Community

Cedric,

Very briefly - I am not saying that banks should be the only service providers - or should do the passport or other primary identity tool. Only that it should be a choice also elsewhere than in the Nordic-Baltic area.

The state issued e-id was a very expensive flop in Finland - nobody used it. It is so seldom needed - and bank-id is so much more convenient and naturally has to be secure enough (27 years of experience - without problems).

Not to talk about saving tax payers' money...

Good debate - should illuminate issues - and hopefully avoid others doing same mistakes as we did.

Cedric,

Thank you for finding my blog interesting.

"However, there is one thing on which I disagree, Banks should definitely NOT be the electronic ID issuer."  Banks are natural e-id issuers and reuse for 3rd party needs - including the public sector has been a fact for a long time in many countries (very much appreciated by citizens) - and will be in all if common sense rules.

"It goes against the neutrality principle." Why? It is a natural service for banks -  guaranteeing identity has been there since banking started in Venice..

"Banks are fully capable of doing such a job, but it would not make sense for security reasons." Appears contradictive - capable but not secure?

"Whatever the business domain, one cannot be in charge of "doing" and "controlling". It's too many caps to wear for a single entity." I do not see the doing/controlling aspect here - bank e-id services are one alternative - and naturally need to be supervised - as any strong e-id issuing should be.

Marite:

Thanks for agreeing to main point: "The three neutralities mentioned are ideal given the competitive landscape that we are in."

"And these tools and technologies are hardly new." I agree.

"What would be novel is a very strong scheme to enable one e-id service work for different applications and purposes (i.e., secured email, secured online banking, secured payments, secured e-gov, etc.)." I disagree - the way e-id services have been developed in the Nordic-Baltic area have provided this since on  a rising scale (for Finland's part since 1992). e-banking was launched in my bank in 1982 for consumers and the tool - 1-time code for login has been used since then. First 3rd party usage was launched in 1992 and the public sector started to use the service towards late 90s.

"There are reasons why, despite all these tools and technologies and even the definition of MORs ten years ago, card schemes and banks have still not been able to squash online payment fraud. Lack of consumer protection and lack of competition between card schemes and banks comes to mind." I disagree on most points - consumers are well protected in card schemes and banks certainly have competed in many areas. Card schemes have mostly been about branding - they have also competed - often to the dismay of merchants, issuers and acquirers when this has caused interoperability problems. Card payment fraud is a big cost for banks and I agree that more should be done to tie the payment to a strong e-id.

"- This assumes that everyone who wishes to have an electronic id has a bank account." I did not say that bank e-id would be the only alternative - only that it should be a natural alternative as it has been proven to be the citizen's absolute preference,  saves money and speeds up adoption of new services. Those who for some reason still do not have a bank account are unlikely to need e-id - but can get alternative tools (and pay for such transparently)."

"- This also assumes that a person has only one bank account" This does not assume anything like that - a big part of the population have several accounts in  different banks and even several e-banking services with strong and different e-id tools - you just use the one you prefer.

"- Tying-in my bank e-id to secure other applications will make it problematic for me to change my bank if I'm not happy with it?" You are not tying your bank e-id to any application and the technical interface is standardized - so changing bank is no problem - as is not changing service provider in the 4-corner model.

"- Tying-in my bank e-id to secure payments with cards issued by other banks would pose some conflicts?" Why? Open competition should be furthered and development towards federated e-id schemes should be promoted.

"- Tying-in my bank e-id to secure a p2p payment with a payment service provider that competes with the bank that issued my e-id would certainly pose a conflict." Why? In our cases banks have been quite prepared to let also up-to-ethical-standards service providers use their services - again furthering competion.

"An e-id is an asset that belongs to a consumer." Disagree - the habit to use something offered by somebody belongs to the consumer - and is an asset for society at large that should be leveraged.

"A consumer should have the ultimate choice of how he wants to use this e-id." Not only how - but naturally also which up-to-standards-tool.

The three neutralities mean that there will be choices - banks and others providing reuse of their strong tools, single-purpose "neutral" service providers, possibly even governments issuing tools (even if that has failed to take off in all cases I know about - well known and very expensive failure in Finland - please do not do the same mistakes we have done..).

E-identity is classified as a business in EU and any service should thus be transparently priced and compete on equal terms.  In the Nordics it has been as natural to further public-private partnership in this field - and the private sector has well understood that proper supervision is needed. All involved have - after some debate and experimentation come to the conclusion that this works well - nobody has after 17 years of 3rd party e-id bank services really come across any downsides. The only thing that needs to be changed (under way) is the move to a proper 4-corner model.

When going global with e-ID service interoperability I agree that the card schemes are good examples. In this case - like for e-invoicing - we should work for a network solution that also allow non-bank service providers to join and compete.

Thank you very much for good comments.

Bo

Hi Matthew,

Thank you for your good input.

I do think that it is time for a proper rethink of the big picture - for many reasons: co-regulation instead of blind regulation - for financial stability, sustainable development - for our kids, deeper democracy - instead of sensationalism. The Net is the tool for making all this evident to the so much wider and now also even globally interactive audience. I admit that I am greatly inspired by Yochai Benkler's "The Wealth of Networks".

I certainly agree with:

"It’s time to take a hard look at the way the banking industry thinks about itself and its relationship with customers. Only by doing this can we create services and experiences that are engaging and valued for what they really are."

and

"Earning business by understanding what people value, having empathy and improving lives through financial services is key to unlocking the paradigm shift of ‘flattened hierarchies of control’ we’re experiencing as a society right now. "

What do people value in banks? My list: trust - not only in the traditional soliditity sense but also by not blindly pushed profitcenter driven "products", simplicity-simplicity-simplicity, reachability - and increasingly holistic solutions: your bank promoting reuse of tools and presence in everday contexts in netservices at large. A combination of truly putting the customer first and understanding that there is less space for complexity than before.

Customers do not ask for innovations - it is the service providers who have to think ahead - see that only technology and rethinking enable innovations. I think this is what the Googles, Nokias and Apples have done.

I have to agree also to this:

"I’d therefore argue that it’s not a matter of too many options – it’s a matter of too many superficial, facile – wrong - options, brought about as a result of the unequal balance between the banking mindset (“we are in control – you will therefore value the things we give you”) and what people see as creating value in their lives."

 It is unfortunate - but now is the time to take corrective action.

Thank you Nick. I do see Internet as a "free" infrastructure - much as I see e-banking codes for e-id in society at large, the payment system for transporting e-invoices and e-orders etc. Internet has for sure spawn Google advertising and transferred e-banking into internet-banking. The multifunctional chipcard has been a promise for some time and in the meantime the mobile devices have come closer to provide the same functions and more by having a big screen and being connected to the Internet - good to have options and open competition.

Thank you Susan. I do think that brand value can be supported and having its personality enhanced when the service it represents build on users trust and habit by adding logical additional features - like using e-banking id for third party needs. I agree that "some set of customers" often can be the wrong way - first do things many sets of customers will appreciate and need often. 

A holistic approach is needed - to address often mundane every day needs. The brand should also benefit from teaming up with other brands who can add their part of the holistic solution needed. One service provider can only do so much alone.

Disruption - yes. But also disruption needs a base to build on. It is after all human behavior that has to change.

Consumer e-invoicing has been very successful in the Nordics and continue to grow very fast.