The era of ubiquitous mobile ID will soon be upon us. People shop, talk, trade, and send/receive payments through mobile devices 24/7, and a crucial element that helped make this possible is identity verification.
Although people walk around with these mini computers that contain more compute power than what NASA used during the Apollo mission, they still carry a physical ID document to gain access to bars, flights, government facilities, among other things.
While the future points to mobile, there are numerous obstacles before achieving an omnipresent mobile future. The identity systems of today have a long history, widespread adoption, and regulatory frameworks that enable official use. Changing to a new infrastructure for identity is not only a challenge technologically, but it also presents legal, privacy, societal, and commercial challenges.
Mobile Network Operators
To achieve a broader, more accurate analysis of person’s identity, current best practice is to use multiple data points; corroboration of data in different data sets delivers an expanded view of identity verification that is better able to achieve consensus. Through the use of an extensive ecosystem of data suppliers and technologies, rule sets for identity matches have more options for customization therefore better optimized for different risk strategies.
Mobile Network Operators (MNOs) currently have information about mobile users, such as name, mobile number, address, along with device information, geolocation, usage and billing data. Data from MNOs provide another valuable layer of identity intelligence. Relying on a single data source is rife with potential trouble; systems with one data source have one point of failure, corrupted data can’t be offset and varying data sets can’t be analyzed and optimized for maximum insight and performance.
However, in conjunction with other data sets, MNO data offers enhanced coverage and convenience for identity matching and fraud prevention.
One advantage mobile devices have when it comes to identity are all the sensors baked into the device. High quality cameras (still and video), fingerprint scanners, and microphones are already included in high-end mobile devices and have migrated to lower-end products. According to Acuity Market Intelligence, by 2022 there will be 2.7 billion biometrically enabled smart mobile devices which will, as stated by C. Maxine Most, Principal, “bring biometrics into the daily lives of half the global population.”
Consider the requirements for Strong Customer Authentication (SCA) coming to Europe in September, 2019. It demands that certain transactions (payments or account access) meet specific authentication requirements. While effective authentication is a powerful method to prevent fraud and secure accounts, it also requires additional steps to be performed by the user.
With an average of 25 accounts per person that require passwords, it’s a never-ending cycle of remembering and resetting passwords. Biometrics promises to offer a frictionless way to authenticate mobile users quickly, conveniently and with ease. In fact, 86 percent of consumers are interested in using biometrics to verify their identity or to make payments.
While MobileID is in its infancy and we’re just scratching the surface of its potential, identity frameworks to extend its use are much more developed. After all, what we are talking about is digital identity (or eID), which already has some level of legal acceptance in many jurisdictions around the world.
Estonia already has an evolved eID system in place, allowing citizens to easily authenticate themselves for online services without paper documentation or a physical interaction. In Europe eIDAS, a set of clear, cross-border electronic identity requirements is coming in September 29, 2018. The Australian government is also setting up the requirements for a new eID framework that will adapt and streamline the way digital transactions and services are handled.
Governments have a vested interest in creating eID systems for their own purposes; eID enables delivery of services through online channels making them more cost effective, more scalable and more responsive. Citizens enjoy the convenience and speed of delivery that digital services offer. The key is to ensure the system is secure and accountable and, as the European Commission states, “guarantee the unambiguous identification of a person and make it possible to get the service delivered to the person who is really entitled to it.”
Once a government has an authorized eID system in place, commercial interests can use the same framework to ensure compliance with KYC laws, mitigate risk, optimize performance and improve the customer experience. The same factors that make eID desirable for governments apply to businesses operating online.
Consider a 2016 report by Australia Post and The Boston Consulting Group (BCG), which considered economic opportunities of the Australian digital identity ecosystem. They calculated the “economic value of an accepted digital identity” in Australia is AU$11 billion a year. All things being equal, this would extrapolate to annual numbers of $112.8 billion in the US and €150 billion in the EU.
Another market that can see dramatic effects from MobileID adoption is travel. The Known Traveler is a World Economic Forum (WEF) proposal for digital identity systems that use advanced technology, such as biometrics, and advanced digital technologies, to expedite cross-border travel. Already e-tickets are an easy and secure way of booking flight tickets and these can be saved directly on a mobile. Adding identity to the device along with associated permissions — a mobile passport — would go a far way to expedite and secure the system.
MobileID Roll Out
Of course, any time when trying to predict the future there are lots of questions and considerations. How will these systems integrate with existing protocols and new advances? What new standards will come about and what will they cover? What will different countries do and what regulations will come into force?
There are deep concerns about security, privacy, permissions and control of access. MobileID technology is vital to help ensure the highest levels of security and privacy protection are adopted.
Existing identity systems have worked for over a hundred years and have proven stability, functionality and usability within jurisdictions. However, as the world becomes increasingly global, better cross-border identity systems are needed, enabling better security, more commerce and expanded trust interactions.
As effective identity system has such wide impact on individual lives and societal functions, rolling out new systems needs careful planning, testing and implementation. We can’t expect physical ID documents to disappear anytime soon.
But the advantages of mobile ID are undeniable. Having a quicker, easier, and more secure and seamless way to identify and verify someone is beneficial to consumers, businesses and governments alike. As with the integration of other technologies into mobile devices, mobile ID has the aura of inevitableness around it.