Key points in the design of a digital identity platform

Achieving a digital identity system as powerful, flexible, and secure as possible, is a complex task, but one that if well executed, will have a positive impact on the company’s success, in profitability, user-friendliness and resource savings. To this end, the spotlight is on suppliers with identity orchestration capacities: integrated sets of tools that provide access to the part of the identity solution the company needs, with tailored options and the ability to grow and upgrade at the pace set by the market.

I

dentity platforms, especially for fintechs, will need to consider certain key points in their design in order to be competitive at the highest level. 

Customer experience 

Placing the user at the center is always the smartest option. It seems obvious, but it is the customer’s data that is at stake. Making their experience throughout their identity verification journey frictionless, or minimal, will reduce abandonment rates and shore up brand image. To achieve this, organizations have both active and passive authentication solutions available to them, adaptable to each profile. The former refers to those applications that require a certain degree of collaboration from the user; for example, they are asked to nod their head or smile at the camera. In the case of passive authentication solutions, the entire procedure is behind the scenes. That is, without the user noticing, the system is able to detect whether the user is real and matches with who they claim to be. 

Visibility 

The different tools of the identity framework will be connected to each other and concentrated in a dashboard that will allow mapping all the customer data being handled, as well as detecting any sign of fraud. Different tools will solve different problems, so a global vision is essential. 

Risk-based authentication 

Traditional “name and password” authentication systems are static and the same for everyone. Implementing the so-called risk-based authentication (RBA) builds a stronger fraud defense and makes the process more robust in terms of compliance. RBA detects red flags in the verification process, such as authentication errors or access from abroad or from unknown devices, and assigns a score with the aim of requiring an extra method of identification, e.g. a one-time code sent by SMS or through the digital bank’s own app. This score will change as user access attempts are added, making access become stricter over time. 

Authentication methods 

Banks will need to select increasingly sophisticated and secure authentication methods that are best suited to their customer profile. It is important they make the most of all the information provided by their customers regarding themselves: from personal questions to identity data such as address or date of birth, to non-transferable keys and passwords.  

Extensions 

Identity schemes that are able to adapt to the new functionalities that developers are launching more and more frequently, will succeed in a competitive market, which is always trying to offer the best experience and thus build customer loyalty. 

Internal requirements 

Each financial institution has its own character and needs which, identity platforms must understand and manage wisely. These tools must go beyond simply offering a verification service, they must align with the brand image and comply with specific regulations.  

Integration 

If a corporation makes use of many tools that play a role in the verification and identification process, they must be combined with each other. The solution will have sufficient capabilities to manage all the information collected by each of these tools. On another level, integration must also take place with other company applications, such as a fintech’s particular applications or any internal management system. 

By making use of a well-structured orchestration of digital identity services, organizations can control their growth from the outset, adding solutions on demand. Human resources are reduced to a minimum and compliance with all these key points is ensured, making the verification experience a close, secure, and reliable process.