Hi everyone, thanks for coming back to Customer Futures.

Each week I unpack the disruptive shifts around Empowerment Tech. Digital wallets, Personal AI and the future of the digital customer relationship.

If you haven’t yet signed up, why not subscribe:

SAVE THE DATE: New Customer Futures Meetups

Don’t miss these new dates for the diary:

• Thursday 9th October - LONDON

• Wednesday 22nd October - COPENHAGEN

• Wednesday 10th December - LONDON (Christmas meetup!)

More details coming soon.

Are you curious about digital ID, digital wallets and Personal AI? Or already working on Empowerment Tech? Join us for casual drinks and a catch-up about all things ET.

Details and timings out soon.

See you there.

Hi folks,

Summer already feels like it’s behind us. And September seems to have snapped everyone into action. I’ve never seen so much energy about Empowerment Tech in such a short space of time.

It’s dizzying. It’s exciting. But it’s also exhausting.

Another mad week. Google announces a new payment protocol using verifiable credentials. And ChatGPT gets access to your calendar - and gets hacked in hours. Obviously.

I’m more energised than ever about digital ID and Personal AI. But I’ve also never been more challenged by the speed, the volume, the depth of what’s going on.

Only 2 years ago, we were marvelling at smart new AI chatbots and videos showing people with six fingers. Today, the AI hype is normalised. We’re numb.

Of course there’s a new open source AI model that can run on your device. Of course the answer to personalisation is a portable verifiable credential, not another digital account. And of course, the real opportunity is to give data back to people.

But now the tough job is finding the signal in the noise. Separating the BS from the breakthroughs.

Which means there’s never been a more important moment to help shape the future of being a digital customer. So welcome back to the Customer Futures newsletter.

In this week’s edition:

• ChatGPT just gave everyone access to your calendar and email

• Digital sovereignty isn’t just a challenge for governments

• From Amnesia to AI: the three stages of CX

• Google announces Agent Payments Protocol (AP2) - and using Verifiable Credentials

• A 'Digital Wallet' is a terrible name, but it might just be helpful

• … and much more

So grab your hot drink of choice, a cosy corner, and Let’s Go.

ChatGPT just gave everyone access to your calendar and email

It is such early days for us to understand this new, powerful AI technology. Let alone give it access to our precious personal data.

Be cautious, folks.

Eito Miyamura posted this week about how he got ChatGPT to leak private data using only an email address.

Whoops.

OK, how?

By prompt-hacking ChatGPT, which just added support for MCP (Model Context Protocol). Because OpenAI now allows ChatGPT to connect and read your Gmail, Calendar, and any other service that supports MCP.

“Here's the fundamental problem: AI agents like ChatGPT follow your commands, not your common sense. And with just your email, we managed to exfiltrate all your private information.

“Here's how we did it:

1. The attacker sends a calendar invite with a jailbreak prompt to the victim, just with their email - no need for the victim to accept the invite.

2. Waited for the user to ask ChatGPT to help prepare for their day by looking at their calendar

3. ChatGPT reads the jailbroken calendar invite. Now ChatGPT is hijacked by the attacker and will act on the attacker's command. Searches your private emails and sends the data to the attacker's email.

“For now, OpenAI has only made MCPs available in "developer mode" and requires manual human approvals for every session, but decision fatigue is a real thing, and normal people will just trust the AI without knowing what to do and click approve, approve, approve.”

Approve, approve, approve.

I wrote recently that Facebook used behavioural science techniques against us by design to keep us scrolling and ‘engaged’. And we all know that most of today’s cookie-consent flows are designed expressly for us to swat them out of the way, like an irritating fly. Not to build trust and transparency.

So of course the hackers will use the same design hacking tricks. Our decision fatigue and hidden new AI Agent features will help them jailbreak our calendars, email accounts and other digital services.

I’ll say it again. It is so incredibly early.

Security risks. Privacy risks. Intimacy risks.

And you’re going to give AI Agents your credit card details, yeah? Cool.

READ

Digital sovereignty isn’t just a challenge for governments

You’ve probably never heard of Mike Bracken.

He’s one of the world’s leading authorities on building digital government. And specifically how to design citizen services around people, not just policy and process.

His recent article on digital sovereignty is one of the clearest and most practical frameworks I’ve seen on designing for digital government.

It challenges the idea that sovereignty is about total independence, or even about where the nation’s data sits. Instead, he argues, it needs to be about agency and capacity. About understanding dependencies, making smart trade-offs, and designing the digital future we want.

Not just inheriting it from the previous leadership team. Or accidentally sliding into it through a mega contract with an IT firm or AI company (looking at you, Palantir).

“Sovereignty is not a passive state that is just granted. It is an active capability that must be built and maintained.

“It requires situational awareness across internal and external factors, and needs organisations to lead its suppliers and innovators towards its version of sovereignty.”

“Ultimately, digital sovereignty comes down to a choice: to actively participate in shaping your organisation's digital future, or to cede that control to others. Operating by default is what happens when strategy is absent.”

Brilliant stuff.

But as I read it, one thought kept coming back. ‘Sovereignty’ isn’t just about governments and organisations. Individuals need it too.

I’m not here to make another tired argument about ‘the sovereign individual’. Or for Self Sovereign Identity (SSI). Nor demanding that all data lives at the edge, on your device.

‘Not your keys, not your crypto,’ as the bitcoin maxis shout.

No. I’m saying that we need pragmatism. We need nuance. And, just like Mike argues for organisations, we need to design for it.

That individuals must have agency and capacity too.

Because we’re heading toward a world where people will be asked to trust - and increasingly delegate to - digital infrastructure that makes decisions on their behalf.

That includes AI agents that act on our instructions. Digital wallets that carry our verified credentials. Data stores that represent our history and preferences. And platforms that enable identity, payments, and all sorts of digital services.

Yet as many now push for governments to reduce their dependence on ‘foreign tech stacks’, closed software, and opaque contracts, we rarely ask what that same thing means for people.

It’s a huge gap.

So here’s the Customer Futures take. A version of Mike’s digital sovereignty proposition, but this time for individuals.

1. People need agency, not just access

We talk about platform access, digital inclusion, and user rights. But most services are still designed around organisational control. Not individual agency. That’s the difference between being onboarded to a system (e.g. CRM) and having your own system that you can bring with you (e.g. your own digital wallet).

2. People need capacity, not just choice

Empowerment isn’t about dumping choices on people. It’s about creating capacity. For people to understand what they’re consenting to. To delegate decisions to agents they control. And to port their data - and frankly their trust - from one service to another.

Without this capacity, “consent” is a compliance checkbox, not a real mechanism of control.

3. People face dependencies, too

Most of us don’t get to choose our cloud provider. Or the app store. Or how our data flows through third parties. The ‘sovereignty conversation’ needs to ask: what options are actually available to the individual? What standards exist for switching services? Can I reuse my verified information somewhere else? Or am I locked in?

4. People need digital tools that are by design, not just by default

Because default settings shape everything. If your default is surveillance, consent fatigue, and opaque algorithms, then let’s be honest: your infrastructure is extractive.

As Mike has championed for over 15 years, the user experience of sovereignty should be transparent, portable and programmable.

Here’s the punchline. Digital sovereignty shouldn’t just be a national strategy thing. Only a discussion about ‘Digital Public Infrastructure’ (DPI).

Because there’s another DPI to think about: Digital Personal Infrastructure. aka Digital Wallets, Personal AI and Personal Data Stores.

So I completely agree with Mike. Sovereignty can’t be passive. It’s something we need to design, build and own.

Let’s just make sure everyone - not just governments - gets the tools to design and build it.

That we finally get our own Empowerment Tech.

READ

From Amnesia to AI: The three stages of CX

This week, I wrote a post over at UJET about the future of CX:

“Remember calling your bank in 2015? You'd punch in your account number, wait on hold, then repeat that same number to three different people. Every brand had its own login, every call meant starting over, and you carried the entire burden of context.

“It was clunky. Reactive. Fragmented. And the truth is, companies didn’t care. Because they were in control.

“Your FaceID now replaces twelve passwords, and contact centre agents get real-time context instead of guessing. It's a massive leap from the amnesia days.

“But soon, customers won’t just show up with a query. They’ll show up with their own digital tools. A digital wallet that can prove who they say they are, and what they are entitled to. A data store that can bring their preferences, history and details of what they need. And soon, a personal AI agent that can even act for them.

“The question for brands is simple. What happens when the customer is better prepared than you are?

“The answer isn’t about customer control. It’s about customer readiness. Because the future of CX won’t be defined by the systems inside a company. It will be shaped by how well those systems connect to the digital tools customers bring with them.”

READ

Google announces Agent Payments Protocol (AP2) - and using Verifiable Credentials

I highly recommend reading Dazza Greenwood’s initial views of the new ‘AP2’ protocol just announced by Google.

It’s a great breakdown of what this new A-commerce protocol can do, why, and what now becomes possible for merchants and consumers.

“Today’s payment systems assume a human is clicking "buy." AP2 creates the framework for a world where autonomous AI agents can securely and verifiably transact on behalf of users and businesses.

“It achieves this by introducing a system of Verifiable Credentials called "Mandates," which serve as cryptographically signed, auditable proof of authority and intent for every transaction.

“AP2 is not a new payment network; it is a data protocol that layers on top of the Agent2Agent (A2A) protocol, ensuring it can work with any payment method—from credit cards to real-time bank transfers.”

The hawk-eyed amongst you will have also spotted that Google are using ‘Verifiable Credentials’ as part of this new AI agent payments protocol’. Huzzah.

Here’s a screenshot from the Google announcement video:

Human Present and Human Not Present! Bingo.

Much as I wrote about recently: 'Customer Wallet Present' won't just transform digital banking, it's going to revolutionise the digital economy.

Google using VCs here is a big deal, and signals more momentum towards an Empowerment Tech approach. The inevitable combination of digital wallets, verifiable credentials and Personal AI.

I love Dazza’s writing. He always brings clarity to often messy, technical and legal subjects, complete with his expert legal views on what it all means in practice. And what is still left to do.

DAZZA’S POST, GOOGLE’S ANNOUNCEMENT, ME ON ‘WALLET PRESENT’

A 'Digital Wallet' is a terrible name, but it might just be helpful

When Bill Gates invented Windows OS for the first PCs, he needed to make things familiar. So that people could relate to them.

It's why we got things like ‘desktop’, ‘folders’ and 'trash cans'. Even though those were digital things that didn't need to look like physical objects.

He could have come up with any new UI for these new digital objects.

But he didn't. And we still have desktops, trash cans and folders today. It's a known design technique, about making things ‘skeuomorphic’.

The same thing is now happening with the UI for 'digital credentials'.

Look inside the Google and Apple wallets, and you'll see little rectangle boxes of data. Same with the EU Digital Wallets. And all the rest of them.

A 'mobile driver's licence'. A 'loyalty card'. A 'ticket'.

Why are they rectangles? Because that's the size and shape of the credit cards and coffee stamp cards that fit in our leather wallets today. But there's no reason for that. Not really. Other than to make them feel familiar. To make them 'skeuomorphic'.

Once again, we're designing our new digital credentials to look like plastic and paper today. For an age of leather wallets. Not what they can be tomorrow.

You see, once we use our mobile devices to store our digital IDs - and of course all sorts of other credentials like employee documents and proof of insurance - there’s no reason to have them shown as rectangular-shaped plastic cards.

They could be orbs or triangles or anything really.

Is the term 'Digital Wallets' holding us back? At least from a UI/UX point of view?

Yes, 'wallets' might help them feel familiar. And the term might be useful to drive adoption. But is that the best we can do from a UI/UX point of view?

READ

OTHER THINGS

There are far too many interesting and important Customer Futures things to include this week.

So here are some more links to chew on:

• Idea: Data Was the New Oil, Agentic AI Is the New Fire READ

• Post: An EUDI wallet without diplomas, permits, or tax records is like a bank account without money READ

• News: The UAE just became the first country to mandate the phase-out of SMS and email OTPs for financial institutions READ

• Article: Cracks in the Checkout: Big Debates in Agentic Commerce READ

• Post: Claude gets there first: a smart AI assistant that can handle complex requests requiring common sense and complicated constraints READ

And that’s a wrap. Stay tuned for more Customer Futures soon, both here and over at LinkedIn.

And if you’re not yet signed up, why not subscribe: