The third wave in digital identity

digital identity event London

Rod Boothby, Global Head of Identity at Santander, explores what the future hold for trusted digital identity and introduces the Global Assured Identity Network (GAIN), a proposal for open-source global standards developed with the IIF, Open ID Foundation and GLEIF.

We are entering the third wave in digital Identity.

In the first wave, companies gave IDs and passwords to their employees so they could access work systems. Companies like Novell offered Directory Services servers to manage logins. Eventually, this led to standards like LDAP. Today, solutions like Microsoft’s Active Directory provide this service.

In the second digital wave, businesses gave customers IDs and passwords to access services delivered over the Internet. This is the dominant system used today. It means companies have to spend a fortune on managing and cleaning data. It has resulted in an endless stream of fake accounts, fake reviews, bots and trolls. And it is difficult for users who must maintain hundreds of IDs and passwords.

We are now at the beginning of the third wave. People are asking “Why can’t we have just one ID? A way to be trusted everywhere, and a way to control how our information is shared?”

In the third wave of digital identity, people will bring their own trusted digital identity. Global Open-ID standards mean they can use it everywhere. They will work with a trusted 3rd party to make sure they are trusted everywhere without compromising their privacy.

Financial services companies have an opportunity to be the trusted 3rd party verifier in this new wave for identity management. That’s why I have been co-chair of the Open Digital Trust Initiative at the IIF. And why we are working with the Open-ID Foundation and GLEIF to develop open-source global standards to deliver these services. It’s called GAIN, which stands for Global Assured Identity Network. The GAIN DIGITAL TRUST paper describes the standard.

It’s based on an idea first developed 20 years ago in the Nordics. In Sweden and Norway, you don’t login with a unique ID and password for every site. And you don’t use Login with Google ID or Login with Facebook ID. Instead, you log in with your Bank ID. Your bank vouches for who you are. And your bank protects your information. The way it works is easy. You click the login button and you get a message in your bank app on your phone. “Do you want to login to this site?”

Your identity is an asset. It is the key that unlocks everything else. Financial services firms protect assets and work in the interest of their customer. The third wave in digital Identity offers an opportunity for banks and other firms to offer a fundamentally new type of service.

The benefits for financial institutions are tremendous:

  1. Happy Customers: Bank customers would no longer have to use IDs and Passwords online. Santander would confirm their ID and protect their security and privacy online. It would be easier, faster, and much more secure.
  2. Tighter Relationships with Customers: Banks would tighten its relationship with its customers. In Norway, the average customer uses Bank-ID 200 times a year. In Sweden, the use rate is an average 800 times a year.
  3. Fee Revenue: Estimates are that Banks would make about $16 per customer per year in additional fee revenue paid by the relying parties.
  4. Reduced Fraud: Bank ID Norway saw fraud reduced from 1% of transactions down to 0.00042% of transactions.
  5. Lower Operating Costs: Typical processes like mortgage applications are much faster and easier because Identity can be verified throughout. Norway reduced mortgage processing time from 16 days down to 1.

The video below, created by my colleague Elizbeth Garber – VP Digital Products, Santander – and I, introduces the concept.

What do you think? How and where can these new types of verified identities be used?

Join Rod Boothby, and 100 other rockstar speakers at Future Identity Festival 2021, London.