The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
Dr Philip Bonhard, Head of Design – Security, Authentication and Identity, Lloyds Banking Group
There are many challenges, but some of the key ones can be divided up into user and organisational challenges. User challenges revolve around familiarity and adoption of new authentication mechanisms. While many mobile native people have no problem using mobile based authentication, there are still millions out there, who struggle with the usability or don’t have access to the right devices.
Organisationally, there are no common standards to make authentication similar across organisations. Each organisation generally has the own implementation of various authentication mechanisms and they can differ in user experience. Alignment in that space would help users.
Design and technology need to work hand in hand to deliver identity solutions that actually address a real human need. Design should identify those needs and technology can address them. Not the other way around.
Given how much we transact online these days, it is absolutely crucial that users understand the value of their digital identity and data, and how to protect it. In the same way we would just leave a passport lying around, we need to understand, that our digital identity opens up new possibilities of transacting, as well as dangers for them to be exploited.
That’s the million pound / dollar question. We need to recognise that banks and customers have a role to play. Previously, the bank’s job was to keep the customer’s money safe in a vault. Now everyone has access to their data / money 24/7 online and they can move said money / data whenever they want. Banks need to do their best to make sure it’s impossible for criminals to steal that data without the customer’s knowledge. Customers need to be equipped with the knowledge and ability to withstand attacks by sophisticated criminal gangs trying to coax the important digital access data to steal said money / data or even worse, convince customers to simply send the money. There’s no single solution to this, but a constant interplay among financial crime professionals, design and technology.
Historically an identity used to simply be what we present in a passport or drivers license or any other universally accepted physical document. Digital identity does away with the concept of a document as a container of identity data. Digital identity allows me to combine any identity data point and share that with a receiving party. And that flexibility makes it complex. So in the future I can share my age, home postcode along with my blood group and car insurance details, should the need arise.
What’s challenging is understanding what digital identity represents in an age where we can combine identity attributes to create identity containers. Most lay people have no concept of that yet and it’ll be a while before they do.
Dr Philip Bonhard will be speaking at our upcoming Fraud and Financial Crime Summit, taking place on September 20-21 at One America Square