Thank you for Subscribing to CIO Applications Europe Weekly Brief
Universal Digital Identity- How to Get it Right?
By Dr. Michael Gorriz, CIO, Standard Chartered Bank
Therein lies the challenge for banks, technology companies, and governments – how to make it easier and safer for people to identify themselves online, whilst at the same time allowing them to have control over and give consent for the use of their own digital identity.
These days, you are asked to create a new login when you apply for each new service, whether it is online shopping or food delivery. So, you potentially have to log in your details a few times a day and remember multiple passwords. A universal digital identity for everything would make life much more convenient. In a scenario where everyone has a universal digital identity, passports, driving licenses, birth certificates – documents that identify us in the physical world will no longer be necessary. A business trip or vacation would be a seamless experience, where passport control may no longer be required, and banking services such as overseas transfers and the opening of accounts will be a breeze because of robust and trustworthy KYC (know your customer) processes.
Some governments have already taken the lead on this as part of their development of digital economies. With Singapore’s roll out of the MyInfo one-stop database of personal data, citizens can apply for government services or open a bank account without having to fill up multiple forms or provide supporting documents. It is convenient for consumers and efficient for banks and government agencies.
India’s ambitious Aadhaar project provides a unique ID to each of the country’s 1.2 billion citizens so they have access to vital healthcare services, education, and government subsidies.
Any Universal Identity System Should Allow the Ownership of Personal Data to Lie With the Individual
It is a key driver of socio-economic development and ensures government benefits directly reach unbanked pockets of the population.
The Role of Financial Institutions
More than ever, banks need to give their customers a seamless experience that is easy and convenient. The development of a universal identity system needs robust processes to recognise and authenticate a person’s data. The system also has to work for a myriad of institutions with complex, interconnected operations across different geographies. Financial institutions including banks have traditionally performed the role of custodians of data as they collect and verify identities when customers transact with them. They also have established cross-border operations. With banks already acting as stores of customer data, financial institutions are well-positioned to support the creation of DI systems.
Additionally, banks are naturally incentivised to collect accurate data because the viability of their business depends on it. For example, banks cannot open an account or approve a mortgage if they do not have accurate information about the applicant’s income, credit worthiness or employment.
New anti-money laundering directives and KYC rules mean that regulators also expect financial institutions to maintain high standards for identity verification of new and existing customers.
Who Owns the Data?
Any universal identity system should allow the ownership of personal data to lie with the individual. It is analogous to the individual owning their own identity store, and he or she choosing what information to share to gain access to services. For instance, a drink at the bar may involve a QR code scan showing you are over the legal drinking age, whereas a bank account opening will require employment, credit histories, and residential information.
As companies explore different technologies that allow the consumer to have control, Blockchain -the distributed-ledger technology behind the digital currency Bitcoin - has been seen as providing a potential technology solution. With about half of the world now connected to the Internet, having a digital identity is, in some quarters regarded as a fundamental human right because proof of identity is required for people to gain access to a range of rights and services such as healthcare, education, and financial inclusion.
Achieving a universal digital identity would have many advantages but making it work would require cooperation among financial institutions, governments, technology companies, and many other parties. The benefits in terms of cost, time, and user satisfaction are so great that we are optimistic that a comprehensive and holistic solution may not be too far in the future.
Security is Only As Good As Your Weakest Link
Sam Schoelen, CIO, Continental Resources
Taking Holistic Control of Your Enterprise's Security
Jaya Baloo, CISO, KPN