth of one to two per cent. Above average growth in professional/technical services, retail trade and accommodations and food services.
  • Employment growth slows to less than 1.5 per cent over the forecast period.
  • For second consecutive year, province’s population rose by more than 1.7 percent, the strongest rise since 2001.
  • Residential investment is expected to grow by five per cent in 2020 and 2021.
  • Retail growing at three per cent.
  • Central 1 is a Member of ACT Canada; please visit


Source: CBC News (11/12)


Number of government transfers of records of bank accounts held by Canadian residents to U.S. has been rising. The number of banking records the Canadian government is sharing with U.S. tax authorities under a controversial information-sharing deal has increased sharply, CBC News has learned. The Canada Revenue Agency sent 900,000 financial records belonging to Canadian residents to the Internal Revenue Service in September — nearly a third more than it sent the previous year. The records were for the 2018 tax year.


It also has updated the number of records shared for the 2017 tax year to 700,000 from the 600,000 originally reported.


"That's a lot," said John Richardson, a Toronto lawyer and co-chair of the Alliance for the Defence of Canadian Sovereignty, which is fighting the information-sharing deal. "That's a lot of files." The number of financial records of Canadian residents being shared with the IRS has risen steadily since the information sharing agreement began — from 150,000 in 2014 to 300,000 in 2015 and 600,000 for the 2016 tax year. To date, Canada has shipped 2.6 million records of Canadian residents who could be subject to U.S. taxes south of the border.


However, the number of records doesn't necessarily correspond to the number of Canadian residents affected. Some people may have more than one bank account, while some joint accounts could have more than one account holder — including Canadians who don't have U.S. citizenship.  Etienne Biram, spokesperson for the Canadian Revenue Agency (CRA), said the agency does not know why the number of accounts being flagged by Canadian financial institutions is changing from year to year.


"The CRA is currently analyzing the data to gain a better understanding of the fluctuations in the number of records being reported to the CRA."


The information transfer is the result of a controversial information-sharing agreement between Canada and the U.S. that was negotiated after the U.S. government adopted the Foreign Account Tax Compliance Act (FATCA). The law, adopted in a bid to curb offshore tax evasion, obliges foreign financial institutions to report information about accounts held by people who could be subject to U.S. taxes.


Unlike most countries, the United States levies income taxes based on citizenship rather than residency; some Canadians end up facing U.S. taxes because of an American parent, or because they were born in a hospital on the other side of the border. One of those Canadians whose banking information could have been shared with the U.S. is Conservative Leader Andrew Scheer, who is a dual citizen of Canada and the U.S.


Following the adoption of FATCA, the Canadian government concluded that an information-sharing agreement would be better than forcing Canadian financial institutions to deal directly with the IRS. Under the agreement, Canadian financial institutions send the CRA information on accounts held by clients with U.S. indicia (the fact that the account-holder was born in the United States, for example). Then, once a year, the CRA sends that information to the IRS. People whose account information is shared with the IRS (names, addresses, account numbers, account balances, interest payments, dividends and other income) are not automatically notified by either their financial institutions or the CRA. Under the agreement, the IRS is supposed to send the CRA information about U.S. bank accounts held by Canadians. However, the CRA refuses to reveal how many records it has received from the IRS.


"The CRA cannot disclose the number of records received from the IRS under intergovernmental agreement as this is considered treaty-protected information and is subject to the confidentiality provisions of the Canada-U.S. Tax Convention and Section 241 of the Income Tax Act," said Biram. Biram said the CRA is currently examining the way the information is being collected.


"While the CRA monitors the number of records filed each year by Canadian financial institutions, it is still currently developing a compliance program which will allow it to gain a better understanding of this data, including trends and fluctuations in the number of records being reported to the CRA."


Richardson said the number of records being shared with the IRS is likely rising in part because banks and financial institutions didn't initially have to report some kinds of accounts. While the agreement is supposed to apply only to accounts with balances of at least $50,000, Richardson said he believes some institutions are reporting accounts with lower balances. While Richardson said he hasn't seen any indications the IRS has been taking action based on the information it has received from Canada, it is resulting in some Canadian residents realizing they were expected to file U.S. tax returns.


"There is no doubt that it is pushing a lot of people into U.S. tax compliance," he said. "It's also pushing a lot of people, when they become aware of this, into straight renunciation (of their U.S. citizenship)." In July, Federal Court of Canada Justice Anne Mactavish ruled the information-sharing agreement does not violate Canada's Charter of Rights and Freedoms. In September, the group challenging the agreement filed an appeal of that ruling.


Court challenges to bank record-sharing in the wake of FATCA have been launched in the United Kingdom and the European Union.


Source: Discover (11/25)


Discover cardmembers can now use their Cashback Bonus® or Miles to pay for purchases at millions of online stores through PayPal, giving cardmembers another convenient and flexible way to reward themselves.


“We want to make it as easy as possible for our cardmembers to redeem their rewards, especially by partnering with merchants where our Discover cardmembers love to shop,” said Shannon Kors, vice president of card rewards and benefits at Discover. “Our customers loved seeing PayPal added to this year’s categories in the 5% Cashback program. Now they can spend the rewards they earned with PayPal and have more choices when they pay.”


All eligible1 Discover cardmembers can easily pay with their Cashback Bonus or Miles using PayPal when they shop online and in apps2. Once cardmembers link their Discover card with PayPal, they can instantly redeem any amount of their rewards on eligible purchases at checkout.


This latest feature stems from an ongoing collaboration between Discover and PayPal to give Discover cardmembers a rich suite of benefits and experiences with PayPal. These benefits include enabling cardmembers to easily link their Discover card to their PayPal wallet from Discover’s app and website which were recognized by J.D. Power as the best in customer satisfaction among mobile credit card apps and credit card websites. Once linked, cardmembers can enjoy the convenience and security of checking out with PayPal while shopping at millions of merchants online.


Discover also will provide yet another opportunity for cardmembers to earn rewards through their partnership with PayPal in 2020. Starting July and running through August 2020,Discover it® and Discover More® cardmembers can earn 5% cash back on up to $1,500 in purchases when they shop at PayPal and restaurants if activated.3


To pay with rewards through PayPal, cardmembers need to link their Discover card with their PayPal accounts. Cardmembers can also enroll by creating a PayPal account through their Discover account.



Source: CNN Business (11/7)


Visitors to China can now access the country's massive cashless economy. Alibaba-affiliated Ant Financial launched a new international version of its mobile payments app Alipay on Tuesday, marking the first time tourists and business travellers can use mobile payments in mainland China. Not to be outdone, Tencent-owned WeChat Pay announced on Wednesday that it will also roll out services for foreigners visiting China. The services could remove one of the biggest headaches for visitors to China, where everyone from taxi drivers to luxury malls have come to rely on mobile payments. Alipay users can now download and buy prepaid cards within the app using international debit and credit cards. The prepaid cards expire after 90 days and any remaining money is automatically refunded. WeChat Pay users can add international credit cards directly to their digital wallets.


Alibaba and Tencent dominate cashless payments in China with their Alipay and WeChat Pay platforms. With more than a billion users, the digital payment systems have largely replaced plastic cards and cash at registers, changed how friends and families give gifts to one another and even changed how panhandlers ask for money.


Even Apple accepts Alipay in its local stores in China, after its own payment system failed to gain traction. Mobile payments in China hit $42 trillion in 2018, up more than 28 times from five years ago, the People's Bank of China said in a report earlier this year. Ant Financial said Tuesday that the new international service will allow it to tap into the growing number of visitors to China. Nearly 31 million foreigners travelled to China in 2018 and they spent $73 billion while they were touring the country, according to government statistics. The number of visitors and how much they spent both rose by about 5% compared to a year earlier.


Source: Discover (11/4)


Adding to its long line of innovative, digital products and services, Discover today announced it will begin issuing contactless-enabled credit cards over the next several months.


“Contactless technology has become increasingly popular with our cardmembers and more accepted by merchants worldwide, and we want to deliver the best shopping experience to our cardmembers,” said Szabolcs Paldy, senior vice president, marketing at Discover. “The goal of this digital technology is to make payments fast, easy and secure, and give cardmembers more choices in how they pay.”


“Our D-PAS technology will allow Discover cardmembers to use their contactless cards instantly at millions of merchants across the globe,” said Andrew Hopkins, senior vice president of Global Products at Discover. “By leveraging the latest payment technologies, we are able to provide more convenient payment experiences for our cardmembers.”


The rollout of contactless-enabled cards will start this month for most Discover it® and Discover More® cardmembers who need cards reissued or replaced. Beginning in December, contactless cards will start to be issued to new Discover cardmembers.


With contactless technology, Discover cardmembers can tap their Discover cards at card readers with the Contactless Symbol¹ to pay at millions of stores and will continue to earn rewards on every purchase. Discover cardmembers can learn more by visiting



Source: BBC News (11/25)


Uber will not be granted a new licence to operate in London after repeated safety failures, Transport for London (TfL) has said. The regulator said the taxi app was not "fit and proper" as a licence holder, despite having made a number of positive changes to its operations. Uber initially lost its licence in 2017 but was granted two extensions, the most recent of which expires on Monday.


The firm will appeal and can continue to operate during that process.


London is one of Uber's top five markets globally and it has about 45,000 drivers in the city. Overall, there are 126,000 licensed private hire and black cabs in the capital. If its appeal is unsuccessful, some think Uber drivers would move over to rival ride-sharing firms such as Bolt and Kapten."There would be competition that would fill that void quite quickly," Fiona Cincotta, a market analyst at City Index told the BBC.


Why won't Uber get a new licence?


TfL said it had identified a "pattern of failures" in London that placed passenger safety at risk.


These included a change to Uber's systems which allowed unauthorised drivers to upload their photos to other Uber driver accounts. It meant there were at least 14,000 fraudulent trips in London in late 2018 and early 2019, TfL said.


The regulator also found dismissed or suspended drivers had been able to create Uber accounts and carry passengers. In one example, a driver was able to continue working for Uber, despite the fact his private hire licence had been revoked after he was cautioned for distributing indecent images of children.


What do drivers think of Uber?


Helen Chapman, director of licensing at TfL, said: "While we recognise Uber has made improvements, it is unacceptable that Uber has allowed passengers to get into minicabs with drivers who are potentially unlicensed and uninsured." London Mayor Sadiq Khan said: "I know this decision may be unpopular with Uber users, but their safety is the paramount concern. Regulations are there to keep Londoners safe."


'I feel safe using Uber'


Donna Stevens says her experiences of using Uber in London have "always been positive". In her job as a carer she often works late, so regularly uses the service. "The drivers are friendly, courteous and professional. I can't afford to get a metered taxi."


She says that if Uber were to go, she would probably have to go back to using public transport late at night, which does not make her feel safe. However, another reader, Kay, says she would not be sad to see Uber go.


"I complained a couple of months ago about a driver who made me feel so uncomfortable I abandoned the ride and walked home in the dark at 11 o'clock at night instead of staying in his cab." She says Uber gave her a £5 credit but did not apologise. "How is it OK to employ drivers that make women feel unsafe?" she says.


Is this the end of Uber in London?


Uber lovers in London, fear not! The company's cars will not suddenly disappear from the capital's streets.


Uber is going to appeal against this decision so a magistrate will have to decide whether Uber is fit to hold a licence in London, or not. A decision from a magistrates court could take weeks or months and unless the court decides otherwise, Uber will retain its licence during this period too.


When TfL decided not to renew Uber's licence in 2017, the company addressed some of the issues raised by TfL back then and then a magistrate later granted Uber a new licence. On the face of it TfL is standing tough against perceived failings by Uber. But in effect it is letting the courts decide, at a later date, whether Uber should have a licence, or not.


What does Uber say?


Uber said the decision was "extraordinary and wrong". It said it had audited every driver in London over the past two months and strengthened its processes.


Boss Dara Khosrowshahi tweeted: "We understand we're held to a high bar, as we should be. But this TfL decision is just wrong. Over the last 2 years we have fundamentally changed how we operate in London." According to Uber, 24% of its sales come from just five cities, including London. The others are Los Angeles, New York City, San Francisco and São Paulo in Brazil. In a public filing, it said: "Any inability to operate in London, as well as the publicity concerning any such termination or non-renewal, would adversely affect our business, revenue, and operating results.


"We cannot predict whether the TfL decision, or future regulatory decisions or legislation in other jurisdictions, may embolden or encourage other authorities to take similar actions even where we are operating according to the terms of an existing licence or permit." In May, hundreds of Uber drivers in London, Birmingham, Nottingham and Glasgow staged a protest against the firm over pay and conditions


What do others say?


Business lobby group the CBI said customers valued Uber, and encouraged both sides to find a resolution. But the Unite union - which believes Uber has unfairly taken business from black cab drivers - welcomed the news.


"Uber's DNA is about driving down standards and creating a race to the bottom which is not in the best interests of professional drivers or customers," said Jim Kelly, chair of Unite's London and Eastern cab section.


Where else has banned Uber?


Uber has faced pressure from regulators around the world over the way it treats its drivers, competition concerns, and fears about passenger safety.


The US firm pulled out of Denmark in 2017 because of new taxi laws that required drivers to have fare meters and seat sensors. Bulgaria and Hungary both stripped Uber's right to operate following pressure from local taxi unions. And in May, the ride-hailing firm pulled its UberXL service in Turkey without saying why.


What happened in London in 2017?


TfL first declined to renew Uber's licence in September 2017, again over safety concerns. Back then it cited Uber's approach to carrying out background checks on drivers and reporting serious criminal offences.


Uber's use of secret software, called "Greyball", which could be used to block regulators from monitoring the app, was another factor, although Uber said it had never been used in the UK.


However, TfL granted Uber a 15-month licence extension - later extended by two months - conditional on it making improvements to its business. TfL can offer licences of up to five years, but it has been more stringent of late. In July, Indian ride-hailing company Ola got a 15-month agreement for its entry into the London market, while ViaVan got a three-year licence renewal.


Source: Paydeology (11/21)


Recently all physical payment card manufacturers have announced availability of new generation of sophisticated EMV chip cards, with embedded biometric sensors, capable of authenticating cardholders by storing and verifying their biometric fingerprints. In addition, the same vendors announced that their cards can also display periodically changing dynamic CVV2 value on a small LCD display on the back of your card (instead of usual static CVV data).


In a nutshell, the biometric sensor built into the payment card, is designed to be used in card present transactions (i.e. in-store Point Of Sale payments), primarily to eliminate need for cardholders to remember their PIN codes. On the other hand, the dynamically generated and periodically rotating CVV2 value is primarily targeting e-commerce 'card not present' (CNP) transactions, in order to make them more secure, by eliminating the possibility of CVV values being captured and stollen, by online thieves or dishonest merchants.


At the present time, these two payment card innovations seem to be coexisting independent of each other. Several of my LinkedIn connections rightfully pointed out that, although remembering PIN might be a niche issue and challenge for just a minority of consumers, the much larger and still outstanding major challenge would be to fully secure e-commerce / CNP transactions. I fully agree. You see, even with cards that have dCVV, a thief can potentially steal dCVV card and still be able to use it to make an online purchase.


'Card Present' AND 'Cardholder Present' Online Transactions 


Ideally, the industry should strive to ensure that during online transaction, it is only the legitimate cardholder that is using the genuine and legitimate card for payment - similar to the security level achieved with in-app payments via OEM-Wallets (ApplePay, G-Pay and SamsungPay). You authenticate yourself, usually with you fingerprint or face scan on your phone, and EMV applet inside mobile phone OEM-Wallet app generates unique per online transaction cryptogram, which in most of OEM-Wallet implementations is nothing but a version of dCVV. Nice and fairly secure.


Would it be possible to achieve the same level of security for online payments with plastic payment EMV cards? Yes of course it would be, and it is right in front of our eyes. For example, if card manufacturers could combine the two mentioned card innovations and make them work together, they could potentially create a super-smart-card, one that would ensure 100% safe online payments


What needs to happen to fully secure e-commerce transactions, is therefore following:


Card manufacturers (Gemalto, G&D, IDEMIA, Kona, etc) should ensure that their card's dCVV value is displayed ONLY when the biometric fingerprint scan matches that of the registered cardholder. NOTE: The similar set of online transaction security could be achieved even with current plain vanilla EMV cards, but combined with mobile app (provided by card issuer), able to generates similar dCVV value, only if user securely authenticates themselves, using phone's biometric fingerprint or face scan (meaning currently available static CVV is ignored).


Card issuers need to start adopting dCVV solutions like these and at the same time start declining any online transactions that do not contain dCVV values


Online merchants need to enforce capturing dCVV data on their online checkout forms, or otherwise risk their transactions being declined


Unless these three conditions are met, the online transactions will not be fully secure and will stay being vulnerable to potential fraud.



Source: PYMNTS (11/22)


With a less-than-anticipated decline, retail sales in Canada dropped in September for the first time in three months. Statistics Canada noted that retailers sold 0.1 percent fewer goods in the month as shoppers spent less on gasoline and motor vehicles, which beat a median forecast in a Bloomberg survey of a 0.3 percent drop, Bloomberg reported.


With the exclusion of motor vehicles, retail sales rose 0.2 percent. The September sales figures came out ahead of economist expectations, furthering the Bank of Canada‘s view that consumer spending remains strong even with worldwide trade tensions.


September sales dipped 0.1 percent in volume terms, which counteract the effects of price changes. Q3 retail sales increased 0.5 percent in volume terms. Lower new car sales were the biggest contributor to the monthly drop, and used car dealer sales were 3.6 percent higher on the month.


According to Bloomberg, the Q3 report comes ahead of the release of quarterly gross domestic product (GDP) next week. Economists have predicted an output deceleration from 3.7 percent in the prior quarter to 1.3 percent.


Retail sales in the U.S. fell 0.3 percent in September, the first such decline in seven months, per figures released by the U.S. Commerce Department. The news comes amid ongoing fears of a recession and worries about trade wars. The Commerce Department also noted that automobile sales dropped 0.9 percent, the sharpest decline in eight months.


Online retail suffered a 0.3 percent decline, while sales at furniture and home furnishings stores declined by 0.6 percent. Meanwhile, retail sales for August were revised to a 0.6 percent gain from the previous 0.4 percent gain.


Ian Lyngen, head of rates research at BMO Capital Markets, said per reports, “While this is by no means conclusive evidence that the consumer is wavering (after all, the upward revisions reduce the impact of September’s declines), it nonetheless reinforces our ongoing concern that a spending retrenchment will ultimately trigger a more durable slowdown.”


Source: BBC News (12/4)


Google founders Larry Page and Sergey Brin have announced they are stepping down from top roles at the online giant's parent company. They will leave their respective roles as Alphabet's chief executive officer and president but remain on the board. Google's CEO Sundar Pichai will become Alphabet's CEO too, a statement said. Alphabet was created in 2015 as part of a corporate restructuring of Google, which Mr Page and Mr Brin famously founded in a California garage in 1998. The parent company was intended to make the tech giant's activities "cleaner and more accountable" as it expanded from internet search into other areas such as self-driving cars. The pair moved from Google to Alphabet when it was formed - saying they were making the jump to focus on starting new initiatives.


But in a blog post on Tuesday, the co-founders, both aged 46, announced they were stepping back from the day-to-day management of the company. A joint letter said they would remain "actively involved as board members, shareholders and co-founders", but said it was the "natural time to simplify our management structure".


"We've never been ones to hold on to management roles when we think there's a better way to run the company. And Alphabet and Google no longer need two CEOs and a President," their letter said. They also declared it was time to "assume the role of proud parents - offering advice and love, but not daily nagging" and insisted there was "no better person" to lead the company into the future than Mr Pichai. The 47-year-old was born in India, where he studied engineering. He went on to study in the US at Stanford University and the University of Pennsylvania before joining Google in 2004. In a statement, he said he was "excited" about the transition and paid tribute to Mr Page and Mr Brin.


"The founders have given all of us an incredible chance to have an impact on the world," Mr Pichai said. "Thanks to them, we have a timeless mission, enduring values, and a culture of collaboration and exploration that makes it exciting to come to work every day.


"It's a strong foundation on which we will continue to build. Can't wait to see where we go next and look forward to continuing the journey with all of you."


'Proud parents' who aren't giving up ultimate power


This move represents the most significant shake-up of leadership at Google since its inception - the first time the dynamic duo of Brin and Page, a legendary Silicon Valley partnership, won't hold important management roles in the company they founded. In reality, though, that's been the case for some time - the public face of the firm has been Mr Pichai and, to a lesser extent, YouTube chief executive Susan Wojcicki. But Tuesday's announcement makes it absolutely clear - Mr Page and Mr Brin aren't running the company. Yet while the pair are apparently relinquishing management duties, it won't mean giving up ultimate power. Between them, they control 51% of voting rights on Alphabet's board. This won't change. They likened their new role to being "proud parents" to the company, looking on with close interest and care.


But should they feel the need, they can override any decision Mr Pichai makes - with little more than a parental "because we said so".


Source: PYMNTS (11/15)


Walmart Canada has developed a blockchain-based network to facilitate logistics operations and payments, the company announced in a press release Thursday (Nov. 14). In collaboration with blockchain technology firm DLT Labs, Walmart Canada announced the development of a freight and payment network that allows participants on the platform to gain visibility into various logistics processes, including delivery tracking, transaction verification, and payments and reconciliation automation between Walmart Canada and its carriers.


The network will support logistics operations across Walmart Canada‘s more than 400 retail store locations in the country, the company said, adding that the network aims to launch in February of next year.


Using DLT Labs’ DL Asset Track technology, the network integrates supply chain and logistics data in real time across Walmart Canada and its third-party freight trucking providers. The technology supports real-time invoicing, payments and settlement from directly within the portal, which can be accessed via web or mobile device, according to the press release.


“Walmart Canada is dedicated to efficiency across our business, including most importantly in our supply chain and logistics management,” said Walmart Canada Senior Vice President, Logistics and Supply chain John Bayliss in a statement, adding that the retail giant works with freight carriers that move more than 500,000 inventory loads across Canada, “which creates an extraordinary volume of transaction data,” he noted.


“This new dynamic and interactive blockchain technology platform is creating complete transparency between Walmart Canada and all of our carrier partners,” he continued. “Blockchain is enabling a material advance in our smart transportation network, with expedited payments, extensive cost savings and other benefits among our supply chain. Moreover, this degrees of improved efficiency represents a powerful platform for us to continue to reduce our environmental footprint and continue our leadership in environmental sustainability.”


In another statement, DLT Labs CEO Loudon Owen said the network collaboration with Walmart Canada “proves the high value of blockchain and sets the stage to revolutionize supply chain management and logistics.”



Source: SkyNews (11/26)


The listing is seen as a vote of confidence in the former British colony's financial future after months of violent protests. Alibaba's share code is 9988 - a homonym in Chinese for 'eternal prosperity'. Hong Kong has received a much-needed boost after Alibaba shares made their debut on the city's stock exchange.


The e-commerce giant raised at least $11.3bn (£8.8bn) from its secondary listing on the Hong Kong stock exchange, and shares closed their first trading session up 6.6%. Alibaba Group's debut smashes the record for the biggest flotation this year - it had previously belonged to the ride-hailing firm Uber, which raised $8.1bn (£6.3bn) back in May.


Shares in the Chinese company are already traded in New York, and each US share is worth the equivalent of eight Hong Kong shares. The listing - which is Hong Kong's largest listing since 2010 and third-biggest debut on record - is being viewed as a vote of confidence in the former British colony's financial future.


Months of political unrest and increasingly violent demonstrations have weighed heavily on Hong Kong, which recently entered its first recession for a decade. Charles Li, the chief executive of the Hong Kong stock exchange, said: "I am very thankful that Alibaba, after five years of travelling afar, finally came home. I'm also grateful that they choose to come despite the difficulties, despite the challenges that we are going through here in Hong Kong."


The funds raised will help Alibaba, the biggest company in Asia by market value and world's seventh-largest, invest more in a range of online services. Analysts say the establishment of an investor base in Hong Kong and China could function as a backup should the company's shares by affected by the ongoing US-China trade war.


Alibaba had hoped to initially list in Hong Kong, but eventually chose New York for its record-breaking $25bn initial public offering in 2014 after its governance structure failed to win approval from Hong Kong regulators. The loss of the listing sparked years of argument and consultations that resulted in rule changes last year.


Alibaba chief executive Daniel Zhang said: "Thank you Hong Kong and thank you HKEX. Your reform and innovation of the capital markets in the past few years has made it possible for us to realise what we missed five years ago."


Jack Ma, who founded Alibaba, is China's richest entrepreneur, with an estimated fortune of £55bn. The 55-year-old stepped down as chairman in September but is a member of the Alibaba Partnership, a 36-member group with the right to nominate a majority of the company's board of directors. Craig Erlam, an analyst at OANDA, said "everything appears to have gone very smoothly" with Alibaba's launch.


"This was an opportunity to show that, despite the protests that have brought Hong Kong to a standstill and wreaked havoc on the economy, it's business as usual for the stock exchange," he said.


Source: Payments Canada (11/26)




With cross-border transactions having accounted for $23.7 trillion globally in 2018, the bulk of which consisted of corporate payments, the need for payments systems operators and payment service providers to facilitate seamless cross-border payments at scale has never been greater. Particularly, the continued expansionary growth in e-Commerce, both B2B and P2B cross-border retail payments, further highlights this need for more attention to be placed on cross-border payment activities and how the ecosystem is evolving and finding efficiencies with which to facilitate such transactions. In this payments perspective, we offer a summary survey of methods to effect cross-border payments. Specifically, we highlight some of the key channels through which cross-border payments are made their advantages and disadvantages. We also touch on developments in the industry such as SWIFT gpi and the ongoing efforts to effect cross-border funds transfer using digital currencies from Project Jasper-Ubin to JP Morgan’s Interbank Information Network and Facebook’s Libra.


What is a Cross-Border Payment?


A Cross-Border payment is a transaction in which funds are sent from an entity in one country to a recipient in a different country. In most cases, the sender and the receiver of the payment do not share a common ledger and transactions between the two countries involve a series of intermediary transactions. At the global level, cross-border transactions accounted for $23.7 trillion in value in 2018. Most of these cross-border transactions are corporate payments. The increase in cross-border payments volume can be attributed to growth in e-Commerce; both B2B and P2B cross-border retail payments. Current trends suggest that the demand for cross-border payments will continue to grow, however, cross-border payments remain slow, expensive, and lack transparency relative to many domestic payment systems. As such, there are tangible disruptive opportunities for incumbents and emerging fintechs to exploit and improve the facilitation of cross-border payments more specifically in Canada.


Cross-Border Payments Overview


Cross-border payments are typically settled via correspondent banking, which involves two banks establishing reciprocal accounts with each other. The correspondent accounts are referred to as nostro and vostro accounts. For example, a Canadian bank obtains correspondent banking services from an American bank that holds a nostro account on behalf of the Canadian bank, where the funds in the account are denominated in USD. On the other hand, the American bank has a reciprocal account in the Canadian bank, called the vostro account in which the funds are denominated in CAD. Essentially, financial institutions (FI) are holding balances with each other, making correspondent banking relationships highly interdependent.


Correspondent Banking Cross-Border Settlement


Most cross-border transactions are made through a network of correspondent banks, which is the way most jurisdictions make cross-border payments. Correspondent banking cross-border transactions can involve multiple banks during the transaction process. In the most basic terms, the correspondent holds deposits owned by other respondent banks and provides payment services to those banks. Essentially, this is a bilateral agreement between the two banks in which they provide services to each other.


In the simplest form of cross-border correspondent banking, two banks have a direct bilateral correspondent relationship. For example, Bob in Canada wants to send $100 CAD to Alisa in the US. To do so, Bob will initiate the payment from Bank A in Canada, and Bank A has the nostro account of Bank B, an American bank. Since Bank A has a direct bilateral account relationship with Bank B, the settlement instruction as well as payment information can travel in a single message. The SWIFT standard for such a payment message is MT103.


However, most of the time, banks do not have direct bilateral correspondent relationships with their designated receiving bank. In these cases, it can involve multiple banks as intermediaries for the funds to transfer. Some of the financial services that provide cross-border funds transfer such as Samsung Pay, Google Pay, Apple Pay, and Transferwise are derivatives of the correspondent banking model.  Making a cross-border payment using any of these large global fintechs can be reduced to a form of transfer pricing where the intermediate product is foreign exchange held in bank accounts in different countries. Cross-border payments initiated using services provided by such companies are essentially on-us transactions in their global balance sheets, with funds merely transferring from one e-wallet to another e-wallet. This transfer pricing plays an important role for large companies in managing their tax reporting and other aspects of their asset-liability management across the various jurisdictions in which they operate. Therefore, the birth of the fintech divisions of these companies may not be driven by providing payment services but by tax harmonisation amongst other things.


An organization with a global presence could establish a paytech division that offers payment services across jurisdictions in which that organization operates. It is then able to use these payment services as a mechanism for managing its cross jurisdictional currency balances through internal or inter-divisional transactions. The paytech division of the multinational enters into South Korean won vs Canadian dollar cross-currency swaps or buys South Korean won from the Korean arm of the parent company to facilitate a payment from a Canadian customer to a Korean merchant. This not only helps avoid expenditure on fees for cross-border cash management by the multinational, it also minimises the potential for lost interest revenues for sitting on large cash balances, and can assist in tax harmonization across various jurisdictions.


Risks Associated with Correspondent Banking


While correspondent banking enables cross-border payments across jurisdictions, there are some key drawbacks to the current correspondent banking model. Payments are slow to process, lack transparency, entail high transaction costs, and leave exposure to foreign exchange risk (FX), counterparty and regulatory risks. High-value cross-border transactions through correspondent banking are exposed to settlement risk because financial institutions often lack real-time visibility into the settlement process, which could possibly create a chain reaction that leads to a default. There is additionally the issue a lack of harmonization of ISO20022 implementation as well as operating hours in the various real time gross settlement systems operated by central banks and financial market infrastructure operators around the world.


More importantly, these risks not only impact commercial banks and central banks to various degrees, but also have consequences for the end-user experience in trying to pay recipients in other countries. Indeed, from a consumer standpoint, cross-border payments also present a number of challenges in terms of fees, remittance information visibility into the transaction life cycle; including knowing what stage in the transfer process the payment is in and when the funds transfer is complete. The root causes of the risks related to correspondent banking model show a few recurring themes: lack of consistent payment standards for cross-border payments, reliance on multiple intermediaries, time zone differences and subsequent varying operation hours between jurisdictions. The current cross-border payment model is entrenched in correspondent banking model, which is sticky and difficult to innovate and build upon. Creating an entirely new cross-border infrastructure can be complex, costly, and accompanied with many uncertainties. The technical barriers to innovation in cross-border payments may limit service offerings by emerging fintechs to the correspondent banking model; the above mentioned risks may carry over to the new cross-border payment technology.


There has, nevertheless, been some progress to improve cross-border payments infrastructures. For example, the SWIFT gpi was launched in 2017, and aims to solve the inefficiencies in existing messaging and processing systems between FI’s by standardizing the messaging format used in cross-border payments. The result is that over 95 per cent of payments through SWIFT can be processed within 24 hours of the transaction taking place. Moreover, the SWIFT gpi now includes instant global payments as well as gpi stop and go functionality with a pivot towards expediting cross-border B2B transactions. Currently, there are over 1100 FI’s around the world supporting the flow of payment messages through SWIFT gpi, with over $300 billion USD sent daily over the platform. While SWIFT gpi is a significant improvement to the cross-border payments infrastructure, SWIFT does not transfer money across jurisdictions -- only the messages -- and fund transfers still requires settlement via correspondent banking and/or local real-time payment systems as trialed between July and September 2019 through the integration of SWIFT gpi Instant into Singapore’s domestic instant payment service, Fast And Secure Transfers (FAST), Australia’s New Payments Platform (NPP), and Europe’s TARGET Instant Payments Settlement (TIPS) and other jurisdictions.


Digital Currencies and Cross-Border Settlement


Digital currencies (such as Bitcoin, the first cryptocurrency ever created) are inherently borderless and bound to no jurisdictions or bricks and mortar, seemingly making them ideal for facilitating cross-border payments. Transferring digital currencies will create a new “block” that contains the transaction information, including fees, which are closed by a type of cryptographic signature. These blocks containing transaction information are continuously accumulated on top of existing processed blocks to collectively form the blockchain that forms part of what is referred to as distributed ledger technology (DLT). In short, the distributed ledger is a database of all transactions executed in the currency that is consensually, in near real-time, updated, shared and synchronized across all participants in the currency’s ecosystem. This means that everyone will have a copy of a ledger containing all transaction information. In this model, there is no central authority that acts as an arbitrator or a monitor, and the distributed ledger enables greater transparency and redundancy to guard against operational outages of nodes in network. It should be noted, even with the ledger being shared across the payment network, full visibility into the transactions can be structured in a permissioned fashion to permit oversight and fraud detection while maintaining privacy. Leveraging DLT to facilitate cross-border payment implies that the network is decentralized and payments are settled via digital currency or cryptocurrency almost instantaneously. To this end Mark Carney, former Governor of the Bank of Canada and current Governor of the Bank of England, has publicly welcomed innovations in the DLT and fintech space such as the Facebook led Libra digital currency. There is a plethora of digital currencies in the market currently, the main categories of which are:

  1. Central Bank Digital Currency.
  2. Private label digital currencies which can be broken down into:
    • Commercial bank issued, closed-system digital currency.
    • Private company issued, closed-system digital currency
    • Public full open digital currencies including stable coins.


Central Bank Digital Currency and Cross-border Settlement


Central Bank Digital Currency (CBDC) is a digital form of fiat currency established as money by government regulation or law and issued by the central bank. There are two variations of CBDC prototypes: wholesale and general purpose. Implementation of Wholesale CBDC for cross-border settlement may bring several potential advantages:

  1. Faster and more timely processing of transactions (24/7) as opposed to current limited operating hours.
  2. Transparency and straight through processing.
  3. Enabling innovations and onledger exchange and settlement.
  4. A closed system which minimizes cybersecurity risk.


Project Jasper-Ubin, a joint project between Payments Canada, the Bank of Canada, the Bank of England, the Monetary Authority of Singapore, and a consortium of global commercial banks headed by HSBC and JP Morgan explored the use of CBDC on the blockchain DLT to settle cross-border payments. Project Jasper-Ubin is permission-based system and it is still in development. The main difference relative to the correspondent banking model is that the intermediaries in Project Jasper-Ubin do not hold funds on behalf of other intermediaries, therefore eliminating counterparty credit risk and reducing settlement risk. Project Jasper-Ubin performs transactions across the Quorum-based DLT network in Singapore and the Corda-based DLT network in Canada using the Hash Time Locked Contract design (HTLC). HTLC employs smart contracts to synchronize all payment actions, meaning transactions either succeed or fail. For example, a sender will transfer local currency to an intermediary on the local currency network, and the intermediary will transfer the foreign currency to the receiver on the foreign currency network. The receiver will know when they will receive the payment by generating a cryptographic proof of payment. In cases where it fails to claim the payment, the payment will be returned to the payor. This system using HTLC would not need to place trust in a third party but trust is required in the technical system. Project Jasper-Ubin is still an experimental project, and it went through successful tests of cross-border transactions between Canada and Singapore. The project itself is still in the development stage with more opportunities for research remaining open.


Private Label Cryptocurrency and Cross-Border Payment


In this experimental model, consortiums of commercial banks or entities issue digital tokens on an agreed upon digital currency standard to execute cross-border settlement and other exchanges of value in a closed system. The digital token is typically backed by central bank issued fiat currency in the form of collateralized liquidity or other asset or liability deposits at or guaranteed by the central bank or some other trusted entity.  The two examples of these are the Utility Settlement Coin (USC), and the JP Morgan Coin (JPM Coin). Cross-border settlement using either USC or JPM coin leverages the blockchain to ensure faster and more secure cross-border payments by straight-through processing and improvements to transparency.


USC is an experimental digital cash instrument built on DLT and originated by the Swiss global financial services company UBS in partnership with Clearmatics Technologies in a consortium of fourteen banks. As of 2019, the consortium raised $63 million in funding from the 14 shareholder banks. In the USC model, large private banks and fintech firms create digital tokens (USC) representing money from multiple countries that can be exchanged on a distributed ledger platform. The digital token is fully collateralized by the cash balances of participating banks which are held on the books of the central bank. Unlike Bitcoin, USC is created through liability securitization. The decentralized nature of USC enables its members to settle inter-bank positions more efficiently. Moreover, USC may also be issued by transferring non-operating cash balances into a special purpose vehicle (SPV) that manages cash without a profit making objective. This has the benefit of reducing the regulatory collateral requirements of the participating financial institutions by moving non-profitable high liquidity flight risk deposits off their balance sheets while being able to use the liquidity for transaction settlement purposes.


Similar to USC, JPM Coin is also an experimental digital coin built on the DLT , originated by J.P. Morgan Chase. JPM coin is a digital token, redeemable in a 1:1 ratio to the US dollar. The purpose of JPM Coin is transferring value in cross-border settlement. JPM Coin is permissioned, its users are exclusively institutional customers, and it employs the Quorum ledger. Additionally, J.P. Morgan launched, as a pilot program, the Quorum-based Interbank Information Network (IIN)  in 2017. The IIN allows member banks to exchange payment information to overcome the challenge of sharing such information in cross-border settlement. As of April 2019, there are 220 member banks across the world participating in the IIN. These include four of the Canadian designated systemically important banks (DSIBs); Bank of Montreal, Royal Bank of Canada, TD Bank, and National Bank of Canada. Both the IIN and JPM Coin aim to address the shortcomings of correspondent banking in terms of information sharing and settlement. However, they may also be disruptive to central clearing services offered by organizations such as Payments Canada and sideline the traditional wholesale payments space.


Looking at potential disruption to wholesale payment systems is crucial because a payment is the endpoint of a contract or agreement, the details of which are recorded on the bank’s financial statements. It is these contracts that provide the business case for USC and JPM Coin. A business case for USC would be to provide a vehicle for settlement within derivatives markets. An example would be the market for cross-currency and interest rate swaps. To this end, it is important to note that the gross notional value of outstanding contracts in the over-the-counter (OTC) derivatives markets at the end of Q2 2018 was US$595 trillion while the gross market value of OTC derivatives in the same period was US$10 trillion. In the context of disruption to existing wholesale payments clearing and settlement infrastructures such as the Large Value Transfer System (LVTS), payments made as part of the trade life cycle events in broader securities and derivatives markets may no longer require such infrastructure. Indeed the instantaneous cross-border transfer of digital tokens exchangeable for cash assets eliminates the need for cumbersome processes of intraday collateral management required by existing wholesale settlement systems. Moreover, as such tokens are not tied to the operating hours of the wholesale payments systems across jurisdictions, transactions are free to flow frictionlessly 24 hours a day and seven days a week.


Stablecoins for Cross-Border Payment


Stablecoin refers to a class of digital currencies which are relatively stable in terms of their price. Stablecoins offer instantaneous processing and security of payments as many cryptocurrencies do. They also offer stability with respect to their parity against fiat currencies. Two digital currencies that fall into this category are RippleNet’s native digital currency Ripple (XRP), and Stellar network’s native cryptocurrency, the Stellar Lumen (XLM). Both Ripple and Stellar enable faster and more efficient cross-border payments relative to correspondent banking. However, they differ in that Ripple is focused on improving cross-border settlement between international banks, whereas Stellar is focused on providing low-cost cross-border payment financial services to the end-user and the unbanked population.


Ripple enables multinational corporations to settle cross-border payments by transferring XRP through the Ripple network, resulting in on-demand liquidity. The three parts of the Ripple ecosystems are i) Servers that maintain the ledger. ii) Clients. iii) Intermediaries. Unlike Bitcoin or Ethereum, Ripple does not run proof of work nor does it run a proof of stake consensus mechanism. Instead, Ripple transactions rely on a Byzantine Generals Problem (BGP) consensus protocol, known as Ripple gateways, to validate account balances and transactions of the system. The Ripple settlement process involves the creation of a transaction that is signed by the account owner and submitted to the network. Badly formed transactions will be rejected immediately, otherwise, they are provisionally included on the ledger. The Ripple network has many validating nodes which are used to validate and verify transactions. For a successful transaction to take place, the validators must come to a consensus on the transaction. While Ripple claims to be decentralized, the argument could be that the 55 validator nodes belong to Ripple. This is expected to change as third party validator nodes join the network. As these third-part nodes join, each of the Ripple validator nodes will be removed for every two third party nodes that join. Ripple, under this setup, becomes increasingly decentralized with time.

Any accepted type of currency or asset can be used to transact on the Ripple Network, therefore cross-border payments using Ripple are essentially Ripple gateways transacting using XRP. Each transaction requires a small fraction of XRP to be destroyed in the process (0.00001 XRP), meaning the total supply of XRP decreases over time and, in theory, maintains its value.


By contrast, Stellar enables individuals, end-users, to trade money directly with each other across jurisdictions, using entrusted intermediaries to handle FX and funds transfer. Transaction confirmation time using Stellar has been observed to range from 1,000 transactions per second to approximately 10,000 transactions per seconds in a 2016 Barclays Africa and Deloitte pilot. Stellar’s transaction fees remained a fixed rate at 0.000001 XLM per transaction, thereby making XLM cost effective for retail cross-border transactions.


For a transaction to be processed in a few seconds, the Stellar network needs to reach consensus fast while ensuring accuracy. The Stellar Consensus Protocol (SCP) works by utilizing groups of trusted nodes that communicate among themselves to verify transactions. Consensus is achieved,on average, every two to five seconds between the trusted nodes. Unlike Ripple where decentralization is controlled by Ripple, decentralization in Stellar is expanded by trusted nodes deciding to extend trust to other nodes according to a Federated Byzantine Agreement (FBA). The Stellar Lumen can be traded to different currencies, which means that performing a cross-border transaction using XLM is essentially using XLM as the bridge currency between two jurisdictions. This currency bridge function is facilitated through the Stellar Decentralized Exchange (SDEX), an exchange allowing trading between domestic fiat currencies and XLM. As a decentralized exchange (DEX), SDEX is borderless and therefore is not subject to jurisdictional controls or frictions and currency exchange is done by way of atomic swaps. Similar to Ripple, the price of XLM depends on active trading against other currencies including fiat and the widespread adoption of the digital currency itself.


More recently, Facebook announced Libra, its own permissioned blockchain digital currency. Note that Libra is merely one of many social media digital currency platforms with some like LBRY and Steem being operational for a number of years now. Like Steem before it, Libra’s primary use would be in the area of P2P, P2B, and to pay for goods and services online. While Libra is still a relatively new digital currency, given the vast global network of approximately 2.6 billion (or one third of the global population) users in the Facebook ecosystem, Libra has a substantial advantage over many other stablecoins and digital currencies. As a digital currency not bound by borders, Libra has the potential to disrupt existing correspondent banking models of retail cross-border settlement.


What is the outlook of cross-border payment?


Currently, cross-border payments are dominated by correspondent banking. In the digital age of fledgling but booming exploration of an internet layer in payment mechanisms, consumers (corporates and individuals) expect cross-border transactions to be fast, frictionless, and affordable. There have been many attempts to improve the cross-border payment systems, however, some of the core challenges in correspondent banking remain unresolved. To address these frictions, solutions have emerged across different sectors. Large corporates and fintechs operating on a global scale entering the payments services space are able to address a number of these frictions through their reach and account holdings in various jurisdictions. These firms are able to timely and transparently facilitate cross-border payments by simply engaging in transfer pricing activities between their operations in various jurisdictions. In doing so, they also potentially also benefit from tax arbitrage. SWIFT have launched and are actively expanding the core functionality of their SWFT gpi platform to facilitate the instant and always on transmission of payments across borders. In conjunction with these global corporations and fintechs, there has been an expansion of emerging and incumbent DLT-based payment protocols that appear to be yielding promising results.


As DLT-based payment protocols gain ground, we could experience a proliferation of digital currency in the mid- to long-term. Whether it is central bank digital currency such as that envisioned under Project Jasper-Ubin, or private label cryptocurrency with the likes of Ripple and Stella, or perhaps a consortium of commercial banks that emerge with their digital currency (USC and JPM Coin), this emerging trend suggests that blockchain is here to stay.

Although DLT-based payment protocols and the internet layer for payment services remains  nascent and unlikely to replace correspondent banking infrastructure on a large scale in the short term, its low cost, transparency, and real-time processing speed provide encouraging signs to the sector in their role in the future of cross-border payments.


From USC, JPM Coin, to Ripple, Stella and most recently Libra, these private sector emerging DLT-based payment protocols are competing in the wholesale and retail payments space and have the potential to erode established clearing and settlement services provided by central banks and institutions such as Payments Canada. It is therefore strategically important for Payments Canada to continue its close monitoring of events and innovations in digital currency, DLT, as well as emerging fintech.



Source: Global Payments (11/13)


Unfortunately, almost every day there’s another security breach that’s occurred from a lack of security controls. However, by knowing what vulnerabilities to look for and taking a few precautionary steps, you can greatly reduce your risk of a breach. To get started, educate yourself and your employees on the top security protection tips to avoid the three most common security threats faced by businesses.


  1. Unsecure Third-Party Vendors


One of the most common vulnerabilities that directly impacts the security of your business' environment is the use of unsecure third-party vendors. These vendors provide businesses with payment processing services, but not in a secure manner.


Data thieves have learned they can exploit unsafe vendors to reach several customers and compromise their clients' credit card information. One common example involves vendors utilizing remote access to the customer's processing environment for routine maintenance. The data thieves leverage default passwords or phishing scams to obtain the vendor’s credentials that grant them access into a business' environment. Once there, the data thieves can deploy malware, ultimately leading to card data being compromised.


“Ensure you know all of the third-party vendors that are involved with your credit card environment, and know their roles in that environment," advises Stacy Hughes, SVP External Compliance and IT Risk at Global Payments. “You should know if those vendors are PCI DSS compliant and if they are implementing their processes securely."


In addition, verify what security functions your payment provider uses such as encryption, tokenization and 3D Secure to reduce your customer data and fraud risk. Your payment provider's security products can greatly protect you, and reduce your chances of becoming the victim of a data breach.


  1. Security Patches


Another common vulnerability involves security patches. In many cases, customers are not aware that their firewalls or antivirus software is out of date because they have failed to install routine security patches. Data thieves attack these solutions specifically looking for entities that have not addressed the necessary security updates.


"You should always ensure you complete every necessary security patch on all systems that are linked to your processing environment,” says Hughes. “You can schedule these routinely, so you don’t have to worry about missing any necessary changes.


  1. Weak or Stolen Passwords


According to the Payment Card Industry Security Standards Council (PCI SSC), more than 80% of hacking-related compromises involve weak or stolen passwords. Typically, weak passwords are the result of using default passwords, such as “password,” “welcome,” “12345,” etc.” from third-party vendors. In many cases, account holders forget or fail to change the password that was assigned arbitrarily from a third-party vendor to gain first-time entry. The end result? Hackers exploiting this vulnerability.


“It’s imperative that you create unique passwords associated with your computer systems, internet access and payment environment,” Hughes says. “Use strong passwords that include at least seven characters with numbers, symbols and letters – at least one capitalized. And change it frequently, preferably every three months.”


Stolen passwords are easily obtained by hackers through phishing attacks, from social media or other websites. Hackers pretend to be a legitimate contact (for example, part of the IT team) and reach out to your employees trying to trick them into providing their password.


“It’s crucial to train your employees on how to protect themselves from phishing attacks, as well as on company security policies. For instance, employees should know to never give out their passwords or login credentials and to be suspicious of emails requesting them,” Hughes says.


To help you protect your business, we created the Merchant Protection Program to assist you with securing your processing environment and achieving PCI DSS compliance. Another helpful resource is the PCI SSC Merchants Microsite, which has many useful guides including Questions to Ask Your Vendors and patching resources to help with outdated software.



Source: Yahoo Finance (11/29)


Scotiabank has been named the Canadian Bank of the Year for 2019 by The Banker magazine, a Financial Times publication. The award highlights those banks that have achieved industry-wide excellence within the banking community.


"We are very pleased to be named this year's Bank of the Year in Canada by The Banker," said Brian Porter , President and Chief Executive Officer of Scotiabank. "This award is a recognition of the many efforts we have undertaken in recent years to position our Bank for a strong future in Canada , and in each of our key markets and businesses."


Over the past several years, Scotiabank has successfully repositioned itself through a series of strategic acquisitions and divestitures, both in Canada and in core international markets, to focus the Bank's footprint and strengthen its business mix. This work has allowed Scotiabank to add new customers, grow earnings, achieve greater scale across its key markets and reduce operational risk. This year's award acknowledges the Bank's investments in digital and technology to deliver innovative solutions that elevate the customer experience. Earlier this year, Scotiabank launched a new mobile banking app for Canadian customers, leveraging actual user feedback to deliver an improved overall experience. The Scotia mobile banking app is now the top rated financial app in Canada on both the Apple Store and on Google Play. The Bank's investments are also making a difference in key customer touchpoints like onboarding in our Canadian retail and commercial businesses.


The award also recognizes Scotiabank's leadership in executing an ambitious digital strategy enabled by PLATO , an innovative cloud development platform that is accelerating the Bank's technology transformation. PLATO is an integrated set of technical products that enable Scotiabank to develop cloud-based applications faster, accelerating the time-to-market for personalized digital innovations that are transforming the customer experience. Scotiabank's commitment to environmental, social, and governance topics through its Sustainable Business Strategy is also reflected. The Bank believes that its long-term success is interwoven with the world around it. Just this month, Scotiabank announced that it will mobilize $100 billion by 2025 to reduce the impacts of climate change.


Scotiabank received the award at a ceremony held last night in London, United Kingdom. The Bank also took home wins for its businesses in The Bahamas and in Trinidad & Tobago



Source: CBC News (11/8)


With help from Laura Antonini, policy director at the Consumer Education Foundation in California, we break down what a consumer score is and how it could impact your future purchases. It's Friday night. You've just clocked another gruelling week at the office. You're exhausted and hungry, so you pull up your favourite food delivery app and click "order" on that mouth-watering dish of pad thai.


Or maybe you've started your holiday shopping early, but with a bit more thinking, realize your sister would prefer that knit sweater over the new slippers you already bought her. So you take them back to the store and return them.


But have you ever wondered what happens to the data connected to your everyday purchases and transactions, or what they might mean for you in the future? As it turns out, there are companies out there gathering private information about you to assign you a consumer score based on your "predicted behaviour," said Laura Antonini, a policy director at the Consumer Education Foundation in California.


Antonini prefers to call them "secret surveillance scores," and they can mean honest consumers are blacklisted from returning unwanted items at stores, or charged higher prices than others.


Day 6 spoke to Antonini to put together a guide on consumer scores, and what they mean for you.


What is a consumer score or surveillance score?


Some companies, which Antonini refers to as data analytics firms, use algorithms to analyze consumers' private information and lump them into categories based on their activities, she said.  That data might include IP addresses, or mark when you logged into a social networking site or ordered food.


Antonini requested her consumer information from several companies and received 250 pages of "mostly incoherent" records in return, including information from several years ago.


"There was data like whether my phone was plugged in when I ordered chicken kebabs," she said.


Another part of the data showed that she returned something worth $78 to Victoria's Secret in 2009, although Antonini doesn't remembers doing so.


"My data trail has a better memory than me," she said.


Antonini says when she requested a copy of the consumer information being kept on her, she found companies had tracked when she ordered food, and even whether her phone was plugged in at that time.


Why would a company want your score, anyway?


According to Antonini, companies claim that information about your consumer habits are important for fraud detection. Antonini understands how tracking the number of returns a person makes could help pinpoint illegal activity.


"In theory, it's legitimate," she said. However, she questions why companies need to know whether or not her phone was plugged in at a certain time, or what her location was over the last decade's worth of transactions.


"It's creepy," said Antonini, adding there is little transparency about the practice.


"And these companies have not come out and … explained why they need this data, how it helps them determine who the fraudsters are."


How can your score affect your everyday life?


Unfortunately, consumer scores can make life more difficult for honest people. That's because third-party companies that collect your consumer data are turning around and selling it back to retailers for their fraud scoring systems, said Antonini. In 2018, a Best Buy customer was banned from making returns, according to the Wall Street Journal, after trying to bring back a few phone cases the person claimed were unused gifts for his sons.


Antonini said auto insurance companies in California had a similar practice in the 1980s, in which they calculated rates based on where customers lived.


Consumer scores have made life more difficult for some people who shop at the electronics store, says Antonini.


"It's called redlining," she said. "It's a veiled form of discrimination and, you know, if they're collecting location data or other data that serves as a surrogate for race, income, gender, there could be discrimination going on." Other companies use consumer data to calculate how valuable a person is to them — or how much profit they might bring in. That information is then used to charge certain customers higher prices, or give people with better scores better customer service, said Antonini.


Swiss Chalet is ‘red-lining’ Edmonton’s inner city, claims Adam Millie. "Secret surveillance scores are like credit scores, but on steroids," she said. "They judge everything about you, and not just your credit-worthiness."


So what can consumers do about their information being tracked?


For people like Antonini, who live in California, privacy laws give people the power to ask companies for the data being collected about them.


"But what do I do with it?" she said.


Some people argue that moving back to a cash-based society could stop companies from keeping tabs on our spending habits, Antonini said, but she's not sure that's realistic.


A grocery store 'lab' points to future trends in how you buy food


"If you're shopping online, you should assume that that is going to go into your profile," she said.


But when people learn their data is being used to make decisions, judgments and scores about them, "I think people might ... think twice."


Source: Discover (11/20)


Credit cards are leading payment choice for third consecutive year, according to Discover’s annual Holiday Shopping Survey. Over a third of millennials plan to spend more money this holiday season compared to last year, and they will likely outspend other generations this gift-giving season, according to Discover’s annual Holiday Shopping Survey.


Millennials say higher income and more people on their shopping list are two reasons for their boost in spending. And they also will overwhelmingly use their mobile devices to shop. Results from the survey, which polled Generation Z, millennials, Generation X and baby boomers on their previous holiday shopping habits and upcoming plans to purchase, also show:


  • 35 percent of millennials said they would spend more this holiday season than last. Following them are 26 percent of Gen Z, 23 percent of Gen X and 16 percent of baby boomers.
  • 39 percent of millennials plan to spend $750 or more on gifts, followed by 35 percent of baby boomers, 33 percent of Gen X and 11 percent of Gen Z who said they will spend the same amount.
  • 45 percent of millennials said they expected increased income to boost their holiday spending compared to 28 percent of Gen X, 26 percent of baby boomers and 20 percent of Gen Z; meanwhile, 49 percent of millennials reported they have more people to shop for, followed by 43 percent of Gen Z, 37 percent of Gen X and 36 percent of baby boomers.
  • A majority of millennials, 73 percent, will use a mobile device to shop for gifts while 58 percent of Gen X, 48 percent of Gen Z, and 32 percent of baby boomers plan to do the same.


Credit Cards Lead the Way as the Favored Payment Type; Consumers Say Earning Rewards is a Top Consideration When Choosing Card to Use


Credit cards continued to be the favored payment type for the holiday season, a trend that has increased since 2017. In 2019, 42 percent of respondents said they expect to use credit cards for most of their holiday gift purchases, compared to 38 percent in 2018 and 32 percent in 2017.


Of those who plan to use credit cards for the majority of their holiday shopping, 55 percent of respondents said they mostly use credit cards to earn points and rewards.


“Consumers want to get the most for their money when they make purchases, especially as they buy gifts on a holiday budget,” said Shannon Kors, vice president of card rewards and benefits at Discover. “Discover cards are designed to help cardmembers get the most value when they shop this holiday season and throughout the year by earning cash back on every purchase they make.”


Majority of Consumers are Concerned about Identity Theft/Fraud though Gen Z is Significantly Less Concerned


Identity theft and fraud continue to be on shoppers’ minds, as 83 percent of all respondents reported some level of concern about it. To help protect themselves against fraud, 50 percent of baby boomers, 43 percent of millennials and 39 percent of Gen X use credit cards with built-in security features. However, 32 percent of Gen Z said they do not take any actions to protect themselves from identity theft/fraud, compared to just 11 percent of millennials, 10 percent of Gen X and 8 percent of baby boomers.


For more a full list of Discover cards’ security benefits, go to



Source: The Paypers (11/19)


NatWest has announced it is piloting cutting-edge, biometric fingerprint tech with 150 customers, in partnership with MasterCard and Gemalto.


This initiative marks the first biometric fingerprint credit card issued by a UK bank, which began its three-month national trial since October. Although NatWest has previously piloted biometric debit cards, this will be the first-time credit cards have been issued, with contactless payments using fingerprint verification for transactions up to GBP 100 being offered.


Moreover, the fully integrated card can be used as normal in ATMs and for online shopping. Cardholders can use them at existing contactless and chip and PIN terminals, since there are no hardware changes needed to accept biometric cards.


For the enrolment, customers can register from their home using a plastic sleeve. Once a digital fingerprint is locked onto a card, the user’s biometric data never leaves the card, is never shared with the merchant or bank, and no fingerprints are stored in a cloud.



Source: PYMNTS (11/1)


U.K. legislators are calling for a mandatory 24-hour waiting period on all first-time payments between bank accounts as a way to reduce fraud, Reuters reported on Friday (Nov. 1). Parliament’s Treasury Select Committee said in a report that in the first six months of 2019, consumers were scammed out of roughly $777 million (£600 million). Fraud is the second most common crime type in England and Wales, and the committee wants regulators to get tougher on fraudsters.


Money transfers that happen in seconds offer little time for customers and banks to even know that fraud has taken place, the report said. A 24-hour waiting period on all initial or first-time payments is being recommended by the committee. Future payments would revert to the regular time period.


“If a situation arose whereby an initial payment was needed instantly, a customer could ring their bank and additional checks could be carried out for the funds to be released,” the Treasury Select Committee report said. There are already some reforms on tap to reduce fraud. By March 2020, for example, the recipient’s name must be verified before a money transfer can take place at Britain’s major lenders.


“If the implementation date of March 2020 begins to look in doubt, regulators should consider introducing sanctions, such as fines, to firms who have not met the deadline,” recommended the report. Lawmakers said the voluntary industry code banks use to determine if someone should be reimbursed for transferring funds to a scammer should mandatory. Their report further said there needs to be a standardized set of criteria for what constitutes customers’ gross negligence, which limits compensation.


In May, a group of U.K. financial institutions signed a voluntary code to refund consumers and small business victims for fraud schemes. Banks have traditionally refused to refund fraud victims because many schemes actually involve the customer voluntarily initiating the payment. Financial institutions are aiming to establish a more long-term solution by the beginning of next year. In the meantime, a central pot of funds to finance refunds will be used.


Source: PYMNTS (10/31)


Seven years ago, when Visa first started working on bringing contactless payments to London’s Mass Transit system, the landscape for tap and go cards looked very different. The technology, Visa’s Global Head of Urban Mobility Nick Mackie told Karen Webster in a recent conversation, was still in its most nascent stages of deployment — outside of Europe the contactless cards essentially didn’t exist, and within Europe 1 out of every 400 payments in Europe made via contactless.


Seven years down the line, the landscape has shifted. In Europe, contactless card-based payments have come to dominate face-to-face payments.


“In London, you will see consumers standing at terminals and tapping even when they know the merchant doesn’t take contactless because it has just become that ingrained a habit,” Mackie said.


And while the progress in the U.S. has been much slower — and contactless payments have yet to have their big mainstream breakout moment — there is reason to believe it is on the horizon. As of its last earnings call, Visa announced that 8 out of 10 of its largest issuers would be putting contactless cards into the hands of their customers, and as of Wednesday (Oct. 30) they announced in has 100 partners now enrolled in its global transit partner program.


“This program is aimed at offering our technology partners with a toolkit built around our standards and the best practices we’ve collected over the last seven years for standing up and implementing open-loop contactless payment schemes for transit for payments more quickly and cost-effectively than we’ve seen in the past,” Mackie explained. The target goal for partner enrollment was 50, he told Webster, which means this week’s announcement marks both far greater than expected initial success in terms of recruiting and the fact that Visa has essentially brought “every player that is worth talking to in the transit vertical into a direct dialog on how we can expand this at scale.”


And that scaled push, he noted, is critical both for the future contactless payments worldwide — but also for transport systems and the customers who use them.


Why Contactless Was Made To Run On Mass Transit’s Rails


The power of transit to ignite contactless, he noted, is unsurprising given how well the use cases match-up. A customer trying to catch a train values, above all things, efficiency and speed in making it to the train. Waving their card at a terminal as they keep right on running for the bus is going to end much better than having to stop and pay cash or to load up their closed-loop metro transit card. It’s why so many customers have so many transit cards jammed into their wallets and lining the bottom of their bags — it’s faster and easier just to buy a new one than to try to figure out if one of the seven already in the bag works.


Convenience means removing the guesswork — consumers just want to travel. Imagine if to use a Starbucks card you had to guess exactly how many cups of coffee you would want in a day and load it up with that proper amount or risk having to go through a much longer slower process,” Mackie said.


That’s not to say closed-loop systems will immediately go the way of the typewriter or the beeper — he noted that for some time they would likely exist side by side, and consumers will have the choice of what they prefer. But for public transit operators — the wins are as obvious as the commuter wins. Customers will move more smoothly and be more likely to use public transport because it is easier to do so while spending less time either managing cash payments or a closed-loop system that has to handle the entire commuter load. For Visa, he noted, the push into transit is the next natural evolution of their payments platform, particularly around developing contactless. Travel and transit are in Visa’s DNA, according to Mackie, and making mobility easier has always been a key part of what they do. With contactless, particular contactless married to tech mass transit, they can do it better and deliver better experiences for all parties involved in the journey.


The Contactless Train’s Gathering Speed


Major metros in the U.S. and around the world, Mackie noted, know they want contactless payment capacity and when putting together the competitive bids to build them, the crucial differentiator that Visa is hoping to offer technologists is a turnkey solution that can be set to work very fast. Because what they’ve learned most critically in their last seven years in this market is how fast contactless payments can move once consumers start using it to commute — and then wanting to use it everywhere else.


“It’s what we’ve seen everywhere, and mark my words we will see the U.S. will be no different. This will be the big battleground going forward.” Visa’s goal is simple — arm the combatants as well as possible going in to get the solutions integrated and into consumer’s day-to-day experience. The response they’ve seen, Mackie said, has been “staggering” both among consumer and major metros looking to enter the conversation. And while he was tightlipped about what new is coming to the pipeline in 2020, he was quite firm that there would be an awful lot to watch in this part of the payments ecosystem.


“The future looks intensely busy. Look for even more exciting updates from us in about a year’s time.”


Source: China Banking News (11/4)


A leading domestic analyst says that China’s central bank digital currency is unlikely to be fully based on decentralised blockchain technology.


In an article written for Caixin Zou Chuanwei (邹传伟), chief economist with Wanxiang Blockchain, speculates as to the likely details of the People’s Bank of China’s (PBOC) digital currency/ electronic payments (DC/EP) system which officials have flagged as scheduled for imminent launch.


Zou expects PBOC’s DC/EP to likely be the first central bank digital currency (CBDC) ever launched, but does not foresee it making extensive use of blockchain technology.


He instead makes the following conclusions as regard the Chinese central bank’s upcoming DC/EP:


1.The DC/EP will not make use of “true blockchain” as with Libra, but is instead likely to be based on an Unspent Transaction Output (UTXO) centralised ledger model.


According to Zou this model will “not be constrained by the functional bottleneck of the blockchain.” The blockchain is instead likely to play an ancillary role in ownership confirmation and registration for digital currency.


  1. Users will need to make use of a DC/EP wallet, with both a public key in the form of an address which is akin to a blockchain token, as well as a distinct private key.
  2. DC/EP will be much akin to a third party payments tool in some respects.
  3. DC/EP will have a “tightening effect” on the M2 money supply, while tightening of the M2 money supply will be significant of tightening in the banking system.


Zou further points out that digital money will not pay interest and PBOC has no plans to use DC/EP to fully replace cash, so DC/EP will not comprise a new monetary policy tool


DC/EP will very strong policy significance, however, for PBOC’s efforts to monitor and control flows of funds, as well as money-laundering, terrorist financing and larceny.


  1. The main impact of DC/EP when it comes to internationalization of the renminbi will be in cross-border payments based on use of digital currency.
  2. Private entities are unlikely to be able to participate directly in the issuance of digital currency, by means such as obtaining digital currency via direct payment of a deposit to the Chinese central bank.


Source: MasterCard (11/20)


As the inaugural partner, Meridiam will help finance digital ticketing infrastructure in North America – unlocking savings for cities. MasterCard created an alliance to mobilize financing to help upgrade transit systems around the world. As a part of the company’s City Possible initiative, this global program unlocks capital to introduce more efficient ways for residents and visitors to access public transport through technologies such as contactless payments. Launching this initiative first in North America, MasterCard will partner with Meridiam, a world class global investor with deep experience in developing, financing and managing mobility infrastructure projects.


Through City Possible, a partnership and co-creation framework launched last year, city leaders identified access to capital to improve critical infrastructure as one of their biggest concerns. In a survey of around 100 cities worldwide, the London School of Economics found in 2018 that 55 percent of municipalities identified lack of public funding as a major barrier to sustainable urban growth.


“Collaboration is the lifeblood of City Possible,” said Miguel Gamiño, executive vice president enterprise partnerships and head of global cities at MasterCard. “Today’s announcement represents such a collaborative approach that matches cities’ needs with financing resources, our technology, and expertise. This program highlights how even resource-constrained municipalities can benefit from working with the private sector to make the digital economy work for everyone, everywhere.”


Even with significant savings that can be realized through contactless ticketing – by 30 percent or more from more efficient operations – many agencies find it difficult to fund the initial capital outlay due to budget constraints. Earlier this year, the American Public Transportation Association (APTA) put the need for critical public transportation investments in the United States at – at least – $232 billion.


“We are thrilled to work with MasterCard in bringing modern transport infrastructure to more cities to accelerate the deployment of cutting-edge, technology-enabled infrastructure that is more environmentally friendly and resilient,” said Thierry Déau, chief executive officer at Meridiam. “With this initiative, Meridiam will contribute to the development, financing and management of sustainable urban transport infrastructure, improving mobility experiences and unlocking significant savings for cities. This is another example of our profound commitment towards improving quality of life for more people.”


By bringing together Meridiam’s experience in financing and developing public infrastructure projects with MasterCard's global expertise in digital technology, the alliance will be able to help transit agencies implement smart payment systems and lay the foundation for mobility-as-a-service (MaaS). Over the coming months, MasterCard and Meridiam will identify key cities that are looking to transform their urban mobility systems.


“Modern, resilient infrastructure is critical for anticipated urban growth,” said Sameh Naguib Wahba, global director of the World Bank’s Urban, Disaster Risk Management, Resilience, and Land Global Practice. The global investment needed for urban infrastructure is $4.1 – $4.7 trillion per year, and even higher if made resilient. This figure dwarfs official development assistance and as such calls for the importance of private investment in building and modernizing infrastructure and transit systems.”


Today’s announcement builds on the pioneering work MasterCard has done in assisting hundreds of cities – including London, Bogota, Sydney, Singapore, Dubai and New York. By enabling the cards and digital devices people already carry to access trains, buses, and any other mode of transport, cities provide better experiences to riders.



Source: Newswire (11/27)


New vertically designed Card offers airport experiences, mobile device insurance and more


Say hello to Tangerine Bank's new World MasterCard. This new World MasterCard takes Tangerine's J.D. Power award-winning* Money-Back Credit Card to the next level, with new added benefits exclusive to World cardholders.


To make life easier for its Clients, Tangerine Bank designed the new World Card vertically based on the way purchases are most-often paid for. The design of the Card was also kept sleek and modern with a clean front. Based on Client feedback, the new Tangerine Bank World MasterCard offers the following perks:

  • MasterCard Airport Experiences provided by LoungeKey – Make the most of your travel with MasterCard® Airport Experience Provided by LoungeKey. Your complimentary membership gives you exclusive dining, retail and spa offers in over 400 airports worldwide, along with access to over 1,000 lounges at $32 USD per visit. Learn more at **
  • Mobile Device Insurance – Protection on new cell phones, smartphones, or tablets when you charge the full cost to your Card, or when you purchase it through a plan and charge all of your wireless bill payments to your Card. Covers up to $1,000 if your mobile device is lost, stolen, accidentally damaged or experiences a mechanical failure.
  • Rental Car Collision/Loss Damage Insurance – Damage and theft protection for your car rental when you rent for up to 31 consecutive days and charge the full cost of your rental to your Card.


"We are so excited to offer this sleek new Card to our Clients. It's everything our Clients love about the Money-Back Credit Card with added benefits," said Gillian Riley, President and CEO of Tangerine Bank.


Just like the highly-acclaimed Tangerine Money-Back Credit Card, the new Tangerine World MasterCard has no annual fee and is currently offering new cardholders 4% Money-Back Rewards for the first three months in up to three categories of choice and 0.5% Money-Back Rewards on all other purchases. Both cards offer unlimited Money-Back Rewards that are paid out monthly. ****


The best part is that a Client can choose which categories they want to receive the most Rewards in. The current offer is double the regular 2% Money-Back Rewards that cardholders can earn in two categories of their choice, while continuing to earn 0.5% money back on all other purchases.


As always, if a Client chooses to have their Money-Back Rewards deposited into a Tangerine Savings Account, they get a 3rd 2% Money-Back Category.


Additional standout features on both Cards include:

  • Pause My Card – If you ever think you've lost or misplaced your Card, with a couple quick clicks you can temporarily suspend it. Tangerine was one of the first issuers in Canada to have this advanced security feature.
  • Orange Alerts – You can set up "Orange Alerts" to be notified when there's activity on your Credit Card, for example when your Money-Back Rewards have been deposited or when you have a payment due.


To learn more about Tangerine Banks's credit cards including features and benefits, please visit


*The Tangerine Money-Back Credit Card ranked Highest in Customer Satisfaction with Credit Card Companies.


J.D. Power Disclaimer - Tangerine received the highest score in the J.D. Power 2019 Canada Credit Card Satisfaction Study of customers' satisfaction with their primary credit card. Visit


**Learn more at Lounge access available at $32 USD per visit (fees subject to change). MasterCard Airport Experiences is made available to you through MasterCard. Tangerine Bank is not responsible for MasterCard Airport Experiences or any offers made available through the program.


ƚ Insurance coverage is underwritten by American Bankers Insurance Company of Florida (ABIC). ABIC, its subsidiaries, and affiliates carry on business in Canada under the name of Assurant®. ®Assurant is a registered trademark of Assurant, Inc. Coverage is subject to eligibility, limitations and exclusions. For details of the coverage, including definitions and benefits, refer to the Certificate of Insurance provided with the card.



Source: MasterCard (11/20)


Women entrepreneurs are opening businesses at a higher rate than before, but challenges persist. Female entrepreneurs around the world are making strides to overcome gender-related biases and advance their businesses. This has a meaningful impact on the labor force, economic growth and the well-being of their societies. MasterCard today revealed the third edition of its MasterCard Index of Women Entrepreneurs, celebrating the markets where women entrepreneurs are most likely to thrive, while sounding the alarm that there are still significant inequalities that hold us all back.


Based on publicly available data from international organizations including the International Labour Organization, UNESCO and the Global Entrepreneurship Monitor, the global Index tracks the progress and achievement of women entrepreneurs and business owners across 58 markets (representing nearly 80% of the world’s female labor force) at three levels: (i) Women’s Advancement Outcomes, (ii) Knowledge Assets & Financial Access, and (iii) Supporting Entrepreneurial Factors. The results reaffirmed that women are able to make further business inroads and have higher labor force participation rates in open and vibrant markets where the support for SMEs and ease of doing business are high. They are also able to draw from enabling resources, including access to capital, financial services and academic programs.


Out of the top 20 ranking markets, 80% are high income economies, fueled by highly supportive entrepreneurial conditions. This includes the United States, which topped the charts for the first time, and New Zealand, which trailed closely in second place.


Top 10 markets for women entrepreneurs, based on supporting conditions and opportunities to thrive:


Rank    Market              MIWE Score

1          United States       70.3

2          New Zealand        70.2

3          Canada                 69.0

4          Israel                     68.4

5          Ireland                   67.7

6          Taiwan, China        66.2

7          Switzerland            65.8

8          Singapore              65.6

9          United Kingdom    65.6

10        Poland                    65.1


“Women-owned and led businesses are strong catalysts for economic growth, improving the lives of everyone. With this study, we are shining a light on those under-represented because even today, inequality and exclusion still hold women back. At MasterCard, we believe good ideas come from everywhere. Now is the time for governments and organizations to power together to support women to advance their businesses by eradicating gender-bias and ensuring greater access to education and financial inclusion,” said Ann Cairns, Executive Vice Chairman, MasterCard.


Of the 58 markets, 8 markets moved up by more than 5 ranks compared to the previous year’s scores including France (+22 ranks) which was driven by a near-double increase in the women entrepreneurial activity rate, followed by Indonesia (+13), Costa Rica (+11), Taiwan, China (+9), Ireland (+7),  Russian Federation (+6), Thailand (+5) and Ghana (+5).


The Index also suggests that the opportunity for entrepreneurship is not necessarily aligned to the wealth and advancement of a market. Markets with less conducive supporting conditions such as Uganda, Ghana and Botswana rank in the top three markets for women business ownership rates, compared to more developed ones. Women in these markets are deemed as “necessity-driven” entrepreneurs, spurred by a need for survival despite their lack of financial capital and access to enabling services.


Top 10 markets: Women business owners as a percentage of all business owners:


Rank    Market               %

1          Uganda            38.2%

2          Ghana              37.9%

3          Botswana         36.0%

4          United States   35.1%

5          New Zealand    31.8%

6          Russia               31.2%

7          Malawi             31.1%

8          Australia         30.9%

9          Angola             30.3%

10        Portugal           30.2%


Other key insights:


It is encouraging to note that women are achieving gender parity with men in terms of entrepreneurial activity in seven markets: Ecuador, Indonesia, Philippines, Vietnam, Ghana, Nigeria and Uganda. Meanwhile, improvements in Angola, Malawi, Costa Rica, Thailand, UAE and Taiwan also helped narrow gender disparity.

The findings also showcased women’s ability to thrive as business owners and pursue opportunities even where cultural and social conditions are not optimal. These are demonstrated in certain markets where women’s business ownership rates and Improvement-Driven Opportunity entrepreneurial tendencies are both high in spite of the lack of cultural acceptance/social encouragement. According to the World Bank, 45% of economies around the globe have laws constraining women’s decision to join and remain in the labor force.


The results showed that there are significant intra-regional differences, particularly in Middle East and Africa and Asia Pacific. Markets such as Uganda, Ghana, Botswana, Malawi and Angola outperform for female business ownership; however, despite efforts to improve the opportunities in this space, regional peers in Saudi Arabia, Egypt, Iran, Algeria, UAE, Tunisia and Ethiopia still have work to do, with women’s business ownership rates sitting 15% and below. Similarly, New Zealand, Australia and Vietnam surpass regional peers such as Bangladesh, India, Malaysia, South Korea and Japan in terms of the female share of business ownership.


In addition to shining a light on the progress of women entrepreneurs on a global scale, MasterCard is committed to designing a better world for women that creates limitless possibilities for us all. In the U.S. MasterCard is cultivating entrepreneurs through programs like Start Path and empowering small business owners in partnership with Create & Cultivate. In Africa and South East Asia, MasterCard is fueling women-led businesses with access to micro-credit and new digital marketplaces through platforms like Jaza Duka and the MasterCard Farmer Network. Furthermore, the MasterCard Center for Inclusive Growth is providing philanthropic support to enable financial literacy training and access to vital tools and services for women entrepreneurs in underserved markets.



Source: Brookings (11/21)


How will technological change affect the quantity and quality of future jobs? It is difficult to know. The issue of whether there will be enough jobs in the future receives substantial attention, mainly because of the well-publicized experiences of manufacturing workers whose jobs have been displaced by the introduction of robotics. It also reflects a long-held societal anxiety that machines will replace us.


The consensus among most scholars, however, is that jobs are not going away. Hence, rather than quantity of jobs, our focus should be on improving the quality of those jobs generated in a future governed by technological change. That is, more effort should be directed toward making proper investments in training and education and adopting policies that will improve labor market institutions to ensure the jobs of the future pay well and provide employment security to workers. Attaining this goal will be key to maintaining and growing the middle class in the future.


How jobs are changing


Most occupations are expected to change in response to advances in automation and artificial intelligence (AI) protocols, but it is difficult to predict how. The existing empirical evidence, however, suggests that the jobs most at risk of substantial revision are those whose constituent tasks are sufficiently routine and structured to make them amenable to substitution by digital technologies.


We can see glimpses of this future by observing changes in the skills required by employers seeking new workers. In a recent paper by IBM Research and the MIT-IBM Watson AI Lab, the authors study online job listings data collected by Burning Glass Technologies, a job analytics firm, to examine how skill requirements in these listings changed over the period spanning 2010-2017. The authors’ findings suggest that tasks that are more suitable for machine learning and AI algorithms such as scheduling and credential validation fell over the observation period.


At the same time, the authors found that listings featuring tasks that require human judgment, discretion, and other so-called “soft skills” became more common. More importantly, this latter skill set was associated with higher listed salaries, suggesting that these skills were becoming more valuable in the market, especially in occupations that combine technical and soft skills. This finding is in line with published academic research using data on employment and skills by David Deming (2017). Deming finds that jobs where social skills were a primary requirement increased substantially between 1980 and 2012; employment and wage growth was especially strong in occupations where math ability and social skills were complements.


While these job listings data do not ultimately tell us much about what workers ultimately do, nor, because of their methodology, say much about less remunerated jobs such as personal care work, this research does identify some important dynamic features of these labor markets. First, while jobs are changing due to technological adoption, they are changing relatively slowly, and, notwithstanding the special case of industrial robots in large manufacturing plants, there is little evidence of wholesale displacement in other sectors. In addition, they also suggest the speed and scope of change at this point may allow us, as a nation, to make choices that better prepare workers for the labor market of the future.


Investing for the future of work


How do we use this information to help match workers with quality jobs? Foremost, we need to provide better education and training models so that both current and future members of the workforce can acquire and develop skills that better complement technological change. Workers without college educations will likely bear a disproportionate burden of technological change in labor markets and many will require reskilling and retraining. However, as noted by MIT’s Paul Osterman at a recent conference hosted by the Future of Middle Class Initiative, the current education and training system in the US is a largely unstructured mix of 4-year colleges and universities, community colleges, vocational schools, workforce training and apprenticeship programs, and a “wild west” of other training platforms like bootcamps. The lack of coherence in this sector makes it difficult for people—especially those following less traditional post-secondary pathways—to make good choices given limited budgets and busy schedules. In addition, limited information about quality and whether program curricula fit the needs of local employers can raise the risk of investing in this type of training for workers.


Policymakers at the federal, state, and local levels can help. Committing to investments aimed at standardizing this training system—particularly through the community college system—should be a first-order concern given their affordability, their broad geographic reach, existing infrastructure, and the large number of students that already attend. Community colleges can potentially serve as a locus for public-private partnerships that can ensure that attendees match their training to skills demanded by employers, and potentially provide support for connecting workers with other types of training programs such as apprenticeships. Of course, not every worker can spare the time or expense to take community college classes. Ensuring the availability of training options that both provide skills and credentialing in areas that fit employer needs through online platforms and on-the-job models that connect better to employer needs will be key to helping relatively older workers to compete for better jobs in the labor markets of the future.


Improving the education and training options for workers is only one component of the systemic changes needed to help workers navigate the labor market and attain quality jobs in the future work environment. As a recent report by the MIT Task Force on the Work of the Future outlines, fostering a system that helps workers achieve quality jobs in the future will also require efforts to change other labor market institutions to better benefit workers. Their suggestions to improve outcomes for workers include:

  • Valuing human capital in the tax code. The tax code favors investments in physical capital over human capital through subsidies for capital expenditure, depreciation schedules, and imposing low rates on the returns to capital investments. Policymakers can potentially mitigate this imbalance by providing more incentives for investments in worker training, especially in areas where workers would receive credentials.
  • Incentivizing innovation that enhances complementarity not substitution. Subsidies and other incentives should be shifted towards supporting innovation that complements and augments worker efforts, making them more productive. This includes supporting investments in management capacity that will help firms know how to better integrate their workforce and investments in technology.
  • Reintroduce workers as stakeholders. The merits of pure shareholder capitalism in the US are currently under litigation by many scholars—my colleagues Richard Reeves and Isabel Sawhill included—in part because the system fails to account for the social costs imposed by its imperatives on workers and communities. This occurs partly because of the decline in private sector unions; workers rarely have a seat at the table. Pushing firms to reevaluate their institutional imperatives, coupled with more worker representation in decision processes, may potentially help contribute to workers sharing more in the benefits associated with increased productivity and increased economic dynamism that is promised by advances in technology and AI.


Ensuring a middle class in the future


We are unlikely to observe the end of work any time soon. However, access to quality jobs that maintain or support upward mobility into the middle class will depend on the steps taken now. As the technology underlying automation, digitization, and AI advances, many middle-class workers will be at risk of the consequences of labor market disruption. Investments that help workers enhance their skills and facilitate shared prosperity between workers and firms through improved labor market institutions should each be a part of the discussion going forward.

ACT Canada helps members understand complex issues and filter truth from market noise for current and emerging commerce trends.  Through a consultative approach with all stakeholder groups, the association provides knowledge and expertise to help members leverage opportunities, confront challenges and advance their businesses. Please visit or contact our office at 1 905 426-6360.

Please forward any comments, suggestions, questions or articles to Please note that articles contained in this newsletter have been edited for length, and are for information purposes only. If you would like to be removed from our newsletter distribution list please follow the unsubscribe instructions at the bottom of the email.

Andrea McMullen

President | ACT Canada
905 426-6360 ext. 124 | | |

ACT Canada helps members to:

Engage - Grow the commerce community via stakeholder contributions, collaboration and networking

Enable - Provide access to the expertise of the member community to gain insights that will help strategic decision-making

Evolve - Drive positive change in the increasingly complex commerce environment

Scroll To Top