Digital Identity Series - How to Build a Customer Base

While the world is on lockdown and we’re all seeing some of the disruptions that a remote life, confined to the digital realm can bring, it seemed appropriate to share some insight into how creating a digital identity for our citizens can limit some of these difficulties.

I wanted to dig a little deeper than past posts into some of the challenges we face when implementing such a service, and what steps we can take and considerations we need to make to achieve success. So in this short blog series on digital identity, I’m going to dive into why banks are such an asset when rolling out a digital identity service, why a large user-base is vital and how we can work to build one, what considerations we should be making in terms of technology and our population, and finally, my colleague from Data Exchange Technologies, Tobias Koch, and I each take a look into creating the right environment for digital government to flourish and benefit everyone in society. I started with “Why Banks?”, and this follows on to dig into how to build a customer base.

Building the correct environment is essential to get right before we start developing strategies and business processes for the digital identity solution itself. These aspects of the service will likely tie closely into the technology that we choose, and though I say the technology is only one piece of the puzzle, like any puzzle, each piece and where it goes is relevant to all the others. I talk about these points in other posts in this series, but another vital piece to the digital identity puzzle is the user-base. Digital identity is nothing without a strong user-base. There are a few reasons for this but there are also challenges we need to overcome. The biggest in some ways being the fact that we’ll be creating a two-sided market. So, let’s dive in and understand how we can overcome the challenges of generating one.

What we should consider from the outset is that governments can’t build this user-base alone (without mandating it), due to the fact that government-citizen interaction is too infrequent to get enough people on board. Some demographics may interact with the government more often than others, like those in need of benefits or welfare, but the best digital identity technology that is suitable for these demographics may differ from the best technology for others (considerations like solutions requiring smartphones, or solutions that don’t require additional hardware must be made – I go deeper on this in another post in this series). We have to keep in mind that one size does not fit all, and remember why we’re creating this service. If we’re creating a solution to serve the whole population, we should look to the technology that will best suit the largest user groups. If we’re looking to serve the most vulnerable in society, a technology appropriate to their means must be chosen.

So, if governments can’t do it, who can? This is where we must involve the private sector, but also where we come up against the challenge of a two-sided market. The difficulty is in generating a large user base and enabling access to valuable services at the same time. Service providers don’t want to get involved when there isn’t a large user group that will partake, and users don’t want to sign up when there are no valuable services to interact with. This hurdle has been the one that multiple countries have fallen at, where the focus was purely on the public sector and the private sector was not considered from day one. Those that have overcome this challenge have often been those that involved the banks, or where the banks actually ran the digital identity service themselves, like in Denmark, Estonia, Sweden, and other Nordic countries with solutions that have been running for ten to twenty years.

There are many reasons why banks help to overcome the two-side market issue and can be a major asset to a digital identity service. Online banking has become widely used across developed countries, and many developing countries, and to offer this service, banks must already have digital identities for their customers. Banks have taken the first step. The momentum is there, and we can all understand that building momentum is much easier once the ball is already rolling. And if we can engage with just a few of the major banks in a country or region, it often means we’ll gain access to a fairly significant portion of the population early on, through a digital service they use, on a relatively frequent basis.

There are more reasons banks are the ideal first candidate for involving in our digital identity solution, and I dive into this topic in another post, but we also need only look to where widely used digital identity services have prevailed and see that banks really are of benefit. If we look to some of the most successful digital identity offerings around the world, like Estonia, Denmark, Finland, Sweden, Norway, and Singapore, we’ll see that banks have been heavily involved in either setting up the service itself, or utilising the offering from very early on. Banks have a few traits that increase the chances of success, and though there are solutions out there that didn’t involve banks, they were often required for citizens to receive subsidies (the Aadhaar programme in India) or make paying for things and accepting payment easier (DNI in Peru). People value security when it comes to their financial assets, and certainly value ease of use. If a digital identity solution can offer security and convenience, people will see its value.

Of course, the next challenge is for the banks. In order for banks to offer mobile or online banking, they must already have a reasonably secure (I may be being generous here) method of access and transaction verification. There are many tools used around the world to achieve this. Some methods are worrying simple and still involve just a username and password, others have a few extra steps to help defend against man in the middle attacks and credential stuffing, like showing a random image the user has chosen on the screen after they input their username, and having two different pages for username and password. Other banks may use physical tokens like PIN calculators that generate a one-time password (OTP) the user inputs along with their traditional password. Some have an app to generate the OTP. There are lots more tools; code cards, simple push notification apps, basic biometric solutions, etc. The challenge for banks is moving their customers from an uncertified, non-PKI method of access, to a high-assurance solution which is compliant with local regulations regarding digital identity; suitable for interacting with the government and producing legally binding signatures. This might sound like a big undertaking and it is, but the benefits for the banks far outweigh the effort put in. I go into this more deeply in my first blog post in the series, “Why banks?”.

In order for banks to avoid frustrating their customers, and potentially losing customers of certain demographics, it’s unlikely they will suddenly decree that everyone must use the new system. Banks will incentivise customers to use the new solution in order to begin the increase in security, which may be their driver. It may be that, while they can offer 90% of their services online, there’s a set of high value services that requires customers presenting ID in person or calling in by phone, and they want to offer these online, and save on in-person or call centre resources. Whatever the driver, banks will look to incentivise. Some options used in the past have been through offering previously paid-for in-person services at a discount if accessed online, or offering increased limits for certain transactions if the new transaction verification technology is used. They have many options, but they will also have to invest in marketing campaigns to draw their customers’ (and new customers’) attention to the new ways of working, so the service really must bring value. Luckily, history has shown it will; for example, in a report written by Arkwight, they found that Norwegian banks saw savings of €150M.

In the same report, banks in the countries mentioned above have seen up to 40% reductions in the number of branches necessary to serve their customers, they’ve seen tens, if not hundreds of millions of Euro saved through the use of digital signature as above and, with the right technology, they are reducing the friction experienced by the customer to partake in their services. With the right technology and a suitable environment, it should not be a difficult sell, though the bank must be the kind looking to innovate and stay relevant in an ever-more challenging industry.

Governments can offer some of the same incentives as banks for moving citizen interaction online, and even have some tricks banks don’t. There are a few reasons a very large proportion of the population will interact with the government, such as submitting taxes, drivers’ license renewals, passport renewals, etc. If the government offers a cheaper or significantly faster and easier way to carry out these unavoidable activities (it’s been done – Estonia offered completed tax returns within days if done online, instead of weeks if done traditionally), they can boost the user-base this way. Another way to speed things up, and one that almost all of the services in the countries mentioned above do, is offer the service to the users completely free of charge, with the service providers paying for the service, as the cost per transaction is far outweighed by the savings. This almost goes without saying, but to build a large userbase, making the service free for the end-user helps in persuading them to onboard. We must also consider the onboarding process and of course, this will seem blindingly obvious, but I’ll say it anyway - the easier this is, the faster the user-base will grow.

Growing a strong user-base takes time. It’s certainly not instant, but if we try to make the right decisions early, we can increase the chances of the user-base growing year on year. It may seem like these steps are over simplified, and in some ways, they are, but if they are taken into consideration along with building the right environment and utilising the right technology (talked about in other posts in this series), they can help to overcome some of the obstacles at which others have fallen.

Written by Max van de Poll