Digital identity is a customer experience minefield; but one tech company has the map
Only a few years ago, there were but a handful of specific places and situations in which it was mandatory to prove one’s identity. Opening a bank account, applying for a visa or passport, or perhaps getting your first driver’s licence. These were significant “moments” that marked transition points in life, and usually involved having to bring physical paper documents, like a birth certificate, to an imposing-looking office.
Since the digital age, we have all become much more used to proving who we are. Nearly every interaction with a mobile app, website, or contact centre now involves going through the ubiquitous security checks. And although these steps have become a regular occurrence, they remain a serious time drain for the consumer, and for companies wishing to provide the best customer experiences, those irritations can be — with the application of the right technology — almost entirely removed.
One interaction, many, many times
The promise of digital proof-of-identity has not, until quite recently, been realised. That’s because each channel through which customers prove their identity to an organisation can have its own method(s), and those methods seldom replicate.
An example might be an average customer with a loyalty card for a retailer (we’ve chosen retail to show that the importance of identity in a digital-first world now moves well beyond the governmental and financial arenas). Our customer might unlock an app on their phone with their face print or PIN, but in-store perhaps swipe the card through a terminal. Furthermore, when calling the retailer’s contact centre, the “security checks” might involve a question-and-answer exchange, or the remembering of a (different) PIN, or spelling out a residential address. And easily enough, those three separate identity-proving situations could happen on the same day.
That’s clearly not an ideal situation for the end-user (it’s a poor customer experience), but for the company, it involves three separate technology stacks to support (on the premises, in the app and in the contact centre), and three discrete needs for staff training, three systems to maintain, upgrade, tweak and patch. Any attempt at getting the individual systems to interact would have to be manually constructed, and there would be the ever-present danger of a single point upgrade in any of the three instances breaking the connection. Worse yet, most fraudsters are sophisticated enough to find the channel of least resistance (these days, it’s typically the contact centre), so for all that trouble, your patchwork of disparate systems is really only as strong as its weakest element.
In short, the digital identity conundrum is a difficult one to crack, and seemingly impossible to crack across all channels the average consumer wants to use.
Fintech came first
Banks and the fintech sector have been aware of the difficulties of digitally verifying identity for many years. With nationally important issues like money-laundering and fraud at stake, this vertical was very much at the cutting-edge of strong digital authentication and KYC (know your customer).
In 2020, every organisation and business is under threat from malicious identity fraud. Cybersecurity measures often hinge on proving users’ identities properly, with a single login often providing access to every private service the organisation runs.
Furthermore, customers’ trust is easily lost with the slightest mismanagement of identity, one that might seem inconsequential. The theft of a few air miles or customer loyalty points might not bankrupt an individual, but the victim will probably move onto a competitor’s platform, and possibly broadcast their complaints on social media. The knock-on effect is that the organisation runs the risk of damaging their own reputation/brand recognition for not having deployed a secure customer authentication procedure for their customers.
Adopt the agnostic
It seems obvious, therefore, that we look to fintech for direction. Generally speaking, their success working digitally lies in hitting three targets. The first is the need for omnichannel identity authentication: facial recognition, voice recognition, fingerprint, PIN, physical security keys, behavioural biometrics and whatever the future may bring in terms of the evolution of biometrics.
The second is for a rigorous, effectively unbreakable authentication system, one that’s reliable, can be trusted by users and organisations, and can gain approval right up to the nation’s state government level.
The third is for each of those authentication methods to interoperate, and work from the same “core”. If your customer has identified themselves correctly using a mobile app, when transferred to a voice call for better customer service, why should he or she need to answer security questions?
Is there such a solution, available now that hits the magic trio of requirements? Yes, there is, but read on — there is another key concept we need to kick around a little, first.
There’s an important detail to add at this point, and that’s of extending the agnosticism across factors (face, voice, etc.) and channels (mobile, web, contact centre, etc.) to the back end of authentication methods. Every organisation’s chosen security models depend to a degree on their needs, and the vertical in which they operate: FIDO or server-side, cloud or on-premise, open-source or proprietary. As long as the identity platform on which the changing requirements of business sits remains interoperable with multiple methods in the front and back offices, the organisation’s customers will get the best experience. And, the enterprise massively reduces its overheads as one agnostic identity management and security system provides multiple solutions, on any topology.
Interestingly, during the course of the research for this article, we came across a company whose platform is commonplace in many online authentication interactions, yet as it’s the white-label authentication and digital KYC platform of choice for many Fortune 100 companies, its own identity is less well-known.
In a further article, we’ll be looking in more depth at Daon’s agnostic, omnichannel authentication and KYC platform, IdentityX. But the chances are, you will already have used it, often without knowing that you have.
Here are just a few examples of Daon customer deployments (Atom Bank, BNP Paribas, and mypensionID) that show how the Daon platform is making end-users’ interaction with companies much smoother. And the company’s initial success in banking and financial services has now extended to dozens of other vertical markets, including telcos, healthcare, eCommerce, and sports betting. In fact, just this month Daon revealed its move into the aviation and higher education markets with high-profile announcements from Denver International Airport and Anderson University, respectively.
From any business’s point of view, Daon’s platform makes sense. However your legacy stack is configured with regards to security and authentication, the Daon IdentityX platform just “fits in”, pushing up the quality of customer experiences while pushing down the back-end overheads.
The open-ended and integrated nature of IdentityX is such that it’s deployed across multiple channels and is architected in such a way that it’s suitable in equal measure for every vertical, but also for whatever method in the future on which companies may come to rely.
For the next article in this series, we’ll be digging a little deeper into the concept of multiple channel authentication, and looking at Daon’s offerings in more detail both technically (it holds 160+ identity authentication patents) and in pure business terms, too.
For now, however, you can follow the links above to those case studies, or find out more from a (virtual) face-to-face with a representative today.
1 December 2022
30 November 2022