OpenAI’s agent demo could break local businesses, and the 'right to be forgotten' really does exist... but it’s not the customer’s
Plus: Point solutions in ID will win over platforms, ‘Neural Networks’ Churn Out Real Fake IDs for $15, and privacy-preserving digital IDs could be coming to Square terminals
Hi everyone, thanks for coming back to Customer Futures.
Each week I unpack the disruptive shifts around digital wallets, Personal AI and digital customer relationships.
If you haven’t yet signed up, why not subscribe:
What happens today when you forget your username or password?
You are most likely taken through some reset steps and issued a temporary password. But where does that get sent? Ta-da! To your email or SMS provider.
So, you fix things and get back to normal.
But let’s look more closely.
These password reset pathways are set up right at the start of a digital relationship. When customers create a new account using their email address, SMS or social network login.
Like it or not, we are all using 3rd parties - our email providers, mobile operators and social platforms - as our default digital identity providers.
Our digital backup when we can’t access other accounts and services.
But what happens if it’s actually these 3rd party identity providers who lock us out? Our lives get frozen almost instantly, and completely.
The 'right to be forgotten' really does exist... but it’s not the customer’s.
That data right really belongs to the 3rd party identity provider. Who can choose to lock us out and forget us whenever they want.
It’s they who are really in control of our digital experiences. Of our customer relationships. And sadly these life-lock-out incidents happen all the time. Just look up #facebookdisabledme.
Of course, businesses need to have the right to kick people out of their accounts for breaking the rules. Quite rightly.
But when that account is the front door key for the rest of the customer’s digital life, it becomes problematic.
Technically, economically, and societally.
We hear stories all the time about customers being locked out of their email and social accounts without notice. Finding out that they’ve fallen foul of the T&Cs they never read. Or perhaps it was due to a technical blip, an accident. And some people never get a reason.
Either way, these identity providers are in the middle of everything.
But look closely and you’ll see there’s an even bigger risk. Account takeover.
If a bad actor accesses my 'root' identity, like my email inbox or social account, then it only takes a few clicks to impersonate me anywhere. Worse, they can reset my logins everywhere.
We need a customer relationship reboot.
An identity reboot.
No more single points of failure.
And I’m not talking about the challenges with government ID or KYC. It's about how we manage today's real-world problems when only a handful of companies can decide where we can and can’t go digitally.
It’s about the potential of Empowerment Tech. Digital tools that individuals control themselves.
Yes, ET will be much better for our data portability, privacy and security. But remember, these new digital tools will also have lock-out and back-up problems.
So we need to get smart. We need to think carefully about new single points of failure. And about who's really in control.
In the next 12-24 months, the question becomes: Who’s really running our digital wallets, and our Personal AI agents?
Much more on this in another post. But for now, let’s remember that our email providers and other 3rd parties are today’s defacto identity providers. And that it’s time for a change.
Else we'll keep getting locked out.
We might forgive. But we won't forget.
Of course, it’s all about understanding the future of being a truly digital customer. So welcome back to the Customer Futures newsletter.
In this week’s edition
Point solutions in ID and fraud will win over platforms
KIN, a new truly private personal AI coach goes live
OpenAI’s demo of an AI agent phone call could break local businesses - unless we get our act together
Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs
When credit scoring becomes a feature, not a product, to enable embedded identity
Five principles for ‘CRM + VRM’
Privacy-preserving digital IDs could be coming to Square terminals
Let’s Go.
Point solutions in ID and fraud will win over platforms
This comes from Jelena Hoffart’s excellent deep dive on why in digital ID, targeted point solutions will win over more generalised platforms. Brilliant analysis.
Helpful if you’re working on an ID platform and thinking about go-to-market.
KIN, a new truly private personal AI coach goes live
I’m bullish about private AI. Personal AI. And Personal Agents.
It’s why I’m interested in KIN. This pioneering team are pointing to the future of Empowerment Tech. Personal coaching that is actually personal, not personalised.
And just for good measure, they’ve got some pretty deep expertise around digital wallets, verifiable credentials, AI that remembers, and digital privacy.
Worth playing around with their latest Personal AI coach. And see what happens when we make AI private by default.
OpenAI’s demo of an AI agent phone call could break local businesses - unless we get our act together
AI-powered digital assistants are going to be everywhere. Because the tech is already commoditising.
Check out this latest OpenAI demo, where an AI agent made a pretty competent phone call to a local business and placed an order.
Three things we need to answer, and soon:
What happens once this consumer-grade tech is in the hands of individuals at scale? I can imagine that larger businesses will have customer checks in place for phone calls like this (“Are you a human?”). Most probably provided by the contact centre software vendors. But what happens when a bow-wave of real-sounding requests hits local businesses that won’t have the digital tools to know it’s an AI? I’m assuming we’ll see an explosion of fraud, social engineering to access business accounts and a bunch of pranks.
How long until these AI agents replace most digital forms? All those swipes and taps on websites and apps, needed today to get things done?
How are we going to trust any of these AI agents in the digital economy? The answer is that we won’t. Not until the AI agents can
prove who/what they are (that’s ‘authentication’)
prove what they are entitled to do/ ask for/ pay for (‘authorisation’)
prove who gave them the authority to act (or perhaps more accurately, who is legally responsible for the agent) (‘identification’)
Today, these AI agent interactions don’t involve payments. But we also said that in the 1990s about the early web.
And then eCommerce was born, and businesses changed forever.
All of this crazy AI agent stuff is going to need levels of digital trust that we’ve never had to deal with at scale before.
Helpfully, Empowerment Tech is on its way.
Built on new internet-scale standards around digital identity, data portability, privacy and interoperability.
I’m more certain than ever that we’re going to need new digital identity wallets and verifiable credentials.
But we need to get our act together. And fast, before AI agents are let loose on the bricks-and-mortar economy. Never mind the digital one.
Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs
Mind-blowingly realistic fake IDs using neural networks for just $15.
When credit scoring becomes a feature, not a product, to enable embedded identity
Monzo is one of the fastest-growing digital-only UK banks. With over 9M users, they are shipping new features like bandits.
One of the most recent is a credit scoring dashboard. Where you can see multiple scores at once, and get recommendations on how to improve your financial health.
We should care less about this exact feature launch. And more about what it means.
Because two things happened here.
First, a whole product (credit scoring) just became a feature (financial health), embedded into another experience.
It’s an example of ‘Embedded Identity’ that I’ve been talking about.
Second, it’s proof that we can organise information around the individual once we have a trusted endpoint for them. We can’t so easily do this today with the browser, because we can’t always trust the session, website or device.
But once you add it to a verified customer touchpoint - say a wallet - where we can use biometrics to authenticate, and add all sorts of other data (just check out Monzo’s roadmap), we can build new digital experiences for customers where they already are.
This is just the start of a new way to do credit scoring. It’s just the start of how we manage digital ID.
And it’s just the start of Empowerment Tech.
Five principles for ‘CRM + VRM’
A recent paper from MyData imagines new ‘human-centric’ tools for CRM and digital marketing.
Privacy-preserving digital IDs could be coming to Square terminals
This teaser comes from one of the demos at the latest DIF hackathon.
It’s by TBD, the decentralised ID team within Block (Jack Dorsey’s payment venture that also builds the payment platform Square).
“No more need to share your height, weight, birthday, address and other personal data with merchants.”
In last week’s newsletter, I pointed out that identity networks are really about ID acceptance. And I asked if today’s payment networks could be an acceptance network staring us in the face.
TBD’s teaser is precisely what I’m talking about. Being able to present private, secure and verifiable ID data at payment points.
Another example is the recent announcement by Visa on their ‘Flexible Credential’. Which - if designed correctly - could do something similar.
It’s coming folks.
TBD’S HINT AT ID ACCEPTANCE, VISA’S FLEXIBLE CREDENTIAL
And that’s a wrap. Stay tuned for more Customer Futures soon, both here and over at LinkedIn.
And if you’re not yet signed up, why not subscribe: