In light of increasing cashlessness, platform economies, Open Banking APIs, financial bots and cryptocurrencies, money is on the move - once inert, money is gaining agency, becoming programmable, automated, data-driven and part of 'more than human' infrastructures. These financial futures demand that designers engage with difficult questions of economy and value, while retaining a sensibility to the many subtle and social qualities of money and our everyday economic interactions. This one-day workshop will therefore bring together practitioners and researchers to explore design challenges related to four broad themes: Designing with Transactional Data; Designing Alternative Representations of Value; Money, Automation, Power, and Control; and Financial Futures with Vulnerable Users. Developing scenarios related to these themes, the workshop will cultivate a rich design space to establish the value of design-led research in shaping our financial futures.
MULTIFILE
The story of Triodos Bank over the last 20 years reads as a success story. It is also a story about how principles are guiding business. However, principles need a pragmatic approach in order to be successful. Over the past 30 years the bank’s management has succeeded in balancing a clear focus to create value for society with the objectives of a financially sound company. This case will describe this development, focusing on a period of rapid growth from 1990 to 2009, in which the organization grew from a small entity to a serious bank.
In September, the president of the Dutch central bank wrote what may have been the most remarkable letter of his career: it said that the ECB’s interest rate hikes will lead to losses for De Nederlandsche Bank (DNB) for the first time since 1932. Several countries throughout the eurozone are facing a similar problem. To absorb the losses of their central banks, European taxpayers risk having to pay tens or even hundreds of billions of euros a year. Meanwhile private banks get that same amount of money without having to do anything in return. The ECB now stands ready to make a crucial policy decision to determine whether billions in taxpayer money will again flow to the banking sector.
Today, embedded devices such as banking/transportation cards, car keys, and mobile phones use cryptographic techniques to protect personal information and communication. Such devices are increasingly becoming the targets of attacks trying to capture the underlying secret information, e.g., cryptographic keys. Attacks not targeting the cryptographic algorithm but its implementation are especially devastating and the best-known examples are so-called side-channel and fault injection attacks. Such attacks, often jointly coined as physical (implementation) attacks, are difficult to preclude and if the key (or other data) is recovered the device is useless. To mitigate such attacks, security evaluators use the same techniques as attackers and look for possible weaknesses in order to “fix” them before deployment. Unfortunately, the attackers’ resourcefulness on the one hand and usually a short amount of time the security evaluators have (and human errors factor) on the other hand, makes this not a fair race. Consequently, researchers are looking into possible ways of making security evaluations more reliable and faster. To that end, machine learning techniques showed to be a viable candidate although the challenge is far from solved. Our project aims at the development of automatic frameworks able to assess various potential side-channel and fault injection threats coming from diverse sources. Such systems will enable security evaluators, and above all companies producing chips for security applications, an option to find the potential weaknesses early and to assess the trade-off between making the product more secure versus making the product more implementation-friendly. To this end, we plan to use machine learning techniques coupled with novel techniques not explored before for side-channel and fault analysis. In addition, we will design new techniques specially tailored to improve the performance of this evaluation process. Our research fills the gap between what is known in academia on physical attacks and what is needed in the industry to prevent such attacks. In the end, once our frameworks become operational, they could be also a useful tool for mitigating other types of threats like ransomware or rootkits.
