In an omni-channel experience, where the notion of location is secondary to that of a fluid journey, identity management can fast become a stumbling block, and undermine the experience as a whole. As predicted by Scott Galloway, the way in which we define and validate our personal identity is a key issue this year.
Digital identity: the standards you need to know about
This trend is being confirmed with the implementation of standards, and mainly:
- The GDPR (May 2018) that expands on the protection of personal data, through the principle of explicit consent in particular;
- The WebAuthn standard (W3C) by the FIDO Alliance (4th March 2019), which reduces reliance on passwords in favour of strong authentication through biometrics (FIDO2);
- The 2nd section of PSD2 (payment services directive), which is due to come into force in September 2019, aims to reinforce the security of financial transactions through strong customer authentication with a minimum of two factors. These factors could be a code, a password, a device, or biometric data (fingerprint, voice, iris, etc.).
PSD2 also provide access to bank data through a secure API for Payment Initiation Service Providers (Paypal, HiPay, SOFORT, Adyen, etc.) and account aggregators (Linxo, Bankin’, etc.). This puts an end to screen-scraping (the collection of screen display data). Brands are therefore having to rethink or strengthen identity management.
What impact will this have on the digital world?
1.Ways of authenticating one’s identity
The implementation of strong authentication (Strong Customer Authentication, SCA), required by the FIDO Alliance and PSD2, is certainly the most challenging change for commercial and financial exchange platforms. Market researcher 451 Research has found that many companies are not entirely aware of the impact of SCA. "Our survey shows that companies are not properly prepared, and what is even more worrying is that they don’t fully appreciate the way in which SCA will transform online purchasing for European consumers" says Jordan McKee, an analyst who works for the firm. This authentication will oblige companies to rethink the experience so as to take into account both the device being used and its biometric capacities. There will be several possible scenarios depending on your users’ level of knowledge, and the software architecture you have. This architecture will need to evolve to include trusted third parties to manage the authentication process, new biometric capacities, and data collection in keeping with GDPR directives.
2.Personalisation of the user experience
Knowledge of the customer is essential to personalisation, and has therefore become the new godsend of any marketing approach. But this knowledge must be able to identify customers so as to give them profiles to make their individual experiences unique. Platforms that do not comply with these standards won’t be able to provide a personalised experience. It is therefore essential to begin integrating these new means of identification as quickly as possible. However, it isn’t always necessary to identify the user. Amazon has devised a recommendation system based on the product instead of the customer. By analysing the customer’s path, the system deduces a chart of inter-related products. Seeing as consumers can be versatile, it makes more sense for Amazon to base their process on products.
Newly simplified payments are resulting in transformations in points of sale and purchases. Retailers are taking a close look at mobile checkout solutions such as Square and SumUp, or concepts like Amazon Go and SmartShelf. SmartShelf technology offers the "Frictionless Shopping" model, in which checkouts are replaced by computer vision. Cameras are linked to artificial intelligence, which analyses videos live. AI identifies a consumer and their feelings, and detects both their behaviour and movements, which means it is able to charge customers for the contents of their baskets in real time without them having to go through the checkout. And this is only the beginning, with the increase in facial recognition technology in China. Following in the footsteps of Sephora, Carrefour recently inaugurated its new French-style concept store on the famous Wangfujing Street in Beijing. It includes numerous innovations, in particular payment through facial recognition; a system launched in April 2019 in its 210 hypermarkets in Chian, in partnership with Tencent via WeChat. (Source: L'Usine Digitale) But it still pays to be careful. Facebook Messenger's experience in Europe shows that some methods of payment just don’t appeal to users. Furthermore, although GDPR and PSD2 are more secure, they also make the payment process more complicated, which is what Facebook found daunting in its experiment. The act of paying for something is still seen as sacred in Europe.
4.Digital identity versus civil identity
This digital transformation is leading us into a digitised world that boasts lots of services and products, in which our digital identity will be as strong as our ID documents, thanks to technology and regulations that will make it unique and forgery-proof. Le Vote, Orange’s Civic Tech programme solution, relies on this digital identity to provide a solution for municipalities that wish to consult their citizens in local matters. The solution includes a website for elected representatives and a mobile application for citizens based on blockchain technology, to guarantee the security of polling. Le Vote is already in use in several municipalities in France, and will soon be available on an international level. It is easy to imagine that economy, performance and productivity logic will quicken the pace of this digital transformation. It will soon be increasingly difficult to do without a digital identity, to access State services (as in Estonia, where everything is done online), at work or in everyday life (and it has already begun).