Customers expect nothing less than a quick and easy process online; so, businesses are competing to find and integrate the newest technologies that will give their customer’s what they want. Identity and trust are part of the customer experience big picture and fundamental to succeeding in digital transformation.
This should be understood at a board level and leads to an increase in profits and revenue.
This should be understood by project managers who have to ensure project deadlines for new features are met quickly without ruining the experience of the customer.
This should be understood by software engineers who are streamlining the onboarding process and increasing their focus on securing customer data.
This should be understood by marketers who heavily promote the data ethics and practices of new products and analyse customer data to further improve user experience and customer retention.
This should be understood by sales reps who use these features as part of their selling strategy.
And finally, this should understood by client services / incident teams who support customer’s when they need it and mitigate technical problems when they arise.
The fact is, this is NOT fully understood by all areas of the business. Exactly why I decided to write a three part blog series about identity and trust in digital transformation in business. In part 1, we look at the importance of identity and trust in digital transformation.
Digital Transformation is a term that has come to mean many different things to many different people. I could write a whole article on that but for now, let’s just go with the narrow meaning of Digital Transformation which can be found on Wikipedia.
“The adoption of technology in business to go paperless.”
Secondly…it’s important that we look at the meaning of identity and trust.
By ‘identity’ I mean, a set of online attributes that work together to verify the identity of a person, legal entity or device. Trust is in the verification. For example, a passport can verify the identity of a person but if you’re able to forge a passport, you have no trust.
Before organisations push budgets into digital transformation, they might benefit by considering how they are going to cope with having such vast amounts of data online. How will they keep these systems secure? Will they have enough resource to manage a crisis? Will they need to hire more technical experts? How will they ensure the customer experience is made easy?
With greater data, comes great responsibility. No, this is not the spin off of Spiderman but simply what organisations need to accept.
The old security adage of ‘more complexity equals greater insecurity’ remains true. But that will not stop us from diving head first into complex environments without a second’s thought to how data will be shared securely. In the event that the data is leaked or hacked, it will be the organisations who lose their reputation and revenue but the consumers and customers who will become a commodity.
Here are some main areas to consider.
If a hacker gets access to a sensitive part of your network, it’s over. One of the ways IT admins mitigate this is by not allowing a single user to have access to all systems and logging all access to networks.
It is important, for this to work, that IT understands the role each person plays in the organisation and what they need to have access to. There needs to be a solid set of policies and a way for people to escalate their issues to IT if they need to have access to something they don’t.
It’s also worth noting that, as the organisation changes, the needs of employees and access will change; meaning, these policies need to be reviewed updated regularly.
Another area where governance is concerned is logs. Good identity governance will be able to make adequate logs of;
Moreover, it will be able to perform analytics on all of these so that the landscape can be reported on and anomalies may be detected quickly and easily.
It should also provision a workflow for user onboarding, access requests and offboarding that avoids human delay. A few days after an employee leaves, they (and anyone else) should have no way of accessing or using their credentials to get into your system. This is a well-known identity and access failing point for organisations.
APIs allow you to implement a third-party vendor’s tool into your own system without your customers even knowing. Take identity and access management as an example. Instead of investing money and resource into developing trust and digital identity into your product/service, you could purchase a tool from a third-party vendor and integrate it using APIs. Your development team save a lot of time and hassle and can focus on what makes your product great instead of worrying about coding something new!
But there is a risk that comes with this. Data shared between two servers is exposed to risk from hacking or leak. IT departments have to ensure that correct provisions are being put in place so that verification and encryption of the data exchange takes place.
One way this can be done is to authenticate servers using a digital certificate. Some regulations are requiring additional verification by signing an access token with a Qualified Certificate to add greater security but this is out of the scope of this article.
Identity and trust go a long way to creating a seamless and frictionless customer experience but they also go a long way to better understanding our customers. Which, in turn, leads to better products and services. Which, also in turn, leads to happier and better retained customers! The cycle is endless.
Onboarding customers is a very important part of the process. We want to know who a customer is so that we are able to maintain an accurate record of them and better serve them in the future. But what happens if we make the process too long or arduous? We lose the customer before we’ve even gained them!
Another risky area is data accuracy. If we force customers to give us data they don’t want to give us (like their phone numbers), then customers might enter fake numbers just to complete the process. Alternatively, we could create form fields that are ambiguous. Phone number is pretty clear but what format do you want?
After the application is complete, this data will sit in your CRM and be used in the future so we want to ensure it’s accurate and more importantly, it’s consistent!
With a more accurate CRM, we will be better able to analyse our customers and make informed decisions about our products and services that, in turn, lead to happier and better served customers and more profit for the organisation.
All of the above comes with the added burden of non-compliance. With regulations such as the infamous GDPR, companies could end up with huge fines that put them out of business. Here are a few regulations that impact identity and trust in your digital transformation initiatives.
The EU Commission have not been kind to companies that haven’t complied. After 8 months, 91 fines were handed out, including 500 million fine for Google.
Another European regulation that is enabling trust and shaping commerce with identity is the electronic identification and electronic trust services in the internal market regulation or eIDAS.
We also have the recent and very well-known MiFID II, which I have spoken about in much greater detail in this post.
MiFID II seeks to enable greater transparency on the financial market. Part of this regulation requires organisations trading on the financial market to use Legal Entity Identifiers in order to identify themselves and their affiliations (company hierarchy). These changes were implemented as a reaction to the 2008 financial crises after a G20 meeting.
This is just a handful of some of the regulations which focus on increasing trust and transparency in the marketplace.
Risk managers and compliance officers will tell you that you need digital and identity in your business for compliance. Marketing and products managers will tell you that you need it for accurate customer data and improved experiences. And IT teams will tell you it’s to mitigate against a breach.
Holistically, we might be able to break these benefits down into three categories.
If you start a digital transformation project off right (i.e. by mapping your data properly), you could simplify and improve data flows in every aspect of your business.
But this is easier said than done, and after writing this article explaining the importance of identity and trust in digital transformation, I have not given much advice on HOW to do this.
In the next part of this three part series, I will explain some of the challenges of trust and identity in digital transformation projects. With hurdles to overcome, we will look at some organisations and initiatives that are looking to solve the problem.
If you’re interested in digital identity for organisations, ManagedLEI is a provider of Legal Entity Identifiers. Apply for and LEI and be issued with one on the same day.
Register a new LEI or transfer an existing LEI to ManagedLEI today for low cost LEI renewals.Buy or Transfer an LEI
Trusted Identity Ltd. LEI: 98450054NFCE7A67C172Managed LEI © 2020. All Rights Reserved.