Mark Haine, Don Thibeau, Nick Mothershaw, and Daniel Goldscheider continue their editorial journey into the digital identity wallet.
Building upon our previous installment, where we explored the fate of GAIN and the compelling incentives for banks to embrace identity wallets, today we shift our focus to the potential risks that may arise if widespread participation in this movement remains limited.
There are several potential issues that can arise when a few companies have control over digital wallets:
Centralisation and fees: oligopolies often impose fees on every credit card transaction made through their platform. This means that issuing banks need to pay a portion of each transaction to the wallet provider. Alternatively, some dominant wallets monetize transaction data, which may not align with the interests of banks, merchants, or end users.
Data privacy concerns: Another danger is the potential for wallet providers to extract and exploit transaction data.
Co-promotion and product bias: When only a few companies control the wallet market, there is a risk that they will prioritise promoting their own products and services over those of other banks or merchants. This can create an unfair advantage and limit consumer choice.
To counter these challenges, banks and other organisations can build their own wallets. This empowers them to retain control over customer data and transactions, without being reliant on external wallet providers. However, banks must navigate this path without replicating the monopolistic practices of dominant players. The Open Wallet Foundation aims to provide the necessary building blocks and expertise for banks, startups, governments, and other entities to create their wallets more easily, promoting a democratic and accessible approach to wallet development.
Absolutely, when it comes to implementing a digital identity wallet, regardless of the jurisdiction, there are indeed several challenges that need to be addressed proactively. It's crucial to ensure that the concerns and perspectives of the individuals using these mobile devices and wallets are considered throughout the process.
One of the key challenges is the need for interoperability among national wallets. It is important to avoid situations where local entities or systems fail to communicate effectively. A notable example is the lack of interoperability across state borders within the current implementation of mobile driving licenses in the United States, as pointed out by Juliana Cafik from Microsoft. Ensuring interoperability is essential to provide a seamless experience for users.
Secondly, while convenience is a significant factor, it's vital to recognise that reducing friction isn't always the best approach. Sometimes, introducing appropriate friction can serve as guardrails for end users, preventing them from being deceived or unintentionally sharing sensitive information with illegitimate recipients. Striking the right balance between convenience and security is crucial.
Lastly, it's important to be cautious about making the process too easy, as it can potentially facilitate fraudsters in accessing users' sensitive Personally Identifiable Information (PII). Safeguarding the privacy and security of users' data should be a top priority.
Not to mention that some unintended consequences could arise around product development biases.
Ensuring that biases are not created or perpetuated in our products is a fundamental principle we hold dear. The identity wallet we envision is the result of a diverse international community coming together. The contributions from different cultures, countries, technical communities, and people make the product more diverse, interoperable, and inclusive.
This commitment to diversity and inclusivity is particularly important when striving for global reach. When we say ‘global’, we mean catering to both developed and developing countries. In fact, it holds particular significance for developing countries, as we have witnessed how these nations can leapfrog technology and embrace innovative solutions.
By approaching this endeavour collaboratively, as a non-profit organisation that embraces diversity, we provide developing countries, regardless of their political or regional affiliations, with an opportunity to adopt a practical and valuable proposition. This proposition can have the same value as a bank, offering a foundation built on existing standards and code bases (such as the ones Daniel is already developing). However, it's important to note that countries have the choice to build their own solutions independently or rely on existing providers like Apple.
Nick – The evolution of the digital identity wallet space is intriguing to observe. When we consider Visa's announcement in 1999 proclaiming it as 'the year of the e-wallet’, it took nearly two decades, until 2018, for mobile wallet payments to surpass payment cards in transaction volume. These data points highlight the difficulty in predicting the trajectory and timing of such developments.
Over the past decade, we witnessed the emergence of identity providers and the subsequent shift toward wallets that also fulfil the role of identity management. These endeavours all aim to address the same fundamental challenge: enabling individuals to digitally manage and present their identities.
As the industry evolves, we may adopt new terminologies and concepts that we haven't yet conceived. The current alignment of the wallet concept with the agendas of companies like Apple and Google, which have integrated wallets into their mobile devices, indicates a natural progression. They initially focused on payments and ticketing, mirroring the functionalities of traditional wallets, and are expanding outward to create an open ecosystem.
The vision is to establish a landscape where users have a choice of wallets from a range of open and competitive providers. This may involve moving away from device-dependent wallets and instead relying on secure enclaves or cloud-based solutions to store and manage cryptographic keys. This approach offers the convenience of carrying the necessary keys across multiple devices, while reducing the concentration of power held by device manufacturers, such as Apple and Google, who control the secure enclave within their operating systems.
If we peer into the future over the course of the next decade, I predict the development of a secure enclave that is not confined to a specific device. It will be multi-device compatible and operate in the cloud. This evolution aligns with the direction the industry is moving, aiming for interoperability, enhanced user experience, and a sustainable business model.
Mark - While the focus on interoperability, great user experience (UX), and a sustainable business model remains crucial, it's important to consider the unique selling proposition (USP) of the wallet, particularly in offline use cases.
When we examine the landscape, we observe that many other architectures can fulfil the requirements of interoperability, UX, and sustainable business models. However, there is a distinct need for a wallet specifically designed to address offline scenarios. This type of wallet serves as a cached copy of essential root credentials, enabling users to manage their identities and perform transactions without an active internet connection.
Don - The development of a digital identity wallet holds great potential, as it taps into a concept that people can readily understand and relate to—the physical wallet. With the widespread use of physical wallets, individuals already possess a mental framework for managing and organising their personal information and credentials.
In addition, the growing recognition among government regulators of the need for more options in the digital identity space is a significant driver for the development of digital identity wallets. The question arises: Shouldn't there be more than just two choices? This sentiment reflects a desire for greater diversity and competition, which can lead to innovation and improved offerings in the market.
These two factors—the relatability of wallets to individuals and the call for more choices from government regulators—are likely to shape the development of digital identity wallets in unprecedented ways. It is expected to drive the market to provide a range of options and solutions that cater to different user needs and preferences.
Daniel – what Don said.
Concluding our three-part interview series on digital wallets, open standards, GAIN, EUDI, and more, we extend a heartfelt thank you to our esteemed identity experts and media partners at KuppingerCole. The European Identity & Cloud Conference 2023 served as the perfect gathering to connect with industry stalwarts such as Daniel, Don, Mark, and Nick, allowing us to delve into the depths of digital identity and the underlying technology.
To gain a comprehensive overview and delve deeper into the event, we invite you to explore our detailed event summary.
About Daniel Goldscheider
Daniel is the Founder and ED of OpenWallet Foundation, a consortium of companies and non-profit organisations collaborating to drive global adoption of open, secure, and interoperable digital wallet solutions as well as providing access to expertise and advice through our Government Advisory Council. He is an avid advisor and investor in numerous fintech startups.
About Don Thibeau
Don Thibeau serves on the Board of the OpenID Foundation after 10 years of service as Executive Director. He was the founder of Open Identity Exchange and now serves as its Vice Chairman. He currently works in early-stage venture funding.
About Mark Haine
Mark is an engineer and entrepreneur who has focused his career on building solutions that enable business and mitigate risk largely in financial services. Mark has helped organisations navigate the complexities of securely enabling third-party access to data via APIs in tightly regulated environments.
About Nick Mothershaw
Nick Mothershaw is Chief Identity Strategist at the Open Identity Exchange (OIX), a non-profit trade organisation on a mission to create a world where everyone can prove their identity and eligibility anywhere through a universally trusted ID. Working with organisations across the globe, Nick is leading the development of clear guidance around inter-operable, trusted identities. In his previous role as Director of ID and Fraud at Experian, he led the development, launch, and operation of a full ‘Identity as a Service’ solution – the first live example of a digital ID that is seamlessly interoperable across the public and private sector in the UK.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now