By Dr. Stephen Topliss and Nina Kerkez, LexisNexis
Modern society is rightly concerned about data privacy. Data breaches releasing the personal data of millions of people into the wild have become commonplace and are often making headline news. Sophisticated digital marketing technology enables targeted advertisements to appear as consumers surf the internet, giving consumers the eerie feeling that someone is watching their browsing habits and interests. Immense Silicon Valley organisations dominate the digital world, broadening out services beyond their original remit, leading to public disquiet over the power and reach of these commercial organisations.
Regulators have moved fast to address public concerns. The General Data Protection Regulation (GDPR), agreed upon by the European Parliament in April 2016 to become the primary law regulating how companies protect EU citizens’ personal data, has been and continues to be used as the basis of similar legislation around the world – consider for example the California Consumer Privacy Act (CCPA), the Brazilian Data Protection Act (LGPD) or the Indian Personal Data Protection Bill (PDP). These regulations are primarily aimed at giving control to individuals over their personal data. Regulatory complexities and steep fines associated with non-compliance can however lead to reticence of using customer data for any purpose at all – including scenarios where the end customer could greatly benefit from that data usage.
An analogous over-reaction to regulatory change was seen several years earlier in 2012 when the EU e-Privacy Directive or Cookie Law was introduced in an attempt to reduce the use of cookies specifically targeted at tracking users for marketing purposes. Some countries interpreted this regulation very conservatively, effectively defining a requirement for a pop-up window requesting user consent from the end-customer each time the user navigated to a new website, resulting in a horrible customer experience.
Whilst regulation may be designed to address specific problems, it should not inadvertently impact processes that can benefit society as a whole. Modern technology, used correctly, can take advantage of vast digital datasets to make the world safer, such as reducing the risk of fraud and financial crime, whilst also helping to deliver better end-user experiences in the digital world. It is argued by regulators in many jurisdictions that data use for prevention of criminal activities should always trump data privacy concerns. As such, data sharing can prevent large societal challenges like human trafficking, terrorism financing, and many others. Of course, this is a very different use case to the marketing related use case.
Digital Identity technology can collate data from the complex digital DNA of online transactions, whether logins, payment transactions or new account applications. By connecting the dots between the myriad pieces of information a user creates as they transact online and looking at the relationships between these pieces of information at a global level and across channels/touchpoints, businesses, organisations, governments even can benefit from a consolidated approach to fighting crime in the digital world. When following privacy by design principles, for example using tokenization techniques, to protect customer data, Digital Identities can enable trusted users to transact seamlessly while high-risk behavior is detected and flagged for review before a transaction is processed.
Tier 1 banks around the world use Digital Identity intelligence to better understand the trustworthiness of their customers from the moment they apply for a new product or service, and throughout their lifecycle with the bank; at login, change of details and payments. This intelligence drives advanced online risk assessments, silent authentication strategies, customer-focused analytics and consortium functionality which shares intelligence across the bank and within regional banking networks.
Data analytics across a global Digital Identity network enables the shift from tactical fraud prevention to strategic initiatives against global mule networks, which facilitate money transfers for a variety of criminal activities including fraud, money laundering, drug trafficking and terrorist financing. Whilst some mule accounts are directly managed by organized criminals, many mules are poor, naïve or ambivalent young adults, recruited through careful, targeted campaigns. Being able to identify and block mule networks swiftly may help some of these victims from descending into a life of criminality.
But Digital Identity goes beyond stopping fraud and criminal activity. It can also drive economic value and enrich the lives of individuals. Consider cross-border e-commerce, providing the consumer the ability to source goods from anywhere in the world. Whilst more and more organisations are opening up their sites to cross-border purchases, decline rates are up to 6 times as high as for purchases completed within country. Much of this is due to the lack of any data linked to the buyer – an issue that can be addressed by the use of global Digital Identity intelligence. This rich dataset is also being used as part of a wider approach to explore ways to facilitate small lines of credit to individuals for whom there exists no type of credit file for conventional loan facilities. Financial Inclusion in developing economies is extremely important, especially in impoverished regions, and such technology can enable better inclusion and transparency of transactions occurring in emerging regions. Money continues to move, digitally or offline, but inclusion into digital society allows for prosperity and financial growth of individuals in the future.
In conclusion, customer data should always be protected, but this doesn’t mean that it shouldn’t be available to be used responsibly to empower and inform decision making when protecting those very customers in their daily lives. There is no better example of this than in the digital world, where Digital Identity technology exists to help protect customers from fraud and root out criminal activity linked to financial crime. Aligned with the global digital economy, cybercrime is a highly networked, complex and ever-evolving beast. It needs to be mitigated with the same approach: networked, layered, inter-connected defenses, operating without borders. We should actively promote the use of global Digital Identity technology, provided that the fundamentals are in place to clearly protect data.