Whether it’s for opening a bank account, e-Commerce shopping, filing taxes online, or onboarding a multitude of new digital services, identification is fundamental to establishing the individual’s legitimacy and trust.
Even as Covid-19 has greatly impacted our economy, it has revealed immense opportunities in terms of how we live, work, and play. Today, hundreds of millions of us are staying at home, transacting remotely, and embracing digital services.
Mass adoption—a sudden step function—is happening across technologies, from video conferencing to cashless payment to digital services. Overnight, our homes have transformed from a family space to our office, health clinic, retail store, school, theater, gym, and bank. Yet the infrastructure to support this change is only beginning to be established.
Take security, for instance. With so many people now interacting digitally with retailers, service providers, and governments, there is a greater need than ever to establish a trusted identity that both businesses and consumers can truly rely upon.
Digital transformation accelerated by Covid-19
The pandemic forced companies to switch to remote working at an unprecedented scale and pace due to safety requirements of socials distancing. Similarly, consumer behavior has radically changed. It took eCommerce a decade to grow from 6% to 16% of retail sales; over the past few months, it skyrocketed to 28%.
In the financial sector, there was an amazing 72% rise in the use of fintech apps in Europe as banks shut down branches, forcing consumers’ transition to online.
Digital servicing is also playing a more prominent role in health and medicine. Forrester Research estimates that virtual healthcare interactions will climb to 1 billion by the end of 2020, representing a massive increase in telemedicine usage since the start of the pandemic.
Many of these changes are here to stay. Of course, it is critical that consumers and businesses are able to securely access and offer various digital services with trust and confidence. However, the expected massive increase in volume due to Covid-19 opens up a Pandora’s box in terms of security risks. In an increasingly digital world, how can we remotely establish our digital identity in a manner trusted by our banks, mobility, and healthcare service providers, governments, and employers?
Digital ID: building tust remotely
Digital Identity spans the full lifecycle of online relationships:
- Initial identification – “Who are you?”; upon registration of a new customer, the service provider needs to verify the identity of the newcomer.
- Repeat authentication – “Are you really customer X?”; the service provider needs assurance it is truly the right consumer that is trying to log in again.
- Authorization – “What are you allowed to do?”; once the consumer has logged in, the service provider needs to ensure access is granted to permitted services only.
Whether it’s for opening a bank account, e-Commerce shopping, filing taxes online, or onboarding a multitude of new digital services, identification is fundamental to establishing the individual’s legitimacy and trust. The process of verifying identity has traditionally been in-person, such as showing a driver’s license or passport to a human agent. Digital transformation accelerated by COVID-19 has underscored the need for new digital verification methods.
There are different alternatives for remote verification, and each offers a different level of assurance. Reference transactions, for instance, can confirm a person’s identity by asking the consumer to transfer money from an existing account under their control, as a method of proof. Another method leverages AI to match your selfie with an ID card, coupled with a liveliness check. Lastly, the future lies in electronic identity cards (eDI) that will allow you to prove your identity with the highest level of assurance (a great example is the EU’s eIDAS).
Once the consumer is identified and onboarded, a username/password are used for authentication at every login session. However, remembering as many as 100 sets of credentials can be challenging.
Fortunately, large platform players allow us to conveniently use social network credentials for Single-Sign-On (SSO) across multiple apps and websites. Startups such as Dashlane and 1Password offer password management solutions. Secret Double Octopus takes it to the next level with a passwordless solution for enterprise environments.
Where do we go from here?
To fight fraud, additional biometric capabilities can be applied, such as behavioral biometrics by BioCatch that can track digital behavior throughout the engagement. However, the adoption of digital identity gives rise to privacy concerns, whether regulatory (#GDPR, #CCPA) or consumer driven. Likewise, dedicated password management solutions offer convenience but they may need to store our sensitive data on servers. And lastly, as governments adopt eID, concerns around centralized biometric-identity stores are growing. In the current scheme of things, there is a precarious balance between convenience and privacy/security.
We believe technology can be harnessed to offer the highest level of identity assurance for remote transactions while allowing decentralized storage of our most sensitive and valuable data—our digital identity credentials.
Given the dramatic step function that is happening in technology right now, digital identity is perfectly positioned to secure our rapidly changing landscape. As the world evolves down the path of digital transformation, there is greater need for trusted digital identities. Whether it’s shopping online, conducting banking transactions, or engaging with government services, digital identity can provide a seamless digital experience that will shape generations to come and make our world a safer place.
Dede Goldschmidt is VP & Managing Director at the Samsung Catalyst Fund
This article was originally posted on www.calcalistech.com on July 26, 2020.