Being in identity and security space for quite a while now, obviously when I talk to friends and family, they all get excited about whole identity verification and cutting-edge technology behind it. One very logical and obvious question I often get asked
is, “Well I have this payment app/wallet (Apple pay or google pay or Paytm or what not) I am using frequently and find it very useful, have you not thought about something similar for keeping my identity with me, on my phone?”. My answer (and reverse question)
often is “Indeed we have thought about it and in fact there are already many such apps in app store, have you tried one?” “Well, Not really!! As I don’t have immediate need” is the answer to my reverse question.
Would it not be cool if I could have a nice app where I can store my identity data and every time I have to open an account or rent a car, I can simply use my identity data for verification in few seconds, zip-zap.
What is going on here seems logic defying. Many companies have tried it (remember Civic from ICO days, one of the early entrants? Well, that’s just one, there are many) and still continue but with very little success or traction (it is not hard to find their
app download data from public sources).
I have not done any detailed quantitative study for this phenomenon yet, but I have built some hypothesis over time on why we do not see success with identity wallets as we see with payment wallets. I am going to list some of those hypotheses –
1. I don’t really open new accounts that often (unlike payments I do with payment apps/wallets)
Consumers are strongly driven by user experience and convenience. If they are not repeating a task very often, they have a little mindshare for it. Me as a consumer may be doing strong identity verification online few times a year, why bother, let the service
provider handle it.
2. Still fragmented and localized approaches and user experiences
Government and regulatory bodies have not come up with a consistent global standard on digital identity or even guidance to private companies unlike in payment industry. Largely driven by citizens’ attitude to privacy, local cultures as well as the control
regulatory bodies like to keep on user’s identity. Even within EU, despite EIDAS recommendations, there is no consistent standard and user experience adopted by various member states. Large private enterprises can try and unify that, but complexity of systems
and localized control make it almost impossible to have something that is truly global.
If you don’t believe me, just try it out for yourself
3. Different regulations and requirements
Depending on use case and vertical, regulators have dictated different standards for identity verification. Verification requirements while opening a bank account is different from renting a car online is different from activating a sim card. Variations
exist within a country let alone having any commonalities across regions. These differences exist for all good reasons and level of assurance need not be same in all cases and can vary depending on risk associated. But on the other hand they indeed can present
a great challenge for truly global digital identity schemes. If as a consumer I have to manage different wallets for different use cases, why bother, even less!
Having painted a gory picture above, life is not as bad it seems. There is a lot still going on to achieve this ubiquitous digital identity goal. Apple has started trialing digital driver license in USA. Samsung is working closely with German government
and BSI to trial digital identity on phones to start with and various bank ID schemes in many countries. These efforts are still very local and use case/ country specific, but hope is they can teach us a lot during these trials. Real success will only come
once we can motivate consumers to truly see the value in such identity wallets with seamless user experience and ease of use they get with payment wallets. True global and ubiquitous digital identity is sure to accelerate once we will start seeing network
effects and efforts need to continue in this direction by regulators, governments and private enterprises as at the end of the day we all will benefit from it.
Being not a fully researched topic it will be great to hear your thoughts and hypothesis as well.