Every person who is active online has two identities. The first one is our physical identity, proven by our identity documents. The second one is our digital identity, which we use to identify ourselves to banks, online shops and insurers online. Due to digitalization, management of the digital identity is becoming increasingly important.
Very few people think about how often their identity plays a role in everyday life. But it is an unconditional prerequisite for legal transactions of all kinds. When we pick up a package from the post office, we have to identify ourselves. This is exactly what the notary does too, when concluding a purchase contract or signing a will: the identity must be confirmed.
Growing importance of digital identities
The more people communicate, shop or even sign contracts online (for loans or insurance, for example), the more important digital identities become. This is a subject that strangely receives little attention. After all, the ultimate goal is to prove that the person is actually who they make themselves out to be online.
This is a problem that is being addressed in a similar form in other places, because machines also need digital identities. Think of a car, whose sensors automatically get the fuel at the filling station or pay electronically with the driver's gestures.
The problem with the gatekeepers
Once again, the three major Internet giants Google, Facebook and Apple were the first to recognize a problem. Each of the companies offers operators of shops or other portals to manage people's identity. Instead of first having to open a customer account in a shop, the new customer logs in via Google, with his Facebook account or with the Apple ID. The data required for the transaction is then immediately available.
This works smoothly until one of the gatekeepers puts an end to the game and exploits its power. This was recently the case in the dispute between Apple and the game developer Epic. There is no need to go into the specific background at this point. The dispute then escalated to the point where Apple unceremoniously blocked Epic game from the interface for its registration service. As a result, Epic's customers were no longer able to log on to the systems: a gatekeeper had flexed its muscles.
A comprehensive, secure identity management is needed
Strictly speaking, every merchant takes a potential risk when letting a customer place an order using just his or her user account. For compliance reasons, banks and insurance companies cannot make it that easy for themselves. And this is why users repeatedly face proof of identity in application processes (e.g. via WebIdent, ID Now or MyWebID). Although this works faster than the paper-based Postident procedure, it is still cumbersome.
Another technical option would be to use an electronic identity document. However, not every German citizen has it yet, and a corresponding reader is also required to read the RFID chip on the ID card.
The example of Apple shows how unreliable gatekeepers can be, especially since users must be aware that when they use them, Google, for example, will know where they are logging in from. The lower level of data protection in the USA is also worth bearing in mind.
New business models for insurance companies?
There are two institutions in Germany in which users have great confidence. These are the banks and savings banks on the one hand and insurance companies on the other. The companies could actively use this trust to establish themselves as guardians of the digital identity. The advantage for the companies is that they would remain present in the customers' everyday lives even outside of insurance. Further services could be developed and monetized around identity management. Identity management could be the basis for new business models.
However, these opportunities only arise if identity management is seen as a strategic issue that does not only need to be considered so that customers can securely log on to the company's own portal or app. And such an initiative would have a better chance of success if it worked across companies. Technologies that can verify and store digital identities are available through block chain and AI systems. What is missing is a comprehensive concept and the necessary infrastructure.
Verimi is already working with "People ID" on a system for everyday identity management: a potential gatekeeper outside the insurance industry. Verimi's shareholders include companies and organizations such as Bundesdruckerei, Giesecke+Devrient and Deutsche Bahn, which together stand for a high level of data protection.
However, the question is whether the insurance industry should join such systems, or whether it would be better to use its strong position with customers to establish its own service before someone else does.
Do you have any questions or comments? Then please leave us a comment.