Sponsored Content
news.cuna.org/articles/115036-two-factors-driving-the-identity-management-revolution
George Middlebrook

Two Factors Driving the Identity Management Revolution

Biometrics, distributed ledger technology remove the need to ‘log in.’

October 18, 2018

The current digital economy is all about creating great user experiences for our credit union members. These experiences include several common denominators, like ease of use with 24/7 accessibility, which often produce the reward of a win-win situation both for credit unions and their members.

Digital solutions, when done well, meet members’ expectations for convenience, streamline credit union operations, and increase engagement between the two. The challenge many of us face, however, is how to improve our members’ experiences for accessing sensitive financial applications and information while balancing security and risk.

What we’ve found is the more security required, the higher the burden on the member to remember complex passwords or use multi-factor authentication mechanisms. As a result, most of us are experiencing “password fatigue”—a growing frustration over having to remember and manage (not well) so many passwords to get through daily life.

Thankfully, advances in identity management are aligning with other technologies, such as analytics and blockchain, to provide new mechanisms for self-identity and fraud protection that may one day help our members feel a bit of relief while also keeping their information secure.

The current emphasis on IDs and passwords has proven to be barely sufficient protection, as the level of breaches in most retail environments shows. The consistent migration of identity information into digital forms necessitates increased security, cost-effectiveness, and ease of use.

Two factors have emerged as leaders driving the revolution in identity management, providing new and better mechanisms for fraud protection and self-identity.

1. Advanced biometrics

Many of us are already familiar with the escalating use of biometrics in recent years for identity verification. From facial recognition and fingerprint identification on smartphones to voice recognition in cars, the current use of biometrics as tools for identity management is only expected to grow.

Advanced biometrics builds on the idea of “something you are,” combining state-of-the art mobile technology with the availability of multiple biometrics, such as authenticating by voice or by facial ID.

Similarly, when needs arise for layers of security, biometrics can be combined to create capabilities for multifactor identification.

When combining facial, thumbprint, voice, and other technologies, these “levels” of identity layers can be built to create increasing states of security. The most important factor of biometrics is absolute identification of the user: not a device, ID, or password.

2. Distributed ledger technology (DLT)

A completely different way to look at our digital relationships is to remove the need to “log in.”

Replacing the relationship that provides redundant information across a wide variety of websites (some you may never return to), DLTs are working on ways users can “self-permission” websites to access their data.

The user approves the rules of access, and the website never needs long-term storage of users’ private information. Making a payment, providing an address, moving medical information from doctor to doctor is simplified by keeping the data in a secure digital repository.

For example, imagine wanting to buy something online. Instead of logging in and handing over your credit card, you instead provide permission for the retailer to get a one-time-use credit card number from a digital traffic cop (i.e., DLT) that you control.

The retailer will ask the DLT for permission, the DLT will ask you to confirm on your device, and the payment is delivered. Nothing personal was revealed. The DLT could then provide the shipper with your address, the retailer never having to see it (and the shipper never seeing what you bought).

DLTs can be used to store many kinds of contracts: payment transactions, mortgage or loan information, identity itself (driver’s license, passport, etc.). The relationship between you and the DLT is yours, and those getting access to data require your permission.

As a result of these emerging factors, there are a number of new and highly effective identity management solutions available to credit unions.

To dive deeper into the factors revolutionizing identity management and learn more about some of the prevailing solutions for credit unions, please join me on Nov. 13 for a live webinar: Identity Management and the Member Experience.

GEORGE MIDDLEBROOK is vice president, solution strategy, at Corporate One Federal Credit Union.