25th August 2020
By Neil Downing, VP of Products at TMT Analysis.
Earlier this week, I attended an excellent monthly roundtable organised and moderated by the good people at One World Identity (https://oneworldidentity.com/). Amongst the many interesting topics was one in a discussion around trusted identity brokers in the new paradigm. In many cases and blogs around digital identity one of the most often championed ones is the so-called BankID.
Although different variations of the scheme are in use in Sweden, Norway, Finland and Denmark, the basic principles are the same, namely that individuals who bank with a participating bank (which is most of them) can obtain electronic identity credentials that are accepted in a wide range of places. It’s often held up as a standard-bearer of a scheme because it has almost total coverage of the adult population, and because it’s been created in the total absence of any approved online Government electronic ID scheme.
During a discussion at the roundtable event, after I learned that for each of BankID’s 26 million members use it on average 4 times per week (an interesting statistic in itself), a number of other participants said that such a solution simply wouldn’t work in their country because individuals didn’t want their bank to know what they were doing! Leaving aside that (if you are using your cards to pay for anything), your bank ALREADY knows a lot about what you are doing, for me it really begs the question about why we’d trust an institution with our money but not the knowledge of how many times we’ve proved we are over 18 to buy alcohol or similar?
Public/private partnerships are an integral part of deploying identity solutions at scale. Countries around the world, Singapore, Australia, Canada, India, and the Nordics as notable examples, have demonstrated the ability to collaborate across the public/private sectors to deploy federated digital identity solutions that drive value creation for end-users. In the case of the Nordics, banks, which were already authenticating the majority of their country’s citizens, were the first to collaborate with governments to deploy trusted e-IDs. The Nordics were able to achieve widespread adoption, and critical mass paved the way for additional use cases across additional sectors. In China, the consumer use cases are significantly stronger, whereby citizens need to log in with a government ID for activities as simple as playing online video games.
In countries like the United States, where there is a cultural distaste for centralised authority, there is a demonstrable need for government identities to tie to transaction-specific identities that people can use in their day-to-day lives.
We know that banks and credit card companies have vision of our spending habits, but when it comes to identity verification, do we think that the banks would find monetising that data worth the risk? Certainly not in the Nordic case where the independent authority that administers it in each country has a very clear and very strict policy about how your ‘owning’ bank stores, processes your data and what it can and cannot be used for.
Of course there are the tech giants who can also play a role here, such as Apple, Facebook and Google, all of whom have or are working on solutions that operate in the digital identity space and all of whom have some kind of chequered history when it comes to personal data, but perhaps that’s a discussion for another time.
Personally, I still believe that what BankID has accomplished is nothing short of spectacular. Granted it can’t be a global solution, because so many countries in the developing world have nowhere near enough penetration of banking among the population to make it work, but it proves that if something is low friction, easy to use and adopted everywhere, people will use it. Perhaps other banks should look at this model and look at what they really earn from selling consumer data today. I think if they tried a little harder they should win the trust of the consumer, who in the end needs a service like this to be a success.