Digital Identity and the Currency of Trust
Posted April 4, 2017
Today marks the opening day of the Digital Identity Summit APAC 2017 in Hong Kong.
It is a showcase of the best regional talent and thought leaders in fraud and security. We have gathered to discuss the digital economy as a key driving force in business as well as what industry leaders are doing and what all digital businesses need to be doing to survive and thrive.
The theme of this event — The Currency of Trust — set my mind in motion, thinking about the forces that ushered in digital identity and what has changed so quickly now that these same forces apply to almost all businesses. In other words, why digital identity and why now?
Clearly, keeping customers happy and driving loyalty has always been important, and might be even more so for today’s digital customer. Their digital experience needs to be modern, easy, personalized and, above all, safe. Even the pace of change is not necessarily new. Most in business today have become used to rapid change and the need to evolve.
But, a paradigm shift in fraud and security to digital identity is happening, and there’s good reasons for that. The business environment has changed remarkably. The digital economy is in full bloom, it’s global, and businesses are facing a new environment. To understand it, we need to take a step back.
At its origin, digital identity was ushered in by industry leaders in eCommerce, Finance, Media and others to secure and protect the ever-mounting number of digital transactions, including card-not-present transactions, account origination, account takeover and payments, from a tsunami of threats – many from organized crime rings. The business imperative was clear: meet customers on channels of their preference to give them what they wanted. But, the security and fraud technology available was simply not sufficient.
Early movers found to their surprise that business systems designed for openness and ubiquitous access were highly vulnerable to cybercriminals lurking in the shadows. Even as security teams scrambled, we saw data breaches at a scale no one expected or had seen before. But, the vulnerabilities were not just limited to sales and marketing. Digital gateways to enterprise systems were opened to the Internet, but many of those systems treated security as an afterthought and were ripe for the picking. The harvest was rich.
Many businesses were ill equipped to move rapidly, hamstrung by overburdened fraud teams and siloed organizations. No matter how hard they worked, security teams found it hard to overcome vulnerability inherited from their technology supply chain, from business partners tethered to their IT systems, and even from users with easily guessable passwords or plain bad habits.
Enter the industry disruptors who were born digital and focused on developing core competencies in speed and security. They didn’t need to retool or retrofit technologies. They simply built digital identity into their systems. They realized that threats that come from the cloud needed to be mitigated in the cloud. And that it takes a business network to fight an organized, global cybercrime network. A new paradigm for security and fraud emerged, and it placed customers and the devices that stand in for them on the Internet at its center.
Awareness emerged that understanding the global behavioral history encompassing the device, but not limited to it, was the critically important factor to establishing trust on the Internet. Dynamic information, not a static user id and password, should be the key at every critical step of a digitally-enabled business process. Once trust was established through instant risk decision based on real time global shared intelligence — and not limited to behaviors within the four walls of the business itself — services could be delivered with a high degree of certainty that customers would benefit, but not fraudsters posing as them.
It made sense that equipping the security and fraud systems to see and evaluate a reputation built up over time, across websites, across someone’s personal and corporate lives, and across borders more closely mirrored what happens in real life at the local bank, grocery store or gas station. Business systems were no longer blind to identities, but they could assign trust with a high degree of resolution to faceless entities interacting with them on the Internet.
As disrupters built digital identity into their systems, so did the industry leaders. They layered digital identity onto their security infrastructure, giving their fraud and security teams a unified view of threats and enabling the delivery of an elegant, personalized user experience.
And so we have come to the point where industries are being reshaped by the dual force of innovators at both ends of the spectrum driving change and, at the same time, propelling their businesses to higher levels. They are indeed meeting customers on their terms and stopping cybercriminals at the front door. Their journey was one based on need, and that need has now become an imperative for all of business.
Today our Digital Identity Summit APAC 2017 represents one step on the continued journey. There are many to come.
As we meet and collaborate over the next few days at Digital Identity Summit APAC 2017, I hope you’ll follow events as they unfold. We’ll post highlights and updates on Twitter, Facebook and LinkedIn. Please follow us there. We’ll be using #DISUMMIT17 to tag all of our posts.
I truly hope that if you cannot be here, you’ll be able to join us at our other events coming soon. We have our European event taking place in London from June 12-13 and another in San Francisco from September 18-20.
Together, we will help power the digital economy — with the currency of trust.