Popular Posts:

What’s New:

Can a business invest in stocks?GLEIF’s verifiable LEI issuer qualification programWhat are child entities and how do they relate to other entities?Do I need an LEI when selling shares?Business transparency: How to create an environment of trust?Anti Money Laundering (AML) in banking: Everything you need to knowKYC in banking: Why it’s important and how to comply?Corporate structures demystified: What you need to know?What is a parent company and how does it work?How long does it take to get an LEI?ISO 5009 – Identifying organizational rolesISO 17442 – Standard for LEI code structureESRB discusses the future of LEILegal Entity Identifier (LEI) vs Tax Identification Number (TIN) in MaltaWhat documents are required for LEI registration in Malta?How to get an LEI in Malta?Who is an LOU in the LEI Dimension?GMEI Utility vs LEI RegisterLapsed LEI – Why should you keep your LEI active?Who is an LEI Registration Agent?Are LEIs public?What is LEI transfer?Can an individual have an LEI?Do LEI numbers need to be renewed?Why is an LEI number required?How much does an LEI number cost?LEI Lookup – Fully dedicated LEI search websiteISIN to LEI mappingGLEIS | Global LEI SystemMiFID regulation | MiFID II LEIvLEIGLEIF | Global Legal Entity Identifier FoundationCompany autocomplete by LEI RegisterOpen LEIEuropean Market Infrastructure Regulation | EMIRWhat is an LEI database?LEI application – Apply for an LEI onlineLEI checker – Search your LEI onlineWho needs an LEI number?LEI Lookup for MT companiesLEI for TrustsLegal Entity Identifiers in cryptocurrencyLegal Entity Identifiers in KYCTrading and investing for beginners: Should I trade through a business entity or as a sole trader?Digital Identity predictions for 2020The future of cybersecurity – DeloitteLegal Entity Identifiers in digital certificatesBroad adoption of LEIs could save the global banking sector US $2-4 billionLegal Entity Identifiers for government entitiesThe European Market Infrastructure Regulation (EMIR) and Legal Entity Identifiers (LEIs)The FCA will take pragmatic approach to supervising reporting on Brexit DayAdoption of LEI in payment messages by the Payments Market Practice Group (PMPG)RegTech London – Event summaryWhat is LEI-search?LEI Register and RapidLEI announce an official partnership

Digital Identity predictions for 2020

What does 2020 have in store for digital identity? Here are some of our predictions.

More countries will begin to adopt national ID schemes

A national identity scheme tells us much about the state that creates it. Schemes come in many forms, with the government taking many roles from identity issuer to regulator. Gemalto has visually explained the ecosystem.

Trusted National Identity Scheme 1

Here’s an example of the UK system:

Identity System UK

The case is slightly different in Estonia, where identity is given a more citizen-centric point of view, with the government taking the role of identity issuer. Each citizen receives a national identity card (so far, 98% of the country is covered), allowing them to access online services.

In countries like Sweden and Finland, the banking industry has taken on a key role as the issuer of digital identities. While no country has the perfect ecosystem, newer countries, like Kenya, that adopt these systems have lessons to learn and ideas to build upon.

2020 will launch more national identity schemes and more projects to be announced. The world is realising the benefit of giving citizens a national ID that can help them access the banking sector and public sector.

The digital identity landscape will become less complex

One World Identity has been helpful in segmenting companies in the Identity and Access Management space. Their document mapping the identity landscape looks a little heavy right now, and there are no signs of slowing down. Companies start each day intending to solve new challenges in the industry or gain a piece of a growing market share.

Companies solely dedicated to Identity Verification, Know Your Customer, Identity Proofing and Compliance are mapped with trade organisations and password managers. You can download the image here yourself.

We don’t think we’ll see a slowdown in companies popping up in this space anytime soon. Still, we think companies will start building partnerships and collaborating more with API-driven approaches. This will lead to one-size-fits solutions that will become the norm. We can see good opportunities for joint ventures and API-driven workflows for identity verification, issuance, federation, and brokerage. This partnered one-size-fits-all solution will be useful for a business that doesn’t want to deal with complex identity data.

Phishing attacks will increase – This time, with a thirst for identity data

As security gets more complex, so does a cybercriminal’s strategy. Password complexity hasn’t changed much, and people still use the same passwords for most accounts. Still, there has been the adoption of multi-factor authentication that hackers are now trying to bypass with a new authentication attack.

By tricking users into pretending to be a company they trust, hackers can ask users to identify themselves with a fingerprint or a picture of their faces. This biometric recognition is then stolen and used to gain access to their accounts.

There have already been a couple of attacks that have sought to get access to a user’s biometric data. These types of attacks don’t show any signs of slowing down.

The ownership and control of identity will be a major topic of discussion

There is consensus in the industry that identity attributes should belong to and be controlled by the people who own them. Citizens.

Organisations shouldn’t have to issue digital identities. Instead, each person should bring their own identity and choose which information they share with the company, and an independent authority would verify this data before a digital information exchange takes place.

When it comes to the advantages of using blockchain to store identities, the list is endless. The control of data is with the person who owns it. They can revoke access to data by third-party companies, update the data themselves, and delete information they don’t want. Everything that GDPR regulators would die for.

Since Satoshi Nakamoto released his white paper on Bitcoin in 2008, we still haven’t seen widespread adoption of digital identity. Why?

There are a few answers to this question. First, there is still much debate about what we would use to authenticate ourselves online. Right now, we typically use a password and username, and in higher-level situations, we have to identify ourselves with a bank account, address, passport, or driver’s license. Some experts say we could use identity attributes like proof of bank account ownership, library memberships, and government accounts online. Some argue that we should use biometrics like facial recognition or fingerprints, but both have already been successfully hacked. Others say we could move towards a model using identity attributes based on our behavior, but most consumers find this terrifyingly dystopian. And many experts say the answer is a mix of all the above.

“Whenever things as sensitive as biometric templates are written to an immutable ledger, you don’t know what will happen with that data years into the future.” Says Ed Eykholt, VP of Engineering for non-profit biometric service provider iRespond, in an interview for Biometric Update.

But what counts as an identity attribute? How do you regulate this and stop sensitive data from being accessible to hackers? These questions are still up for grabs, and W3.org has a working group that has been making a good start.

The industry has already put to bad ideas of using blockchain for identity because running sensitive identity data in the blockchain would be tricky to do securely. A centralised identity service on a decentralised data exchange platform appears to be the way forward, but who becomes responsible for this data? Would you trust the government with it? Or your bank?

We’ve already seen what security issues a nationwide identity database can create, thanks to India’s Aadhar hacking incidents. The fact is, there are still a lot of questions to be answered and a lot of collaboration between private and public companies all over the world to make this work.

The banking industry will be focused on trust

2020 will be a busy year for banks. Banks were traditionally trusted with safeguarding the gold bullion, but today, banks have a much larger responsibility to safeguard our data. There have been significant challenges in doing so, especially as Open Banking encourages sharing data via APIs with third-party providers and FinTechs.

The move will bring about significant consumer benefits and allow greater market competition, but it creates more layers for data to leak or be exploited. One that banks and financial technology companies alike will have to work hard to close.

Banks also have to think about Know Your Customer (KYC) checks and what they can do to improve a system already being exploited. According to UK Finance:

“Unauthorised financial fraud losses across payment cards, remote banking and cheques totalled £844.8 million in 2018, an increase of 16 per cent compared to 2017.”

Anti-Money Laundering (AML) and KYC checks are not sufficient enough. While Legal Entity Identifiers have the potential to greatly reduce fraud, improve KYC, and shorten onboarding times on the side of B2B, there’s still a gap when it comes to B2C transactions. Could LEIs also be the answer to B2C? We’ll have to wait to find out the answer!