Please find a guestblog by Sonia Miles-Khan. She is a FinTech and Innovation practitioner and I am excited to share her thoughts on this blog.
Where is PayPal for my identity?
Or more broadly “Where is my digital safe deposit box/identity bank?” my “filing cabinet in the sky” so to speak…..
Source image: www.buildthesong.net
Why do we need it?
In society’s movement toward faceless and paperless digital transactions in all walks of commerce and life, the need to verify who we are and authorise transactions is increasing. For example, everyday many of us pay for things online. In the past we had to trust payment gateways with our credit card details and keep these details on us at all times. We had to fill out pesky direct debt slips and sign them and fax them off to administration facilities. However now we don’t need to do that. PayPal is the secure payment gateway that we trust. We enter our bank and card details and secure them with an alpha-numeric password in our PayPal account.
Similarly “proving” who we are has evolved as a laborious task. While 100 years ago a birth certificate and or identity card proved who we were, now we have a complex web of proving our identities; proof of age cards, birth certificates, drivers licences, passports, visas, passwords, PIN numbers, Tax File Numbers, fingerprints, CAPTCHAs…
Not only do we need to prove who we are to obtain an ID, we also need to continue to use ID after ID, to prove who we are and to multiple organisations.
The administration alone of maintaining current identification status quos is laborious. Adding to this the widening ages and literacy levels of those transacting online and the need for simple identification solutions becomes very apparent.
What if all our identification points were stored in a “bank”? (or “filing cabinet in the sky”)
Imagine if this ID bank was similar to PayPal in that when you reached the point where you needed to prove your identity, be it in person or digitally, you could go via a secure “proof of ID portal” which provided your desired identification points to an organisation upon providing identifiers….
Firstly, what identification could an ID bank hold?
Full legal name, age, legal place of address, legal billing address, spouse, next of kin, key relationships (such as parents and children), birthplace, phone numbers, social media accounts, passport details, visa details, licence details, up to date photo, biometrics, system logins, passwords, PIN numbers, building security, bank identification…. The list goes on….
How could one’s identity be verified remotely in the first place?
There is no point making a virtual identification bank if people must register face-to-face; this is an unnecessary barrier to entry. Physical documents such as birth certificates and passports can be verified, by providing photographs of originals to the issuer for their verification. So practically speaking, a photo of a passport could be sent to the issuing government body for their verification with other identification points such as fingerprints from a smartphone scanner. With access to cameras, photos of applicants can be taken in real-time and algorithms can be used to perform an identification match. We have the technology now to identify people remotely with a high level of certainty.
How could one “release” identification and authorisation through the ID bank?
A request through the platform could come from many means. It may be;
- A highway patrol policeman who has permission to request access to licence details through the platform. The driver provides a name and biometric authorisation or simple passcode, thereby saving the driver holding a drivers licence and the officer having to manually check licence currency.
- A bank making a request for identification when an applicant applied for an account. The applicant may enter a combination of name, biometric identifier and simple passcode, “releasing” identification points. On approving high value transactions the applicant may provide the same identifiers to “release” authorisation.
- Renewing licences. When an applicant has been approved for renewal, the applicant would be able to update details such as address and photo by uploading documents for authorisation from the issuer and providing a new image in real-time for algorithm certification.
Is it in the market already?
In naïve forms. Symantec, IdPortal, SayPay, Intuit, KYC, Matchi and many others are already working in this space with a variety of solutions, however, there is no widely accepted identification solution in the same vein as PayPal. Adding to this, the time may not yet be right in the market, after all, will consumers be willing to place their most sensitive identification and information in a cloud? Maybe not. However as the volume of online transactions of all types increases and society tires of renewing and securely keeping documents and passwords, this solution may be craved.
The content of this message has been published earlier on Sonia’s LinkedIn page. Don’t hesitate to reach out to her directly! In her day to day job as Management Consultant Sonia Miles-Khan is active contributor to FinTech solutions groups. Ideas and opinions expressed here are solely her own personal ponderings and are not the ideas or opinions of her employer.