You can’t have trust without some type of trusted authority, and any type of authority is fragile without a reasonable level of trust. Those ancient lessons apply to everything from politics to culture to economics — and now, they are playing out in the world of payments and commerce, as digital ID and authentication are becoming increasingly important to the ongoing growth and success of daily digital life.
The problem — and opportunity, of course — is that so many relatively mundane consumer and financial tasks are moving into the mobile realm, a place where physical, government-issued ID documents are not necessarily required or pragmatic. And as that shift occurs, there is increasing pressure from consumers and businesses to shorten the time between consumer intention and finalized transaction – and to do so in a way that prevents the creation of any exploited holes for criminals to go through.
That’s the setting for the latest edition of the PYMNTS Topic TBD interview series, in which Karen Webster talks with Dewald Nolte, CCO at Entersekt. The discussion took place during a recent surge in global attention to issues of trust. That stemmed from the recent Davos conference in Switzerland, where the world’s elite talked a lot about trust — more specifically, the decreasing levels of trust that the general public has for public institutions, social media, big tech and companies in general (but, apparently, not individual employers).
How to Trust?
Part of the reason for having more trust in employers than in other people and organizations is that, essentially, people know employers in real life, Nolte said. That gives people the chance to have that “proverbial look in the eye,” something that does not come, for instance, with Facebook – no matter how many times people see news or social media images of CEO Mark Zuckerberg.
But most people don’t live in villages or small towns anymore, and no matter how familiar consumers might be with local merchants or even bank tellers, more and more retail and financial tasks keep migrating online. Face-to-face contact, at least in matters of trust, seems to be headed toward something that might one day be considered a type of luxury or perk. More often, criminals are finding it easier to steal or buy enough data from the online black market to impersonate consumers, open fake accounts or commit other types of digital fraud.
That goes for the real, physical world of retail, too. A determined, clever criminal could buy a car with a fake persona if he or she is just “able to produce the right documentation,” Nolte told Webster during the PYMNTS interview.
Going forward, “we should probably start thinking about digital ID the same way we think about money,” he said. “The data should be very well-protected in the same way that digital cash is protected.”
That’s a common thought, of course, but still vital, and leads to the next step in making sure digital ID has the needed level of trust in the coming years and decades. That next step, in fact, could potentially counteract the numbness that has set in among many consumers thanks to all of those data breaches — along with the sense that, in Webster’s world, when it comes to online security and trust, “things are spinning out of control.”
Trust Anchors
One possible remedy?
What amounts to anchors for digital ID and trust.
The idea, according to Nolte, is to first recognize that mobile devices — mostly smartphones now, but perhaps with bigger roles for smartwatches in the coming few years — are the tokens that provide access to payment, financial and commerce functions. Those devices, though, need a trust backstop themselves — a communication and authentication process in which a trusted third party confirms that the digital ID offered by the mobile device is, indeed, legitimate.
Nolte used a common consumer example to illustrate that view. “In a store, when a consumer pays with a card, the bank tells the merchant that” the transaction can go through because the customer is legitimate (or at least as legitimate as can be reasonably determined). “The merchant trusts the bank enough” to let the purchase go forward and gives the consumer the goods he or she is buying.
The opportunity for digital ID is similar: have that trusted third party authenticate consumer IDs for a retailer or other participant in the specific transaction. That third party must have the trust of consumers and retailers, of course.
Banks and Governments
That’s why, in the U.S. and many other parts of the western world, financial institutions could play that role, given that “consumers already trust them with their bank accounts,” Nolte said. In certain countries, the post office might suffice. In many countries, though — especially those in emerging markets — the government would be a bad choice, given how some of those non-democratic regimes have fragile trust relationships with citizens.
Consumers also need a reliable place to turn to should they lose their mobile devices and need to rebuild or regain parts of their digital identity — it’s not like they can simply show up at Google headquarters and expect help there, of course. Having a trusted, reliable third party — think of it as a trust anchor — could help solve for that problem as well.
Concepts of identity and trust have changed often throughout history, and have led to significant shifts in politics, economics and culture. The ongoing shift is no less historic, but nothing guarantees that it will go smoothly. Identifying stronger anchors of trust could help tilt the odds in favor of a positive outcome.