On the Topic of Digital Identity
Next TechSprint, March 16–18, is just around the corner. We’ve sat down with Avishay Gaziel from Smart Payments and Maz Spork from ISS Corporate Garage to find out: What exactly does ‘ID at WORK’ mean in general, and for each of them.
ISS and Smart Payments are two rather different companies, so how come they chose to come together over a TechSprint?
“There is this old saying that creativity is about connecting the dots. The highest degree of creativity happens when you connect the dots that are most unlikely to connect. ISS and SP are two dots that seem unlikely to connect, so when Copenhagen Fintech was going there on a delegation, I wanted to join!” Avishay explained.
Why the topic Identity at Work?
Smart payments normally deal with financial institutions so one might wonder why we wouldn’t name the event ‘Identity in Finance’. For ID at WORK, Smart Payments chose to attack the identity challenge from a different perspective, namely from that of the workplace.
Avishay explains: “You have ISS present in every workplace.. the dots start connecting and I thought to myself: ‘Why can’t we use the workplace to create your identity?’ Just like banks and other financial institutions, organizations around the world have a big problem establishing, carrying, defending and maintaining identities of their employees. This is an issue that will benefit us all, no matter the point of departure.”
Why Digital Identity?
On the topic of Digital Identity, it’s easy to see the overlapping points of interest. Both organizations want to improve the lives of people: Smart Payments wish to ease the process of knowing who you are to allow you to get through your day with your financial needs. ISS similarly wish to know that their employees are who they say they are, and that the employee has the appropriate level of access.
“We could build a big database of all those pieces of information and make a business case of selling access to that, but I think that would be tasteless. I think putting it into the hands of the people is the right way to go.” -Maz Spork
What are the internal challenges of identity management at ISS?
Maz: “We want to explore all the different use cases where identity is relevant, and obviously hiring is one of them any maybe the one that carries the most cost. It’s a huge figure. It’s not just the cost of on-boarding, hiring, and recruiting people — it’s the fact that it hurts the delivery to the customer. As a service organization, if you’re missing people for some reason, you can lose the customer. As Avi said, there are technologies that can bring us a long way, but the people in the organizations are not technologists and even if they were, they don’t have the means of experimenting and exploring this space to find the right solution.” This is where the ISS Corporate Garage enters the picture.
Maz continues: “Another perspective is whether you can trust what a person says about herself. Identity is not just your biometric data on a secure piece of silicon, it’s also the story you tell about yourself, like your resume. Data that can change and needs to be updated. For many people procuring this data is a huge hassle. We could build a big database of all those pieces of information and make a business case of selling access to that, but I think that would be tasteless. I think putting it into the hands of the people is the right way to go.
Identity at work is at one hand the technology that can enable all those use-cases, and on the other hand it is those use-cases. Let’s say you were a job marketplace, maybe for freelancers, they would benefit for a solution like what I’m describing, something that can be used for vetting that information. And maybe even with the control of the individual so that only certain parties see certain elements. But that doesn’t mean that your job-portal is your digital identity.”
“I’m saying this because it might be interesting to the listeners to think about where they can create some sort of business model that can really scale. There are thousands of job-brokers and agencies and corporates around the world and they could all be customers of a proper work ID. For a piece of technology that enables all of this, there are some interesting choices to be made about where in the value chain you want to be. It could be massive when you think of the scale of the problem.”
Avi, you said you had some ideas while Maz was speaking, do you want to add something?
“I’m just imagining a way to validate details on a CV as a service using artificial intelligence. There is probably a technology out there that can take a digital CV and give you some sort of validation. As a person reading a lot of CVs, it would be quite a nice service to say ‘This CV is validated — this person is actually telling a true story about themselves’. There is value in this.”
Maz follows up: “When we talk about validation as two-way handshake, we ended up calling it “witnessing” and it could be done by anyone even your school or your wife.”
“I think the banks should not be the epicenter of digital identities.” - Avishay Gaziel
In the Digital Identity discussion, there seems to be a lot of consensus that the bank should be the center of this digital convergence. Does it have to be that way?
Avishay: “I think the banks would be thankful if the validation could come from a third-party. Because banks are paying enormous amounts of money for this already. They have heave regulation on Know Your Customer, Anti Money Laundering and security and so on. Banks would gladly share the load of establishing and managing people’s identities. I think the banks should not be the epicenter of digital identities. They are the epicenter in many cases like with NemID. But I’m not sure this is the right solution. The very center of your identity stems from the government. Everybody uses that for building further and multiple identities, but I’m not suggesting that the banks should be holding your most important identity after your passport. I think you can distribute this load between several parties and reach the same result in terms of convenience for you as a consumer, security for the relevant parties using this identity, and of course satisfying the regulatory requirements in terms of privacy.”
“‘Where is the new epicenter?’ That is a good question. Is it the workplace, some other third-parties that specialize in identity management as a service, or is it the public sector without any intermediaries? It’s an open question and I don’t have the answer.”
How do you view GDPR — as a challenge or an opportunity?
Maz: “As an employee of the Corporate Garage I don’t think regulation should be the first step in our thought process. We might be able to render some regulation obsolete using technology.”
Avi: “As Maz said: don’t take regulation as the first thing in your creation. Think about what caused the regulation to appear. PSD2 appeared because there are too many intermediaries in the payment system. So, design a payment system without a lot of intermediaries and you will be compliant by default. GDPR was invented to avoid companies abusing peoples’ privacy and data. So, design a system that doesn’t allow that, and you will be compliant by default. That’s how innovation sees regulation.”
“We’re gauging the desirability of digital identity solutions and the price tag is looking big, so bring on the solutions!” - Maz Spork
What are you working on in your respective organizations in relation to Digital Identity?
Maz: “We are gauging the benefits both for the corporates and individuals of Digital Identity solutions. In Mexico the employer visits the employee’s address before hiring anyone — it’s part of the verification process. In the UK it’s your utility bill that forms part of your identity. You won’t imagine the creative solutions… But it’s the 21st century and we need to connect the dots. We’re gauging the desirability of digital identity solutions and the price tag is looking big, so bring on the solutions!”
Avi: “We’re working on some very concrete biometric solutions. With the advent of phone cameras, computer vision, and cognitive computing we see massive opportunity in giving ultimate convenience without any sacrifice in security. And done right, it will also be with minimal impact on privacy. We’re working on everything from solid planning down to crazy outlooking stuff like using financial data and artificial intelligence in seeing how that can help us establish an identity. Maybe the computer asks you a question only you know the answer to. We’re also experimenting in that space as an ongoing activity.”
“It’s like we’re back in the dot com boom but with different technologies.”
And finally — any cool solutions you have seen lately?
Avi: “Moni, the solution developed for refugees in Finland. It elegantly uses blockchain technology to give people a payment instrument without the need to surrender their identity to the payment service provider. Moni solved a major problem for asylum seekers in protecting their identity and enabling their day-to-day lives without the need for cash — which is a very bad payment instrument: it can be stolen, lost and burned.”
“Then we also see biometric technology developing exponentially. You can now use a camera to see your fingerprint. You don’t need to put your finger on a RI reader anymore. You can use cameras to read vein patterns, faces and behavioral patterns. Biophysics are starting to play a role in determining who you are. We’re seeing this evolve very promising.”
“When we see cameras able to recognize over 60 people at a time, you can look at a crowd from quite the distance and know who is in there in seconds. I don’t know if this is good or bad. Our use-case at Smart Payments is naïve — we want to make life easier and more secure.” Avi ensures.
Maz: “I’m fascinated by the combination of machine learning and IoT. I believe it’s all about connecting smart people with smart buildings and create fantastic user experiences. That is where the future is, whether you are an airport, an office building or a shopping mall. The technology is cheap, accessible and testable. It’s like we’re back in the dot com boom but with different technologies.”
For the whole conversation, tune in to our podcast here: https://soundcloud.com/techsprint/techsprint-podcast-001
