CIOReview
CIOREVIEW >> Project Portfolio Management >>

Secure Data to Avoid Misuse of Identity

David Pollington, Head of Services, GSMA
David Pollington, Head of Services, GSMA

David Pollington, Head of Services, GSMA

Digital identity is becoming core to the future growth of the Internet, be that through reducing the friction of onboarding users to new online services, or providing trust within the sharing economy, or enabling Internet players to understand individuals better and curate personalized services and experiences for them.

But digital identity is brittle, the majority of the public not truly understanding the role their identity plays online, and the thirst for data fuelled by the surveillance economy, creating honeypots of identity information. These pieces of information are targeted by cybercriminals and results in irreparable reputational, financial and legal damage for the businesses and are devastating for the individuals whose identities are stolen. With credential misuse being the leading threat metric behind most data breaches and associated identity fraud, it's imperative that the next generation authentication mechanisms increase in robustness, but in a way that doesn't present a barrier to user experience.

A move away from passwords to authentication methods utilizing multiple factors, and most importantly authentication factors such as possession (of a mobile phone) and inherence (biometrics) that are immune to scalable attacks, will help to build robustness. Similarly, a migration to a more passive, continuous means of authentication using behavioural biometrics or cleverly inserting physiological biometrics (such as facial recognition) within the user flow has the added benefit or not only improving security but also delivering on the holy grail of reducing user friction. It is perhaps ironic that one of the most promising methods, behavioural biometrics, has a dependency on passively monitoring and collating data on the user. This is unfortunately the mouse trap that is the surveillance economy - on the one hand it can be beneficial in keeping us safe, but if abused can be used to manipulate us in the process.

GDPR is helping to create awareness and provide a set of guard-rails to encourage good behaviour amongst online players. Whilst not as progressive and effective as some believed or feared, GDPR has been instrumental in raising awareness around privacy and data protection and encouraging companies to reposition themselves more favorably within the privacy debate, thereby currying favor with the regulators and winning back confidence from the public. Arguably though, the Internet is sorely missing an identity layer that delivers trust intrinsically.

Decentralized identity is seen by many as a potential way forward, giving back control of identity to users and creating an open framework that can foster an ecosystem for identity without reliance on any dominant players. Work to define and standardize on the critical building blocks is progressing well in W3C and DIF with strong backing from the community. Still, there remain many commercial and operational challenges that need to be worked through before such decentralized identity solutions will be able to achieve mass market adoption.

Whilst the large Internet companies are likely to continue their relentless pursuit of user data, combining it with advanced machine learning to further generate insights and influence user behaviour, the future belongs to those brands who can be trusted to manage their customers' data with integrity, security and transparency; although many believe that such a halcyon view will not be achieved without an evolution in the regulation built on a more thorough understanding of how the surveillance economy operates today and may evolve in the future. 

Read Also

Data Literacy –What is it and Why Should Your Company Care?

Data Literacy –What is it and Why Should Your Company Care?

Lisa M. Mayo, Director of Data Management, Ballard Spahr LLP
Importance of Customer Relationship Management Implementation

Importance of Customer Relationship Management Implementation

Drew Fredrick, Vice President, Home Building Technology, Clayton Homes
Creating Momentum Along Your Customer Relationship Management Journey

Creating Momentum Along Your Customer Relationship Management Journey

Anissa Benich, Sr. Director, Enterprise Strategy and Marketing, OneAmerica
CRM and Customer Experience

CRM and Customer Experience

Ashok Dhiman, Director, Enterprise Customer Experience and Data Integration, The Hartford [NYSE: HIG]
Go Big Data or Go Home – Data Analytics-Enabled Compliance Programs

Go Big Data or Go Home – Data Analytics-Enabled Compliance Programs

Kevin Gleason, Senior Vice President, Voya Investment Management and Chief Compliance Officer, The Voya Funds & Matthew Gleason, an undergraduate computer science major, The University of Arizona
How C-Suite Alignment Drives Business Growth and Superior Customer Experience

How C-Suite Alignment Drives Business Growth and Superior Customer...

Deanna Ransom, Head of Marketing & Marketing Services, Televerde