Identities are assets that can be commercialized. Outside of government organizations, who holds the greatest repository of trusted identities? If you guessed banks, you get a gold star. Banks around the world now have an excellent opportunity to create new business, increase loyalty, improve customer experience and mitigate risk using the vetted identity information they have worked so hard to build.
When we open an account at a bank, we have to prove our identity using an official identity document in a face-to-face meeting or during a secure online application process. Our identity information is then recorded to the bank systems, so you have continual access to the bank’s services and your money. These identities are stringently vetted and the identity attributes can be trusted.
Creating New Business Opportunities
For instance, in the Scandinavian region banks have been selling authentication services to third parties for years. On average, in one country an authentication event costs $0.30 for a third party service. These authentication events are consumed in services where vetted identities are required from eGovernment and healthcare to commercial services. Take $0.30 and multiple it by X, and you have a chance to grow revenue exponentially.
Outside of authentication, identity attributes can be delivered to third parties to help streamline the registration process by pre-filling form fields to online services, reducing the industry average of 70 percent cart abandonment rate. Furthermore as the identity is vetted and the attributes come from a trusted source, the bank, it can be very valuable in reducing online fraud.
Increase Customer Experience and Loyalty
Modern two-factor authentication methods no longer use the clunky one-time-password generators that need replacing when one is lost or runs out of battery power. Not to mention that the device is always at the wrong place when you need it. Mobile device based authentication methods provide an extremely easy way for end users to login not only to bank systems but to third-party services as well. If a customer can choose between yet another password or using a fingerprint reader on a smartphone, or using the camera for facial recognition, most would select the biometric method in a heartbeat. Ultimately, it’s all about customer experience and making it easier for your customers to conduct business with you.
Mobile device based methods also provide flexibility for the bank, the third party and for the end user. A simple transaction with a low value can be approved by just clicking “ok” on the screen. Higher value transactions could utilize a PIN code within the app, and sensitive/high value events would require biometrics.
Easy-to-use and convenient solutions generate more use. Loyalty increases when customers select your solutions over alternative methods because the user experience is so much better.
Mitigate Risk and Comply with Regulations
In Europe, the Directive on Payment Services (PSD2) is driving financial institutions towards two-factor authentication. Globally the demand for stronger, usable and convenient end-user authentication becomes more important each month. If you rely on authentication methods that the end-user can by mistake give to a malicious party, you are going to face challenges. Passwords and static one-time-passwords can be given to someone else.
Banks have a long tradition of offering stronger authentication options to their online users. These credentials that banks issue can be used to authenticate customers in other online sites as well and help them to mitigate risk.
How to Become an Identity Provider
When a user identity is transferred from one domain to another transparently, such as from the bank’s online system to an e-commerce site without re-authentication, it’s called federation. There are multiple standards available for creating these links between online sites. If a bank wishes to become an identity provider, they need to deploy software that can handle these federation links and at the same time connect to the bank’s user credential system and preferably offer alternative authentication method options, such as bank branded mobile application based systems.
Trust is the key in building these links and creating new business for banks. Banks around the world enjoy the status of being highly trustworthy organizations. In the digital identity world, bank issued identities can only be superseded by government issued digital identities. Becoming an identity provider is not a technical issue; the solutions to implement this have been in existence for a long time. Banks as identity providers have been proven to generate new revenue streams, increase customer loyalty and reduce risk and cost for the third parties using bank issued credentials when authenticating their own customers. For the banks, their customers and the online service providers, this is a fantastic win-win-win situation and an opportunity to further enable digital business to grow and thrive.
About Keith Uber: Keith Uber is Vice President of Sales Engineering for Identity and Access Management products at GlobalSign. He joined the company in 2009 and is a product expert leading a team responsible for consulting with customers to select, design, configure and deploy GlobalSign’s IAM product portfolio. Keith coordinates the IAM Academy training program for partners, customers and end-users. Keith has contributed his expertise to many large-scale governmental, corporate and research projects around the world.