Electronic services have been fighting their way to our everyday lives for a while now. You’d think that with the increasing number of e-services for both businesses and individuals, electronic means to access those services should spread as well. However, the study of European Commission states otherwise.
With the Digital Single Market in mind, the EC has conducted a yearly eGovernment benchmark 2018 report. The study indicates a need for improvement in use of supporting technology like eIDs or eDocuments. If you think about it, it’s really a circle going round and round — with a few e-services offering e-identification, the number of eID users don’t grow as fast, but vice versa, with little number of people using eID tools, e-service providers also don’t want to invest in additional technologies. But on the other hand, it’s not the correct way of thinking and here’s why.
The reasons behind e-identification challenge
First off, let’s discuss user perspective. User experience is becoming the key thing in nearly any kind of business. People more often use or stop using services based on their experiences — they prefer simplicity, speed, quality, good feedback on the experience from others. And naturally these are the things that service providers are constantly working on and improving.
In fact, e-identification can be an answer to most of the mentioned aspects, and more. As stated in the EC report, “A large step forward would ease identification processes and increase service flexibility, since users can identify themselves online whenever they want instead of being restricted to opening hours of service providers’ offices”. Unfortunately, thus far in Europe only half of the public services integrate eID solutions for swift online identification.
The implementation of electronic identification to people’s everyday lives hasn’t grown as rapidly also due to the fact that most of e-service providers still rely on accounts with passwords or logins through social media. However, the security and assurance level of such options are not at high level. With all the massive account attack incidents that we hear about from time to time, security shouldn’t be only an option but rather a priority. We’ve already written about why using passwords is risky, but it’s never too much to remind the reasons; in short, 1. people tend to use the same usernames and passwords for different accounts, 2. they don’t change passwords for a long time; 3. passwords of different people often are the same; 4. passwords can easily land in insecure networks, 5. strong passwords are no longer strong. And we’re not even talking about identity confirmation with social media accounts — if an account is hacked, all other linked accounts are hacked too. Plus, with either option one can never be sure about person’s true identity, e.g., someone could have created a fake social media account with another person’s name or used their account if this person shared their password and other account information.
Not only security raises challenges with password usage. Surveys show that the average person is registered to around 90 online accounts that require passwords. According to the University of Oxford survey, as it’s impossible to remember all of them, half of the users reuse the same passwords, but at the same time 25% of users forget one password at least once a day. But the most important thing is that about a third of online purchases are abandoned at checkout because consumers cannot remember their passwords. This means that businesses lose quite a lot of money. Looking at this data, we can also assume that strict password complexity requirements lead a moderate amount of people to abandon the creation of an online account in the first place.
It is expected, however, that e-identification accessibility in the nearest future will grow due to several reasons. First, as of the end of September 2018, the recognition of notified eID became mandatory under eIDAS regulation, meaning that EU citizens are able to use the eID means they use at national level also to access public services across borders in other Member States. Secondly, emergence of new tools has also evoked a certain boost in some countries and will continue to do so. E.g., in the Baltics Smart-ID entered the market a few years ago and in short time its user base has grown to over 2 million. Together with the user base, a circle of services — public and privately-held — also developed, currently including a number of service providers in sectors of finance, education, commerce, healthcare, housing.
How can e-identification solve these challenges?
As mentioned above, it all leans upon user experience. E-identification is a stimulus to improve it and jump in the train of up-to-date technologies and latest trends, and be one step ahead of the competition. We could divide the main arguments in favour of e-identification into two groups.
Security. As discussed, a lot of service providers still use usernames and password, however, it’s one of the easiest ways users’ data can be exposed or stolen. E-identification using PKI based solutions like Smart-ID or Mobile ID can be a perfect problem-solver here. What does this mean? With complex technological processes, in theory it’s basically impossible to hack or change data. This is by far probably the most secure option to identify users online. Plus, eID means based on PKI infrastructure and qualified certificates, such as Mobile ID or Smart ID, are especially useful for financial institutions as under law they are one of the few legal options to authenticate people online and start providing financial services. This leads to the second benefit.
Simplicity. You can probably win a lot of karma points from customers because in this digital age, taking care of things online, over the distance and not having to waste time travelling and waiting in queues, is very appreciated. On top of that, it’s a much simpler procedure to identify a person using an eID rather than creating a user profile with usernames and passwords. It takes only a few seconds and there’s no chance of forgetting the username or long password, especially when usually there are specific requirements set for them too, like at least 8 symbols, one upper case, at least one number, etc. This just means that a user most likely will forget it and next time logging in to your system will have to spend time to recreate the password. This might take only a few seconds or minutes but it definitely lowers customer’s satisfaction and user experience rate. You’ve probably faced it yourself and it wan’t very pleasant.
Thus, e-identification not only can help solve security breaches and improve user experience, but also help prepare for the new standard of service accessibility, that in the following years will become an inevitable symbol for e-services.