In conversation with Finextra Research, Arkwright’s Frank Wunderlich and Signicat’s John Erik Setsaas discuss their new report which highlights how the Nordic region can now act as a blueprint for digital identity success and how banks are crucial for this positive result.
The report published by Arkwright and commissioned by Signicat explores what other countries can learn from the Nordic model in this European region and how digital identity is also an opportunity for banks to solve their existential crisis in this age of technological innovation.
‘Federated e-IDs as a value driver in the banking sector' explores how Sweden, Norway, Finland and Denmark have solved the issue of ‘proving we are who we say we are’ by giving their citizens an online identity which is recognised by casual users and secure authorities.
"Over time many solutions have evolved, but in all four countries a solution jointly initiated by a group of banks has taken the dominant position. This is because banks in collaboration have a huge advantage over governmental and third-party solutions. They are the only players who have already authenticated the majority of their country’s citizen and transferred them to an online solution - online banking. However, collaboration amongst banks alone is not enough to guarantee success,” the report reads
Nordic penetration
The author of the report Frank Wunderlich says that in the Nordic region, especially in Norway and Sweden, using digital identity is as everyday as “using a toothbrush” and he goes on to question why similar initiatives have not penetrated other markets in Europe or have not experienced similar traction.
Wunderlich also explains that while all four countries established their individual digital identity schemes in different ways, they all have similar rates of penetration - Norway’s BankID with 74% penetration, Sweden’s BankID with 78% penetration, Denmark’s NemID with 85% penetration and Finland’s TUPAS with 87% penetration - and financial institutions had a big part to play in their success.
He explains that although there was reluctance at first, banks and identity service providers soon realised the benefits of working together and only then, momentum in mainstream use ensued. John Erik Setsaas adds: “The e-ID market is confusing and unstructured because you have different countries and different cultures, which is part of what we’re touching on in the report. Banks have had a very central role in the Nordics and from my perspective, this is important to make e-ID schemes take off.”
Setsaas delves deep into the issue of culture and says that in Norway, digital identity was established after a number of banks decided to not compete on identity and security products and work together. This worked because customers trust their banks and frequently use their services, which already have login authentication processes in place.
“We also saw the take-up of e-ID in Norway when the government started to integrate taxes and student loans into BankID, despite the country also offering a government ID.”
Wunderlich adds that in Norway and Sweden, there were a couple of banks who were skeptical about digital IDs at first, but it was only after they joined the initiative, penetration surged. “You need the critical mass of banks and over time, the others will join.”
Benefits of federated e-IDs
The report goes on to point to how federated e-IDs serve as a platform to launch better services to customers: “This new business model is nowadays also used beyond the financial sector. Select e-ID business customers report that they are happy to pay for the service, as its benefits outweigh the costs.
“The trust gained through this venture has enabled the collaborating banks to develop new solutions and products together, which can be implemented much faster in the market. Swish, which originated as a Swedish mobile peer-to-peer payment solution, launched in 2012 and is now the number two payment solution of choice at point of sale.”
Setsaas comments on this: “Federated e-IDs also help with the password nightmare because I only need to remember one. From the service-provider’s perspective, they will be offloaded from handling this and they will receive customer information because it has been verified by banks. This also reduces fraud because it makes it difficult for a user to masquerade as someone else and all the banks can come together to solve the identity problem at a central point.”
Finextra asked Setsaas and Wunderlich why it took Sweden 13 years to initiate a federated e-ID through banks if Denmark, which started 10 years later, needed only half this time to get all the banks on board. Setsaas answers pointing out that while the Nordic countries were the first to develop digital identity, success in the region has shown that e-IDs do work.
The technology factor
Setsaas says: “It’s not easy and it takes time because there are a lot of factors such as trust, culture and technology that factor in, but it has been proven and it shows that using digital processes will provide more services and less fraud. Technology has developed at a rapid rate over the past few years and we now have smarter biometric devices, which can help with the authentication process, so if other countries wanted to introduce e-IDs, it would be easier because the Nordic model provides a blueprint of where to start from.”
Wunderlich continues by stating that when Sweden first launched their digital identity scheme, smartphones were not used in the same way that they are today, which must also be considered when comparing Sweden and Denmark.
“The first e-IDs were issued as a file that you store on your computer which makes the day-to-day use quite cumbersome because you don’t have it with you all the time and then it was brought on to card readers before becoming a mobile app. You carry your smartphone with you like your house keys and more often than not, you are more likely to have your phone with you than your wallet.”
Setsaas goes on to say that people are more attuned to digital technology today and it must be remembered that it has only been 10 years since the iPhone was released. “People are becoming more conscious about privacy, about what they’re sharing, and this is something that e-IDs in the future will be better at by limiting the information you share with different people. That said, it’s not only about technology, it is about gaining trust of people and changing the way that people do things, and this is challenging, but this is why it’s worked in the Nordic region.”
The failing UK
But why has it not worked in the UK? The report states that only three percent of the UK population have an e-ID. Setsaas explains that this is because there is more competition between banks in the UK and less of a willingness to cooperate, but also “to what degree people are ready to share their information and there is also a challenge in that the UK does not have a national identification number like we have in the Nordics, which simplifies the process of ensuring everyone has a unique identifier.”
A quote from a manager at Nordea was included in the report and said that the bank “lost some customers and contracts when joining BankID, as these consumers already had BankID with other banks. That said, if we hadn’t joined at that time, we would have probably have lost more customers as Nordea couldn’t provide a mobile solution.”
Wunderlich comments on this and says that looking at this quote in context, Nordea was the last Swedish bank to join BankID and it was losing customers because it was the only institution offering a separate bank ID.
Nordea did not realise the business opportunity in joining the digital identity scheme and Setsaas adds that with PSD2 and open banking and challenger banks offering new services, traditional players need to start doing the same and should start in the identity sector or other areas where a trusted entity is needed.