A Conversation With PayPal’s CEO Dan Schulman

A Conversation With PayPal’s CEO Dan Schulman

Mike Blake/Reuters

More on:


Capital Flows


Dan Schulman discusses how globalization defines today's consumer and the value of public-private partnerships and how they accelerate innovation. He will also address responsible leadership, and how businesses can drive lasting economic and socioeconomic impact.

This meeting is part of the 2017 Corporate Conference.

HAASS: Well, good afternoon and welcome to the third and final plenary of this year’s Corporate Conference here at the Council. We’re lucky to have Dan Schulman here. We’re lucky in many ways. And I just want really want to thank him for making the effort. He was travel-challenged last night, which explains why we’re doing it today. I just want to thank him for persevering.

SCHULMAN: My pleasure. Thank you.

HAASS: I want to thank him also—I should say that PayPal is a corporate member, which is valued here. He’s been CEO and president for about three years or so now. He’s had this extraordinary career. All that detail is in your program. Most important, he graduated from Middlebury College. He was not part of the recent demonstrations, however. (Laughter.) I think that’s a fair way of putting it. He and I are going to talk for a bit, then we’ll open it up to you all.

Let’s just sort of start with the basics, because my hunch is everybody knows about PayPal but nobody really knows about it—exactly what it is you’re up to on a day-in day-out basis. So why don’t you say a little bit about—because you’ve got now about 200 million people who are using you on some sort of a regular basis. Just give a sense of how you—how you describe what it you guys are up to.

SCHULMAN: Yeah, sure. First of all, I apologize for last evening, but I’m very happy to be here with all of you.

So PayPal, just to give you a sense of the scale and scope of it, we have 200 million people who use PayPal on a regular basis. We operate in about 200 countries around the world. And we do over 6 billion transactions through the platform. About a third of them come through mobile devices. That’s growing at about 50 to 60 percent year over year. And it is, outside of China, the leading fintech platform. In China there’s two, Alipay and Tencent. But outside of that, PayPal would be the leading fintech platform.

And we do pretty much everything. We acquire consumers. We acquire merchants. We do the processing in between. We have about 16 million merchants that use our platform, most of them small and mid-sized merchants. And we do a ton of cross-border trade in that the typical small business merchant with PayPal, 79 percent of them do some cross-border trade, compared to about 7 or 8 percent of small businesses not using PayPal that do cross-border trade. So we really enable that.

And we’ll talk about some other things. We got a very expansive mission, which is, in our view, to democratize financial services. In our view, that is a mission and vision that drives us. There are about 2 billion people in the world outside of the financial system. Costs them a lot—(audio break)—waiting in lines to do those transactions. And that’s kind of ridiculous with technology today. We ought to be able to do those in a much faster, simpler, easy to understand way, that saves them time, is more secure and, importantly, much less expensive. And so it’s an expansive and a very inclusive mission. And it drives us. We’re just beginning on that journey, but I’m sure we’ll talk about that a little bit more.

HAASS: Yeah, I want to follow up on some of the things you just introduced. But if you’re dealing in 200 countries, and you’re doing all this cross-border stuff, two issues that immediately pop to mind. One is currencies. How is it you manage that? And the other is the regulatory environment. You’re dealing with all these countries. How have you navigated your way through that? What’s your—you know, your biggest international issue?

SCHULMAN: Yeah, well, when you work in 200 countries you pretty much have almost 200 different regulators who care very much about the management and movement of money. And it’s an interesting dynamic that goes on. First of all, the regulatory bodies very much are interested in the idea of financial inclusion. Most governments want their citizens to be part of the financial system, to be productive citizens as a result of having access to be able to manage and move money in a seamless way. But the traditional financial services infrastructure is not designed to handle that because predominantly it’s an expensive infrastructure. You’ve got bank branches. You’ve got human resources that go do that. And therefore, to really profitably serve a segment of the market, it’s the more affluent that the traditional financial institutions can at least well-serve.

That’s changing dramatically with technology right now, because you have built-in distribution with smartphones. You have 5 billion smartphones out there. The cost of a smartphone—I’m on the board of Flex, which is a contract manufacturer, it’s dropping—I mean, we can’t really forward price it low enough, to tell you the truth, because it’s dropping pretty dramatically. You can get a pretty decent smartphone in India for 30 bucks or so. So you’ve got built in distribution where you have all the power of a bank branch in the palm of your hand. And so the regulators understand that. But technology is moving so quickly that it is sometimes difficult to keep up with—we all have a North Star, but how you get there is hard.

And so the thing that I offer to regulators is, one, we’ve got to be compliant with all the regulatory AML, you know, all the FinCEN type of things—and there’s a ton of others that you probably don’t want to know about if you’re not in the industry. So you have to be compliant with all of that. But you have to create the ability to have things like sandboxes, is the way that I describe it, where you can go into a sandbox and you can experiment. That is really the big thing that I’m trying to do. How do we experiment responsibly with smaller segments of the market and maybe different data that we use? That may not be traditional FICO-based data, but different types of data to advance credit and lending.

For instance, here in the U.S. we have a working capital loans that we give to small businesses. We don’t use a FICO score at all. We only look at the history with us. We’ve extended some $3 billion of loans. This is the interesting fact: 25 percent of those loans have gone into the 3 percent of countries where 10 or more banks have closed branches. So we’re really actually substituting kind of with different data sets a way of lending. And those average businesses that get a capital loan by between 20 and 21 percent, versus the control group that grows by zero.

So when I talk about the ability for fintech to promote kind of economic growth and productive citizens coming in, using different data and being able to lend to small businesses, see those small businesses start to grow—of course, that means more money for their families, you know, the small-business owner families. They start to hire people. There’s really a very positive cycle that can be created in that manner. And it really is telling regulators that our vision and missions are aligned, but the way we get there is going to be different. So let’s figure out experimentation and collaborate together to go and do that. And I wouldn’t say we’ve been 100 percent successful on that. But we’ve had good success in a number of different markets.

HAASS: What percentage of your calories these days are you devoting to cybersecurity issues?

SCHULMAN: A ton. (Laughs.) So I’m also the chairman of the board of Symantec, which is the world’s largest cybersecurity—software cybersecurity company. So I have some insights into this. So the typical American business gets attacked about 4 million times a year—the typical American business, 4 million times a year. If you’re in the financial services arena, we get attacked over a billion times a year—over a billion. The Post Office last year got attacked 4 billion times. Now, they don’t really have that much interesting data there, to tell you the truth, but it is a backdoor into the rest of government. So they get attacked 4 billion times.

HAASS: Oh, they can go through the front door of the Office of Personnel Management, don’t worry about it. (Laughter.)

SCHULMAN: I do worry about it, because I was in that—

HAASS: (Laughs.) Me too.

SCHULMAN: So yeah, so I do worry about it a lot. (Laughs.) So and what’s very interesting is the threat vectors coming in. So if you think about 80, 82 percent of the threat vector are hacktivists. And hacktivists have a political agenda mostly, or just want to create havoc in some way. They’re the vast majority of the attacks, and they’re—they have less than 1 percent success chance of breaking in. So that’s good. Then you’ve got cyber criminals. And cyber criminals want to steal as much information and sell it on the dark web. They’re probably 15, 17 percent of the threat vector. They’re very, very good and very, very motivated. But they’re successful less than 20 percent of the time coming in. That’s still a big number, by the way, but they’re successful less than 20 percent of the time.

HAASS: And that’s not reassuring.

SCHULMAN: And then you’ve got 2 percent or so which is state-sponsored coming in. It’s a very small part of the threat vector, but state-sponsored is typically about 98 percent successful. So, if you’ve been targeted, you’ve been hacked is basically—we say in the cyber realm there are two types of companies: those who have been hacked and those who don’t know they’ve been hacked. And so state doesn’t want you to know that they’re in there. They’re very, very patient. There is no—they don’t want to blow it up. It’s they’re either doing sort of a form of mercantilism—you know, economic mercantilism, taking IP, or they’re in there in some sort of blackmail that can go on, like we’re going to take down this bank if you don’t let us do what we politically want to do in this part of the world. And so very, very sophisticated. It’s absolutely the fifth frontier of war right now.

And so, if you’re not worried about it as a company, you’re living in a world of denial. The only real way that you can protect yourself is—for instance, last year 39 percent of all Americans had their identities stolen. That’s last year. Last year, every quarter, 750 million websites are put up—every quarter—of which 70 percent of them are there for less than 24 hours, and they’re there basically to do phishing attacks on you. So they come in—those that remain are what we call wine cellaring. They kind of—they bring in legitimate traffic so they can become whitelisted on the Web, and then they are used to attack. Most devices have been hacked in some way and are part of—part of a botnet network that can come after you in DDoS attacks.

The only way you can protect is—you can’t do it anymore with moats and turrets, which is the way we used to do it—like build great firewalls, et cetera. You have to do it through data analysis because, for instance, at PayPal we have a service called One Touch. We’ve done away with username and password, as long as you register your device, because username and password give no protection whatsoever. Like, it’s definitely you. You’ve signed in with your username and password. But it’s not you, it’s you. The good news is we know about you through data and information. And when you come in, if you don’t do basically exactly what he’s done, through all the algorithms we have, we do not let the funds leave the system.

And so the key to cybersecurity now is very sophisticated modeling through artificial intelligence, through machine learning, through neural networking, that enables you to look at anomalies in the dataset and stop data from leaving. And you cannot invest enough in that to stay two or three steps ahead of the—of the bad guys.

So that was a long answer, but I think about it a lot.

HAASS: It was a long answer.


HAASS: It was a really reassuring, answer, too, so I want to thank you.

SCHULMAN: Yeah. (Laughter.) Well, I’m glad it wasn’t. (Laughter.) You shouldn’t be reassured. (Laughs.)

HAASS: OK, so here you are in this business. You’re in the fintech world. What is it—from regulatory policy to immigration policy, what is it you’re looking for Washington to do? And what is—what is it you’re hoping Washington doesn’t do? Like, what is your sense of what’s ideal, what’s optimal coming out of government, and how the two of you should interact?

SCHULMAN: I’ll start that off in maybe a different way and then I’ll get right back to your question, I promise.

I think that businesses have a new role to play that perhaps we did not play maybe 20, 30, 50 years ago. And that is I think that businesses cannot look to government to solve all the ills that face us.

Think about it. As businesses, we have tremendous resource behind us. We attract some of the best talent. We pay for it, but we pay a ton of money in it. We get great talent. We have a lot of cash and a lot of resource. We are global in our nature, most of the bigger businesses. And we need to have missions that advance a social cause of some sort. I think it’s very important.

I think—the old company model was you had sort of your—I don’t know, what do they call this—foundation over here, and like you’d give like, you know, $15 million or something to some program. But it wasn’t part and parcel of who you were as a company. And I think companies absolutely have an obligation to be a force for either social change or a force for good in the world, and that has to be aligned with their mission.

Our mission as a company is to democratize financial services. We think that financial inclusion is something we need to advocate for and work with governments for. Honestly, I don’t feel it’s a red issue or a blue issue; I feel it’s a red, white, and blue issue. Because if that is sort of bringing people back into the system and making productive citizens out of it, I mean, as I said, we need to work together with government.

And so I have found that that’s been a very powerful tool to basically, align agendas and then align resources to go after that, because I don’t think anybody in the room would say that we’ve got governments that can act as quickly, or that aren’t gridlocked in some ways, that aren’t, you know, subject to the pressures of vote happening, you know, for them every two to four years or so. Are they really there for the long term? Companies typically can be.

Now, companies have a profit motive, so you have to be suspicious of that as well, so not saying that, you know, this is all worked out. But I am saying that I believe that, as the CEO of a multinational large company, that we have a(n) obligation to work hand-in-hand with government to address the thing that we are particularly suited to go and address.

And we’re lucky in that it works in the agenda of government. I don’t think there’s any side—whether I talk to Republican leaders or Democratic leaders, and I do that all the time, they actually all want it. They may come about it in different ways, but that North Star we all can agree on.

HAASS: Well, let me just sort of push you a little bit, because one of—

SCHULMAN: I figured you would.

HAASS: Yeah, it’s—

SCHULMAN: Why not?

HAASS: Why not? You’ve come all this way, I feel.

SCHULMAN: Yeah, exactly. (Laughter.)

HAASS: The era of the—not to be cavalier, but the era of the corporate statesman seems—this does not seem to be it. And whether it’s because of fear of stockholders or advertisers of social media—I mean, here you’ve got, for example, now an administration that’s doing certain things in the regulatory area, in the immigration area, in the trade area that have real consequences for American business. And other than Jeff Immelt and one or two people, I don’t see a lot of—a lot of folks in the corporate world speaking out. It’s like the cat’s got their tongue, or their thumb—they’re not doing anything on social media, either. So are you conscious of, you know, constraints, as well, you know, how you navigate this in a way—because you’ve got to balance various considerations or constituencies?

SCHULMAN: That’s a good question.

So I think you have a mission and a vision as a company, and ours is a pretty expansive and inclusive one. So our view is that managing and moving money should be a right for every citizen and not just a privilege for those who are more affluent. That’s sort of the way that we think about it. And we want to go against the adage that it’s expensive to be poor, because that’s true in financial services. And so the question is, how do we advocate for that?

So if we have inside the company this sort of inclusive mission, then the values that are reflected inside the company need to mirror that. And values cannot be things that you put up on a wall and you don’t live them. And so I think you’re beginning to see more CEOs move into more of an activist type of role. And I don’t think of it as activist. I think of it as being responsible. That’s what I think about it.

And so we can’t say one thing internally and do another thing externally. It does not compute to our employee base. And we want to attract the very best employees, who are inspired by what we are doing.

And so we’ve actually made some stands out there that have been very public. When HB2 was passed in North Carolina, we had just announced with the then-governor that we were going to put in at least a 400-person operations center into Charlotte. I didn’t realize it would cause the national stir that it did, but we withdrew from Charlotte. And we withdrew because I believe this: I believe—and I think it’s just a fundamental thing. I believe that nobody should be discriminated against in our country. That is, like—that’s what we stand for. That is what we should do. And if it—whether it’s against the, you know, LGBTQ community or whether it’s against somebody for religion or whatever it may evolve to, as I say in my all-employee meetings, maybe it didn’t affect you, but it did affect him. And you know what, you could be him next time. And there’s a slippery slope that goes on here. And so, from my perspective, we need to stand up for those kinds of values.

When the immigration bill came through, you know, I was on TV talking about that I did not feel like that that was actually constitutional, to tell you the truth. And so my view on that was we all have protection. Like, I have locks on my door. You have locks on your door. Actually, when I tried to come in here, it was pretty hard to get in here. (Laughter.) And—

HAASS: Good.

SCHULMAN: Especially if you’re dressed in jeans. (Laughter.) Then it’s really hard to get in here. (Laughter.) Unless you’re, like, carrying food or something. So I would say—(laughter)—so I did that just to get in here.

HAASS: The system—the system works. The system works. (Laughter.)

SCHULMAN: So I believe in vetting. Totally believe in vetting. I am, like, part of the cybersecurity—(laughs)—community, and I’m a big patriot of our country. So I believe in good vetting, and we have good ways to vet. I don’t believe that we should exclude people because of where they’re from or their religion or that kind of thing. I think that’s what has made America great, and I feel that’s what will continue to make us great. And so—and it’s very in standing with the values we have as a company and with the mission we have as a company. So that’s my long answer to that.

HAASS: Thank you. Let me ask one more question and then I’ll open up.

I’m curious—

SCHULMAN: And, by the way, not always easy to do. After North Carolina, I got numerous threats—personal threats, death threats, et cetera. And so you do have to be courageous to go and do it. It’s not—you know, we live in a country that has very deeply held sets of beliefs. But I always try and say it’s not red or blue, it’s red, white, and blue that we need to come together on.

HAASS: So I’m curious: What do you carry in your wallet? Do you carry cash?

SCHULMAN: I don’t carry a wallet. (Laughter.)

HAASS: You are a radical! (Laughs.)

SCHULMAN: I don’t. I never do.

HAASS: Is that because you—well, you can’t have staff with you all the time. So, like, what do you do? (Laughter.)

SCHULMAN: So I carry cash, I carry a credit card, I carry around my cellphone. Those are the things that I think are important.

I think most people misunderstand digital payments for being a substitute for tap-to-pay versus swipe-to-pay. Honestly, that’s a form-factor change. Form-factor changes are not all that exciting. I don’t have a credit card in my pocket right now, but if I did, it isn’t exactly weighing me down. You know, I mean, I can handle it. It’s not so difficult. And when I swipe, it works pretty well, too—except now with the chip thing, which is a bit of a pain.

But—(laughter)—but what’s really happening in the world of digital payments right now is that retailers are fundamentally thinking how commerce is conducted. It used to be that you had online over here and you had in-store over here. But what’s happening is the mobile phone is blurring the distinction between online and offline, and that people—so if I order a Subway sandwich on my phone, right, to skip the line and get some rewards for it, and I pick it up in-store and maybe tap my phone to show it was me, was that a(n) online transaction or a(n) offline transaction? It was both. Sort of commerce is just becoming commerce. Those lines are blurring. And what retailers are beginning to find out is that over 60 percent of the retail journey begins with a mobile phone.

And what was really interesting to me, this last holiday season was a big tipping point: for the first time in the holiday season, more sales were done online and on mobile than were done in-store. So it was actually a great season for retail. I think it was like 5 percent sales. But in-store it was like 2.8 (percent), and mobile/digital was like almost close to 20 percent.

HAASS: Tis the season to be mobile.

SCHULMAN: So—yeah, it really is.

And retailers have to reimagine how they sell to consumers right now. It’s not going to be how do you take a storefront and, you know, merchandise in that storefront to attract people in. That’s not going to—that’s not going to be the way of the future. It’s basically going to be I know who you are, you’ve registered with me, I know where you are, I know what blog sites you’re on, et cetera—it’s probably your website—and I’ll bring inventory to you where you are online so that you can shop, and then from my store I’ll probably ship or have you come in, whatever it may be.

So that’s going to fundamentally redefine digital payments, that value proposition change. And so, for us as a company, we had to fundamentally shift from just being a button on a website to really being the fundamental underlying platform—technology platform that retailers are writing their applications on top of. We’re doing 100 percent processing of transactions through APIs and toolsets, contextual commerce, rewards integration, credit integration, et cetera, so that they don’t have to worry about the compliance and security piece of it, but we let them write the applications that get them closer to their customers.

HAASS: Well, actually, I am going to ask one last question because when I was reading preparing for this—so, out of your 200 million people, a lot of them keep some cash on hand in, I guess, the equivalent of an account?


HAASS: And you don’t pay—they don’t derive any interest from that, correct?


HAASS: So it’s not a—it has no investment quality to it. Why not? Why wouldn’t, in a sense, you become one-stop shopping, and that you become—I mean, it’s kind of like you walk like a duck and quack like a duck, but you don’t call yourself a duck. What’s holding you back from being a banking duck? (Laughter.)

SCHULMAN: Well, first of all, in Europe we are a bank. We’re one of the biggest. We’re a very large bank in Europe. We hold—don’t quote me on this—well, because you will quote me on it, I won’t say it. So—(laughter). We owe billions and billions of dollars of customer funds on our—on our platform. We do it out of our—out of our bank in EMEA.

Here in the U.S., we’re basically a—we’re regulated by all 50 of the states through state money transmittal licenses. You can do pretty much most of the things that you can do through state money transmittal licenses overseas, where you work out of the Singapore Monetary Authority.

So the world is going to change on that. It is going to go digital, for sure. I think that—and the way to really do this, from our perspective, is to partner with financial institutions around the world to figure out what’s the best of the assets that we have and the best of the assets that they have, and how do we work together to actually promote the digitization of cash? Because cash is an incredibly inefficient medium. Governments don’t like it. There’s a lot of fraud associated with it, a lot of crime associated with it, et cetera, a lot of leakage in the system around it. And, you know, we’ve kind of opened up to be an open platform so that we can work with partners around the world to be allies in the war against cash and the movement towards the digitization of cash.

HAASS: I could go on, but I will exercise rare self-restraint. So let’s open it up. We’ve got about 20, 25 minutes to raise any issue that we have or—have. And just wait for a microphone. Let us know who you are.

Sure. You have microphones? Oh, you do have one already. You’re way ahead of me. (Laughter.) You brought your own microphone.

SCHULMAN: That’s impressive.

Q: I sat in the right place.

SCHULMAN: That’s impressive.

HAASS: Yeah. (Laughter.)

Q: Anyway, I’m Craig Charney from Charney Research.

We just did a global study of payment means. And we found an interesting surprise, was the role of Bitcoin and virtual currencies. We found they were much more widely used, both by—particularly by executives, but also by consumers—and also much more widely accepted by companies than we’d expected. So I’m wondering both what you’re seeing in terms of trends of that and particularly in the international commerce sphere that you mentioned where virtual currencies would have particular appeal.

SCHULMAN: Mmm hmm. It’s another good question. So the most famous of these digital currencies or cryptocurrencies, as they’re called, is Bitcoin. But there’s a lot of them. There’s Ripple, there’s—there’s a bunch of different cryptocurrencies out there. And cryptocurrencies are not governed by any one regulatory body or any country. They’re not fiat currency. They’re governed by algorithms, basically. And algorithms that are not subject to oversight, per se, of various countries. So they’re very, very different, very libertarian in some ways. And they allow for somewhat anonymous transactions to occur. I say somewhat, because there’s a record of all of them. But they’re more anonymous than a number of other ways that most governments want this to be.

Typically, a lot of this has been used for criminal activity. And you know, if you go onto the dark web or Silk Road or a number of other things, this was the currency of the realm of those. And there you could buy whatever you imagination can think of. And it’s pretty low, low, low, low stuff. So there’s been some issues around that. And government have looked at how do we regulate it, but difficult to go and do. There are two parts to a crypto currency. There is the currency and then there’s the underlying protocol. The currency itself is typically more today of a commodity than it is a currency.

I’d be curious to see your results on it, but most retailers don’t accept Bitcoin for more than just a minute, if they accept it at all, because it fluctuates so much that let’s say, you know, you’re a typical retailer and you got maybe a 5 percent margin. You know, you could accept Bitcoin and it could move 5 percent in a day or certainly in a week. And it moves all over. So what you do if you’re a retailer is you immediately translate the Bitcoin into fiat currency, and you pay, like, a 1 percent fee to go and do that. So the hope Bitcoin being a lower cost or any cryptocurrency being lower cost goes away when the currency becomes more commodity-like. And a lot of what you said—(inaudible)—is because people are treating it as a commodity. They’re buying it, hoping it goes up in value, and then selling it to somebody else, like you would gold or something else.

So you’re not seeing much of it, except on more—I’m not saying dark web—but I’m saying more towards that end of the spectrum than towards this end of the spectrum for cryptocurrencies to be accepted. But underneath the idea of a cryptocurrency is a protocol called blockchain, that everybody’s heard about. Blockchain is a distributed ledger that’s done through algorithms where every single transaction is recorded and marked, and everybody holds that distributed blockchain. It’s not in one location. It’s actually distributed. And that’s a very, very, very interesting set of protocols around there. Theoretically you can reduce—you can take out middle men from there and reduce the costs of transactions. And in international transactions, there’s a lot of middle men that go on, which increase the costs of a transaction.

And international remittances are a bit part of the GDP of a lot of developing countries. And if you can reduce the cost of that and get more of the actual remittance to the individual receiving it, that’s of benefit—societal benefit, for sure. So there are people that are looking at blockchain as a cost mitigant. But there are a lot of people that are looking at blockchain in very, very innovative, different ways, where you can think of blockchain in identity, how do you divide up identity in different ways where there’s keys that now are used that are much more secure than the ways that we’re looking at it, a number of different transactions whether they be who holds a deed in what way. I mean, this is completely distributed. And once it happens, it’s guaranteed on there.

So the—some people think about—there’s TCIP that underlies the internet, right, that’s the fundamental protocol of the internet—that blockchain will be the new fundamental protocol of the financial services industry as you look forward. I think it’s too early to make that call. There are a lot of people who have been playing around blockchain. We’re playing around with it. We accept Bitcoin through Coinbase, which is a wallet, doesn’t—not to bore you with it. But we are very, very early innings yet on it—very early innings. And we will see what happens with it. There’s promise—a lot of promise in blockchain. We’ll see what happens with cryptocurrencies as we go forward.

HAASS: Shane?

Q: Thanks. Shane Green from TeamData.

I was intrigued by how you described the convenience and the security of the one-touch process. Why doesn’t that happen for all data-related transactions? Why can’t I apply for a mortgage in that way? Or why can someone just because they have my mother’s maiden name and my Social Security number open a credit card in my name somewhere else? So both, you know, why can’t the world just be one touch and kids do summer camp, whatever, applying to the Council on Foreign Relations, other than the essays or whatever—(laughter)—there’s no essays, obviously. But the point being, why can’t we apply for any type of transaction using our data having the same methodology? It just seems like you’ve really nailed it, and it is getting easier to figure out when it’s fraudulent?

SCHULMAN: Yeah. I think eventually that is the way that the world will go. It will be based on not who you say you are, but what you do. And the—such meaty issues on all this stuff. It’s so fun to wrestle around with it. But the key to that is having a tremendous amount of data and information, right? If you don’t—for instance, the world’s most famous algorithm right now is Amazon, if you bought this you’ll like this, right? But if you only have, like, three pieces of data about you, and a couple of other things, it would be an incredibly inaccurate algorithm.

And the way that I think about algorithms, if those re the weapons that we are deploying in this new cyberworld that we’re moving towards—whether you want it or not, I mean that’s just the way it’s moving. Everything is run by software right now—everything, dams, elevators, your cars, commercial airliners, financial system, the power grid, everything. So if the algorithm is the weapon, the ammunition that makes it powerful is data. So the more data you have, and the better quality, the better signal-to-noise ratio of that data, the more powerful your algorithm is. Not everybody has the amount of data to be able to actually do accurate algorithms to more accurately assess who you are based on what you did versus who you are based on who you say you are. And it’s also sophisticated modeling, very, very sophisticated modeling. So that’s the answer to that.

I’ll just open it up it up a little bit more, just to make everybody even more uneasy about things. (Laughter.) So as you think about a world that’s driven by data and driven by software models and algorithms, there are a lot of really questions that we need to struggle with and think about as a society and as governments, because the more data you have, the more accurate you are. And if you’re trying to think about terrorism and you’re trying to think about what bad guys can do, it’s actually quite important for the government to have as much data and information as they possibly can have to identify this—you know, this errant behavior that’s going on.

But we’re private citizens as well. We treasure our privacy—at least, many of us of our generation do. I’m not sure that my kids do, because they share everything. And I think there is a generational divide on that. But how we think about this combination of algorithms that are meant to protect us through identity and algorithms that—through identity theft and other bad things that can happen to us—versus our privacy as citizens is something that we wrestle with. We wrestle with it in the valley quite a bit. The government wrestles with it quite a bit. And it’s unclear exactly what would happen.

Now, typically, if I tell you—like, you’re a private—very private person. You don’t want to give up most of your data. But if I tell you that a family member could be saved that’s being targeted right now, you’d probably give up all of your data to go and do that. And that’s the struggle that people have. I mean, there’s some, like, life and death things that we struggle with as an industry and as governments that go beyond what you just said, but are the next logical extension of that.

HAASS: Sure. David.

Q: Thank you. David Trulio, Lockheed Martin International.

So I want to pick up on what you just said and your earlier comment about the war on cash. How do you address concerns about privacy and personal liberty when if we get to a cashless society the government, your company, others will know everything people are spending on? That makes a lot of people very uneasy.

SCHULMAN: Yeah. How do I say this? (Laughter.) We already know everything.

HAASS: You already know? (Laughter.) Again, you’re so reassuring. (Laughter.)

SCHULMAN: You have an E-ZPass?

Q: I don’t.

SCHULMAN: You don’t? Good. (Laughter.) Most do. But it doesn’t really matter, because there are cameras everywhere. So you have a license plate, I’m sure, on your car. Yeah, you have a smartphone that’s tracking you all the time. So this is a new world that we live in. And the question is, how do we use data the right ways to enable us to do the things that we want to go do. And by the way, I also know how to stop fraud 100 percent. I’m going to give you my secret of that. Do no transactions, all right? (Laughter.) Then you stop fraud 100 percent. It’s a matter of friction in the process, that is really what you always struggle with. The more data you have, the less friction it can be for you—to enable you to do what you want to go do.

And, you know, this is a thing when we’re like, what? Our—there’s a lot of government-private stuff that goes on. These are questions that we really wrestle with—really, really wrestle with. But there’s so much data and information out there right now. I mean, I think, you know, everybody saw this because of all the last election and stuff. But, you know, Facebook has got 2 billion people on it now, maybe more. And you know, the analysis of your likes can easily be a predictive indicator. And not that many of them, and we’ll know you better than your significant other knows you. And with not that many. And with, like, 120 we know more about you than you might know about yourself, or be willing to admit.

So there’s just—I’m pointing out, there’s a lot of this going on. I mean, governments can do, you know—you know, we do weather forecasting? You can do attitude forecasting, right, in a country and in a region, by looking at what’s trending on Twitter, who’s doing it, what’s going on. There’s a tremendous amount of stuff that’s going on right now in our world, besides the fact of all the stuff that we talk about, populism and, you know, the rise of this and that. But overlay on top of it the rapid explosion of data and information and software and algorithms and, you know, it’s just like your nanny cam, all of it—it’s all the Internet of Things we have to be careful about as well.

That was the thing that brought down the internet a couple months ago, was the attack on the Dyn service provider here, or the DNS service provider, that used basically nanny cams and refrigerators and other smart—things that didn’t really have sophisticated security around it to become a bot network, sort of a robot attack vehicle that brought that down by just going after it. So, by the way, it doesn’t really—to tell you the truth, it doesn’t really depress me one way or another. It just is what it is. We’ve got to figure out as a result—I mean, I think when the telephone was introduced, everybody thought that was the end of all social, you know, interactions that would go on with people. We figure it out. It’s just that things are moving very, very quickly in the world, and we’re very, very connected on it. So we’ve got to figure out the right ways of doing it. There are some really beautiful ways of doing it that are helpful. And there are things that could be more dangerous in the world as a result of it.

HAASS: Sure.

Q: Rick Niu from C.V. Starr.

You mention Alibaba and Tencent. I wonder if you could comment on, in your view, what the similarities and differences between PayPal and them? Do you view them as, over time, international competition? And also, conversely, what is your thinking about entering into growing your business in China? Thank you.

SCHULMAN: Mmm hmm. So China’s one of the most dynamic markets in the world around digital payments, if not the most dynamic. It’s incredible to watch. India’s trying to do something very similar now with demonetization. And they have an amazing plan as well. Whether they’ll be able to work it through, I don’t know. But it’s a very thought-through plan, from identity to a software—basically a government software stack to enable digital payments going forward. It’s incredible.

So there’s all sorts of explosion of growth going on in the Chinese market. And Tencent, Alipay, BiduPay is the other big one there, are all hundreds of millions-plus of people on their platforms connected into hundreds of banks, and very much the same vision that we have. Also, look at the totality of somebody’s financial life on that platform—investments, savings, the ability to store offers, identity, all of that on those platforms, quite robust.

And we do a ton of stuff with Chinese merchants exporting out of China to the 200 million or so of consumers we have. I think we do somewhere around 35 to 40 percent of all Chinese exports—online exports B to C come through the PayPal platform. So we’re a very large player in the lubrication of trade between countries outside of China and Chinese merchants. We have no domestic presence inside China, but we have a very strong cross-border trade.

I do think inevitably—and you’re already beginning to see it—Alipay and less so Tencent but a little bit now more, are coming outside of the Chinese market into Southeast Asia and other places. And I think a couple things always happen in these things. One, you see how successful somebody is moving out of their own markets into others. Two, you either can do some really interesting partnerships—and that’s been our model for quite a bit, of learning how to cooperate as opposed to compete and what are the assets we can bring, what are the assets they can bring, and how do we work together. Or, potentially, we complete at some point in the future as well.

But those are the—those are the possibilities. I’m not giving you anything you didn’t know if you had thought it through, but that’s what we think about a lot.

HAASS: We’ve probably got time for one last question. See, you’ve—anything you wish we’d asked that we hadn’t?

SCHULMAN: Maybe, like, what a great job this has done and really, you could wrap up early and—(laughter)—cover the waterfront pretty well.

HAASS: No, you were supposed to speak for several minutes about how much you admire the Council, but—(laughter)—

SCHULMAN: Oh, right. Right, right, yeah.

HAASS: Actually, well, if I’d had the clicking device—oh, we have a question. OK, sir, you get the last question. And then if we had the clicking devices here, I’d ask you all one final question as a chance to show him that you’ve really picked up your game. And looking at the two of us, which one do you think looks more like someone who runs a Silicon Valley company—(laughter)—as opposed to who’s the uptight guy who runs the establishment Council on Foreign Relations? (Laughter.) I bet 60 or 70 percent of you would get that right based on—(laughter). OK, you get the last question, sir. (Laughs.)

Q: I think you’ve partially addressed this, but since there was a moment—Susan Shultz, The Board Institute.

What is the next major disruptive innovation that you expect?

SCHULMAN: Well—(laughs)—if you live in the part of the world that I do now, there’s all sorts of things that people are thinking about. And it goes something like this: That we move into a more virtual reality world. And that virtual reality world is—we call it augmented reality. That’s probably the way that it moves, as opposed to—virtual is you just wear a screen and we’re in Paris, but we’re interacting, but we’re—but we’re wherever we want to be, but it’s fully virtual. Augmented reality is you wear glasses or contacts or whatever it may be, and I see you, but I also see the data about you. I could also, like, change your suit color in my own mind and just see what you look like. I could put a rug on here and just see how it looks.

HAASS: Actually, can I disagree with you for a sec? We call augmented reality—that’s what we call happy hour here. (Laughter.)

SCHULMAN: That’s a better augmented reality, honestly. But anyway, so that starts—that starts to happen. And then, you know, it moves from these goggles or glasses into contact lenses, into, you know. Then if you talk to the most out-there, it goes into what’s called neural lace, which is, like, actually, you know, starting to really like machine body integration that goes on. And people are really thinking about that and actually driving it. It’s going to be 20, 30, 50 years from now. But honestly, that’s not that far away. I mean, that’s, like, next generation that starts to think about that.

So those are the things that people are really thinking about, is that pretty much—that smartphones actually go away. They become integrated into you. You’re already seeing—I read an article the other day where some company is, like, doing chips in their employees’ bodies to, like, get into the building and do different things. I mean, it’s weird right now—(laughter)—but—

HAASS: Could you send me some information on that? (Laughter.)

SCHULMAN: (Laughs.) Yeah, I could. But anyway, that’s—as you think about things, it’s sort of, I think, virtual, augmented, and then the beginnings of some—of more of a software and the human starting to interact much more closely together. But we’ll—I think that will likely occur, but it’s—you know, there’s a long ways to go before that happens. So we don’t have to worry about it right now.

HAASS: So, in less than 24 hours we’ve gone from bombing Syria to augmented reality. I want to thank Dan for walking us through this. And it’s—again, this is, in some ways, a broader definition of the kind of things that you would expect at the Council on Foreign Relations. But listening to you, I’m more persuaded than ever we got to go there. We can’t simply do bombs and diplomacy and this sort of narrow things. The agenda just is so much broader. And what Dan and his colleagues are doing, it’s just—this is a real driver of what is going to—what is taking place. So I’m glad we were able to do it.

I want to thank all of you for giving us some of your time, the last day or so, and hope you feel you’ve been rewarded. I want to thank you also for giving us your time throughout the year. This is an important—it’s one of the most important things, I believe, we do. We have individual members, we try to hit various constituencies around the country. And the corporate community is obviously extraordinarily important to this institution. In return, we hope this institution and what we do is important to you.

I want to thank Suzanne Helm and Aimee Carter and their team for all the work they did in pulling this conference together and in making the corporate program one of the flagship programs at this institution. And again, I want to thank Dan for his perseverance in getting here. And your reward—actually, you already had your reward, which was hearing, I think, one of the most creative people in this or any other business. But your secondary reward is there’s lunch being served, where? Upstairs. And it’s a chance to do what we try to preserve some time for at this conference. It’s a chance to talk with and get to better know one another.

So thank you all. And thank you, sir. (Applause.)



Explore More on CFR

Southeast Asia

The U.S.-Indonesia relationship has often disappointed. It’s time to rethink U.S.-Indonesia ties and try to achieve real security goals, rather than make bold plans for cooperation that never come to fruition.

European Union

European leaders are rushing to implement new laws to curb disinformation on social media. However, existing European data protection laws might actually make it harder for bad actors to spread fake news online. 


The Atlantic's Julia Ioffe joins CFR's James M. Lindsay to discuss Russian president Vladimir Putin's political goals.