Interconnecting customers on the path to EUDI2

The European Union has now almost completed a massive legislation effort to promote the data driven economy.  There should be no question that this common Trust Infrastructure is much needed in all countries and a new opportunity to take a decisive step towards a much more on a daily level concrete Single Market. 

 It is no secret that Europe needs to address every opportunity to improve its global competitiveness. The Trust Infrastructure will lead to leaps in productivity, risk management, overall security, service levels to citizens and organizations and privacy. Identification of all actors and use of verified data will also make use of artificial intelligence more productive and ethical. 

 Markets cannot make it.

It is obvious that this cannot be achieved by the markets. Regulation is needed – but must be built in close public-private partnership and protected from some political passions - sometimes driven by sensation seeking media.

History detour via payments and interconnecting customers with trust services.

It may be useful to make a short detour to history and my experience in banking (started in the mid70s at what is now known as Nordea) in Finland and the Nordics and as a founding member in the Mobey Forum, the Real Time Economy Program, MyData and supporter of the Findy consortium. 

There are several reasons why Finland has a longstanding innovation history in payments-at-large and e- and mobile banking areas. Factors like technology orientation, passion for standardization and being small enough for networking were and still are central. But the most important reason for early progress was the centerless payment infrastructure. Having rulebooks instead of a centralized “payment factory” promoted competition and standardization and forced banks to themselves have their own expertise high up in their organizations – a much needed antidote to the well known conservatism bankers otherwise have.

This then led to e-banking in the late 70s - first focusing on payments, then on all other traditional banking services and then in the early 90s on interconnecting corporate and private customers with e-id-, e-signature, e-invoicing and e-salary services. So the centerless rulebook model helped customers to exchange also other than payment related data.  Now this model is expanded to exchange all sorts of verified data.

All Nordic banks adopted e-identification services with decentralized or centralized models and this infrastructure became central for public and private sector needs. I have for my part preached about this natural role for banks in all countries – deploying levers like economy of repetition, economy of trust, economy re-use, economy of scope and scale – at any number of congresses, in articles and blog posts. Progress has unfortunately been rather limited elsewhere. 

 EU saw the light.

As identification services did not make progress elsewhere EU legislated for EIDAS1 - with the as such commendable ambition to make it function cross borders. Unfortunately, the step to level “high” was too long and thus the service supply did not appear. The business case for a rather limited cross-border identification-only demand was not there.

GDPR was then the first step to protect personal data. Article 23 made it mandatory to deliver the data – but without standardized wallets for senders, data rights holders and receivers this was not economically possible.

The need for identification credentials led to EIDAS2. At first it did not appear very clear that the ambition should have been to make all sorts of verified data – not only identification credentials  – available from all sources to all parties – also to and from all organizations. This has now been rectified – much by the EWC large scale EU-pilot led by Sweden and Finland.

 Now it is time to deploy – just like e-mail..

The Open Wallet foundation has listed close to 70 wallet solutions for data issuers, data rights holders and verifiers and many of these are already de-facto EUDI-compliant and most will probably be soon. 

So the focus should now be on the public sectors to supply  the hundreds of credentials needed by citizens and especially organizations. With rule books bilateral contracting can be avoided – just like in SWIFT and e-mail.. The elimination of bilateral technical integration should be a huge motivator especially in the SME and government sectors.

There is always a risk for overplanning, overregulation and lack of interoperability efforts. Thus there should now be a strong public-private will in member states to move forward with the easiest and highest volume credentials for eye-opening market creation. See what works - and adjust where needed.

No time to lose. Especially not in the public sector - but also in banks - understanding their opportunities to create new dimensions of customer value, cut costs and risks and take responsibility for society at large.