The concept of identity continues to change and evolve as new technologies emerge and the world becomes more virtual. For businesses, this means effectively managing digital identities will become more important – and challenging – than ever before. Organizations must be able to identify good users and deliver a seamless digital experience for them, while rooting out fraud and cybercrime, all while staying compliant with various domestic and global data and privacy regulations.
To get a sense of what the future holds for digital identity, Caf recently hosted a wine tasting and discussion event with many of the leading experts in the space. Here are the top 5 takeaways from that event on the top trends in digital identity both now and in the future.
Explosion of Fake Identities:
Several of our attendees noted that there has been a massive rise in the amount of fake identities for sale online, a trend that started during the pandemic but continues to gain steam. These include not only synthetic digital identities, but physical IDs as well, such as driver’s licenses that have the actual photo of the person buying it but with a different name and address.
While these fake IDs are sometimes used for relatively minor crimes, such as an underage person acquiring a fake ID to buy alcohol, they are used in more significant fraud as well. For example, taking out a loan from a bank or lender and then disappearing with the money with no intention of ever paying it back. Indeed, many attendees noted the significant continued rise in first party fraud in general.
Phone and Email Identifiers:
Many merchants require either a phone number or an email address (or sometimes both) in order for a consumer to create a digital account. The problem is that many consumers – especially low-to-moderate income consumers – tend to change phone numbers and email addresses frequently. This can lead to difficulties in re-authenticating customers and can cause friction for returning customers.
One solution to this is using HLR lookup services, which can give information directly from a device’s SIM card, so a known device with a different phone number associated with it can be identified. Still, this does not help merchants that do not require phone numbers for registering. Biometrics-based authentication can help solve these problems; but a significant issue with that is consumer behavior. Many consumers do not want to go through the added layer of friction biometrics entails. Changing consumer behavior to be more accepting of biometrics can be difficult.
Centralized Digital ID:
Given these and other issues with managing identity, much discussion centered on the feasibility of a centralized, digital ID. There are still a number of hypotheticals about this: such as whether governments would create and operate it, or private entities. If there were a number of different digital ID services, they would have to be able to work with one another.
Regardless of how it is implemented,a centralized digital ID could have numerous benefits. It would provide businesses with a significant cost savings if each consumer would only have to be authenticated once and then could share those credentials anywhere, as opposed to organizations each having to do their own KYC on the same consumer. Potentially, these credentials could be shared cryptographically on the blockchain.
Convenience vs Privacy:
With the many data privacy laws in effect around the globe, businesses have to be careful they safely manage and store consumer PII. There’s an ever-delicate tightrope to walk when it comes to creating a seamless digital experience and also having the protocols in place to protect data.
Some speakers noted that consumers have different appetites when it comes to privacy depending on geography. European consumers, generally speaking, are willing to deal with more friction in the digital authentication process to ensure their data is safe. Many Americans, on the other hand, are willing to trade privacy for convenience.
What all of this means is that businesses ultimately need a multilayered approach to authentication. It cannot be a zero-sum game of either having no friction to ensure an optimal experience, or onerous friction in order to keep fraud out. Digital businesses need to implement progressive steps depending on what behavior they are trying to incent.
Biometrics may be too much friction for customers in one country, while others may be used to it as a daily part of life and have no issue with authenticating via biometric means. There is no one-size-fits-all approach: businesses need a tailored, multilayered approach that will be different depending on geography. consumer preference and the industry they operate in.