….because it should only take 2Shakes to work with Government….

How was 2Shakes formed?

The 2Shakes team was formed during MBIE’s RevUp! weekend in February 2016.  A team of four applied and 2Shakes were selected as a Pay to Play team! Unfortunately tight time frames meant two team members could not get agreements with their employees sorted in time.  So team 2Shakes literally started as a team of 2.  Over the twelve weeks of the R9Accelerator we have grown and by demo day the 2Shakes team was six talented individuals.

But Why Authorities?

Lean start up is all about failing fast and pivoting.  2Shakes had lots of pivots early on.  We looked at a ‘business briefcase’ idea and a ‘government shared calendar’. But when we started talking to the Farming sector they wanted help with environmental compliance pain. 2Shakes identified a great way to solve it.  Then found in week 3 that Dairy NZ had recently implemented it!  Great for farmers, but not so great for 2Shakes.  So 2Shakes had a major pivot to exploring Authorities.  One of the team created the R9 framework for government authorities.  So 2Shakes explored this area using the following key insights:

• Authority is given for a reason, not for an organisation: People give others authority to help them for a purpose. It normally spans lots of different organisations.  For example if you ask someone to help you get on top of your debt, you need them to help you at each of the places you owe money to.  But organisations build authority systems in silos, just for their own organisation.  This means getting recognised or set up with authority to act for someone repeatedly over and over again at each place you need to use it.
  Silo authority processes that make you repeat yourself over and over and are a customer pain point.

• A lot of Organisations authority process are a bit ‘fudged’: Organisations often ‘forget’ that customers get agents to act for them. When this happens authority processes aren’t designed into their IT systems.  So staff have to figure out how to muddle through with procedures implemented as work around’s after systems have been built.  Often authority processes can be manual and paper based or ad-hoc (i.e. free text notes) with staff unclear on what the rules are to set them up.
  Inconsistent poorly thought through authority processes are a customer pain point.

• Well intentioned privacy protection can drive poor behaviors: Organisations are concerned about privacy and security of information, they often make users ‘jump through hoops’ to provide proof before they will accept an authority to act for another. However when it becomes too difficult users will often either give up (and miss out on services) or just share usernames and passwords (increasing the risk of fraud).
  Difficult authority set up processes lead to customers taking risks or not getting the services they want. 
• Authority is often easier to set up if you are given a ‘trusted’ status: Organisations often provide an easier set up process for trusted groups. For example lawyers with IPONZ or chartered accountants with IRD.  While this is great if you are in the group, its not if you aren’t.  It also doesn’t reflect the wishes of the customer, who normally have a very high level of trust in their Bookkeepers.  Bookkeepers are highly valued and trusted by their clients. They are often invited to clients Christmas parties and treated like a part of the team. Bookkeepers really are highly trusted by clients – after all, who would you trust with access to your bank account?
  It is painful for groups who are highly trusted by their customers, to not be recognised as ‘trusted’ by organisations.

The solution

Capture the trusted decision at source, so you can automate its set up across silos.
This ‘insight’ helped 2Shakes shape a solution.  We proposed that if we could capture the authority approval when it occurred, we could automate its set up.  It could work across all the silos for clients, avoiding them having to decode each organisations authority process.  We could make it easy to be set up.  We could provide the authority existed and could be trusted.

OK, but why start with bookkeepers?

Lean Start Up methodology requires that you find your early adopter market.  The definition of an early adopter is customers who have pain, who also know that they have pain, who also are actively trying to solve that pain.

This lead 2Shakes to Bookkeepers.  While professional intermediaries all have to deal with the pain of setting up authorities for clients, bookkeepers often have it the hardest.   The NZ Bookkeepers Association was formed in 2010, and is relatively new.  It is doing an amazing job building the recognition of bookkeepers, but it is early days.  Hence Bookkeepers are not yet recognised in the same way that Accountants and Lawyers are.  Bookkeepers currently have the most to gain from our solution and are ideal early adopters.  Also the NZ Bookkeepers Association (NZBAI) are just great to work with and keen to support 2Shakes!

What’s the future for 2Shakes?

NZ is a country that values working together to help each other out.  With our two degrees of separation we all know someone we trust, who knows someone we can trust.  However when we try to translate this to do it digitally, it gets tough.  2Shakes wants to make it easy, accurate and safe for New Zealanders to help each other digitally.  The future for 2Shakes is to:

• Build a solution that works for Bookkeepers
  We will build a sign up and authroity form that bookkeepers can use to sign up new clients.  With integration to NZBN, Xero, MYOB and Quickbooks we save bookkeepers time setting clients up in their Client Record Systems.  With authority automation to ACC, Companies Office and IR, Bookkeepers get recognised easily so they can get to work.
• Expansion to Accountants & Lawyers – in NZ and overseas
  Once we have a system that works for Bookkeepers, we will scale up to Accountants. An Accountants role has significant overlap with Bookkeepers, in fact we already have Accountants interested.  We will then look at further expansion to work for Lawyers representing businesses.  We see our solution then scaling internationally.  To Australia, UK, Canada and the US.
• Authorities – as a Service
  Knowing who is authorised to do what, for whom, at any given point in time, is a very important thing for large organisations to know.  But its complicated. There are significant operation costs in both recording, validating and then maintaining this information.  There are significant reputation costs in getting this wrong.  The 2Shakes solution could provide a real time, trustable, and accurate record of authorities that organisations can use to confirm third party access is authorised.
• Authorities for Individuals
  Authorities are fundamentally about relationships and who we trust. So while if fits for business, it is arguably even more relevant for individuals.  How do Organisations know who an Individuals wants others to act on their behalf?  We want to make it safe, easy and reliable to digitally communicated who has authority for examples like:
  • people with mental or physical disabilities who want others to help them (assisted decision making)
  • spouses or partners who get want ‘their other half’ to look after things for them
  • getting set up with Power of Attorney for your elderly parent
  • long term (or short term) guardianship for children
  • providing whanau support
  • helping refugees or immigrants with English as a second language

How does the Ethereum Blockchain figure in all this?

Blockchain technology lets blocks of information be recorded in a chain.  Each block encrypts the next block, so you can’t go back and change the information in a block once it is locked into an encrypted chain.  But in theory you might be able to hack the computer than holds a blockchain and change it. So Ethereum removes that threat a well.  Ethereum is a world-wide network of computers that copies the blockchain onto thousands of nodes around the world.  So to change a block you would need to hack into all the copies of that block chain across the Ethereum network.  Hacking into one computer is tough – hacking into thousands becomes impossible.  The Ethereum blockchain network gives you a way to record information in a way that is un-corruptible!

2Shakes wants to be able to assert that the contractual agreements we capture between clients and bookkeepers, accountants or lawyers are un-corruptible!  We want large organisations like Government agencies, banks and insurance companies to be able to trust that the authorities we send them are based on contracts and agreements that are true and 100% uncorruptible.

Doesn’t OAuth and UMA do this already?

User Managed Access (UMA) allows users to authorise others to act on their behalf for specific services at specific organisations. It extends OAuth technology, using ‘tokens’ to allow users to authorise applications to talk to each other. While OAuth and UMA are very powerful and useful they are predicated on the assumption that the user needs to digitally approve each service.  It works at a ‘granular’ level.

2Shakes is different – it is basically capturing the authority for the ‘outcome’ the user wants.  2Shakes translates the outcome into a multitude of those granular services that need to be authorised.

As easy as OAuth is for a user (its open an email and click a button easy).  Feedback from bookkeepers is that some clients still won’t do it.  They need to be nagged and nagged again.  In fact Bookkeepers say that they have to nag 30-50% of their clients.  Nagging is an expensive business, with anecdotal estimates of it taking 45 minutes of repeated nagging to get a successful outcome.  And it is 45 minutes that is hard to justify charging clients for.

Bookkeepers try to solve this by trying to capture everything they need to from clients at the first initial sign up meeting. Which is why the 2Shakes sign up and authority form makes such good sense.