Companies understand that providing a great customer experience is essential in this digital age. And digital identity is one of the key ways.
However, for many managers, requests for digital identification and the sharing of personal information undermine strategies aimed at facilitating user interaction in operations that involve converting into business through digital transactions.
The common practice of asking customers to confirm their identities at all points of contact has become a stumbling block. This situation affects both attendance and data security.
Isn’t it potentially risky to continue reporting personal data that is considered sensitive? Who might be listening or reading this information? And why provide digital identification to, for example, sign up for a newsletter? What does this have to do with safety?
The challenges in managing digital identities
The questions above highlight two challenges of managing customers’ digital identities.
The first of these is the onerous process for which most security strategies are standardized, making it potentially as difficult, “to buy a replacement keyring for a set of car keys as it is to buy the car itself”.
The following is a confusing view for the customer, where digital validation is often not connected to non-digital validation. In addition, access records for different customer touchpoints are stored in separate locations.
There are many dots, but no way to connect them, this format is still a standard for many companies.
Underlying these challenges is the tension between IT leaders and their marketing colleagues. After all, the former want to protect this data and the latter want to exploit it to improve the customer experience.
Given this, the two perspectives can be difficult to reconcile.
Digital identification: the potential to boost brand value
Today’s Chief Marketing Officers (CMOs) are challenged to drive brand value. That value comes from delighting customers. Customers are often delighted when they feel connected to brands.
However, the possibility of this happening is often related to marketers gaining access to the personal data needed to personalize the customer experience.
When done right, these personalized experiences can build not only trust, but also brand advocacy.
Imagine for example a soccer player loyal to a certain brand. Because this brand has earned his trust, he shares personal information that he wouldn’t necessarily share with other soccer brands.
The customer experience, the emotional connection created, the perceived brand value, these things are now inseparable and dependent on digital identity.
Digital identity is the fuel for customer engagement. It is also a source of great concern for CIOs, CISOs and IT teams responsible for ensuring the security of sensitive information, such as digital identities.
But while these points for customer experience and security seem contradictory, they don’t have to be.
After all, there is a converging path. What marketing and technology teams need to better and more confidently serve customers is a way to see and connect the dots. One way to do this: risk-based digital identity authentication.
Four principles of risk-based digital identity management
Business and IT leaders should consider the notion that customer identity is not just about security.
Instead, they can think of it as a feature that can also be flexibly applied across multiple platforms and tailored to individual marketing moves and preferences, as well as making it less obvious to customers.
Marketing and IT leaders can help each other by working together to design a system with four well-defined characteristics.
1. Context dependency
Companies using a flexible approach may, for example, require multiple means of authentication for financial transactions, but at a lower level of verification for interactions such as updating a newsletter subscription.
This type of risk-based authentication has the potential benefit of improving the customer experience and reducing complexity for the organization.
Rather than standing out as a separate, onerous activity, risk-based authentication can be an integral part of the online experiences customers already engage in, such as searching, buying, servicing or registering.
Getting rid of CAPTCHAs or remembering the name of something favorite at every step of the customer journey is only part of the change.
After all, in this view the initial setup of customer identity profiles is more comprehensive and expands beyond just a few obvious tests, so that fewer visible authentication steps (if any) are required once the customer engages.
The digital age has allowed us to define choices: one customer may like to authenticate through a secure password manager, while another may prefer biometric recognition.
Combine this ability to choose with an identity-based relationship management system capable of applying these preferences across time and platforms, and the result can be an experience that encourages customers to engage with a brand more often and more willingly.
Any customer-friendly digital identity system should work consistently across marketing platforms, e-commerce, management and communication tools, so that customers do not have to deal with different authentication requirements for different parts of the business.
By working together to ensure this is the case, marketing, IT and other leaders can help deliver a unified and secure user experience, thereby beginning to build brand loyalty and trust.
Generating digital identities
A digital identity can be created through a digital certificate issued by a Certification Authority (CA), based on asymmetric cryptography.
The certificate contains data that is associated with a user or device (for example, its name or the copy of the public key).
The use of digital certificates has many benefits for organizations, for example:
- Ensure legal compliance;
- High degree of security, protecting information and reducing the risk of fraud;
- Increased user and customer confidence.
In turn, digital certificates can be used together with digital signature software to generate digital signatures. In addition, identity management becomes a priority issue for organizations.
Digital identity through digital certificates already a reality
You need a system that allows you to associate and unify your data, provides access to all the systems that must use it and, above all, offers a high degree of privacy and security.
Digital identity transformation is more than just implementing new security technologies and tools. After all, it also involves systemic changes, from the core functions of information security, marketing and services to areas such as governance, finance, culture, even business model.
In some countries, digital identity is fully consolidated and has many applications in everyday life. Perhaps the most striking example is Estonia.
This small Baltic country of 1.3 million inhabitants introduced the digital identification system based on the national register and the national digital identity document in 2002.
This document, mandatory for those over 15, allows its citizens to vote, buy public transportation tickets, encrypt emails, renew their passport, access their medical records, sign documents and perform almost any kind of administrative management online, anywhere at any time and allowing users to own their own data.
But the Estonian system is just a taste of things to come. After all, the number of market participants connecting online is expected to grow exponentially in the coming years.
Thanks to the development of the Internet of Things, millions of objects (from refrigerators to internet-connected containers) will predictably start operating simultaneously and integrated. This will also require setting standards to verify their identities.
EVAL has been developing projects in the financial, health, education, and industry segments for over 18 years. Since 2004, we have offered solutions for Authentication, Electronic and Digital Signature, and Data Protection. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.
With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and the General Data Protection Law (LGPD). In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.
Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.
Eval, safety is value.