The promise and peril of programmable payments

Amid the intensifying focus on stablecoin issuance and demand, one potential blockchain innovation feels relatively overlooked: programmable payments.

By redistributing creativity and responsibility, blockchains can imbue value transfers with new functionalities and flexibilities. Yet, like all innovations, this brings both opportunities and risks.

To more closely examine each, we need to first establish some definitions and scope:

“Programmability” for payments implies making them contingent on an event or condition. The idea is not new — current systems already support certain forms of programmable payments such as direct debits, scheduled actions, automatic balance adjustments, etc. But these are facilitated either by banks within a rigid framework, or by third-party services such as treasury management platforms. Flexibility is limited and decisions on functionality are centralized.

Distributed ledgers in this context can be either public blockchains open to anyone, or private ecosystems for white-listed entities. Both can offer users more flexibility in programming transfers on two distinct levels: the application, and the token.

The application handling a payment will usually be a digital wallet, which channels access to the tokens and executes their authorized transfer. Unlike bank accounts, digital wallets can be offered by financial institutions and nonfinancial operations, can manage a wide range of assets, and can be controlled by the end user, the service provider or both.

The payment token is usually a stablecoin (a public blockchain token backed 1:1 by fiat reserves), a deposit token (issued by a bank and backed by client deposits), or a central bank-issued digital currency, or CBDC (only a small handful of countries have gone live with “official” digital fiat, although many are at the development or pilot stage).

With basic definitions established, let’s move on to the advantages and the risks of application layer programmability.

Digital wallets are flexible in terms of design and functionality. They can be programmed to interact with any number of smart contracts offering a range of functionalities, enabling a degree of customization.

For instance, a smart contract could scour decentralized finance applications for the highest yield and automatically transfer over excess stablecoin balances; it could authorize an insurance payout if a shipment is delayed; it could insist on multiple confirmations if a transfer is above a certain amount; it could authorize a freelancer payment if uploaded work meets requirements — these examples are just scratching the surface.

However, the additional flexibility comes with risks.

One is reduced oversight from financial institutions. This can be seen as an advantage right up until things go horribly wrong with a payment, because with white-listed transfers, especially on public blockchains, there is often little recourse. Also, a decentralized network with programmable payment customization introduces the risk of code errors and/or vulnerabilities. Less clearly defined boundaries of responsibility can be confusing for individuals and businesses used to traditional finance’s checks and balances. And the interconnected nature of global finance means an error in one small corner can ripple throughout the system.

Nevertheless, the enhanced flexibility of digital wallets compared to traditional accounts offers users an attractive extension of a service they are already familiar with: programmable payments, but with more precise customization and a much wider range of use cases. This should offset risks, which can be mitigated with audits, collaboration, defined contracts and greater transparency.

Moving beyond the “similar but better” appeal of application-based conditionality, blockchain-powered payments also offer a totally new innovation: functionality embedded in the token. On-chain assets may represent value, but they are essentially snippets of code that can include instructions, bundling together the rules and the instrument.

Unlike programmable payments, “programmable money” is a radically new concept.

Examples include tokens with a specific purpose, such as digital food vouchers — the streamlined processing for merchants, greater convenience for users and more effective fraud control could encourage wider participation and more frequent distributions. Or, tokens disbursed as part of a government contract could automatically become invalid if the work is not completed, reducing waste. Or, a regional authority could help a local industry by gifting tokens that can only be spent at designated merchants.

This may sound stimulative and efficient — but programmable money introduces deeper, less technical risks than do on-chain programmable payments.

The most obvious is the blurring of our understanding of money. Transaction tokens with embedded functionality are not fungible with simpler tokens, breaking the “singleness” requirement that money be the same everywhere. For instance, can a token minted specifically for the purchase of bicycles be considered money?

Another is economic distortion. If specific-purpose tokens displace the use of standard digital money or fiat, what does that do to activity data as well as metrics such as money supply and circulation?

A more sinister risk is that of behavioral control, with governments using programmable currency to influence or punish. For instance, China has experimented with distributing digital yuan to certain communities with the requirement that it be spent by a certain date, or expire. That sounds relatively harmless, but given the PRC’s emphasis on social stability and data gathering, we could also see digital currency use denied for those who attend protests, to pick an example. Russia has said that its central bank digital currency will allow programmability, to prevent its use by certain individuals or entities. As more jurisdictions launch digital currencies, it’s not hard to imagine the programmability of money being used in the future to stop the purchase of alcohol on Sundays, donations to certain causes or subscriptions to dissenting media.

Can these risks be mitigated? It depends on who is behind the programmable money. If it’s a private company testing the impact of economic nudges on engagement, practical rules can protect against abuse and, ultimately, users have a choice. But if programmable digital cash ends up replacing traditional money, the temptation to influence a population will be difficult to resist, no matter how much the authorities insist they respect the right to privacy.

This brings us up against the time-worn balance of greater convenience versus greater vulnerability. Humans tend to choose the former over the latter, assuming their governments will protect them if necessary. But with a technology that allows tighter behavioral control, who protects citizens from the government?

The balance also reminds us of an immutable rule of technology: Unchecked, what can happen will happen. Yet limits on innovation and experimentation distort competitiveness, arguably more important than ever in our adjusting shifting geopolitical landscape.