Digital wallets are a hot topic amongst identity and payment professionals. Google search brings 638 million results for the term “mobile wallet”. European Union prepares new eIDAS legislation introducing identity wallets to all EU citizens. Many companies are planning or launching new wallet propositions for consumers. All are signs of change coming in how we use our digital identity, onboard and authenticate to services and approve payments.
Like their physical counterparts, digital wallets come in many forms and shapes and cater for different needs and use cases. This text focuses on commercial wallets – wallets issued by companies for business purposes with or without government certification but fulfilling necessary identity and payments regulatory requirements.
I aim to share an understanding of why identity and payments merge in wallets and how this will change the way we use and pay for digital services. I will discuss the shape of future wallet ecosystems. Further writings will dive deeper into the roles and relationships of different players within these emerging wallet ecosystems.
Four questions have been under intense discussion concerning wallets:
- How fast will wallets scale with users?
- What are the business models for wallet issuers?
- Will they remain centralised services or become decentralised and user-controlled?
- And to what extent are they interoperable based on open standards vs walled garden business ecosystems?
The answer to these questions heavily depends on what is defined as a commercial identity and payment wallet. Depending on the definition, millions of wallets are already being used within mobile (neo)banking, payments and cryptocurrencies. Or none, as the regulation is still a work in progress. Some likely outcomes are proposed for centralisation, market scaling, business models and interoperability. Alternative models will be tested in the market before successful ones emerge as winners.
# Why do identity and payments merge in wallets?
“Identity is the new money”, stated David Birch in 2014 (according to his book by the same name). He argued that technological change would impact both identity and payments and eventually merge them– payment authorisation becomes an identity transaction followed by money processing.
Early forms of identity and payment wallets have been around for years. Good examples are mobile banking apps with a strong electronic identity, like Nordic Bank IDs. Crypto wallets combine ownership of digital tokens and the ability to trade them. Google and Apple wallets store tokenised credit cards, tickets and other credentials in mobile phones and use biometric authentication to confirm transactions.
# What makes an identity and payment wallet?
The new breed of digital identity and payment wallets go much further in merging identity into payments. First, they onboard users with strong identity proofing and KYC, fulfilling both identity and financial regulations (regulations such as DSA & DMA, eIDAS, PSD2, AML & CTF, and EBA guidelines). This powers frictionless account creation, with user consent, for new services as well as strong authentication when returning to them. Second, as the wallet has integrated payment instruments, users can use biometrics to check out and authorise payments with minimum friction. Third, users can sign agreements with legally binding digital signatures using their wallet credentials. Fourth, they allow the collection, storage, presentation and verification of user attributes, credentials, and tokens necessary for seamless digital user flows within the wallet’s scope. Fifth, users can manage their relationships and privacy by giving or revoking consent from services or closing the whole wallet in case of a lost or stolen device. Sixth, wallet issuers can monitor and manage users, service providers and transactions between them to protect against fraud within the ecosystem. And finally, the wallet and its assets should be recoverable through a failsafe process when needed to avoid loss of identity, money, credentials, and transaction history.
Combining mobile wallet app functionality seamlessly with strong identity and payment instruments creates a superior package of benefits to help wallets outcompete currently separated identity and payment solutions.
# Outcompeting existing identity and payment solutions
The best user experience usually wins the game for hearts and minds. Users demand minimum friction, simple and predictable user flows and free services with no direct visible costs. Onboarding into new services from scratch is a major source of friction and drop-out (access our Battle to Onboard 2022 report). Wallet users are obliged to undergo strong identity proofing and KYC process for risk and regulatory reasons. Being able to reuse this onboarding, with user consent, in other services improves user experience, increases take-up and reduces costs and risk for service providers. Also, check-out and payment can be streamlined for wallet users.
Security is a key requirement in all identity and payment systems. The risk of identity theft and payment fraud are interlinked. Fraud is more than just a business cost - it erodes user confidence and reduces engagement. All participants need high security with minimum friction. It is best achieved when identity and payments are combined and transaction information flows across a well-managed wallet ecosystem. Fraudsters can be quickly identified and neutralised.
Regulatory compliance is a challenge for all participants. Both identity and payments are heavily regulated in a partially overlapping way. And both regulations are evolving rapidly. Compliance can be achieved with less friction and cost by combining identity into payments. Launching the same wallet solution for large user groups across multiple countries gives the wallet issuer scale benefits in development and certification.
Developing new identity and payment solutions requires significant investment into development, market entry and growth. Winning ecosystems can reduce unit costs and depreciate them across a large base of users and transactions. Identity proofing and user onboarding are expensive, so re-usable onboarding brings significant cost savings in addition to improved user experience. Returning user authentication, payment processing, and fraud monitoring also add to costs that must be covered – usually by merchants from their slim retail margins. Integrated wallet ecosystems are cheaper to develop and maintain than separate systems by each merchant.
Improvements in user experience, security, regulatory compliance and cost bring new wallets a sizeable advantage in challenging existing solutions. These advantages are further amplified when the ecosystem grows bigger. Seamless user flows increase engagement and transaction frequency. Centralised risk management reduces friction and fraud costs, further enhancing wallet growth. More users bring more merchants and other services, creating strong network effects and “winner takes all” economies.
# The shape of future mobile wallet ecosystems
# Monetising data
Fintech development and ever-faster and cheaper data transfer have introduced competition and new payment solutions. Today there are multiple alternatives to account transfers and credit card payments, like instant payments, cryptocurrencies, and consumer credit (BNPL, Buy Now Pay Later, i.e. consumer credit granted at the time of check-out) alternatives. When the payment cost becomes lower, the value of the payment information becomes relatively more valuable. Google search is a valuable indication of buying intent and earns billions for Alphabet. For merchants, even more valuable is to have direct access to new customers and their information profiles and the ability to offer them check-out and payment with minimum friction.
# Transforming onboarding
Especially ripe for transformation is the onboarding of new users into services. The success of eIDs (i.e. strong electronic Identities, such as Bank IDs, Government IDs or Mobile IDs in several European countries) is a good proof point. User experience and security improve whilst cost is cut to a fraction compared with document-based identity proofing from scratch. Mobile wallets will become powerful eIDs offering a seamless onboarding experience with a comprehensive user attribute dataset. This reusable onboarding will also be extended into reusable digital signing.
Successful future wallets will collect, hold and transmit user and transaction information across their networks – and monetise it with user consent. Users probably continue to be OK with this as they get a better experience and free services. Merchants benefit from low-friction access to potential customers, save costs on onboarding, achieve higher success rates on checkout and faster payment processing. These benefits come with a price tag set by the wallet issuer.
# Generic and niche wallets
Often digital wallets are first thought of as generic identity and payment solutions for all users. This could well be what Apple and Google aim for. But there will also be country and ecosystem-specific “niche” wallets, where the functionality is tailored to the needs of the specific country or domain. Examples of this can be travel loyalty wallets, consumer finance or local retailer wallets. Or any other niche with a strong B2C or B2B ecosystem or loyalty programme that is in place today.
# Centralised or decentralised wallets
Where is the wallet? Does it reside on the user’s mobile phone, or is it located on the wallet issuer servers in the cloud? Decentralised identity (SSI, Self-Sovereign Identity, i.e. Identity that is controlled by the user and no one else) and blockchain-based cryptocurrencies challenge traditional centralised data architectures and central-bank-issued fiat currencies. Decentralisation has promised user control, privacy and a more balanced (data)relationship between different parties. Crypto payments may offer a better payment experience, instant settlement and lower transaction costs.
Full decentralisation suffers from several drawbacks. For users, it means that there are no safeguards. If you lose your wallet device or it gets hacked, there is no way to revoke credentials or reclaim ownership. And it is hard, if not impossible, to use information for the benefit of improved user experience. For the wallet issuer, it means fewer opportunities to hoard and monetise information flowing in the ecosystem, thus creating the need for other types of direct charges for users and merchants. Also, it can be challenging to comply with regulations in fully decentralised architectures.
Due to these benefits and drawbacks of decentralisation, a compromise relatively close to the current situation will likely remain the norm. Users insist on having some control over using and sharing their information, and General Data Protection Regulation demands user consent. At the same time, users are keen to share their information to improve the experience, reduce risk and get “free” services. Wallet issuers aim to maximise the monetisation of user and merchant data - and they set the rules. Therefore, future wallet ecosystems will be more centralised than most of us prefer—fiefdoms with wallet issuers setting the laws, acting as police and court of law.
# Interoperability vs walled gardens
Interoperability between wallets is desirable for users, as it broadens the usability and allows better switching of service providers, increasing competition. For wallet issuers, the aim is to lure in more users through easy switching and keep them locked within their ecosystem as long as possible. So standardised interfaces and partial interoperability can benefit user and merchant growth. But walled gardens are likely to prevail, limiting the export of data, credentials, transaction history and switching of providers. Examples of this can be seen in the early internet browser wars or current instant payment schemes.
The prize for successful wallet issuers is large, so large that many will attempt to claim it. But the “winner-takes-all” dynamic of network effects means only a few will succeed. All-out competition generally trumps cooperation in this situation. Most companies need to decide with whom to merge, partner and cooperate in the coming “wallet wars” to carve out a niche for a sustainable market position.
Signicat is a major player and thought leader in digital identity. Our aim is to bring identity and trust into digital services, including payments and mobile wallets. Signicat customers include the most advanced and ambitious banking, fintech, payments and crypto companies. We actively participate in two EU Identity Wallet large-scale pilot consortiums, EWC and NOBID.