Another September 16th, another International Identity Day (IID) is upon us and nothing has changed. We still waste billions of man hours navigating ridiculous identity roadblocks while the criminals skip over the sleeping policemen to loot with impunity.
Well, maybe something has changed. While we may be no nearer calculating the costs of having a digital identity infrastructure we now have some very accurate figures for the costs of not having a digital identity infrastructure. The coronavirus catastrophe has required many individuals, companies and organisations who never had to do business online before to shift to the new normal in double-quick time. This has in turn meant that the ability to create digital identities, to bind those identities to real-world legal entities and to use those digital identities to support online persona with the necessary collection of credentials to enable online transactions has become central to business and government.
According to Aite Group, almost half of all Americans experienced financial identity theft last year. That is not a misprint: Almost half. Aite estimate losses from identity theft cases cost half a trillion dollars in 2019 and increased three quarters of a trillion dollars last year. That’s serious money and it was, as you would suspect, fueled by the high rate of unemployment identity theft during the pandemic, as increased and extended unemployment benefits made the sector an attractive target for fraudsters.
In the UK, recent estimates from the Treasury and others indicate that losses to fraud in the disbursement of government COVID support and aid to both individuals and businesses could be in the region of £50 billion and upwards. The might be a fraction of the problem in the USA, where the Department of Justice has already charged 474 defendants with criminal offences relating to pandemic frauds that involve attempts to obtain over $569 million from the U.S. government.
We could have had a fully developed, global, privacy-enhancing, innovation-enabling digital identity platform for a fraction of the costs of pandemic fraud. Perhaps now is the time to bang a few heads together, starting with the banking industry, and start work on the digital identity framework that the Future of Finance review identified as crucial (not just for finance but across the whole economy) as a cornerstone of future jurisdictional competition in a post-pandemic, post-Brexit and post-password world.
Many countries already have some form of government ID or bank ID of course. Norway, for example, where the pandemic experience was utterly different from that of the USA or the UK. In Norway, the Ministry of Finance and stakeholders delivered the SME loan guarantee scheme within three weeks and the first loan was granted and on account one hour after the scheme was authorised. The pandemic compensation scheme was similarly developed within three weeks. They were able to do this because they decided to create wholly digital schemes to process applications and deliver automated payments.
These banks schemes show us a way forward. I don’t think the answer for us is to build a centralised government ID service (such as Aadhar in India) or a centralised reputation management system (such as China’s social credit score). I think we need to think about more sophisticated and more flexible options to create an identity infrastructure for the modern world and the banks are the best place to begin. Citi put out a paper about this a couple of years ago. It was called “The Age of Consent” and it discussed the idea of a federated financial sector solution, something along the lines of the Scandinavian bank ID services but in an global and interoperable framework. You can see report’s author, Tony McLaughlin of Citi, talking about it here on Finextra TV saying that “if we fix digital identity, we fix payments”, and had strong point.
On this topic, a group of more than 150 people from around the world (including this author) have just published a paper called “GAIN Digital Trust: how Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network”. It’s an important initiative. As Diginomica said about the launch, GAIN could become for global digital trust what VISA and MasterCard have become for global payment processing, or SWIFT for international financial transactions. You can download the paper and find out more about the proof of concept that they are orchestrating by visiting the GAIN Forum.
The paper calls on the world’s financial institutions to provide the digital identity services that are the bedrock of a successful digital economy. As one of the paper’s editors, Elizabeth Garber of Santander, said me when we were discussing the pressure for progress, banks are well-positioned to offer this service because of their investments in know-your-customer (KYC) processes, strong authentication technology and data security.
The GAIN authors argue that banks need to think globally about this because while domestic solutions might alleviate crisis, the banks and others will find commercial viability from global interoperability. This level of scale is what will enable them to compete with Big Tech across a range of use cases and remain integral to financial transactions. Frankly, banks have no choice but to do this. They must address the reality of strategic disintermediation and create a value-adding role the keeps them in the transactional loop. Banks should be the place where we put our identities for safekeeping.
(An edited version of this piece first appeared on Forbes, 16th September 2021.)