Jump to main content

Digital ID: Coming to a Credit Union Near You?

MUSKEGO, Wis. – April 11, 2018 – Your accounts for email, social media, online shopping and digital banking all require your digital identity for access. To make sure you are you, online service providers typically ask you to answer a security question or two.

But when you transfer funds from one financial account to another, refill a prescription, receive a private message from a healthcare provider, or log in to any online service, how can the service asking for ID verification be sure that it’s really you initiating the transaction? How can you be sure that your identity will be protected by the services you use, and that you’ll be well-safeguarded from criminal hacking?

Studies show that data breaches are on the rise. Breached identities are becoming a fact of daily life and we, as credit unions with the collaborative mission of “people helping people,” need to make sure that member identities remain safe in our increasingly difficult-to-protect digital world. A lack of due diligence in this area will prove costly. Single sign-on (SSO), multi-factor authentication (MFA), secure tokens and biometrics are used to protect accounts and identities now, but as we have too often seen, they’re not foolproof. What happens if an employee with legitimate access to sensitive data shares that data? What happens if the data is lost or stolen?

The Crux of the Problem

The crux of the problem is this: people don’t own their own identities. The companies we all do business with are the real owners. They store our ID information in their own individual silos. Security protections regarding your data are set up by those companies, and they’re set up according to each entity’s own privacy-protecting criteria. This means that the companies storing our IDs are in control.

And, because the cost of keeping data safe in this fast-paced digital world is high, there are companies that have not, or cannot, keep up with vital security enhancements. If recent history is any predictor of the future, we are in for more breaches of personal information going forward.

Think about this: Companies such as Amazon, Microsoft and Apple integrate personal digital IDs across all their companion platforms. For example, the same Amazon login ID is used for all their different services including shopping, music, video and audiobooks.

Have You Been Carded?

One breach means it’s all breached. Have you ever been “carded” by a server or bartender while ordering an alcoholic beverage? That person now has your home address, driver’s license number, age, height, weight and eye color. Your information can be passed on to an identity thief who can use that data to gain access to even more of your personal information­, which in turn could give them access to your financial, credit card, email and services accounts.

According to a 2017 PwC digital banking consumer survey, 46% of us are now using digital-only channels to interact with our financial institutions. In other words, nearly half of all consumers using banking services are likely to never set foot in a bank or credit union branch again. That percentage is predicted to rise.

A Few Rules to Follow

So, if we aren’t going to physically conduct business with a good portion of our members anymore, then we have to up our digital banking game to protect them. Digital identity needs to be more than just SSO. It needs to provide a seamless, secure user experience from sign-up to purchase, and then ongoing. Here are a few rules that any digital identity solution should follow:

  • Control and ownership of any digital ID must be held by the individual—not the vendor, financial institution, or credit card company.
  • Enhanced privacy and security measures need to be solidly built-in from day one.
  • Ease of use should be as simple as taking your current ID out of your wallet.

Obviously, a big change to a big system is easier said than done. This endeavor sounds like—and really is—a huge undertaking. Thankfully for credit unions, we don’t have to build these hyper-secure systems on our own. Microsoft, IBM, Accenture, RSA and many others have joined the Decentralized Identity Foundation (DIF), as well as ID2020, to build an open, decentralized system rooted in blockchain IDs and zero trust architecture. This means that the technology for changing the way our digital ID world operates is already available.

But will credit unions take a proactive stance on this issue and begin investing in member-owned digital ID technology? Since survival in the digital world depends on them doing so, and since credit unions are steadfast in their mission to serve their members’ needs, credit unions—I hope—will lead the charge on this issue. Only when each person’s digital identity is self-owned and self-controlled, can we reliably trust that people are who they say they are.

Ryan McMillan has been the Director of Technology Solutions for Emergifi since 2017. His passion for helping others in all facets of technology shines through in the results he provides for credit union members. In addition to his role at Emergifi, he also is the lead System Engineer for Corporate Central Credit Union. Connect with Ryan on LinkedIn.

6262 South Lowell Place, Muskego, WI 53150
Phone: (844) 448-2876
Privacy Policy | Disclosures

Powered by SmartSource Solutions, LLC
Copyright © 2019 | All Rights Reserved