KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Business is undergoing change. The Digital Transformation affects business models and changes the way businesses interact with their customers. A seamless customer journey is a key success factor for the digital business. This journey starts with attracting the customer and includes steps such as registration, Identity Verification and the authentication of customers when they return.
Business is undergoing change. The Digital Transformation affects business models and changes the way businesses interact with their customers. A seamless customer journey is a key success factor for the digital business. This journey starts with attracting the customer and includes steps such as registration, Identity Verification and the authentication of customers when they return.
Good afternoon, ladies and gentlemen, welcome to our call. Webinar identification, identity verification, and authentication made easy. T verification is the first step in the journey of the digital customer. This webinar is supported, basically gut the speakers today are tr Eric sets us whose vice president of identity and innovation at CCO and me Martin I'm co-founder and principle Analyst at Cola.
Before we start some quick information about Cola and about the flow of the webinar colas independent Analyst company, which operates globally and provides information in the areas of information, cybersecurity, identity management, and governance, and other areas concerning the digital transformation we do. So by delivering advice for services such as benchmarking optimization, strategy, support, project guidance, and other areas.
And we do so obviously through our research and through our events, our next large upcoming event, aside of a couple of webinars and other types of events will be the European identity conference 2019, which runs mid may next year in Munich. It's number 13, the series of events. You definitely should not miss that event and said this, some guidelines for the webinar, you are muted centrally, so you don't have to mute or, or mute yourself. We are controlling these features. We are recording the webinar and the podcast recording will be available by tomorrow.
And there will be a Q and a session at the end of the webinar, but you can end the questions at any time during the webinar so that we ideally have a significant list of questions by the end to walk through. With that, I'd like to have a look at the agenda for today. So our agenda is as usual split into three parts. There's first part, I will talk about moving from an inside, out to an outside in perspective. When we look at identity verification and authentication. So how can we take the perspective of the consumer or customer and make his life as simple as it can be?
And the second part then from Eric sets us will look at today's reality based on results of an onboarding survey. He will look at what is happening and why customers tend to about onboarding and how to do it better. As I've said, the third part then will be our Q a session. As I've said, the more questions we have the better it is. So feel free to the questions at any time for our largely discussion. By the end of our webinar, I wanna start with a picture I've created quite a while ago, but I think it's still a very good fit for this webinar.
So we are today in a situation where, where everything and everyone becomes connected. People are part of organizational act on behalf of organizations. They work with organizations, they use devices, they use things, devices and things to even communicate directory directly smart Watchers, provide other devices, provide information back to organizations and so on. So we have a very complex scenario here. And part of the scenario, this is why it's essential in the context of identity, verification and authentication is that in fact, there are two things.
And the one we have far more connections where we need to be identified where our identity needs to be verified by organizations, and we have more and different ways of authentication. So we might authenticate indirectly through an app running somewhere. We might do it directly. So the scenario organizations are facing is changing. This makes the life of organizations to some extent, more complex when it comes to these topics than it has been. And also some years ago, I put together seven fundamentals of future identity in access management.
And for, for digitalization of business, I have a strong, I'm certainly convinced that identity is the clue. It's really the thing which we need to get done well so that we really can work optimally with our new digital services we provide. So one of these fundamentals is this entire thing is really about more than humans. It's also about the identities of things, devices, services, and apps, but even more relevant in the context of this webinar is the second fundamental. We are factually dealing with multiple identities.
We providers that times where we had sort of only our own organizations, the identity provider there, this is factually passed. So we have external providers, social networks, other types of providers. And that's where significant sign comes into play, which also helps us to deal with different providers to enable providers, to do things better. We have also attribute providers which provide different information. This is also one of the strangers. People have different identities. They might even change the identity they use over time.
So they might switch from the one social network to another one or whatever we need to be able to deal with. We will have having factually multiple laws indicators. So we must be able to work with them. We might even have different a indicators for different use cases in the context of the same relationship between an individual and organization, where we say for certain types of interactions, we need to better approve. We need to enable all that. And we need to enable it in a way which works well and seamless for the customer. This is something which is not easy.
We have relationships to manage. We must understand the context because the context also influences the risk of, of access, of interaction of transaction. So basically that was what I put together a couple of years ago. And so in the context of identity verification, authentication things like multiple identity providers, multiple authentications, but also dealing with the risk are essential aspects. We need to understand, and we need to deal with it where we need to find well sort out seamless convenient ways for our customers and consumers.
So ever growing number of people we have to deal with to do so. And so when, when you look at how is this entire evolution from sort of what enterprise entity management is an it has been for, for a long time towards what we really need and things like consumer identity and other stuff comes into play. And part of that is also, so this is for which goes a little bit beyond the verification and authentication piece, but I think it's important to put it into context. So what we do, we really need to achieve. So we need to deal with more people than ever before.
We need to authenticate customers. We need to authenticate consumers and we need to know them good enough to do the business we need and want to do with them and to serve them well. And part of that is really understanding who is it and authenticate him and make this experience of verifying him seamless point. I'll touch a couple of times during this webinar. So traditionally we look more at processes like user life cycle, the access, providing some signals and on keeping ed access under control, which the should to consumer identity.
One of the important things which comes into place, we need to look more at the customer journey. So how can we make this customer journey simple? How can we minimize drop off or drop out rates? How can we avoid people, abandon registration, but we also have to adapt to boss indication part, which is as two elements, the one is being adaptive in the, regarding the type of a indicator.
It should be as convenient for people as it can be, let them use what they want, not what you want, but also ensure that they can use some, which is strong enough for certain types of interactions and actions that leads us to some sort of KYC. So there's this KYC aspect, which comes very much from the, from the box in the lower right edge, these regulatory requirements where banks have to have a lot of formal regulations, but I believe KYC in fact is more it's knowing our customers well enough to serve well again, verification identification is a part of it. So we need to have formal process.
We need to support the regulatory requirements, but the better we are in, in understanding this is smart. Or even if it comes in with different logins, with different identity providers, the better we are able to serve. And in the context and within the, within the constraints, regulations such as GDPR are setting. So we need to know the customer well enough.
And ideally we are in a position where we are able to connect different types of users, using different types of devices coming in on different ways, which need to, to support 'em in a, in a, in a, in a consistent wave logically seen, physically seen that might be more than one thing, but things like directory, the access, the authentication piece need to be in there. And identity verification, authentication is entire flow is an essential piece of this entire journey to provide access to the various types of applications people need to access.
And we need to think about how can we do that better than we commonly do it. And I believe you do it in most cases, we don't do it well when I look at how many websites I have to register again, and again, I would say on average, I probably have two or three registrations a week for different types of services, at least registration request. I don't do all of them, but it happens again.
And again, it's cumbersome and it's not convenient. One of the things which I think leads also to some of the challenges is that there's a misconception regarding the perspective of ownership. So the one element is convenience. Customers want simplicity. They don't want additional costs. They want to work the way, which is convenient for them. On the other hand, we have this notion of the business that wants to lock what they perceive as in very, very, very big quotas, their, their customers.
I, I would say it's not really their customer. I, I don't feel, don't really feel that I'm owed by someone. For instance, they feel authenticators might be a risk and they feel if they so to speak old, they can better control things and can do better assurance. I don't think it's really correct. And over the past, whatever two years or so, I had a couple of conversations at workshop with customers where I looked at, where we worked on a misconception that the customer record is directly tied to the authentication or the identity provider. And in fact, it isn't.
So when we, when we look at this flow, so we have a customer consumer, who's using an authenticator that authenticator might be something which was trusted finger on the fingerprint reader of a smartphone, which is totally disconnected from the service I'm using by the end. It's that totally disconnected.
In fact, I get access to an app. I use to access the service, but it's the service in the backend doesn't really know about it. It doesn't really need to know, okay. It also could be a username and password browser. I use this authenticator for an account. It could be whatever Amazon or social login or another type of IDP or brand of a company or whatever else. There's a very broad variety.
So I, to an account, and that might be, if I'm a company, it might be my own sort of account, or it might be something which is not my account, which another identity provider runs and this identity provider that might connect to me and say, okay, I've a indicated to this account. And because you know this account and do the next steps here, just when you say, go in with Facebook or whatever else, provider hold certain information. So Amazon stores a lot about inspires Facebook, a lot about its users. It might be also the account details in your organization.
Obviously these Allison, Amazon Facebook will share everything with you. But in fact, from this identity provider, you're rooted to the backend application and that's where the customer record finalist it's, that's where you, part of this interaction with the customer happens, where you store the information about, okay, Martin Cooper bought that from me. Martin Kino did that.
And that, and that this is your customer record, which is different from the Amazon record, from the Facebook record. Cetera. So this is something you can't disconnect. The authenticator, you can disconnect the account and the identical provider from your customer record, the customer record is different thing. And you might then use this, obviously what you have in your customer record different purposes.
That might be the serum E P that might be some of used for content handling, whatever else it's, from my perspective, super important that we clearly distinguish between these various levels and, and understand that we have flexibility in this entire process, by relying on external services services, such as actually sign, which provide power of such enablement. We shouldn't even try to do everything ourselves. And within this entire journey of customer, my perspective is that low I'm convinced the conviction is that KYC, sorry, more formal KYC process is really low hanging food.
Why from business perspective, the better we do it, the more expensive it is. So when we do things which are based on, on video identification, other stuff that is not cheap, and the number of dropout is reasonable for that's just because it's cumbersome for the customer and consumer.
So for me, registering again always is cumbersome. And I think about, shall I do it? Is it worse? And the more effort is the more I think, and if it's too cumbersome, too time consuming, I, I just say, I don't do this. I might even say whatever for telco, but even different mobile phone contract, forget about it. I just walk into your shop and do it there because that might be more convenient. Or I do it with someone else because I trust that I don't like that approach anymore. And so obviously there's a benefit for a business in doing it better.
There's a benefit for the customer doing it better. No one wants to do. Today's more complex KYC process like we have in the finance industry like you have in telco and other industry, no one does want to do it twice. At least most people don't like to have the same experience. So what we really need to do is we need to, to, to change our thinking. A lot of this is from my perspective, still based on the fact that businesses think too much from their own perspective.
So what fits into their environment, what works best for them from an authentication perspective or this authenticator, it's not too expensive. We can deploy it easily. It works with our infrastructure. This fits into our processes and customer consumer, do what we want you to do. I don't believe that's the right way to deal with customers. If you want to be successful, if you want to be successful, do it the way which works best for them, support collect only what you need in PII support. Their way of authentication have processes, which are easy, seamless as they, as much as they can be.
There's always some limitation in there from a regulatory perspective, but a lot of stuff can be easier, be flexible, support different, do what your customers want to do factually there's. And I think a lot of this driven by, but still that a lot of things we do in identity is more driven from the, the established enterprise identity thinking and the primary focus of enterprise identity thinking factors, security, which is important. But from a consumer perspective, the primary focus is not security. This is sort of a minimal requirement.
So because you always will expect that you ensure that things are secure enough. He never will feel guilty by the way. So his primary focus is convenience and they want to use it the way they want to do it flexible as they can to. And if you change the smartphone, it moves from fingerprint to whatever else, or if there's a new type of device, which is happen, whatever one or two, three years from now, it should work seamless. They might want to change a preferred authenticator, all that should be supported. So it's really that. We need to understand that thinking is different.
We need to ensure that secure enough, but convenience has a far higher impact than we need to stop thinking from our security, from our, we always have done it that way from our, this fits perfectly well in. We need to be secure. We need to be, do it secure enough, but we need to go beyond security and understand what we really need to do to make this easy for the customer so that the customer really uses it and can use it the way he wants to use it. With that. I will hand over to Trump who will do the second part of the presentations and talk about today's reality.
Look at survey data and explain how you can make this more convenient to the user. Try it's your term. All right. Thank you for the introduction, Martin, and a very good overview of, of this space, which is, is a rather complex space. I'm gonna talk somewhat what we call the battle board, which is a report we did on this, on this topic. Just one slide on, on what we do. We deliver verified identity solutions to regulated businesses, to keep it very simple.
Our focus is the regulated businesses, which have more than average requirements on onboarding authentication and electronic signature and seals. So Twitter battle to onboard. This is sort of the main conclusion that more than 50% of people abandon a digital onboarding, that means more than half the people that have started a process to become a customer. They go away before they become a customer. And this is a large number, and this is something that really should worry banks and finance institutions that they have so many custom potential customers that don't go through with the process.
The battle to onboard is part of horizon 2020 product we are doing the project is about doing identity assurance as a service. So it's within the recent 2020 framework for, for getting new innovations into the European market. And as part of this project, we've done this research. We did a battle board, one in our pre-project with the more limited geography and interviews. And then the BA onboard two, where we interviewed people in these four countries that you can see to find the results. And like I said, the results were more than 50% abandonment on the onboarding of banking applications.
And the even stranger thing is that the number had gone up since the battle, the onboard one. So in the two years, since the first report, it had become worse. We used to say 40%. Now we say more than 50%, and then you can ask, okay, why what's happening? Why do people have done so very simply put the top is typically the amount of personal information people are getting restrictive or what they want to share. They don't always understand why do I have to share all this information? And the onboarding processes typically asks for a lot, you have to fill in forms.
You have to upload documents, take photos, etcetera. So that's the main one. It's also the time it takes often these processes includes that you need to maybe print some physical document. That's sending the post, which of course takes time. Or you have to even go to the branch office as part of the process, which of course nobody wants to do anymore. So the time it takes is another factor. And then of course the physical delivery of info, which then affect the time that you have to print some papers. Why do I have to do that? People want a simpler way of doing it.
Also confusing language is another one. It was a pricing to see Sweden as one of the countries, Sweden is very strong with the E with a Swedish bank. And it should be very simple to sign up to a new bank using bank already, but it turned out these onboarding processes are providing or trying to provide a user with information what's happening. But that is confusing. It's difficult to understand what is going on. What are you doing? What's gonna happen when you do the next step? And then there are some other factors as well, but these are the main one.
All the details are in the report, by the way that that you can download. So where we're talking about identity assurance or onboarding or KYC, what is this about? What is identity assurance? It boils down to knowing who you are dealing with. You want to know the identity of that user and why do you want that?
Well, if you are a financial institution, you have the regulations, you have the KYC and you have the anti laundering directives that you have to follow by law. You are, but even if you're not under these regulations, there's always the risk factor. Will this user fulfill his obligations, whatever they may be. So the two parts of it, it's the regulations and it's the risk and the challenges. It's the time it takes.
Well, we looked at the report time. It takes for the user, but it also time for the, for the bank or the service provider. How much time do they have to do? What about manual processes, et cetera? It's the user experience. That includes what I mentioned about the language. The geographic reach is a challenge.
Of course, if you need to meet physically or you need to send some document, well, meeting physically greatly limits your geographic reach. Sending documents will increases the time a lot. So that's a challenge. And of course, it's the cost on the banking side, it is expensive to onboard new customers and we need to, you know, make this cheaper. And especially if we start the onboarding, paying a lot of money and the user just runs away, we also need to understand what what's the user motivation for this often, the user may just be curious. I just want to check out.
I just want to look around and why do I need to provide this all day from is all this information? I'm just checking out this. I'm not really sure if I want to become a customer yet, but if you compare that with a, with a physical bank, you can walk into the bank. You can have a look at the building. You can talk to the tellers, cetera. Nobody's gonna ask for your identification in that case. And it's similar, right? You want to check it out to see how is the banking app?
Okay, this is look good, et cetera. And the other end of scale, I wanna buy house. I want to borrow a lot of money.
Of course, as a user, then I would expect to be asked a lot of questions. We used to that, Hey, I'm gonna borrow a lot of money.
Of course, I need to identify myself. And I'm not really worried about that process, right? So we need to distinguish between the, what I call the simple, just getting the user board, getting the relationship going versus the full KYC compliance. And it's all about getting the balance, right?
The cost, the regulatory compliance and risk and the abandonment rates to balance this. Right? So let's look at an example. So a third of this example where John on the left wants to sign up to the bank and the bank needs what I like to call a reasonable degree of assurance. And the bank in, in this case could define two thresholds. So at the bottom, as we go through these examples, you will see the assurance bar is going to increase. And then the bank can say, well, when the assurance is at level threshold one, well, then you can get in. You can start using the banking app.
Maybe you can use some, you know, some micro payments and stuff like that. But if you want full functionality and, and use it for full, well, then you need to reach threshold two. And again, this is just an example of how this could be done. So typically the process could start with John providing some basic information, typing in a form, filling in his name, phone number of happens to insurance, right type.
This, there is no verified information here at all, could be sending a text message to fault a one time password. We're getting more and more used to that. I'm typing in that password. And now we have so assurance, at least we know that John is in possession of this phone. So we have a verified phone number that could be, we could ask to upload a self portrait that could even include liveness verification. So that would maybe increase assurance a little bit more.
We could do something like sending a onetime passport to the, to the phone, and then tell John, write this down on a paper and take like a workshop or yourself holding up this piece of paper. Well, now we have a verified. This is gonna be much more difficult to fake. And maybe at this stage, we have reached stress. Once we can let him meet.
We, we are satisfied with what we have and then get the relationship going. And then at the later stage we could say, well, now we need to know more. So let's ask who your passport don't uploads his passport that increases the assurance even more. We could then also do a lookup in a registry verifying that the passport is valid, verifying his name against the passport, verifying his photo that we got with the photo in the passport. So now we have a lot more, this could also include pep lookups for political exposed persons, which is an important part of the AML directive.
Maybe there still needs to be some, some more check. Maybe we're still not happy. We could then go to a manual check, have some employee at the bank, verifying this information manually.
Of course, this is really what we want to avoid. One, because it's costly to have this employee sitting doing it. And also because it takes a long time compared to just doing it, but this could always be a fallback or you could even go to the, well, I want to have conference.
I want to, so we could do video conference, interviewing him to verify even better. And all of these steps are examples of how you could combine these into a flow to increase the insurance.
So I said, just an example, both of thresholds and the number, or, and also the various methods. The point is building this up gradually, don't ask for everything upfront, few words on Eid, which is probably familiar to most of you by now, it's a European union regulation, part of the digital agenda. And it's about to boosting trust and convenience cross border, and providing widespread use of E interest services. I like to call it harmonizing of E interest services in Europe. And this is, this is mandatory for the states. So E talks about electronic ID E and what is an ID?
Well, it's a centralized typically commonly adopted and trusted identifier that you can use for multiple services. I mentioned Swedish bank ID, which is typically an E ID, which can be used for many different purposes. And bank ID is a verified electronic ID. And that's important. We need in, in the regulated business, we need verified identifiers. Also look at Google, Facebook as electronic IDs, but these are not verified. And what the Ida says is that these ideas shall be recognized cross border, which means I shall be able to use my ID from my home country.
In other countries, the ideas has three assurance level, low, substantial, and high, which is about a degree of confidence in this identification. So if we go back to the same example, this might be very simplified. Instead of going through all these steps, John would just authenticate with his home EER D and depending on the level of assurance of this with low substantial high, he may or may not read, reach one of these thresholds. So we can avoid all these steps and just doing this E I D verification and E either society. This is basically how onboarding would work.
For example, in Norway, Sweden, you would use your bank Audi, go to a new bank authenticate with your bank. I, and you would be a customer. You would not have to go through all these steps. Thes focus is to make this cross Porwal, there's some challenges still with the, I mean, it still is this infancy still not sure what kind of information will be provider. How do we handle the national identifier in the countries where that exists is the level of assurance harmonized across the countries.
Will countries also trust this will one country trust the level of assurance over another country and will it be sufficient, for example, according to LD. So, but this is something we will see. Now there's a lot of work going on on items for, for doing this. And I would see this as an important part of the digital onboarding. So then question the users want this. This is important because as Martin mentioned, we need to look at this from, from the outside in and not the inside out. We need to make this so the way the users want it, we need to focus on the users to have a good user experience.
So again, back to the battle of the onboard, do they want digital onboarding? That was a question asked.
I mean, do they want to have a no paper onboarding? And the answer is, as you can see overall, yes, this will increase in version rates. If you can do everything digitally, that would be a lot better. Would you want to use any ID for opening a bank account? Yes. Consumers want ID, not surprisingly.
Sweden has the highest number and probably because most people are familiar with an E ID is I guess if you go to, to the other countries, a lot of people may not really know or understand what an ERD is and how it can be used, but even so the numbers here are fairly high and who do trust with the, and this was also quite interesting, who do people trust, who issue the electronic identifiers? And in general, we see that banks, Trump, Trump, governments, banks are more trusted in general than governments. Netherlands in this case is the example. Germany has a very high difference.
And also in the Nordics, the typical model is that it's bank, that's behind this, the bank ID in nor Sweden. It's driven by the banks and then government and others are using it. So coming to my summary, if you look at the three ways of doing onboarding the traditional way, where you have to walk to an, an office or branch and do something and then walk home, this guy walking looks way too happy. By the way, I wouldn't be so happy if I had to, to walk to there. But the time is, is high. The cost is high. The user experience well depends, but I mean, probably not good.
And the reach is low because you can only reach people within a certain geography. If you do a digital onboarding, for example, the steps I showed with filling in the form and the selfie and the, and cetera, the time goes down drastically. So does the cost and the user experience is getting better and you are increasing the reach. And of course, using an E I D and especially with Eids time is really gone down. The cost is also much lower. And of course the user experience is really good because you are using the same E D that you're used to.
And of course, especially with the E the reach will be all of Europe, which of course will be great. So in general, consumers want Eids and they mostly trust banks. They want to do digital onboarding, but don't ask for too too much information too early, don't ask for everything upfront, make it simple for the user, make, use simple language, make it fast, make it easy to get started, and then ask for more information later. And of course, ERDs will simplify, onboarding, but cross border. We still have some challenges and we'll see how that goes.
And then it's all about is balance cost, risk, and regulation and abandonment. Okay. So that's the concludes my part of this presentation. You see the link to the, to the document here, if you want to download and look at it, and then I'll hand back to you, Martin Tr thank you very much. This was very insightful. Also with all the numbers. We also have already a couple of questions here, sore back to my screen, and let's directly move, proceed to the Q and a session.
So, one question I have is when, when you did the survey, you also ask for, for telecoms as someone who could play a role in there, government, Did we also ask if, if telcos, I, I can remember exactly what the details of, of that was. So the, the categories we had was, you know, banks, government specialist, organization, and I guess telcos would be part of that must admit, I can't remember specifically, you will find that in the report.
Okay, cool. Because I remember we did a couple of years ago, we, we asked probably a similar question and it also turned out that banks are clearly above government, but telco all, we're also sort of by not treated as a specialist quite high, but I believe there's a, there's a demand. And I think there's what you are telling and what we see, there's a, there's a role, certain types of organizations can play well beyond their own business.
And so, so perspective I have from that is also, if you do that, and that is something we shouldn't underestimate in this entire story, if you're the ID provider, then you're the face to the customer and being the face to the customer, even if you're sort of just the ID provider for someone else, you are in a very central role in all this interaction. So you're the front line to the customer, cause you are not in the back of this line.
So to speak it, I think this is something which adds to why should organizations invest into playing such a role into such constructs because it gives them the direct direction, far vital, far central role into place the customers. So we have a couple of Completely agree on that. And I mean, I, I come to find that are four different kind of organizations in the society that would be able to hold that role. It would be the government and the banks as mentioned, you mentioned also the telco.
And I think finally the postal service is also one of those trusted, which has a very high reach in society, but banks is actually the organization where most people are in contact with, on a weekly basis where you constantly, you know, contact. And as you said, very important to, to, to be that provider, to have that first contact with the user. Yeah. So another question around banks is, and I think this, this follows what we just discussed. The question I have here is what is preventing the traditional banks from deploying a gradual onboarding as explained.
So what are your experiences for the reasons behind that? I think there are, I mean, two reasons, one banks are very risk focused. They're very afraid not to follow the regulations and, and of course they, they should be. And combined with that, they, they additionally look at onboarding as binary, either you are onboarded or you're not. So they don't have sort of a system or a process for managing different levels of assurance. How much have our verified. And of course banks are the big organizations they take time to, to move.
And like I said, a combination of this being very binary on that, that onboarding and very focused on the risk. Yeah. I think another thing I might might want to add is here that I think this, this Alliance, to some extent, the slide ahead around custom record and authentic other stuff, there are different elements of that. So you can rely on, on certain types of strong authentications, you can provide stuff while not owning every part of this process. And understanding this I think is, is an important thing.
So if someone comes with a shared ID like that as Swedish bank ID, it, it still doesn't mean that you lose sort of all business with the customer, things like that. So to speak the other, the other thing is, I think there's understanding of, oh, I invest in a new technology, but I might end up as an awesome indicator or an ID, which is used by someone else. I have sort of enabled my customer.
I, I think what frequent isn't understood that if, if a, a number of organizations collaborate on that at the end, it'll be always a fair share. It's just by, by experience and by how such models work at the end, the one who has more customers from the start will probably invest a little more. The Analyst a little less at the end it's will be pretty equal, but all will benefit more than they will invest.
And I, I believe it's sometimes there's a thinking of, oh, we might invest into a few customers which do more businesses, a different bank by an ID we do where we do the verification, instead of understanding that the benefit they have from the central ID, from the better onboarding from being the interface to the customer, that this benefit is far higher than they, than whatever they sort of could in very, very, to us lose or give to someone else. Yeah.
I mean, I, I completely agree. And I mean, that's what we're seeing.
I mean, if you look at Norway now where, I mean, the banks issued the bank ID started in 2004, and we see now that we have 93% coverage of E I in Norway, the average Norian uses bank ID three times a week. And we've also seen, I mean, just another number on that typical interaction with the government is once or twice per year, right? When you do your taxes, when you take, we saw now I just pulled out the numbers from October this year, each nor which on average contacted the government twice in October only.
So the E I D encourages, you know, more interaction simplifies and we're using it for a lot of different things, including onboarding, which we were discussing here, simplifying that part. Yes. But he will not get a critical mass by government use case. You got critical mass, but sort of everyday life use cases with far and more government use cases, only being hardly positive ones.
So if you have a whatever smoother process of getting a new number blade for a new car, while some of the government process obviously are more the side, so you really don't like to do them, but you have to like everything around X. Okay. Next question. You touched already the stuff. How far are we with the E Ida implementation right now?
Is, is it maybe also that some countries are, so I take Estonia as an extreme are, are, are far for further than other countries are like, like Germany where the national E I D has a very, very low acceptance rate. Well, Estonia is of course, very special. They have managed to get a government driven E I D, which is used by everybody for everything except marriage divorce and spelling and buying houses.
So they, they have succeeded extremely well in that they have really strong government drive to make that happen. Of course, E I D in Europe, in general, as I mentioned in Germany, I mean, you have now three different scheme in, in Germany, but they're not really widespread use yet. So that's one part, I mean, the lack of E in the countries and the use of them, and, and also these games need to be notified what is called I use so far only a few countries have been notified also important to remember that E I is made initially for public services only.
There's nothing preventing private services from using that, but the idea behind this is public services. So, I mean, the most typical use case is the students starting a board abroad need to get a bank account when get a job and making money on the private. That's a very good use case. So it's moving, it's still gonna take some time. I think before I really can use myin bank ID all over Europe, where I think it's gonna happen, but with need the patient. Hmm.
So, so what you're also saying is it'll let necessarily be a national E I D it might be any type of E I D as long as it, it has sort of sufficient doctor rate. And if it's conforming with I, there will be others like, like the ones you have in, in various naughty countries.
And, and what would be the alternative then from your perspective, if there's not that E I D in there. So will it be the onboarding based on, on biometric plus ID scanning or what will be probably the most used approach alternatively, to that?
Well, that that were back to, I mean, we do have all of us have this universal identity token that we carry with us whenever we travel and it's called the passport, and that's sort of what we use in the physical world. And in the lack of the E we will have to present that somehow and scan it and go through this process I presenting, and it's gonna more cumbersome. So the E I D is in a sense, the digital equivalent of your passport, you can use that for all these purposes. And as you said, I mean, you have these notified S which are the publics one with the nor bank ID will then be notified.
And that's not a public ERD. It's, it's private scheme owned by the banks. Yeah.
But, but thanks. You cut your RA agnostic regarding the approach you enabler, so to speak for, for using different types of approaches from different countries, for different use cases and different levels of assurance, correct? Yes. I mean that, that's our approach to this. We're creating a platform we're plugging in all these E we're plugging all these different methods for doing this identity assurance. And we are allowing our customer to decide themselves, what do you want?
What, how much information you want to gather, how much complexity you want to put in it, how much trust do you need? So we give this platform and give our customers the option to, you know, build this together the way they want.
Okay, perfect. I think we have answered all the questions. So thank you very much, John, for your presentation, for the insightful Q and a session. Thank you very much for all the attendees for listening to this call, webinar. Hope that is suited back at one of our auto webinars or conferences. Thank you. Have a nice evening. Bye.
