How Digital ID can Deliver for British Consumers and Businesses

And how Banks can play a Leading role.

Digital ID stands to make life online safer, reduce fraud, and could even play a key role in the next generation of growth in the British economy. Banks have a unique opportunity to deliver it securely and flexibly, and become a trusted and valued partner in their customers’ digital lives. This is how they can do it.

Introduction

In February 2023, Tony Blair and William Hague jointly issued a major report on how Britain can secure prosperity for the future by embracing innovation and technology. One of their proposals that attracted the most comment was their call for the British government to embrace digital identity credentials for its citizens.

Although these recommendations were in the context of improving people’s access to government services, they reflect the growing consensus that digital ID has the potential to unlock a great deal of value throughout the British economy, as well as delivering greater security and efficiency for both consumers and businesses.

The scale of the opportunity is significant: consultancy firm McKinsey has estimated that advanced digital ID services could create value of the equivalent of between 3 and 13% of the GDPs of several countries they examined, including the UK.
At a time of economic worry and anxieties over the cost of living, this could make a real difference to people’s lives.
And as we’ll see, banks have a vital role to play in the creation and implementation of this infrastructure.

Click here to download the full report as a PDF.

The Opportunity

The report mentioned above highlighted the potential of digital ID around accessing services provided by the public sector, like benefit payments or medical records. But why stop there?

Today, almost everyone has dozens if not hundreds of discrete log-in credentials they use for everything from checking their pension to Christmas shopping to watching a movie.

The reason for this proliferation of digital ‘selves’ is simple: interactions online are remote and anonymous, and therefore lacking in trust. Validating our identities, whether via password or biometric information, restores trust to the interaction, and a transaction can be completed.

Even with this validation, the fragmented nature of the data consumers need to prove they are who they say they are
– think of how many times a day you type in a password – creates opportunities for malicious actors.
Individual consumers must constantly use multiple identity credentials issued by multiple issuing parties, and this complexity is open to abuse.

And this abuse is big business: the UK has seen around 28 million individual data breaches every year for the last decade, costing the economy an estimated £3.7 billion GBP. In 2020 alone, losses to fraudulent transactions on payment cards cost businesses £574.2 million GBP.

We can add to these losses the enormous investments businesses are required to make to meet this threat: in 2021 British companies invested £976 million GBP in cybersecurity, with identity validation a key pillar. The ongoing costs of this infrastructure are huge, with each digital identity check in the UK costing an average of £1.92 per transaction. The cumulative effect of all these costs adds up to a meaningful and material brake on the UK’s economic growth.

WINS FOR UK BANKS, BUSINESSES AND CONSUMERS

It is now clear that a reliable, secure and consolidated digital ID service is vital to build trust online and unleash the full potential of the digital economy in Britain. A fully realised solution would allow its consumer and business users to:

• Make payments
• Undergo KYC (Know Your Customer checks) 
• Access applications and e-commerce providers 
• Prove their education or other credentials Maintain supply chain integrity
• Pass background checks

And much more – all under one umbrella. And this is where banks come in.

How Banks are in Prime Position

Banks are in a unique position to play a leading role in the development of a national digital ID scheme – one that could span both the private and public sectors.

A number of countries are ahead of the UK in introducing digital ID. Some, for example China and Estonia, have their national governments in the position of credential issuer. Alternatively, Norway’s BankID is administered by a collective banking industry body.

Still more efficient could be the third option: a private sector body working in collaboration with all players in the banking sector under a pre-existing regulatory umbrella. Whatever the model for co-ordinating the development and deployment of the necessary infrastructure, banks are exceptionally well- placed to act as the key service providers.

CONSUMER TRUST 

Consumers already trust them with large amounts of their most sensitive and private data, and do not have to overcome concerns that their personal data is behind mined or sold to third parties to market to them. Banks’ combined customer bases are huge, and there are already frequent secure touchpoints with these customers. They are strictly regulated and must meet high standards for data protection, routinely managing the identifying data necessary for digital ID already. Onboarding processes are already secure and reliable, often with procedures already in place for the validation of key government-issued documents like passports and driving licences.

Banks are therefore in prime position to shape the digital ID ecosystem by virtue of activities they already carry out, and thanks to their long history of collaboration in developing interoperable data standards, secure networks
and payments systems. This has often been achieved by implementing APIs (Application Programming Interfaces) as part of open banking solutions: APIs very similar to those that would form the ‘plumbing’ of any digital ID ecosystem.

With more than 40 million UK adults registered as account holders, banks have the experience, reach and capability to deliver the benefits of digital ID at scale, and at pace. This means the opportunity is there for it dial- moving boost to GDP and downward impact on fraud to spread throughout the British economy this year.

INCREASING USE OF DIGITAL ID VERIFICATION 

At the same time, banks have in recent years met with a significant challenge from large, usually American technology firms. Banks’ value chains have become more diffuse in recent years for a variety of reasons. This is often thanks in part to their reliance on the products of these big tech firms and/or the proliferation of challenger fintechs that have occupied niches in the market, especially with younger consumers.

These tech firms operate by providing venues – platforms – for the bundling of other services, with China’s WeChat probably
the global gold standard. Many offer payment services of differing sophistication depending on the local market, often using partnerships with existing providers in tandem with network effects and the leveraging of advanced data analysis to capture market share.

Digital ID verification is becoming an increasingly common element of their offer. This is often a ‘single sign-on’ service that is useful for, say, accessing social media or other informal, low-stakes instances. However, it is limited by the digital platforms’ lack of access to the government-issued identity documentation that is a standard requirement for registering with a bank.

This means that decision makers in banks seeking to respond to the big tech challenge by defending their value chains from disintermediation have a significant opportunity. Digital ID verification services offer a route to achieve this and change their relationships with their customers that is more convenient, secure, reliable and flexible than those of the alternatives in the space.

How Banks are in Prime Position

Providing bank-verified digital ID services would allow banks to become the centrepieces of their customers’ digital lives as they play a role in the completion of every identification interaction they encounter.
The benefits this would deliver include but are not limited to:

FIGHTING FRAUD 

As we’ve seen, digitally-enabled fraud is a significant drain on resources for consumers, companies and the British economy as a whole.

No solution can ever eradicate fraud entirely, but the provision of a single unified digital identity solution can significantly mitigate the risk; it addresses it from two key angles.

At its core, bank-assured digital ID involves the sharing of user data via API to validate the identity of all parties to a transaction. Regulatory compliance means banks have already confirmed their customers are who they say they are by confirming private information like a PIN number, providing a government-issued identity document and often biometric data such as a fingerprint.

Extending this high level of confidence in a transacting party’s identity into more areas of the economy will significantly grow consumer trust in online commerce, essentially duplicating the security standards of consumer banking in a huge range of industries.

As well as cutting down on opportunities for malicious actors at the point of onboarding, bank-verified digital ID can also cut down on the risk of unauthorised data access or abuse. During the validation process, users’ data is shared in real time in connection with the relevant transaction.

Third parties, whether the e-commerce provider, the provider of the ID solution or any other actor, cannot view or save any private information. All data is kept within a secure environment and is only exposed when necessary, making its unauthorised access and therefore fraud significantly more difficult and thus cutting down on fraud risk.
At its core, bank-assured digital ID involves the sharing of user data via API to validate the identity of all parties to a transaction.

MODERNISING PAYMENTS

From cutting false positives in fraud systems and subsequent expensive and time-consuming manual interventions, to opening new channels for the provision of services that were difficult to offer online before, bank-verified digital ID carries significant promise for improvements to payments processes.

Norway’s BankID service, for example, played a key role in reducing mortgage application turnarounds to less than a day.
In the UK, meanwhile, setting up a direct debit mandate is often confusing and time-consuming for consumers as they must move between different providers and interfaces to both establish its terms and prove who they are. Digital ID services offer a unified registration journey that would involve far less friction and provoke much less frustration for what is in its essence a simple procedure – and this pattern repeats throughout many banking activities that are today inconvenient and increasingly out of date.

CUTTING THE FAT ON CUSTOMER JOURNEYS  

Opening a new account, passing KYC or onboarding with a new service provider often involves a notable amount of friction: the inconvenience is borne by the customer, and the provider must often shoulder the cost.

Consumers can face wait times of an average of two minutes for their identity to be verified online, with some even taking up to five minutes to complete. Not only does this waste their time, but it can result in a significant amount of lost business as they abandon the transaction in frustration, with up to 10% of e-commerce carts in the UK abandoned due to verification procedures. Inconsistencies and exemptions to regulation around SCA (Strong Customer Authentication) creates additional confusion as different interactions require different levels of verification or credentials.

Cutting down on all this inconvenience with the ‘one-stop shop’ of bank-verified digital ID benefits all parties to the transaction in ways that should be obvious; the opportunity grows when we consider the possibilities of curated end-to-end customer journeys and seamless experiences in holistic product ecosystems of products of the kind consumers are becoming increasingly familiar with.

BRINGING IT ALL TOGETHER: DIGITAL WALLETS

The first step when considering bank-assured digital ID is naturally to define its possibilities in terms of providing banking services.

However, in providing this service banks can make themselves the primary custodians of their users’ identity credentials at the point of log-in or purchase for almost anything in the digital economy. This increased brand visibility in customer journeys is invaluable at a time when banks face challenges from both huge platform companies and insurgent fintechs; the integration of your brand with their improved experience stands as a powerful buttress to customers’ loyalty.

Meanwhile, the provision of broader unified digital wallet services that could include additional identity documentation such as driving licences or even passports could serve as a powerful guarantor of trust in
digital experiences.

From the validation of health information like vaccine statuses to age verification in online services, from reliably accessing government services to providing more accurate data for loan evaluations faster, or from facilitating peer-to-peer transactions to something as simple as a door pass in an office or hotel – the range of possible applications is limited only by the imaginations of those granted access to developing services for the platform.