Banks at risk of losing digital ID window of opportunity to tech giants, Mobey Forum warns
A comparative overview of digital ID schemes from Europe and North America warns that banks might soon fall behind large tech companies and globally networked businesses in developing national digital identity schemes.
Mobey Forum’s latest report titled ‘How to Make Digital Identity a Success‘ analyzes the evolution of seven digital ID schemes from around the world, Alastria ID (Spain), Itsme (Belgium), e-Estonia (Estonia), NemID (Denmark), BankID (Norway), Verimi (Germany) and Verified.Me, by SecureKey Technologies Inc. (Canada), but says Google, Amazon, Facebook, Apple and Alibaba/Alipay could take advantage of arising opportunities and disrupt the global ID market.
Banks have been playing a critical role in the growth of national digital ID schemes and they have the capabilities to support other services beyond banking. Operating in regulated environments where “rigorous and stringent security and identity verification procedures” are mandatory makes banks “prime candidates to be future guardians of their customers’ digital identities.”
To maintain their position, banks should look into a collaborative model and address together with government, regulators and telcos the roadblocks and opportunities digital identity and cross-border integration may offer, the report says. The comparative overview aims to provide broader awareness on the evolution of digital ID and sustainable frameworks to institute secure methods for digital identity verification.
“Like in so many other industries, Google, Amazon, Facebook, Apple, Alibaba/Alipay and other hugely powerful digital players have serious potential to upend the global market for digital ID,” says Elina Mattila, Executive Director, Mobey Forum. “That said, the success of a digital ID scheme is rooted in trust and collaboration – between users, governments and regulators, telcos, banks and other key service providers. While they can move quickly and at scale, the ‘GAFAs’ are unlikely to be afforded bank-beating collaborative relationships with all of these stakeholders any time soon. This collaborative model is here to stay. It’s only through close collaboration that banks can both address the challenges and seize the opportunities presented by digital identity.”
A detailed comparison of the seven digital ID schemes found that while all provide national ID services, there are some significant differences. Verimi is focused on cross-border operations, and e-Estonia is the only scheme 100 percent government-led, though all seven want to deliver legally recognized services and secure digital transactions and are focused on user authentication and digital signing services. They have all designed their solutions on blockchain technology and Public Key Infrastructure.
Advanced digital identity models such as self-sovereign identity (SSI) and multi-identity management are not as common as basic services, but have been introduced in the Nordics and Belgium which indicates that wider adoption is next, as more mature schemes come into play.
For successful adoption and legitimacy, the schemes must abide by both domestic regulations and regulatory restrictions for electronic identity and data privacy such as EU regulations including GDPR, eIDAS, PSD2 SCA, AML5 and in Canada the Privacy Act and the Personal Information Protection and Electronic Documents Act (PIPEDA).
The overview outlines the window of opportunity and roadblocks that the cross-border integration of digital ID schemes could present. As schemes further mature and grow more sophisticated, there will be a lot of work to create the regulatory framework that supports seamless cross-border interoperability.