Offline payments define the architecture of digital money

Crunchfish CEO Joachim Samuelsson argues that offline functionality is now a core requirement for modern payments; the focus has shifted from if digital money should work offline to how a system is built to support it. 

You can explore CBDCs, stablecoins, and tokenized assets in more detail by attending the CB+DC Conferences. Joachim will be speaking at the Amsterdam event on 27–29 October. For those looking to join sooner, there is an upcoming conference in Kuala Lumpur, Malaysia, from 12–14 May. 

Could you tell us more about your professional journey, your role at Crunchfish, and how you became interested in offline payments? 

My career has been centred on building systems that are expected to work - not most of the time, but all of the time. Payments fall into that category. They are not just technology; they are societal infrastructure. 

At Crunchfish, my role has been to question some of the implicit assumptions behind how digital payments are designed. One of those assumptions is constant connectivity. It is deeply embedded, yet fundamentally flawed. 

Offline payments became a focus when we reframed the problem. Not as ‘how do we handle exceptions when the network is down’, but as ‘what does a payment system look like if failure is a normal condition’? That shift changes everything. 

Offline payments have gained increasing attention in recent years. How does the industry currently perceive offline payment capabilities, and where do you see the main gaps or misconceptions? 

The industry is still solving offline as a workaround. 

Most approaches are built on a binary logic: either push value to the edge (immediate offline) or delay validation (deferred settlement). Both originate from legacy thinking, and both introduce structural compromises. 

The deeper issue is that offline is treated as a degraded state of an online system. But if payments are critical infrastructure, there is no such thing as a degraded mode. There is only one question: whether the system continues to function or not. 

The misconception is not technological; it is architectural. We are still designing systems for ideal conditions and patching them for real-world behaviour. 

'Offline payments are still widely approached as a fallback. That framing is fundamentally flawed. As digital payments become critical infrastructure, systems must be designed to function under failure conditions, not just when everything works. The prevailing models for offline payments force a trade-off: either control is sacrificed by moving value to the edge, or certainty is delayed through deferred validation. What is emerging now is a different approach: offline as an architectural choice. Governed offline separates execution from control, allowing transactions to occur locally while funds remain anchored within the financial system. This eliminates the need to compromise between resilience, solvency, and oversight. The implication is clear. Offline is not an edge case. It is a defining capability of modern payment systems. The question is no longer whether digital money should work offline, but whether the system is designed to make that possible.' 

In your recent white paper, you outline three principal offline architectures: Immediate, Deferred, and Governed. Could you briefly walk us through each of these models? 

These three models reflect fundamentally different philosophies. 

Immediate moves money to the user device. It prioritises usability but relinquishes control. In effect, it attempts to recreate cash digitally. 

Deferred keeps money central but postpones truth. It preserves control but accepts uncertainty. You only know the outcome after the fact. 

Governed is different. It separates execution from control. Funds remain reserved within the financial system, while execution happens locally. Settlement is deterministic. 

This is not a hybrid. It is a different category. It removes the core trade-off that has defined offline payments for decades. 

From a technical and operational perspective, what are the key components required to enable governed offline payments at scale? 

At scale, this is not about adding functionality - it is about introducing a new layer in the architecture. 

You need a central reservation to anchor solvency. You need trusted client execution to enforce logic locally. You need a deterministic settlement to ensure that what happens offline is fully reconcilable online. 

But beyond the components, there is a more important shift: governance. Offline introduces controlled execution at the edge. That requires system-wide rules, not just technical mechanisms. 

This is why offline cannot be treated as a feature. It is a structural extension of the payment system. 

Additionally, how does this model address risks such as double-spending, liquidity constraints, or reconciliation challenges? 

Most offline models externalise risk. They push it onto users, merchants, or the system itself - typically to be resolved later. 

Governed offline does the opposite. It internalises and bounds risk upfront. 

Double-spending is constrained by the reservation. You cannot spend what is not already allocated. 

Liquidity is governed by explicit limits, defined at the system level rather than left to chance. 

Reconciliation becomes deterministic. There is no ambiguity, no competing states. The system already knows the outcome - it simply executes it. 

This is the difference between managing risk and designing it out of the system. 

You participated in the RBI sandbox with HDFC Bank and IDFC First Bank. What were the key results and learnings? 

India represents a different mindset. Payments are not seen as products - they are infrastructure. 

The RBI sandbox demonstrated that offline payments can be introduced without disrupting existing systems. You do not need to replace the rails; you extend them with a new execution model. 

More importantly, the conversation in India is ahead. It is not about whether offline is needed. It is about how to implement it at the national scale. 

That distinction matters. It reflects a shift from experimentation to infrastructure thinking. 

How could digital identity frameworks like a digital euro or EUDI Wallet fit into this model? 

Identity and payments are converging. 

In an online world, identity is centralised and invoked on demand. In an offline-capable system, parts of identity must move with the transaction. 

Governed offline enables local execution not only of payments but of trust. Authentication, authorisation, and credentials can be enforced at the edge without losing systemic control. 

Frameworks like the digital euro or EUDI Wallet have the potential to standardise this - but only if they are designed for offline execution. Otherwise, they risk reinforcing the same dependencies they aim to remove. 

What’s next for Crunchfish and the evolution of offline payments? 

We are at an inflection point. 

Offline is moving from the periphery to the core of payment system design, not because of regulation alone, but because of necessity. Systems that cannot operate under failure conditions are not resilient systems. 

Our focus is on enabling this transition - working with institutions that recognise that offline is not optional. 

The broader shift is inevitable. The only question is who designs it - and who adapts later. 

Do you see governed offline payments becoming programmable or integrated with AI once back online? 

Programmability is a natural consequence of structure. 

Once payments are defined as conditional, signed instructions, they can be extended into more complex logic. That includes automation, conditional execution, and integration with broader financial processes. 

AI will enhance this, particularly in managing system-level behaviour - risk, optimisation, anomaly detection. 

But these are layers on top. The real transformation is architectural. Without that, programmability is superficial. 

 

Joachim Samuelsson is CEO of Crunchfish, a deep fintech company focused on the architecture of digital payments. He has extensive experience in scaling technology-driven businesses and working with financial infrastructure. Under his leadership, Crunchfish has developed the governed offline model, engaging with central banks, payment systems, and financial institutions to address resilience, control, and scalability in modern payment systems. 

 

Crunchfish is a deep fintech company developing solutions for digital payments, focused on enabling resilient and scalable offline capabilities. Its governed offline model introduces a new execution layer, allowing payments to function without connectivity while maintaining central control. Crunchfish works with financial institutions, payment systems, and central banks to extend existing infrastructures and support the transition towards payment systems designed for both online and offline operation.