Okay LogoOkay Logo

Digital ID and SCA outside payment

17/07/2020

artifact

If the current crisis does not spur growth in the adoption of digital identity and strong authentication everywhere, what will?

Most often, we talk about SCA and digital IDs as something that only applies to the banking industry. However, many other services are candidates for digitalisation of identification processes. For most of these services, both a more robust digital identity and stronger customer authentication are required to create the necessary level of trust. Let us take a look at some examples:

SCA for Financial Services

Within the financial industry, there are increasing interest in expanding Open Banking to other financial services than banking and payment. These are natural candidates, like insurance providers, for instance; with their amount of client data, there are endless possibilities to create innovative insurance services and better user experiences.

It is also very likely that the European Union will look into expanding Open Banking to other financial services as a next step after assessing PSD2 results; maybe even expand it to industries outside finance?

SCA spurring new services

The combination of digital IDs and strong authentication is the foundation for new innovative services that rely on trust. The second-hand car market is a good example. Whenever you are buying or selling a second-hand car, the process is not fluid, some things, like payment, can even be awkward, and the process is most often time-consuming. 

Now imagine a journey improved by digital ID and SCA : 

  • Both the seller and the buyer can trust each other by using their digital IDs and strong authentication on a given platform
  • Contracts can be drafted - and signed - digitally
  • Legal paperwork is taken care of with the government agencies online - without delays 
  • Loans can be granted on the spot
  • Insurance is cancelled or put in place at the trigger of an app

In a world where the whole sales process is completed digitally, and checks can be performed almost instantaneous, selling or buying a used car becomes smoother and less risky for both parties. 

SCA to open doors - literally

SCA on a smartphone can be used in a number of different ways to avoid contact and probably reduce costs at the same time.

One scenario is using a smartphone + SCA to open office doors - or hotel doors. We did such a test in our office doors in Skien a while back. The possibilities are interesting.

Checking Legal Age by SCA

Digital ID + SCA is the right tool to check legal age. Not just to access personalised digital services, but also to control access to physical services. In the Nordics, tanning beds are used by many to compensate for the lack of sun during the winter. A lot of the tanning salons are self-service. When the government passed a law passed to prohibit anyone under the age of 18 to use the salons, the self-service salons had to find a way for users to verify their age to gain access. Now digital ID and SCA are used to grant access to the people with the right legal age.

SCA for Government Services

Digitalisation in governmental services is progressing, albeit rather slowly. SCA could be put to good use to protect access to digital records, like health records. These records are probably as sensitive as securing the authentication during payment or a money transfer and demands the same level of authentication security.

Digital ID + SCA could also speed up some process. Think about renewing your driving license. Although the process is already digitised in France, you still need to get a signed digital photo of yourself somewhere. That would not be necessary with a proper digital ID in place, with SCA.

General access to web services

There are many solutions to provide a 2nd-factor authentication to access your emails, various accounts on popular platforms etc. They either use hardware dongles, keys or smartphones with one-time-codes. Of course, this is useful to add further protection when authenticating. SCA was designed to wrap up the second factor itself with security, so that it becomes extremely difficult to hack, thus providing more robust security than simple 2nd-factor authentication. Depending on the criticality of what you want to protect and access, standard 2nd-factor authentication could efficiently be replaced by SCA.

For sure, many other services could benefit from digital ID and SCA. The number of possibilities is somewhat endless, don’t you think?