Our customer future - an 'open-loop identity' ecosystem?
What if we take an alternative ‘open-loop’ approach to proving who we are digitally... what becomes possible?
This is the third post in a series about making digital identity more human. In the first post I suggest that paper credentials have been so useful, for so long, because they meet a number of core human requirements — from accessibility and flexibility, to privacy.
In the second post I argue that today’s digital identity solutions are really ‘closed-loop’ solutions which are doing a poor job of meeting these human requirenents — and are failing to get traction at scale as a result.
In this post I explore what an alternative ‘open-loop’ identity solution might mean, and why new and vast opportunities become possible.
First, let’s recap why digital identity today isn’t working. Our current ‘closed-loop’ approaches to digital identity are:
Designed for the organisations, not people — meaning individuals have to use different identities in every different place to meet their needs, not ours;
Fragmented and inaccessible - they are hard to use and often exclude those who can’t easily use digital tools;
Missing out on huge value - opportunities to free up (and create new value with) our personal data that’s currently locked up inside different companies;
Held captive by ‘identity providers’ - the often large and powerful companies who make our digital lives easier, but at the expense of tracking us across contexts (else we must handle hundreds of account details, usernames and passwords);
Not private - increasingly capturing our personal data to fuel the business model, and having to trade privacy for security or seamless user experiences;
Inflexible, making it difficult to share combinations of credentials - preventing users from actually meeting using their identity data to meet a huge range of business needs.
So, what’s the alternative?
Let’s look at each of these issues – the failures of our digital identity systems – but this time describe how things could be if we take an alternative ‘open-loop’ approach to proving who we are digitally.
1. From organisation-centric to customer-centric
Why can’t we design digital solutions to mirror how paper credentials work? In an open-loop digital identity system the identity owner (the end user, the individual, the customer) personally holds those credentials.
We can carry those identity credentials around with us, perhaps on a mobile phone, and can have them ready so they can be presented when someone asks for them (just like we keep our purses and wallets ready to do the same).
Whilst the organisation that issues credentials might still have the right to take them away, we – as the holders – look after them. And because they are digital we can also back them up, and replace them when they are lost or stolen.
2. From fragmented to accessible
Much of what I’ve described in these posts are ‘first world problems’: the difficulty of filling out online forms; privacy infringements by identity providers; perhaps dealing with identity theft. Yet the effects of poorly designed digital identity systems can be devastating for vulnerable populations, especially where being the wrong gender, race or religion could lead to life and death situations.
It’s one of the great paradoxes facing those building new digital identity solutions. By definition they will exclude communities without connectivity or smartphones, and those without the skills or confidence to use them. So it’s a requirement then, perhaps a duty, to design new global digital identity infrastructure and tools that will not only be easy to use, secure and private, but also have the capacity to work for everyone, everywhere.
Here's a related observation: if accessibility means for ‘everyone, everywhere’, then it’s possible — logical even — to conclude that this same identity infrastructure should work for ANY identity. That not only means people (citizens and customers), but also organisations (think company and tax registration, procurement and supply chains) and things (think connected devices and cars, smart homes and smart sensors in cities). Perhaps it’s an obvious question: why would we use different identity infrastructure for people and pets; for buildings and bulbs; for companies and cars?
If we get it right, open-loop digital identity ecosystems will work regardless of context, region, or which person, organisation or thing is involved. It will work for a taxi driver in Bangladesh proving her address to open a bank account; it will work for a smart meter sharing its consumption data with the energy supplier; it will work for me sharing my dog’s medical records with the vet.
3. From closed to limitless
As described above, any open-loop identity system will exhibit the same characteristics of paper credentials: anyone (or any thing) can prove anything about themselves to anyone else, anywhere, and at any time.
Some interesting and exciting new things become possible, digitally.
Radical new cost reduction: when I can prove details about my last three jobs, including starting and leaving dates, my employer no longer needs vast back office processes for identity and reputation checks.
New efficiencies: when the farm can now prove it holds a valid animal welfare certification, everyone along the supply chain no longer needs stacks of paper and can conduct fewer phyiscal visits.
New revenues: when customers can prove their contact details and registration information, websites no longer need online forms, and can offer almost instant checkout (meaning fewer abandoned sales).
New business models: when I move home, I can instantly and invisibly update my contact details for everyone I need to let know, and every organisation I deal with; this has the potential to transform Customer Relationship Management for businesses forever.
For this to be possible, open loop digital identity will need to build on common digital identity standards and interoperable infrastructure. Looking at the progress of technologies such as self sovereign identity (SSI), and of groups like the Trust Over IP Foundation, it’s clear we’re at a tipping point.
4. From captive to free
With closed-loop identity systems, we can only use our digital credentials in certain pre-approved places. With open-loop systems our credentials can be shared in any context, and can be used over and over again in different situations (not just where I received it in the first place).
Just like with paper, I can present my car’s service log to the garage without needing my car’s manufacturer involved. I can present proof of address for a mortgage application without needing my utility provider involved. I can present child benefit entitlements without needing the local council involved.
It’s this scalability and flexibility that sets open-loop identity ecosystems apart from the digital identity walled gardens we have today.
5. From tracked to private
Privacy is a fundamental human right, and usually found as a grounding principle in open, healthy democracies.
For an open-loop identity ecosystem to function — and importantly, to be sustainable — participants need to believe that they are not being tracked by 3rd parties when they are interacting digitally.
Otherwise history reminds us that over time, individuals will resist participating in such surveillance-based economies, and we’ll face many of the challenges that our digital identity solutions have today.
6. From inflexible to adaptable
Closed-loop identity systems are designed to restrict use. It’s why and how they are built. And it’s understandable: we don’t want to be spraying identity information around, so we lock it down. One use case, one identity system.
But with open-loop identity we not only get the flexibility to present different credentials in different contexts. We can use them in new combinations — just like we do with paper today.
If we get the underlying open identity technology right, then when an organisation needs us to present two different sets of credentials from two different sources (just think about any paper application you have ever had to submit), then we can easily put the different credentials together into a single transaction - perhaps even with one ‘tap’.
But here’s the great part: if one of the credentials is deemed to be insufficient, the organisation can request another and another until they can establish a level of trust that meets their needs. Just like we do with paper today.
For the first time in the digital world, we could create infinite number of combinations and permutations of identities. This means that anyone who currently relies on identity data can participate, with no barrier to entry.
This quiet but huge step forward not only vastly increases the number of organisations that can get involved, expanding the reach of the individual even further, but it makes the whole ecosystem considerably more sustainable.
So what next?
If we want to foster identity solutions that will actually be useful, valuable and sustainable, we are going to need new digital infrastructure and new open standards.
We’re going to have to design and build tools that meet our human requirements. We are going to need an open-loop approach that will look and feel like the internet itself - based on a set of protocols, where anyone can participate, rather than have a massive computer in the middle deciding who gets to join and what all the data means.
Will the idea of open-loop identity become as transformational as the printing press? Maybe. As impactful as the Internet? Certainly. But I’m betting that it’ll become as indispensably useful and as remarkably scalable as paper.
Putting it more simply: today’s digital identity solutions are doomed if they don’t design for people; if they don’t put the people they serve first.
Just like the breakout of an open internet became inevitable, so too will an ‘open loop’ digital identity become inevitable. And that means a bright new customer future, where digital identity works for all for us, not just businesses.