As more and more of our lives play out online, proving we are who we say we are has become a lot more complicated. Read on to learn more about the challenges faced when trying to establish trust online, and learn more about the concept of trusted electronic identity (eID).
Up until recently, proving our identity has been a fairly straightforward process. After all, almost all of us have access to some form of physical identification which we’re able to produce as necessary. Go through immigration and we present our passport or identity card. Hire a car and we hand over our driving license.
But as more and more of our lives play out online, what was once a trivial matter – proving we are who we say we are – has become a lot more complicated. Online authentication is something most of us must do on a daily or weekly basis, yet the physical documents we rely upon in everyday life aren’t much help in the digital world.
As a result, digital identity verification is often cumbersome and inefficient.
When signing up for simple services like social media accounts or a new email provider, users are required to populate a series of online forms with a long list of personal data such as their name, email address, date of birth, home address, phone number, and so on.
Doing this on a one-off basis wouldn’t be much of a problem, but with so many services accessed online these days, users often find themselves repeating this process over and over again – inputting the same information in tens, even hundreds of different locations. Not only is this frustrating and inefficient, but there are other implications, too.
Identity verification is often required for security purposes, yet the irony is that the data users are asked to submit with such regularity is the very same personal information most commonly exploited by cyber criminals.
Additional risk is introduced by the sheer number of different credentials users are expected to remember, along with the various portals and sign in processes that go along with them. It’s no surprise that some users resort to writing passwords down, or that many forget their credentials entirely, particularly for infrequently accessed services. Alternatively, many users simply reuse the same password for all their services, meaning a single breach at a low-value service might compromise the security of all high-value services.
For more complex services like those offered by banks and insurance firms, things are even worse, with strict Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements meaning identity verification procedures are extremely rigorous.
But while the delivery of these services is often entirely digital, the identity verification processes that support them remain stubbornly analogue, working in much the same way they always have. Prospective customers are required to submit their physical identity documents, like passports and utility bills, either in person by travelling to their bank or through the post. And that’s in addition to the endless online forms. As a result, signing up to these services can take days, even weeks, and the processing cost for banks is extremely high.
Unsurprisingly, this outdated and time-consuming approach creates friction, and the impact this has on sales is extreme.
An independent study commissioned by Signicat in 2019 found that nearly 40% of banking applications are abandoned prior to completion. The most often cited reasons for doing so were revealing: the application took too long to complete, or the customer needed to go to a physical branch to complete their application.
These eye-opening statistics come at a time when the rise of agile fintechs, along with initiatives like PSD2 and Open Banking, have created more competition for financial services than there has ever been before. Companies are investing millions in marketing, yet outdated onboarding processes are completely undermining their ability to bring in new customers – even those who are effectively attempting to hand over their money.
Ultimately, businesses are missing out, and consumers are growing frustrated by the sheer number of hoops they have to jump through in order to sign up for the services they require.
At the very heart of all these issues lies a simple concept: trust.
Trust that we are who we say we are online, and trust that the personal information we share with service providers is safe.
Trust online is more than just a nice-to-have or a lofty ideal, it’s a fundamental prerequisite for a truly online digital market. Without it, analogue identity verification processes will persist, consumers will grow ever more frustrated, and service providers will lose out on more and more business.
It’s clear, then, that what’s needed is a method of verifying identity entirely online – a solution that’s capable of removing the final barrier standing between consumers on one side of the equation, and service providers on the other.
In the simplest of terms, an eID (electronic identity) can be viewed as the digital equivalent of the physical forms of ID we use in the real world – only far more versatile.
Much like traditional identification, an eID is a set of verified attributes relating to the holder. These attributes can be shared securely online, allowing individuals to conclusively prove they are who they say they are.
Instead of filling out online forms or submitting documents through the post or in person, eIDs can be used to unambiguously authenticate users online across multiple platforms and services.
Crucially, eIDs are capable of offering the level of identity assurance required to satisfy the most stringent KYC and AML requirements, giving service providers everything they need to confirm their customers are who they say they are.
The implications this has for transacting online are enormous. With trust established simply and quickly, the analogue gap in the onboarding processes is plugged and the scene is set for a truly digital online marketplace.
Simply by using their eID, consumers are able to sign up for services entirely online and friction free. It’s fast, convenient and far more secure.
Instead of attempting to memorize multiple credentials, portals and authentication processes, users can rely on their eID – a standardized login – to gain access to everything they need across both the public and private sectors. Banking and other financial services, insurance, medical, public services – the list goes on and on. Since most users will be using their eID on a weekly or even daily basis, forgotten credentials become a thing of the past.
Being digital, eIDs are also much more flexible than their physical counterparts, allowing users to share only the information that’s required in a given situation. An online gambling site might only need proof of age to give a user access, while an application for a personal loan might require a credit check alongside more detailed personal information – with eID, both of these scenarios can be handled equally easily, and entirely online.
This versatility gives individuals control over their own data, allowing them to transact online while sharing only the personal information that’s necessary, and nothing more.
With trust online established further possibilities open up, including the ability to use digital signatures to sign agreements, contracts and other documents from anywhere in the world. Digital signatures provide legal assurance and also include features that ensure a given document hasn’t been amended after the signature was recorded, making them even more secure than a handwritten signature.
Once again, this not only turns a traditionally offline process into one that can be completed remotely online to save both time and resources, it makes it more secure, too.
And it isn’t just consumers who benefit from eIDs – verified identities offer enormous benefits for service providers, too.
If the time taken to fill out online forms and the amount of personal information required are the two leading contributors to the greater than 50% of online banking applications that are abandoned, it’s a safe bet that banks who remove both these blockers will become far more attractive to prospective customers.
By dramatically reducing the time taken to sign up for services and completely eradicating the need to share physical forms of ID and fill out pages of online forms, service providers help consumers sign up to their services more quickly and easily. eID has the potential to be a huge differentiator, then, with service providers who offer eID onboarding gaining a key competitive edge over rival firms.
Meanwhile, banks and other service providers who must comply with KYC and AML requirements will see the cost of fulfilling their regulatory obligations dramatically reduced.
By introducing eID authentication, long, offline onboarding processes that are expensive and resource-intensive are replaced by a simple and entirely digital equivalent that is orders of magnitude cheaper to operate, while still compliant with customer due diligence requirements.
Ultimately, service providers using eID solutions are able to save money, bring in more customers, and minimize the burden of compliance, while the flip side of the coin sees consumers gain easy access to the services they need, without all the hassle and stress of outdated onboarding processes.
It’s truly a win-win situation.
When eIDs were first introduced, they were typically issued by governments seeking to facilitate access to digitalized public services, and as a logical next step in population registering. But the business case for such schemes was limited, as most users only access government services a few times each year.
Many countries still operate government-issued eID schemes, but these days service providers such as financial institutions and even social media giants are recognizing an opportunity in implementing eID.
It’s financial institutions, however, that are the most logical providers of eID. After all, banks must already gather a great deal of verified information about their customers – why not utilize this process to facilitate the creation of an eID solution? Furthermore, most consumers digitally interact with their bank frequently, on a weekly or even daily basis. Banks also have the requisite IT expertise and are already trusted to protect the sensitive data – not to mention the wealth – of countless millions of customers the world over.
Firms prepared to establish eID services have the potential to realize an enormously lucrative business opportunity, with solutions sold to other service providers as digital service enablers, and consistent revenue generated through each and every signup or authentication.
To many, a frictionless and convenient digital marketplace underpinned by the absolute trust provided by eIDs might sound like an idea for the future.
But the reality is that in many countries around the world, eIDs are already being used by vast swathes of the population to enjoy exactly the kind of secure and simple digital life discussed in this paper.
In the next blog in this series, we’ll take a look at some of the examples in a little more detail.
Chief Marketing Officer at Signicat
February 18 2020