Could a Digital ID Scheme Work?

There are growing calls for a national digital ID scheme. The Bank of England’s Mark Carney is one of the latest to back such a move, reasoning it will better protect people’s finances. A new techUK white paper makes the case that digital identities are essential to unlocking the value of the digital economy. With many advantages being championed, Chris Lewis from financial security software developers, Synectics Solutions, looks at how a scheme could work to benefit financial organisations and consumers.

A national digital identity scheme has significant potential to deliver in two key areas; security and simplicity. Both of these factors are of increasing importance to consumers and businesses.

Data released last year by fraud prevention service, Cifas, showed identity fraud hit an all-time high in 2017. Levels of this type of crime have increased 125% in a decade and it’s a problem affecting consumers of all ages. It costs financial organisations billions of pounds, while proving stressful and time-consuming for consumers.

Increasing regulation to better identify and verify customers has been designed partly to tackle the growing threat of ID fraud. This has been met by a willingness among financial organisations, and an understanding by consumers, but is far from the perfect solution. Both parties appreciate the fundamental sentiment of Know Your Customer and Anti-Money Laundering regulations and checks, and likewise, both share the frustrations of how these, inadvertently, compromise customer experiences.

It is cumbersome and tiresome for consumers to have to produce various forms of identification and verification, remember several passwords and go through multiple authentication checks – which will only increase following PSD2. People want their money to be safe and to complete secure transactions, but also want applications and interactions with service providers to be simple and straightforward. A national digital ID scheme could realise this.

Potentially, such a scheme would involve two levels of ID profile for each individual. These would include a private profile that consumers manage using a combination of soft and hard verification. This profile is then cross-checked against an individual’s public profile, which is verified according to a wide-variety of data sources. For example, this may include information from credit reference agencies, banks, insurers, employers and public sector unique identifiers such as National Insurance numbers. The two levels are validated to create one unique digital ID for each person.

The digital ID would then be stored in a secure ‘wallet’ type application on a smart phone. Consumers would be able to access this via a passcode or potentially through facial recognition or fingerprint scan, depending on the type of phone. The ID could be instantly presented to a financial organisation, either in person by showing the mobile device or electronically by sharing the profile through a secure transfer mechanism. Both means of presentation would also be backed-up with other levels of customer authentication but would be less time-consuming and significantly more secure.

A self-served, singular ID of this type would mean each customer verification is based on reams and reams of data and extensive validation, which is constantly updated and accurate. This will make it increasingly difficult for fraudsters to impersonate other people and create synthetic identities. It would also make it harder for criminals to set-up mule accounts for laundering money.

Needless to say, technology will be crucial to the infrastructure and practicalities of realising these benefits. The digital IDs need to be securely stored, accessed, shared and recovered. However, equally as important as technology, is the need for collaboration.

Public and private sector organisations need to come together to share data. This will ensure IDs are kept ‘real-time’ and accurate. It means any fraudulent attempts to impersonate and manipulate IDs are quickly determined and analysed, reducing the ability for criminals to try and use an identity across different sectors and for different reasons. It will also help ‘thin-file’ individuals without a substantial credit footprint through utilising alternative data sources.

Collaboration will also ensure there’s national agreement on one type of digital ID scheme, avoiding the potential for multiple different options. This will fulfil the time-saving and simplicity benefits consumers crave, and which businesses know are important to customer satisfaction. A singular scheme will free-up the capital and resource currently invested in multiple levels of customer verification. This could be invested in other areas to tackle financial crime.

Finally, collaboration could overcome any ‘big brother’ concerns consumers have about sharing their data and it being captured in one place. Big businesses already have lots of data about customers and consumers know this. Feeding this into a central scheme managed by the data subject gives power back to consumers and promotes transparency and trust. Similarly, organisations working together to share customer data presents the opportunity to better reward and incentivise people. The “carrot on stick” approach would help drive public acceptance and adoption of the ID and has already been demonstrated recently across Scandinavia.

Society is not that far away from a national ID scheme. People are already using application processes like ‘sign-in with Facebook or Google’ and using technology to remember log-in details. To take the next step to making a national ID scheme a reality, consumers and suppliers need to be engaged early and be part of the development process.