Trust has been an important factor in business transactions since the dawn of the handshake. But back then, we didn’t have to think about it in the way we do now. With most transactions face-to-face, the concern was always making sure that the person in front of you was who they said they were. But even if they weren’t, as long as you got paid and the service was delivered, your business would continue running as normal.
Fast forward to today and business transactions are increasingly occurring online. Where there is no face-to-face interaction, we must rely on digital methods of verifying a customer or client. And unlike our predecessors, if it turns out someone lies, we have no idea what they look like, where they are in the world or even where to begin recuperating our losses.
Of course, today’s business world has created safeguards for this. Thanks to the foresight and investment in the banking industry, we have some of the most stringent due-diligence checks available on the market. Thanks to our governments, we also have regulations that impose measures on banks and businesses to ensure the best possible standards are being met in these areas. And thanks to insurance companies, we have a way to recuperate our loss, even if the thief still gets to keep theirs.
But regulations don’t change overnight. And while the rate of technological change is increasing at a speed unparalleled to that of yesteryear, governments and businesses are having to adapt quicker than ever to meet the needs of today.
One example of this is the growth of challenger banks and FinTech companies. These services have transformed the way we do online transactions, making it in many cases, far more efficient and user friendly. But this transformation of the customer experience hasn’t been without it’s own dangers. Popular FinTech companies, quick to release their apps and gain popularity, often overlook some cybersecurity measures that many banks have had in place for years. This regretfully leads to the breaching of customer data because hackers can too easily gain access to the back-end systems through loopholes in coding or simply by phishing the firm’s employees.
Take the cyberattack suffered by prominent financial software solutions provider, Finastra. Of it’s 8,500 customers, 90 are amongst the world’s 100 largest banks. The hackers were able to get access to a cloud server, going unnoticed for 3 days whilst also being able to detonate a ransomware attack known as Ryuk. The malware spread, locking up server after server before the company’s IT Security teams were forced to pull all infected servers offline. This action may have saved the company from having to pay the ransomware fine but it took down a vast majority of their services for their customers and probably cost them a great deal to bring everything back online safely.
This is just one example of many showing you how much trust has changed in the online world. Our biggest worry isn’t trusting our customers or clients, it’s trusting the traffic that enters our network. It’s about trusting the legitimacy of digital transactions, whether that transaction is a monetary one or whether it’s simply a request to access a server.
What makes it all the more difficult is an increase in the internet’s web of connectedness. Companies have many servers, both public and private with many employees (and devices) accessing them, both internally and externally. And unlike the old days where once you gained trust with a person, you could pick that trust up where you left off, today’s IT Security teams are realising that every request for access must be treated as if it were from a complete stranger, even if it was verified and validated yesterday.
I don’t think we have all the answers yet to the question of what is next or how do we solve this problem. We still have a long way to go. I’ve already spoken in-depth about the problems with current KYC (Know Your Customer) due diligence processes happening in the financial sector. I’ve also spoken about the importance of identity in digital transformation as well as it’s challenges.
As I’ve already mentioned, Coronavirus is accelerating our use of digital identity in online transactions and that is definitely something to be excited about. But we must also be wary that speed of adoption should not take precedence over security.
In the Legal Entity Identifier market (the business entity identifier endorsed by the G20), I’m profoundly impressed by the speed at which the Global Legal Entity Identifier Foundation (GLEIF) has worked with industry, both private and public, to speed up standardisation of the ISO, influence global regulatory frameworks and map data from existing databases to improve not just regional, but global efficiencies and transparency.
I’m also relieved to see the work which has gone into enabling Certificate Authorities to include LEI Numbers into Digital Certificates. I spoke about the benefits this could have last year but I in no way envisaged the speed at which the GLEIF would work with the CA industry to standardise this practice, just announced last month.
If we can create more trusted transactions within our business, we can extend that trust outwards to our customers and clients, giving them a sense of ease when they type in their financial details on business websites, or when they’re asked to prove their identity with personal information.
A sense of trust in business enables us to have better experiences with businesses, which leads to better commerce. Government spending on reducing financial crime would be able to decrease as their ability to trade safely across borders increases. So, trust isn’t just essential for you and me – it’s essential for our future.
I’ve included a lot of links to previous posts as I hope any people exploring this topic for the first time will explore even further. Please feel free to message me or comment to keep the conversation going.
If you’re interested in learning more about Legal Entity Identifiers and how they help increase trust in business to business transactions, please read the introductory post on LEI’s here.
Register a new LEI or transfer an existing LEI to ManagedLEI today for low cost LEI renewals.Buy or Transfer an LEI
Trusted Identity Ltd. LEI: 98450054NFCE7A67C172Managed LEI © 2020. All Rights Reserved.