Mobile driving licenses make (or break) eIDAS, It's time for TelcoID, and is User-Centred Design failing us?
Plus: Advertisers will spend $84 billion on ad fraud this year, The Myth of the Privacy Paradox, and Open Wallet Foundation’s new members - but where’s Apple?
Hi everyone, thanks for coming back to Customer Futures. Each week I unpack the ever-increasing and disruptive shifts around digital wallets, Personal AI and digital customer relationships.
If you haven’t yet signed up, why not subscribe:
📖 STORIES THIS WEEK
“Every company will be a fintech company”, according to investment firm a16z.
It’s a fair prediction as more and more brands add financial services, payment wallets and Web3 (crypto) services to their apps and experiences.
But here’s what’s going to happen, and it’s going to catapult the pioneering companies:
They won’t just add payments to their services. They will add Digital Identity (personal data) wallets too.
They’ll be able to radically improve online experiences. Enhance their existing digital products. And streamline - and perhaps completely remove - complex customer processes.
Most importantly, they’ll be able to unlock new revenue streams and innovation opportunities based on personalised customer profiles.
Identity data. Loyalty data. Context data. Financial data. Shopping data. Travel data. Home data. Behavioural data. Transaction data. Intent data.
Here’s my Customer Futures twist on a16z:
“Every company will become an identity company”.
Customers controlling their personal data. Sharing what data they want, with whom they want, when and where they want.
We’ll move from ‘embedded finance’ (pay your bills with Uber… get a loan from Walmart)… to Embedded Identity.
And it’ll be possible because of a next generation of digital wallets. Of new verifiable credentials. And of personal AI.
Together with new ways to handle the rules and risks about who can do what with our data and why, it’s a pretty exciting time.
Welcome to the future of being a digital customer. And welcome back to the Customer Futures newsletter.
In this week’s edition:
It's time for TelcoID
Mobile driving licenses make (or break) eIDAS
EU Digital wallets in 2027?
The Inevitable Influx of Ads into AI
Advertisers will spend $84 billion on ad fraud this year
Inbox Zero for everyone, by default
The Myth of the Privacy Paradox
Open Wallet Foundation’s new members - now where’s Apple?
… plus other links about the future of digital customers you don’t want to miss
Let’s Go.
It's time for TelcoID
Anyone following the identity market for any time will know that the banks and telcos all believe that they are the heir-apparent for proving who their customers are online.
They have the reach. They are regulated. And they are ‘trusted’ (we'll come back to that in a moment).
But over the last few years, a new breed of Over The Top (OTT) digital ID players have emerged. Scanning ID documents. Gathering identity data sources. Building digital profiles.
And then making those digital ID signals available to businesses on the end of a handy - and increasingly low-cost - API.
If you’re a bank or a telco… what to do with the OTT ID threat? You’re sitting on all that verified customer identity data. Surely you can’t ignore a potential new revenue stream? Are you going to give up that exciting market position?
Mostly, yes.
Digital ID from the banks and telcos has largely failed to make it out of the lab. It’s languished as ‘trend number 7’ in the innovation team for over 15 years.
Yes, they’ve made basic ID data available to the market. Things like verified phone numbers or addresses or credit scores, but that’s it.
There are very few consumer-facing ID solutions from banks and telcos.
With one exception: Federated bank ID.
In some countries, the big banks at least have seized the opportunity. In part, because they realised they’d be disintermediated by the OTT players if they didn’t act.
But ‘Bank ID’ - where you can log in to another service provider using your banking credentials - has only worked when two conditions are met:
A small number of banks together enjoy huge market share (perhaps over 70%)
Those banks get on with each other
This is why ‘Login With Your Bank’ has enjoyed great success in Sweden, Finland, and Canada. But also why it’s failed to take off in America (fails #1) and the UK or Australia (both fail #2).
But the watchword here is ‘ecosystems’.
Because banks are ecosystems by design. B2B + B2C by default.
“If only we had a way to connect our business clients and retail customers with a handy Bank ID?” they moan.
So where are the telcos? They too have reach. They are regulated. And are ‘trusted’.
And they face the same ID opportunity as banks. It’s the same products (“we already know who you are!”) and the same GTM strategies (“we can get to both the B2B and B2C markets!”).
But consumers don’t use telcos enough. We might bank daily, but when was the last time you logged into your mobile phone provider?
If only the telcos could crack the ‘ID frequency’ issue. The market opportunity is seemingly there for the taking.
There’s a long history of telcos attempting, but often failing, to enter the ID market. And now it’s the UK’s turn.
‘EE’, the largest UK mobile network, just announced ‘EE ID’. A new digital ID platform, and - importantly - a 3rd party ecosystem of providers.
Ta-da, the frequency problem solved.
A super-app play. Integration with lots of other businesses, so you can be instantly onboarded and recognised wherever you need.
Another data network, producing another ‘data flywheel’.
Where customers produce more and more data on the platform, providing more and more insights. All while lowering the risks for all involved, as customers move around the ecosystem verifying themselves and building a digital reputation.
EE is certainly one to watch.
Though there are now several ‘ID ecosystem plays’ bobbing around the UK. Including across the banks and some of the OTT identity providers.
Of course, it’s all market validation that the next wave of digital growth will be based on user-centric digital identity.
Here’s my take: The real opportunity here isn’t a super-app play (a la Twitter), with a closed network of providers. It’s an ‘ultra-app’ play.
Giving consumers an open and portable digital wallet, holding and sharing verifiable credentials and using clever privacy tricks like ‘zero-knowledge proofs’.
At some point, folks will realise that these different data ecosystems will need to come together. Across banks AND telcos. Across government AND retail. To become interoperable.
We need an open ecosystem of wallet providers, businesses and digital experiences to join up. All organised around the individual, the customers, not the business.
Else we’ll be back where we started. Even more fragmented ID apps and data ecosystems, and banks and telcos fighting to ‘own’ the customer.
At that, dear reader, is where digital wallets will come into their own.
Because the only 360-degree view of the customer, is the customer.
Mobile driving licenses make (or break) eIDAS
Andy Tobin is one of the hawk-eyes on all things eIDAS. And he has spotted a pretty important detail - and potential policy shift - around digital mobile driving licenses in the EU digital wallet.
If you care about credential formats (things like ‘mDL’) and identity markets (how will eIDAS fit alongside wallets like Apple and Google), then this is one for you.
Here’s the important bit (bold mine):
“This means that each individual member state will get to decide whether to allow mDLs to be issued into digital wallets other than eIDAS certified wallets. Which means that they could be issued into Apple and Google operating system wallets.
Now you see why this is so pivotal for the future of eIDAS.
<snip>
Given that the vast majority of ID verifications can be carried out with a driving licence these days, and given that every Apple or Android phone has a built-in wallet that already accepts mDL format credentials, why would any citizen go to the trouble of installing an eIDAS wallet, getting a PID (personal identity data) credential, then getting a driving licence credential? It'll be much easier to just shove the mDL into the existing wallet on every device out there.
eIDAS wallets then become far less attractive and far less useful, and will be relegated to simple PID containers for occasional use on government websites.
Therefore this little amendment 44, which changes 1 word and adds 16 new words, is the most important amendment for the future success of eIDAS.”
This, and Andy’s many other posts about verifiable credentials and eIDAS, are worth following closely.
EU Digital wallets in 2027?
While we’re talking about the eIDAS wallet, worth paying attention to the rollout timescales. There are signs of (predicted) delays, including lengthy timescales to agree and build the digital wallet.
Given the latest milestones, does this mean 2026 before wallets are out there, and 2027 for the acceptance networks?
The Inevitable Influx of Ads into AI
Digital thinker and futurist Chris Kalaboukis explains why we need ad-free AI interactions. Why having conversations and gathering info without being sprayed with (hyper-personalised) targeted advertising is critical.
Will today’s free GenAI platforms be forced to integrate ads to support their (clearly now heavy) operational costs?
And now Google is about to fill its AI searches with digital ads.
What could go wrong?
Advertisers will spend $84 billion on ad fraud this year
I’ve written before that digital ads are the new sub-prime crisis: fake (AI) ads on fake (AI) websites, soon with fake (AI) eyeballs.
The 2008 financial collapse was largely down to a lack of transparency. Who really owned what? What assets were really worth what?
You can smell market bubbles from a distance. Vast (and unnecessary) complexity. Long supply chains with little transparency. Little or no governance. Rampant fraud.
Ring a bell?
For over 70 years ad execs have joked “Over half my advertising is wasted. But I don’t know which half.”
But that was about brand signalling. Not about individual ad tracking.
Now that advertising is mostly digital… it’s much more of a mess. And overlapping and confused with ‘digital marketing’. With businesses constantly tripping over the privacy line (and of course the clumsy line, selling me stuff I already have, or don’t need).
The digital ads supply chain has exploded into a Wild West of flimsy ‘MarTech’ platforms and hyper-speed digital ad exchanges. And the ‘AdTech’ landscape is now quite ridiculous. See the ‘Lumascape’ picture above.
So we’ve lost track of, well, everything.
We have no idea about which ads are presented where, to whom, and how. And with real-time AI-powered content, offering a tailored ad impression for each and every customer, it’s going to get much, much worse.
So who would have guessed it… digital ad fraud is now exploding.
Today it’s expected to hit £84Bn. That’s BILLION. In one year.
Says MarketingBrew:
“Nearly a quarter of online marketing dollars will go to ad fraud this year, a report from Juniper Research found.
“Ad fraud is projected to cost marketers $84 billion in 2023, or about 22% of the $382 billion spent on online advertising, according to the marketing research firm. For mobile, it’s a bit higher, representing about 30% of spend.
According to the report, marketers will spend $747 billion annually on digital advertising in 2028, with ad fraud accounting for 23%. In 2028, most of the ad spend loss (42%) is projected to be in North America, followed by India, per the analysis.”
30% ad fraud on mobile!? One in four ad dollars wasted overall!?
Just. Stop. The. Waste. We need a new model. A new paradigm.
With all the innovation around digital wallets, surely there’s space for a new privacy-preserving profile for consumers?
Something under the user’s control, against which private, personalised offers can be served (note to those paying attention: they won’t be ads anymore).
It takes us towards hyper-personalisation, but this time from the customer’s side. It takes us to pull-based ads. And it takes us towards massively more efficient marketing and advertising.
I can already see a few startups working on this, and I’m excited about what’s coming.
Inbox Zero for everyone, by default
Jeremiah Owyang has an excellent view of how Personal AI will impact our inboxes:
“Soon, everyone will achieve 'Inbox Zero', here's how it's gonna go down:
AI will read, summarize, and respond on our behalf
Messages will indicate if they were actually written by you
This means you'll get a 'no' or 'yes' faster based on the recipient's rules
My AI agents will converse with your AI agents
AIEO (AI Engine Optimization) will emerge to bypass gatekeeper agents
A new social network will surface, verifying that only humans are communicating
Neat.
Though at this point, we won’t need email… just smart agents (and wallets) connected to each other… without mail servers and spam.
More private. More secure. More useful.
The Myth of the Privacy Paradox
“Who wants privacy!?” Everyone puts their hand up.
“Now, who wants a free cheeseburger!? Just fill out this form”. Everyone also puts their hand up.
“Aha!” businesses cry. “Customers say they want privacy, but their behaviour says they don’t really…. therefore no one wants privacy… Let’s Go Bro!”
This is the so-called “privacy paradox”. That customers say one thing about privacy and consent, but do the opposite.
Yet it’s a flawed argument.
It fails to account for three things:
Customer context. Just because a customer consents to share data in one context (free burger) doesn’t mean she’s happy to consent to data sharing in other contexts (designing cars to collect as much personal data as possible). And that’s before you make assumptions about consent in different cultures… where privacy policies and consent tools don’t travel well at all.
Customer choice. If a customer has little or no choice but to accept the privacy terms offered, of course they’ll accept. But guess what happens if you give people other privacy options with little or no downside…?
Customer ability to account for the future. Humans are pretty rubbish at pricing in bad future outcomes. Especially losses and tradeoffs around data. Which is precisely what privacy management is about. Taking action today to avoid an issue tomorrow….
If this is the kind of thing that gets you wound up (or excited, depending on your jam), check out this excellent paper on what’s really going on with the Privacy Paradox.
From the introduction (bold mine):
“The “privacy paradox” is the phenomenon where people say that they value privacy highly, yet in their behavior relinquish their personal data for very little in exchange or fail to use measures to protect their privacy.
“Commentators typically make one of two types of arguments about the privacy paradox. On one side, the “behavior valuation argument” contends behavior is the best metric to evaluate how people actually value privacy. Behavior reveals that people ascribe a low value to privacy or readily trade it away for goods or services.
“On the other side, the “behavior distortion argument” suggests that people’s behavior is not an accurate metric of preferences because behavior is distorted by biases and heuristics, manipulation and skewing, and other factors.”
The punchline (again bold mine):
“Professor Solove argues instead that privacy law should focus on regulating the architecture that structures the way information is used, maintained, and transferred.”
What’s that you say? Digital wallets, verifiable credentials and zero-knowledge proofs?
Get out of town.
PRIVACY PARADOX PAPER, PRIVACY CULTURES DON’T SCALE
Open Wallet Foundation’s new members - now where’s Apple?
The Open Wallet Foundation (OWF) has lofty goals. It’s “an open-source project fostering collaboration across industries to create reusable building blocks for secure interoperable wallets”.
Hosted by the Linux Foundation Europe, it’s the community home for open-source code around standards-based digital identity wallets.
Microsoft and Google have now joined the ranks of the founding (and largely smaller) wallet providers.
OWF might just now have the chance to smooth out some of the lumps and bumps in the wallet market. Specifically issues around interoperability, data portability, security and privacy.
Important stuff for those working on digital identity and verifiable credentials.
From the recent OWF announcement:
“Google will contribute code from the identity credential library to OWF. This library simplifies construction of applications for securely provisioning, storing, presenting, and receiving mdoc/mDLs as specified in ISO/IEC 18013-5:2021
“It has become a standard test bench used by developers of mdoc/mDL applications everywhere and is already used by several commercial solutions, including Google Wallet.
“Ping Identity, a member since the OWF first launched, agreed to contribute code components for Credential Formats (VC-JWT, SD-JWT, ISO 23220 mDoc), Presentation Protocols (OpenID4VP including for ISO 18013-7, CBOR/REST for ISO 18013-7), an Issuance Protocol (OpenID4VCI), and a Credential Request Language (Presentation Exchange).
“esatus and Lissi by neosfer agreed to contribute their multi-platform Wallet Framework .NET. The highly versatile framework was originally incubated in 2019 by Trinsic under Hyperledger Aries and is productively in use in many mobile and cloud wallets today.”
Good stuff.
Now, most of the leading wallet providers are involved. Leading. Contributing.
But Apple, where you at? (…or is that the point…?)
📌 OTHER THINGS
There are far too many interesting and important Customer Futures things to include in this edition. So here are some more links to chew on:
In Europe, Meta Offers Ad-Free Versions of Facebook and Instagram for the First Time READ
How Ads on Your Phone Can Aid Government Surveillance READ
Is User-Centred Design Failing Us? WATCH
China Financial Certification Authority (CFCA) supports Legal Entity Identifier (LEIs) READ
The UK’s Online Safety Bill has become law READ
OIX paper identifies the DNA of Digital ID trust frameworks READ
The Current Identity Verification Tech Stack Won’t Survive AI and Real-Time Payments READ
EBSI Presents on New Study about Verifiable Credential Revocation READ
And that’s a wrap. Stay tuned for more Customer Futures soon, both here and over at LinkedIn.
And if you’re not yet signed up, why not subscribe: