20 October 2017
Bo Harald

Good for society at large

Bo Harald - ZEF, Transmeri, Real Time Economy Program

347Posts 1,310,690Views 256Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

Why is reuse to difficult?

08 April 2013  |  3026 views  |  12


Most countries have established e-society strategies aiming at ao providing public sector services via the Internet. Progress has generally been fast with general information sharing  - but when it comes to private information (health, tax, social benefits, school records etc) - not to talk about signing documents - progress is generally stopped due to a perceived lack of tools.


In several countries it has luckily been realised realised, that reusing e-bank sign-in credentials - for both strong id and signing (I just established a limited company with 5 shareholders - no paper) -  not only in other private sector but especially public sector services is a key accelerator for e-society migration. To reuse means that ready trust and big volume habits can be built on > fast adoption - in addition to saving hundreds of millions (should this not be in strongest focus these days?).

Listing benefits:

- ready high volume habit (10-15 times more usage of strong tool - than all other potential cases taken together)  > economy of repetition (exponentially growing value in fragmenting world) and economy of scale

- the tool has to be strong enough for banking (supervision in place) = strong enough for any use

- tool can be used both for id and signing documents (can also provide age)- the tool has already been invested in  > economy of reuse

- banks are trusted (in this aspect at least..)  > economy of trust

-  banks as service providers have to adhere to anti-money laundering legislation anyway when opening accounts and handing over e-id tool

- banks provide the service also to unbanked

- payback time for banks - they should do this as good-for-society-at-large (income will not be big - but can cover the costs with some margin)


So why is reuse so difficult to spread faster? Why do tax payers not demand it? Why is it accepted that the public sector invests huge amounts in always-failing separate credentials? Anybody in the know?




TagsMobile & onlineInnovation

Comments: (19)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 09 April, 2013, 14:08

At the risk of a double alliteration, reuse is one of those perpetually promising concepts that have forever failed to deliver. Several reasons have been proferred to explain this, the Rule of Three being my favorite: "It takes three times as much effort to make something reusable as to make it usable". While reusable systems might save money in the long term, their higher frontend costs make them impractical in many situations. In my personal experience, reuse is no more common in the private sector than the government, if that's any consolation. That said, those who do bite the cost bullet to build reusable systems upfront do reap a rich harvest at the end.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 09 April, 2013, 18:42

In this form of reuse there is no need to build anything - just use it. And we know from experience that it works and is the by far most economical way of getting strong ID done.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 09 April, 2013, 19:17

It is not obvious that a bank would be willing to permit use of its credential system by others. I remember reading a report recently which clearly stated that banks are not comfortable authenticating users for services over which they have no control. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 09 April, 2013, 19:36

Of course it is obvious that progressive banks want to exand the customer value the deliver by enabling use of e-banking id also in other services - primarily of course the public sector. Of course it should be made clear that the banks are only providing the id-channel and have no other responsibility. And banks naturally have the right to not provide the service to non-ethical players - porn, gambling etc.

The focus should be on saving tax payer's money - big time - by providing the service to the public sector.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 10 April, 2013, 09:01

Maybe saving taxpayer's money is a good item on a private sector bank's CSR agenda but, personally, I believe that such social causes are best driven by - warts and all - the government. UIDAI / Aadhar stands testament to this. This government agency is in the midst of issuing a biometric ID for all citizens of India. It has a long way to go before it can hang its boots but, even after successfully rolling it out to 200M citizens - 20% of its mandate - it has earned the distinction of becoming the world's largest national ID program. At this point, an Aadhar # is sufficient for opening a bank a/c in any bank in India and for enabling direct cash transfers from the government to beneficiaries. Going forward, it could qualify as the common credential system for all public services. It could be questioned why, when there are so many banks that have already built credential system, a separate program is required for this. However, with so many banks involved and the difficulties involved in demarcating roles and responsibilities between banks and the public agencies, it has proven impractical for this task to be carried out by any one bank, even in India where many banks are state owned.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 10 April, 2013, 10:14

There will be a lot of warts if public-private partnership is not aligned. Like - huge spending of tax payer's money - and total flop as seldom used credentials will not be used. I call this stupidity. There should be enough warning examples already.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 10 April, 2013, 12:02

Agreed but, in the perpetual conflict between the quest for efficiency versus effectiveness, I tend to side with the latter even if the ways to achieve it might appear stupid and wasteful at times. Certain countries have enjoyed a basic level of public-private partnership for a long enough time for loftier goals like greater alignment of the partnership make sense. However, in other countries where the expression is almost an oxymoron, public services are better run by the government - in any case, there's no commercial incentive for banks to do so. While citizen ID projects undertaken by the government might have failed in other countries, its success in India proves that there's nothing fundamentally wrong with the model, just that its implementation must be gotten right.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 10 April, 2013, 12:12

How would there not be a business case for banks? And a huge business case for society at large! We should obviously look forward and change old habits - this is a typical case where clinging to the past is really harmful.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 10 April, 2013, 12:13

When has clinging to the past been a good strategy?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 10 April, 2013, 13:04

When I last checked, doing what has proven to be effective - whether it's old or new - was a good business strategy. I personally doubt if saving taxpayer money provides any direct benefit for any bank but I could be wrong. As long as banks see a strong business case in doing so, most banks I know would jump at it.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 10 April, 2013, 20:12

Any enterprise that can contribute significantly to saving tax payers money and furthering progress in the e-society - especially when it can be done without additional investments of any significance and a decent business case (if not huge income) - should do so these days. This is widely understood already. Is it necessary to say that this applies especially to banks - these days? 

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF, Transmeri, Real Time Economy Program - Helsinki Region | 10 April, 2013, 20:15

In other words - nobody can afford narrowminded self indulgance these days. We all need to see the big picture and work together to make the progress happen.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 11 April, 2013, 09:10

Totally agree with Bo but also see mobile operators bringing mobile id to the same market. 

Just counted how many times I have contacted to govermental organizations online this year. Number is 1. If I would have been using only govermental ID card, cost of transaction would have been huge. But when using either bank id or mobile id cost is minimal for tax payers.

Last year I used every month 3-4 times banking IDs/ Mobile ID to do non-banking transactions like confirm online orders, authentication of identity for new services, logging in to other systems like Postal office online PO Box and signing agreements.

Also reuse of old is good for companies. One online university is using banking/ mobile id to accept their new students with strong authentication/ online signature. In the old days, university was sending paper documents to new students. It took over 2 weeks for papers to return. Now their administration signs student with mobile id and student signs his acceptance with bank ID/ mobile ID. Signature is valid and end user can use same method as he is used to do any other action over internet.

 

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 11 April, 2013, 10:53

So, there, there are many nonbanking services who reuse banking credentials. Therefore, I'm not sure if the basic premise of this blog post is valid any longer. Now that there's at least one bank that finds a compelling reason to lend its credentials infrastructure to third party services, others should find a strong enough business case to follow suit. Time will tell how many customers will feel comfortable about (i) sharing their banking credentials with nonbanks (ii) being forcibly logged out of third party services after a few minutes of inactivity just because banking regulators often impose short expiry period of banking credentials on banking websites.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 11 April, 2013, 11:40

Using banking/ mobile ID is safe for customers and merchants. No banking data is told to merchant.

Current system Bo is talking about uses banks/mobile operators only to verify that person is same as behind his credentials. After identification customer is returning back to orginal website but his full name and date of birth is carried to merchant. No banking data, no telephone data is carried to merchant. No banking session is behind actions.

Just to illustrate this process. This morning while I was responding to Bos writing, I was talking with one bank in Finland over phone while I am in Brussels. We agreed to add one new service from bank. They wrote a contract and used online signature service, where I got email/sms message to sign contract. Inside this service I saw document, agreed and signed with my mobile phone ID system in my iPad while eating lunch at my neighborhood bar (sandwiches and good ol Leffe). After signature document was stored to online signature system, one copy of document was sent to me, one to bank as email attachment and one part of document went same time to their CRM system. No paper was printed, all documents are in electronic form and to me best thing is, I could sign document 3500 kilometers away in a real time without going to bank branch or wait faxes/ paper documents to arrive. This signed document was also redirected to our book keeping company to implement.

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 11 April, 2013, 12:17

Thanks but I'm fairly familiar with such services and their process flow, especially SVP payments authorized via banking credentials. It's technically true that the merchant does not receive nor store my banking credentials but it's not easy to convince an average customer of that. I've highlighted the anxiety faced by a typical user with services like that in this Finextra post about MyBank. Two years later, despite the provider of this service being a trusted bank-consortium, MyBank's adoption has been lukewarm, suggesting that the anxiety hasn't gone away. 

Besides, in the example quoted to illustrate the process flow, the transaction is happening between a bank and a customer using a mobile banking ID, there's no third-party merchant, nor third-party credential. Unless mobile ID refers to an ID issued by the MNO, in which case the question is, why not use the banking credential for such a straightforward transaction between a bank and a customer, especially when we're talking about using banking credentials even for nonbanking transactions. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 11 April, 2013, 12:47

As I tried in example to illustrate the easiness of process to use online banking/mobile credtentials. In this case it was bank.

Same time in my own business, consulting, one customer merchent just send me email that contract I proposed is fine and now it is time to sign. So I uploaded agreed document to third party online signature system and system send invitation to him by email/sms and while I am writning this, he is signing his part of document with his banking/mobile credentials and I will sign with my credentials. At time this text is written, document is signed.

I know that in each country trust for the bank varies, but in all Nordic/Baltic countries customers know that no extra data is leaked to merchant. When using mobile ID system even asks do I accept that my name and date of birth is send to merchant. If I don't accept, then process is stopped.

But as Bo is trying to illustrate, why to innovate new identification systems but reuse already trusted systems, if one country has it. In Nordics it could be online banking credentials (see Bo's background) but it could be mobile ID (Turkey) or some other most common and trusted identification method which can be reused in many situations.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 11 April, 2013, 13:44

It's all fine for third-parties to ask such questions. I myself have a long list of them, with my personal - nothing to do with my background :) - favorite being "Osama bin Laden is a terrorist everywhere, so why should each bank in each country have a separate sanctions screening system to block payments to ObL?" However, in actual practice, virtually each large bank does. That's because, in all these things, the questions that really matter are the ones that face the key stakeholders of the transaction viz. "What's in it for me? What're the risks? How do I mitigate them?" for the Bank; "Why should I risk exposing my sensitive banking credentials for everday nonbanking transactions?" for the User; and, "How much will it cost me to reuse banking credentials? Which bank's credentials? In the event a customer files a claim of fraud, will the bank take responsibility? After all, it's claiming that its authentication system is more robust than mine, is tested for AML, blah blah blah" for the Merchant. If and when these questions are answered to the satisfaction of all primary parties, I'm sure banking credentials will find reuse for third-party services.

But, at this point, I'd place my bet on social signon - the reuse of social media logon credentials. It already has a solid headstart in this space; it's free and convenient for everyone; the merchant won't face the equivalent of the "which bank?" question because between Facebook, Twitter and LinkedIn,  social signon covers more people than all banks combined; and, because almost no one is sure how exactly the info collected will be used and shared, nearly everyone assumes that all's well until they discover otherwise.

With the digerati threatening that tech giants and nonbanking startups are going to disintermediate banks soon, I won't blame banks if they're too busy pondering over basic existential questions rather than finding answers to philosphical ones! 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 11 April, 2013, 14:09

Using social media credentials would be nice, same as in the US where they have online signature services where anybody can claim who ever they like to be. As a paper it looks nice, but do I trust social media credentials or US online signature services, No - not at all. Just recently send a document to me friend saying that he had signed a loan with me. I was using one of the no-identification online signature services and his name. Of course it was a joke, but how much you could do under someones name, when identification is not checked.

In the Nordics, countries decided that why to create one govermental based online identification service where as they can reuse excisting systems provided trusted third party companies like banks and mobile operators. And made a law that these methods are valid for online identification. 

For consumers, there has been tradiotionally really strong faith for these institutions. They have been accepted as corner stone for society. But when stepping out of safe Nordic Box, life is different, that I have to say. Living several years here in heart of EU has changed my view to whom to trust.

Usually the cost of identification is only question which arise in the Nordics. Traditionally usage of credentials was free of charge for consumers and tab has been paid by the merchant who wants identify his customer.

Still my vision is to similar as Bo says, but I would extend methods outside original bank credentials for mobile operators verified SIM card methods or third party. It can be also govermental organizations, if and now read carefully if they make a deal with all the other companies, including banks that similar method can be reused to log in to bank and price which banks pay is similar what they pay with their current system. Of course it has to be as safe as current system.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Bo

Banks are the enablers for mass market e-invocing

14 September 2017  |  6130 views  |  0 comments | recomends Recommends 0 TagsPaymentsInnovationGroupElectronic invoicing

e-banking 3.0

10 July 2017  |  4812 views  |  0 comments | recomends Recommends 0 TagsMobile & onlineInnovationGroupDigital Banking Trends

Demise of cash

05 July 2017  |  8964 views  |  0 comments | recomends Recommends 0 TagsCardsInnovationGroupDigital Banking Trends

Bank e-id service rules the waves

04 July 2017  |  5839 views  |  0 comments | recomends Recommends 0 TagsRetail bankingInnovationGroupDigital Banking Trends

Real Time Economy for EU - How?

20 March 2017  |  4803 views  |  0 comments | recomends Recommends 0 TagsMobile & onlineInnovationGroupFintech innovation and startups

Bo's profile

job title Chairman/Founding member
location Helsinki Region
member since 2008
Summary profile See full profile »
Independent advisor and board professional

Bo's expertise

Member since 2008
338 posts256 comments

Who's commenting on Bo's posts