Anyone who has tried to open an account at a new bank knows the problem. No matter how many times you have proven your identity in the past, a new institution means starting over. That means filling out new forms, finding and providing the necessary documents (often paper-based) and repeating a process you may have already gone through many times before.
While for most this may seem nothing more than a nuisance, it is a symptom of one of the major challenges facing our world: the challenge of developing a comprehensive, international Digital Identity solution. The need is pressing. Without a means to create, authenticate, use and protect identity online, we will never be able to move to a fully digital economy.
Bits and pieces
Unfortunately the way identity is handled today leaves much to be desired. We have serious problems of security, as seen by the ever-increasing problem of identity theft. Records of our identity and the attributes associated with it are fragmented: some information resides with governments, some with banks, some with our doctors, a great deal with our social media platforms and in the databases of the hundreds of businesses and websites now intrinsic to our lives.
These systems often cannot communicate with each other, causing unneeded redundancy. They are also subject to hacking, causing potentially embarrassing or dangerous data leaks. While we seek a digital solution, many key identity documents are still paper-based. There are also governance issues, with open questions about who owns our identity-based data, who authenticates it, and who can use it for what purpose.
The right forum
For this reason, Digital Identity has become one of the most important topics today in the financial and technological communities. The good news is that change is coming. The startup community is vibrant with people working on Digital Identity solutions. Governments around the world, from Estonia to the UK and India, are developing Digital Identity platforms. Regulators in many jurisdictions, for example in Europe with the updated General Data Protection Regulation (GDPR), are taking a detailed look at identity and privacy issues. And it is a topic of intense research in academia, think tanks and industry.
At UBS we take this issue very seriously and are actively involved in fostering the conversation. Recently, we held a UBS Future of Finance Forum on Digital Identity in London (see box), where we gathered leaders and experts from academia, industry and government to analyze and further this topic. In our opinion, Digital Identity is not just a key issue for today’s global society. We also believe that banks are in a unique position to contribute to the solution, and so have an important role to play as thought leaders and facilitators.
A puzzle of many pieces
Solving Digital Identity will likely require collaboration, and complex decisions.
Perhaps most important, if less obvious, is education. Identity is more complicated than it appears. There are core aspects, like our name, date of birth, or address. And then there is a long list of other attributes, from the state of our health to our reading preferences, that are collected in various databases. Consumers are often unaware of the digital trail of identity they leave behind when online, or how data about who they are and what they do is being collected and used. Policy makers need to understand these things too, as well as what the possible solutions could be.
We believe that a comprehensive Digital Identity solution can only be designed if we think first about what it should look like, instead of relying on ad-hoc solutions being developed to solve particular needs (as is often the case today). Such a solution in our opinion should protect individual privacy, be secure and give the individual as much control as possible over his or her data, while also being convenient and providing an easy means for institutions to share the data we wish to share. This will be no easy task.
The possible paths to a Digital Identity future raise questions as well. Should identity be centralized, something ultimately for governments? Should it be completely de-centralized, with individuals having complete ownership and control of their data? What role should private companies play? Who will provide proof of our identity, and how can that information be shared? Today there is no comprehensive code of identity law, meaning thorny legal issues abound. Who is ultimately liable for data breaches? What happens to my identity when I die?
At the heart of the discussion
The above, of course, only touches the surface of the Digital Identity discussion; there is a great deal more to it. As mentioned, we believe banks have a key role to play in helping to put all these pieces together. For one, we have long been in the business of authenticating, recording and protecting client and asset identities, and so have many of the resources and a great deal of the know-how that will be needed.
This is not to say that banks should be tasked with solving the issue themselves. It must be a comprehensive and collaborative effort, involving many stakeholders. If we can improve the Digital Identity landscape, we can go a long way to furthering our digital world in a way that is safe, secure, convenient and efficient. That is a goal worth pursuing.