Home » Culture » Why establishing ‘who you are’ is still the biggest challenge in Internet Customer Experience

Why establishing ‘who you are’ is still the biggest challenge in Internet Customer Experience

by Startacus Admin

Startup in the digital economy? Dario Betti, CEO, Mobile Ecosystem Forum shares his insights on the importance of the evolving mobile ecosystem for identity and authentication.

If your new business is focused solely on selling products from a market stall, you won’t need to spend a lot of time being concerned by the issue of digital identity. However, for any Startup intending to be a part of the digital economy, it is an issue that needs to be understood and attention needs to be paid to changes coming our way.

lukenn-sabellano-RDufjtg6JpQ-unsplash The sad truth is that digital identity has been an afterthought. Nobody really knows who you are on the Internet. And this is one of the biggest weaknesses in terms of cybersecurity and long-term sustainability of the digital economy.

So, what does all this mean? What are the main trends in the identity and authentication ecosystem? And what are the implications?

Let’s start by looking at the building blocks of personal data.
Identification: the process of identifying an individual
Authentication: the methods used to re-identify and validate individual identities either by what they have (e.g. SIM, phone, cookie), what they know (e.g. password or pin) or who they are (e.g. biometrics)
Verification: the steps taken to corroborate information provided by the individual by accessing trusted data sources and services (e.g. data brokers, aggregators, telcos)

CONSUMER TRUST ISSUES

The security of their personal data and identity is now a major concern for consumers. Each year, the Mobile Ecosystem Forum (MEF) surveys the level of trust in the ecosystem, and 2021 data revealed a clear gap between the level of expectations from consumers versus real experience. The gap for mobile apps and services keeping data secure (versus the expectation) is 27 percentage points; the gap for privacy is 28 percentage points. This size of gap usually indicates a breaking point in the level of trust between users and a product. In short, the situation looks serious.

After scandals such as phishing or account take-overs, consumers are worried. From the 2021 MEF Survey, the top user concerns are:

Being defrauded / losing money – 49%
Cybercriminals gaining access to my data – 49%
Someone gaining access to my mobile – 47%
My online activity being monitored – 43%
Losing data from my device – 41%
Companies sharing or selling my data – 39%
Spam / junk email – 37%
Companies experiencing a data breach – 33%

Interestingly, None of the above scores just 6%.

Concerns over Personal Data Security and Privacy is now a reason to delete an app (37%), avoid installing one (33%) or stop using a service altogether (29%). The level of authentication/security is an element with clear impact to consumer preferences.

ONLINE THREATS

pexels-mati-mango-6330644 In 2015, global fraud amounted to $3trillion dollars. By 2025, the figure will be $10.5trillion from fraud and cybercrime. The implication is that identity and access management to enterprise systems is becoming increasingly critical.

Globally, we are seeing a pronounced move towards an increasing reliance on digital identity and a clear move away from a distinctly unexceptional user experience and inadequate underlying security. Industry is having to develop new solutions that (a) meet the evolving needs of the user experience and (b) work to mitigate the threats.

Any solution must ensure that it is attractive to a broad range of people and does not discriminate. We need to be conscious of any regulatory developments or industry solutions that might result in digital exclusion by only focusing on solutions for certain groups of individuals – whether age, social status, digital sophistication, or age of their device. We need to be sure certain groups—for example those with disabilities, or those with infrequent or difficult online access—are not excluded.

Online threats are becoming more intense, as is the inevitable fraud that drives these threats. Globally, 59% of enterprises surveyed in 2021 by MEF cited security and fraud prevention as the key driver for digital identity and authentication. The solutions becoming available seek to tackle some of the major issues we are currently seeing:

Device compromisation – where a hostile party can take control of a device remotely
Smishing - when fraudsters attempt to elicit sensitive personal data, passwords, or banking details through SMS (the most common ways to authenticate globally)
SIM (Subscriber Identity Modules) swapping: where a mobile phone identity is swapped with the intention of taking over an account in order to impersonate the user (e.g. making calls, receiving authorisation codes etc.)

MODELS FOR PERSONAL DATA AND IDENTITY

So, what are the models for personal data and identity? This is a critical question to ask. We need to analyse the ‘architecture’ of personal data/identity. The differences among these models implies different applications and threats. We can identify three architectures that are developing and succeeding across the globe that link the individual’s attributes to databases. Interestingly, biometrics are the common thread across all these architectures:

Centralised model – often operated by a government or consortium of financial institutions. In this model, an individual’s information is handled on a centralised database from cradle to grave and has the effect of offering a simplified means of establishing digital identity for a range of services. An example of this approach is Singapore’s SingPass.

Federated model – operating with a series of distributed databases that represent different groupings and where parties can access personal data in one of those databases. The European eIDAS system is an example of one federated approach where trusted service providers can issue and deliver digital signatures and identity. Countries adopting this model
include Belgium, the Netherlands and Italy

Self-sovereign identity model – which has no centralised database where the individual owns, manages, controls, and issues their personal data.

Each of these models needs to ensure that the digital identity provided by a trusted service provider has strong authentication. In practice, we are starting to see the emergence of a new model based on these three models. This could be considered as the establishment of digital credentials. An example of this would be an individual’s Covid status. This would allow a person to obtain their signed and verified health credentials which would then be trusted for access to venues or travel.

Clearly, there are issues around maintaining an individual’s privacy and how authentication fits into the process. Standards are developing that can provide further reassurance. Furthermore, there is the issue of regulation, how liability is distributed in this model of verifiable credentials, and how data is controlled and handled under regulatory requirements such as GDPR.

THE FUTURE

The ecosystem is fighting back from the threats of cyberattacks and we will see more of these innovative solutions emerge. There might not be an overall winner, but the co-existence of alternative approaches is now expected.

The good news is that the effort required to maintain security and reduce fraud will be significantly lessened by these technologies. This is because they will replace or enhance inadequate access control and authentication. Organisations and governments need this enhanced measure of multi-factor authentication to progress in the coming years. And individuals need the knowledge that their data is safe and that they can exercise trust in the integrity of it.

ABOUT THE AUTHOR

Dario Betti is CEO of MEF (Mobile Ecosystem Forum) a global trade body established in 2000 and headquartered in the UK with members across the world. As the voice of the mobile ecosystem, it focuses on cross-industry best practices, anti-fraud and monetisation. The Forum provides its members with global and cross-sector platforms for networking, collaboration and advancing industry solutions.

Subscribe to our newsletter

If you would like to receive our startup themed newsletter, full of the latest startup opportunities, events, news, stories, tips and advice, then sign up here.

Our Latest Features

Sticky - the no-code operating platform for physical spaces

The lowdown on Manchester-based startup Sticky and its innovative no-code solution to help businesses turn any physical space into an engagement opportunity.

Startup Sook Receives Investment from Tobin Capital

Tobin Capital continues to expand its portfolio by investing in pop-up marketplace Sook, the startup on a mission to revolutionise the high street.

L Marks Seeking Startups and Scaleups for Sodexo Healthcare and Seniors Accelerator

Sodexo and L Marks open call for applications from innovative startups and scaleups to join their inaugural Sodexo Healthcare and Seniors Accelerator.

Hands In - group payments made easier

The group payments solution that's better for businesses and customers alike, thanks to innovative fintech startup Hands In.

FuturePlus - empowering businesses and transforming sustainability practices

The lowdown on FuturePlus, the startup that's on a mission to make sustainability accessible, achievable and affordable for all businesses.

Choosing a Leadership Style for your New Business

John McLachlan, author and co-founder of Monkey Puzzle Training & Consultancy examines the differences between action-oriented and reflective leaders and which approach is best.

GoJoe - the social fitness app for work and play

The fitness app that's not just about physical fitness; GoJoe helps employers to engage, motivate and connect their people across all pillars of wellbeing.

United Utilities Innovation Lab launches call-out for innovative ideas for fifth programme

Now in its fifth year, North West England water firm United Utilities opens call for Innovation Lab, its pioneering ideas incubation programme.

OneTech Spins Out from Capital Enterprise to Support Underserved Communities in Tech Across the UK

Not-for-profit OneTech has spunout from Capital Enterprise to expand its offering and continue its mission of creating a more equitable, diverse and supported startup ecosystem.

Deep Render - innovation in image compression tech

London-based startup Deep Render tackles the internet’s data and bandwidth challenges via its innovative AI-powered file compression technology.

Published on: 29th April 2022

If you would like to enable commenting via your Startacus account, please enable Disqus functionality in your Account Settings.

Startup Sook Receives Investment from Tobin Capital 24th May 2023 Tobin Capital continues to expand its portfolio by investing in pop-up marketplace Sook, the startup on a mission to revolutionise the high street.
L Marks Seeking Startups and Scaleups for Sodexo Healthcare and Seniors Accelerator 23rd May 2023 Sodexo and L Marks open call for applications from innovative startups and scaleups to join their inaugural Sodexo Healthcare and Seniors Accelerator.
United Utilities Innovation Lab launches call-out for innovative ideas for fifth programme 18th May 2023 Now in its fifth year, North West England water firm United Utilities opens call for Innovation Lab, its pioneering ideas incubation programme.
OneTech Spins Out from Capital Enterprise to Support Underserved Communities in Tech Across the UK 18th May 2023 Not-for-profit OneTech has spunout from Capital Enterprise to expand its offering and continue its mission of creating a more equitable, diverse and supported startup ecosystem.