Dutch pilot shows banks could dominate digital identity provision

One of the things that we see in the digital world is how individuals require a different identity, login and password for so many of the different services they access – from government portals to social media sites.

One solution is to create a single digital identification service that consumers can use across multiple platforms. The challenge here is do something secure enough to handle sensitive data like payments, bank details, social security numbers, etc. The often-seen “Login with Facebook” option has its limitations!

So the task is falling to banks, who are increasingly realizing that they are the trusted custodians of essential personal data. Dutch banks are taking the lead, collaborating on a pilot digital ID scheme that will enable them to access other sites using their bank login credentials.

From 2016 on, the scheme will mean consumers can utilize their online banking identity to access services at the Dutch tax authority. The Dutch Payments Association states: “Banks will soon offer a service which their customers can identify themselves online in other organizations. Customers who opt for it can then identify themselves with the secure and trusted login from their own bank, for example, [to access] insurance companies, government agencies or online shops. Therefore, these customers need no separate access codes to apply and remember.”

Because banks have performed certain legally-mandated checks – such as Know Your Customer – they can effectively allow certain organizations to access the data as required. It could be confirmation of simple facts like someone’s name, date of birth, or address. Equally, it can be used for more complex issues, such as verifying the customer’s earnings when applying for a mortgage without the need for the consumer to send off copies of their bank statements.

MyBank, the service allowing consumers to make online payments directly from their account, rather than using a card, is trialing something similar. Its Identity Verification Service is being tested now and will run until February 2016.

Preta, the subsidiary of EBA Clearing that owns MyBank notes that there are around 225 billion authentication transactions per year across email, social media, e-commerce and e-government. The scheme will support everything from age verification and customer due diligence checks to contract agreements and registration for services.

“Electronic identity services are, as yet, fragmented across Europe. With this initiative, MyBank is responding to a tangible market need for a pan-European solution,” said Elaine Oldhoff, policy advisor for E-Commerce Europe.

Schemes like these are conceptually nothing new. In Sweden, most banks can issue identity cards, though it seems like they are winding this down. Neighboring Finland is already ahead of the curve – bank customers in the country used their e-banking passwords more than 56 million times to log in to public sector and other non-banking services last year.

The difference now (apart from the scale) is in the technology – in particular the advent of open-access APIs that will allow external providers access to bank account data. Enabling this – through PSD2 legislation – is opening up banking to new challenges like never before as banks will have to share data and, therefore, part of the payments pie. But as the Dutch and MyBank schemes highlight, sharing data with others could be good for the banks, too – providing they find a way to generate enough revenue to cover their costs of course, but that’s another problem…

Written by Banking.com Staff