Mobile Identity and Authentication
For tech optimists, issues such as data breaches, identity fraud, and complex onboarding are tech problems; they are rooted in processes that have yet to implement sophisticated technology to ensure secure interactions. In their eyes, it’s just a matter of time before we can all seamlessly transact and interact digitally with full privacy protections and security controls.
They point to mission-critical security situations such as defense or government, where systems exist that are almost impenetrable. Employing biometrics and multiple layers of security, they demonstrate that extremely high levels of security are possible.
Detractors point to the high-cost of the systems and the fact that they work with people that are trained to follow high security procedures. It’s one thing to get a defense specialist to follow strict security protocols on equipment that is state-of-the-art, and it’s quite another to deliver a similar level of security to a mass market.
Smart Phones – Really Smart Phones
However, note the progress of mobile phone technology. The power of processors, sensors, apps and connectivity are ever-increasing in power and decreasing in relative cost. What was once military-grade technology is now filtering down into the average smartphone; fingerprint scanning, facial recognition, iris scanning and even more advanced biometric recognition systems are already in, or coming soon, to a phone near you.
While the technology is there, the societal framework to make full use of the systems are a work in progress. In most countries, legal ID means having a physical document, such as a driver’s license or passport. Luckily, the trend to accepting digital versions of those physical documents is increasing, enabling remote verification.
Some countries are even bypassing the need for a physical document entirely, going fully digital. As the security issues are overcome, and the regulatory environment because digital-first, it’s a matter of social acceptance.
Passwords, Form Fills and Other Barriers
For consumers, they just want things to work. Of course, they don’t want to become a victim of fraud, but the average consumer hates passwords, has way too many of them, and doesn’t follow rigorous safe password procedures. A new study by Visa and conducted by AYTM Market Research found that 86 percent of consumers are interested in using biometrics to verify their identity or to make payments.
With all the capabilities of mobile phones, they still can’t compete with desktop when it comes to converting eCommerce users. Consider that the conversion rate on mobile phones is 270 percent less. Obviously, there’s significant barriers to using the phone to complete the transaction. One would think that if the experience is quick, seamless and secure, the consumer would take action.
Of course, there’s not only one problem or one quick fix to getting to mobile nirvana. According to UX Matters though, one critical barrier to mobile commerce success is mobile forms; it’s a lot more difficult to fill a form on a phone than a desktop. Taking initiatives to overcome data-input fatigue is one step that businesses can do to improve their mobile strategy and future-proof their business.
As mobile technology becomes better, other mobile commerce issues will fall by the wayside. Transaction speed will increase and costs will decrease, both from better bandwidth and fintech innovations. Displays will improve, offering better product images. A whole host of new technologies —such as VR can — can vastly improve the mobile experience.
Keep in mind, technology is just an enabler; mobile or online processes are only effective if people actually trust them. To that end, the true advantage of mobile identity and authentication is that it promises security AND ease of use.
According to a Secure Technology Alliance Mobile Council Whitepaper, mobile identity authentication
“…relies on a number of technologies that leverage both hardware and software techniques to reliably identify a user and that user’s mobile device for security purposes. Mobile ID authentication supports legally binding authentication and transaction signing for online banking, payment, corporate services, and other secure consumer services (e.g., streaming online content). A user is issued digital credentials that are stored securely on the mobile device (for example, in a hardware secure element (SE)). The user must then be authenticated locally to the mobile device by entering a passcode or PIN or by using device-level biometrics to be able to use the stored credentials.”
Nowadays, phones are almost an extension of our hands and taken with us everywhere we go. Logging in with biometrics is standard nowadays. Thus, connecting secure mobile access directly to eCommerce processes is a massive opportunity to deliver a better, faster, more secure mobile experience. Launch your phone, authenticate, and buy with little friction or risk.
The path forward exists. It’ll take time as the different parts of the value chain adopt new processes. There are new technologies to consider, new security and privacy procedures to examine, and strategies, purchasing and implementation steps to take.
The good news though, is that the fear of data breaches might become a thing of the past. Mobile identity and authentication creates an opportunity for a secure, closed loop on a solid trust framework. A whole new world of secure transactions, services and untold opportunities awaits.