18 February 2022
CEO, Digital Identity Net
Digital identity hit the headlines in the UK towards the end of 2021 with a row over proposals for a Covid passport, raising concerns about data privacy. However, what many people fail to realise is that they have already given their identity data away with each of us having an estimated 200 digital identities online. What is needed is the ability to prove identity while retaining full control over identity data.
Robin Amlôt of IBS Intelligence discusses the digital identity challenge and the opportunity for banks to provide a solution with Martin Wilson, CEO of Digital Identity Net.
You can listen to the podcast here, or read the transcript below:
I'm Robin Amlôt of IBS intelligence and you're listening to the IBS views podcast with me is Martin Wilson, Chief Executive Officer of Digital Identity Net, which may give you a clue about what we're talking about - the UK's identity crisis. We all have tens if not hundreds of digital identities now don't we Martin?
Well, absolutely, Robin we do. In fact, we've seen research that would put that figure into the 200 to 250 Mark.
And I think just to clarify so as not to frighten people too much. It's an estimate based on the personal information that we overshare or over readily share when we're on the internet. And very often we don't know what happens to that data once we've shared that information. And very often it's sold or used in some way, exploited certainly, and it is estimated that that individuals have something between 200 - 250 different kind of digital identities floating around in the ether that they're not aware of and have no control over.
I think the key point there is the one you finished up on, it's a matter of control of data. People don't realise that these identities are actually important.
Quite and you can still have conversations with people who say 'well, I don't really mind', but actually the more that you talk to people about how their own personal data, first of all can be exploited and worse, can be abused, the more then the kind of start to sit up and pay attention.
And I think one of the developments that we've seen, probably as a result of COVID and the uptick in online activity that everybody's been kind of forced to embrace over the last couple of years, is that people have become more aware that working on the internet isn't always as safe and secure as we might enjoy in a more physical world. And often people say 'it just doesn't quite feel right sometimes', and certainly, exploitation and abuse of personal data is one of those aspects where it doesn't quite feel right when you're working on online.
Well, the thing is that people, whether we're individual consumers or whether we're corporates, we have to have the ability to prove who we are, and we have to have it fairly quickly. What's the solution to this?
So the challenge that you've just hit on is 'quick and easy'
And secure please!
And secure of course, absolutely. And the challenge that we've seen in the digital identity space is that in many instances, it is neither quick nor easy nor secure.
Let me give you an example. Quite recently, I, for the purposes of company business, I had to show my passport up to the camera of my laptop as a way of proving my identity. Now, as we've all heard, there are many instances of people having access to your camera and your keystrokes and all of those kinds of things. So I might be sharing that passport image with my lawyer but who else? It also means that there's an awful lot of admin overhead for the legal team, the admin people in the Solicitor's Office to process that data because it's a very, very primitive way of proving identity, it's a very physical representation of proving identity actually. It is neither secure, it is neither simple, it's certainly not easy.
That's just one example. There's the many others of scanning utility bills or scanning your driver's licence, all those kinds of things we're very familiar with.
There is one place or one set of institutions that already have high quality, verified personal information that they store very, very securely and that is the banks. Because 98% of the adult population and something in the region of 65% of over twelves have bank accounts. And in order to have a bank account, you have to go through a KYC process with them, 'know your customer'. So they've done the verification on your personal details and then they store your personal details, in a highly secure way. As you'd expect banks to do. Their security is almost second to none. So, what if we were able, as a citizen, to call on our bank and say, 'please, can you vouch for me?' in the kind of virtual world online? 'Could you vouch for me and just verify to this third party that I am who I say I am', and that's what Digital Identity Net, through which OneID product, actually facilitates.
So we have developed a platform a service that connects all corporates to all banks, for the benefit of all consumers. Which means that if you log on to a website, and the website says, 'please can us fill in your personal details, please can you verify who you are?', because of the open banking service, and we're accredited by the Financial Conduct Authority, we're able to facilitate a means by which you can request your bank to pass only the details that the third party requires to prove that you are who you say you are. All done within four clicks. All done within a very secure environment through the Open Banking protocols, all done very simply for the consumer.
This is what open banking does. It's a way of the bank allowing its customers to be able to access third party services. And for those third parties to have confidence that the customers they're dealing with are who they say they are.
Quite, and unlike a lot of services on Open Banking that so far have been around payments products and payment services, what we've done in Digital Identity Net is provide an Open Banking service that enables digital identity verification.
I've got to say if I'm a bank, I'm going to turn around and say 'okay, this is great. I can do this for you, but what's in it for me?'.
There's an awful lot in it for the banks. We can start at the more esoteric level where you say, well, actually, this puts the banks in a position in society that they've enjoyed for many years, but they seem to be being disintermediated and that is being seen to be the custodians of things that we treasure, and the custodians of our personal details. So they are actually providing us with a service to the community, it reconnects them with their customers, that's sort of the esoteric level if you like.
More practically, of course, the banks themselves can benefit by this because one of the great benefits of having verified personal data is that you can use that to eliminate the opportunity for fraud. Now, if we talk about payment fraud, for example, authorised push payment fraud over the last 12 months, is heading towards around 1.5 billion pounds worth of fraud being exploited through false accounts scams, consumers or individuals being persuaded to send money to disreputable third parties by a whole variety of means. If there was a simple and safe and secure service, which could verify that the person requesting the money was a legitimate entity, and the person sending the money was a legitimate entity, then that could eliminate, you know, a huge amount of the opportunity for fraud.
So what's in it for the banks? It can reconnect them to that to their consumers, it can certainly help massively to eliminate the opportunity for fraud. And of course, the great opportunity here is that then they would also be providing a huge public service with an enabling a very simple but secure digital identity service for UK citizens.
How much of a job have you got on your hands actually to persuade banks of this?
There's two layers. One I could say not at all, because we're accredited by the Financial Conduct Authority. We're an Account Information Service Provider. We're already connected to all of the UK banks and we've built the service, we've built the scheme rules, and now we're actually in the process of connecting corporates to the service so that they can start to use it.
So at the most basic level, because of open banking, we're already able to offer some simple solutions.
The next level, however, which kind of plays to your question, Robin, is that actually, we're looking to persuade banks to be active participants in this scheme. Because if they were to extend the data that is provided into the scheme, so that you could have a richer, a greater wealth of personal information, then you could provide us a greater wealth of use cases, or service a greater wealth of use cases to satisfy different requirements for different levels of of identity verification. And that's what we're working on, we've been quite successful, we've got engagement with a number of banks at that level as well. So extending beyond the minimum requirements of Open Banking, to actually have a commercial proposition where we look at the whole wealth of information that a bank has, and use that for the benefit of the citizens of the UK.
There's one final point I'll make, and it kind of harks back to what I was saying at the beginning.
We still need to educate the consumer about the importance of their digital identity and the importance of protecting it.
Yes. And again, another aspect of why bank engagement could be really crucial in providing such a service, and I'll use an analogy if you don't mind. My background is in payments. So I worked for a long time in a company that's currently known as VocaLink. But as long known as BACS, it pays direct debits, it pays salaries, it facilitates the Faster Payments service, it runs the ATM network. And the reason why direct debits and automated salary payments became so popular was because the banks themselves got engaged to promote the services to their corporates and to their consumers. And it just works every time and everybody's got used to it. When those services were introduced, they also required some level of education and some level of consumer, you know, building the consumer confidence and understanding how it works. And if you look at more recent times, you know, remember when contactless cards first came out, and people were a little bit nervous about using it, it was just because there was an assurance coming from the banking world that says look this is a business's safe and secure mechanism. Bank engagement into ID service and the digital identity from Digital Identity Net would actually help to build that confidence and grow that education process which you quite rightly say is necessary.
It'll happen anyway. It'll happen by osmosis. As I've said over the last couple of years. It's happened because of the circumstances that society has found itself in, but it would be significantly accelerated and would be of great benefit to the UK economy if it had the backing and endorsement and engagement from the banks as well.
Well, good luck with that. And thank you very much Martin Wilson, Chief Executive Officer of Digital Identity Net.