So everyone should be able to see my screen as well for the slides. And as Annie has introduced, I'll talk about the first steps to consumer identity, access management, not in the sense of your project, but in the sense of where does your interaction with the customer, the consumer finally start.
So I'll, I'll talk about verifying your customer, authenticating your customer. And I'll also look at the role of KYC for consumer identity and access management, and also look at well, learning from other approaches might be beneficial to you to get better in what you do in consumer, not anti measurement. So there's gonna be a little bit more high level talk, looking at various scenarios and, and use cases and giving you some guidance that hopefully helps you then to get a good start into the rest of the, these two days we have at our customer CU tech event.
So I wanna start with some targets to look at. And the first targets for my perspective is with everything we do around customers and consumers. So it's minimizing drop off rates. So drop off rates in the sense of someone wizards your side, someone starts doing things and never registers.
And I, I have to admit I'm, I'm, I'm a person who is think very good in increasing dropoff rates, because if something in this process and the registration process and all the other things around it, which cookies to, to give consent for et cetera, something annoys me then unless there's a super good reason that I continue my journey with, with an organization I drop off. So there must be really good reasons. So the only way to get a product, I really want to have, for instance, that I ignore such things or that I say, okay, I accept them.
I don't like them, but I accept them.
But at the end, it's a challenge and minimizing drop off racism. Fundamental thing we've asked the chief is everything we do. And that is not only something, the marketing people, the people building your digital experiences must look at. It's also something we in the consumer identity access management space. So sometimes more the techy people must support. So that is the first thing. The second thing is minimizing churn rates. Churn rates are in contrast dropoff rates, which have met at beginning in the common definitions.
And as we all know, these definitions sometimes very are other rates of people not coming back. And so the first thing is obviously related to the registration for the onboarding process. The second target is related to how easy is it for someone to come back.
And again, if I look at my daily life, most of the websites, most of the digital services I'm using still rely on username and password.
So it means I have to work with secure passwords, not always using the same, which also means that I frequently don't know the password again anymore when I go back. And so this really boring old school approach of the case is something which increases term rates. Because several cases, I again have the situation and I say, okay, it's not so important that I spent the effort of for resetting passwords to other things.
So at the end, this leads to lost business. And there are certain challenges behind that. The first challenge is the verification. So is that Martin who wants to order something or who wants to sign a contract with the telecom or do something in the banking business or whatever. So it's the verification part is that the person, the person tells claims to be so Martin or not Martin, the second challenge is registration.
So getting some information, gathering some information about Martin, the one you really need and registration is when you look at drop rates quite frequently, that place where things trust, fail, because you then are confronted with this registration dialogue and say, okay, do I really want to go through all that? And sometimes you also confronted with questions about some of the attributes where you say, why would they need that? So what would be the reason that they ask me for that information? And that is the second element here. The surf challenge, that is the authentication.
That is what I touched around the term rates already. So this authentication convenient enough to do it again and again. And honestly, as I've said, when I look at most, most digital experiences, then they are not, not really modern digital experiences because if user name password is that only choice and it's so frequently is then digital experience in a modern sense is a very big word for them.
So there must be more, there must be different things. So when we look at this, there are various ways to do that. And they also depend on the use case on the scenarios you're working in.
And so the, the most rich scenario at the end of the day is where you have regulated use cases where there's a, where there are high requirements on the verification. And it's a very advanced use case in that case, you start with the verification.
So, and that can be sometimes annoying even while, so users get better, but I remember maybe two years ago or so I did, I ordered them mobile phone contract online, and that really wasn't funded entire video identification, which required me to restart it's three times then to, for series of mails, which were even for me as an text, every person, very cryptic. So things are getting better.
I've seen over the past months, couple of really good and smart solutions then is the registration. And it might be filling a lot of forms depending on the regulations.
Clearly you kind have, by the way, the same experiences by walking into the branch office of your bank. And then the first thing after saying, hello, Martin, is that you get a stack of paper to sign since your last visit for all these formal things so that, and yes, some things need to be done and you can't avoid it. Then you have the authentication. So you verify register your authentic, okay, this is the, at least in KYC, the mandatory way we can't do much around it. And authentication then also is about sometimes higher requirements on the level of authentication.
So if you look at PSD two in the, in the banking and the finance space for, for payments, then it is something where requirements are that you have a strong authentication.
So it must be good enough. It must be strong and it anyway, should be convenient. You might then have additional things like signing further documents in certain areas of retirement. Then you can do the transactions. And so it's, it's a long journey from, from the verification to registration, to the authentication, to signing additional documents, and finally having the transactions.
There are scenarios where you need to do it. And then if you, if you must do it, there's just, you can try to make verification simpler. You can try to simplify registration to make it more convenient. And you specifically can work on providing a better experience in authentication. And I'll touch this also in a minute again, when we look at some of the other concepts. So when we look at the, the standard consumer journey, which is in the lower lesser regulated use cases, then we have one thing more in which is, is important, which is consent.
So the everything else part, but at the end is also frequently. That starts with some form of verification. But we always need to ask the question first, when do we really need to verify?
Sometimes it is required to know a little about it for payment use cases, cetera, but when do we really need the verification? We should ask ourselves this question. And we had other events. We had some very interesting discussions and breakout sessions and others where we discussed the various ways to, to do these things. We have the authentication and we not even need to reregister until then.
So we not even need to verify maybe at, at that space, we don't even need to authenticate. So people do a lot of things. And then at some point when they really want to step into business, then we need to do some verification maybe, but even let's say I pay with PayPal. Then my use of PayPal in fact, is the verification of things. And my shipping address is a verification because if I enter something, which is just invalidate, the person never arrives, then it goes back, okay, a little cost, but it's in many cases, this is not really the, the show stopper for that.
So I can keep it simple and authentication. As I've said, passwords, yes, you might need them for sort of the downstream solutions for the ones who still want to stick with passwords, but think about what can you do better than passwords? What can you offer in addition to passwords? And maybe also in addition to passwords and Facebook logins, because again, that might be not enough. So think about better ways to do it registration at some point might happen or not. But the problem is that many people don't really don't want to Oxford registration process.
So keep it as simple as you can and, and whatever, if you have the shipping address as part of what, what you anyway receive during the payment process, if you can then ensure that, okay, there's three payment, the, the parcel ships to an address. And if it doesn't come back, then everything seems okay.
Then you can really simplify the process for the, for the individual, for the customer, for the consumer. And that is where you should look at you, then manage the customer records you have in the consumer anti management.
You might link them back in all these processes to some E R P systems and other things. And you also might collect information for doing marketing automation. So this is, as when we look at this, there are some fundamental differences to KYC process. So verification might happen sometimes, sometimes really at some place sometimes really indirectly authentication, not necessarily must be super strong, but honestly, if you use good modern approaches, we can do it strong and still convenient registration.
Don't put too much emphasis on having people registering early because this is, what's what carries them away. It's better to say, okay, right now you found what we want to do with us and then register, maybe you already have for the shipping, enter all the data.
And it's just saying, okay, do you want to reuse it and make it as easy as you can? And then there's different approach again. And this is what, where, where I think it's very worse to look at when we look at the different ways.
And this is the decentralized identity seem it's about reusing and simplifying to some extent, decentralized identity is still in its early stage. So we see a lot of evolution here. On the other hand, it's not really that new. So at coming call some probably more than 10 years ago, we talked about concepts such as what we call life management platforms. There's a lot of similarity to what is here.
Inized I, blockchain ID was a hot topic. Some 3, 4, 5 years ago. A lot of this led to what we see today, inized entities. So the idea is done to reuse the verification registration, to simplify authentication. So I have a strong verification here that is very common to decentralized identity, but it's a simple, it's a one time thing. And it's something where, where the providers of these concepts really try to simplify that. So you usually do it with your smartphone and a very efficient and very, very well sought on manner.
You then also have your authentication built in usually based on some sort of multifactor authentication involving your, your, your smartphone, but also could be other approaches. So it clearly goes beyond username password here, and you have data you put into your ID, and then you can control which of that information is provided upon an agreement you have there a another party. So it means you do the verification once, but you can use it for many. You can also indicate against a lot of providers potentially using the same authentication.
So it's not keeping tons of passwords in mind in mind, and you do your registration in once and you can reuse it still. What we see, honestly, a lot of, or most of the B I D implementations we currently see are limited to a certain bank or a group of banks or other financial institutions.
So it's still not really widely used, but it's potentially can be done because it's built for usability and your agreement decides on which data, the other party, the vendor, or whatever the organization can use. And still you understand as an organization, okay, this is smart thing coming.
So the marketing automation part, depending on the content and all the other things for sure still can work. So it doesn't inhibit you doing things, but it makes the life for the customer far easier. So when we talk about the drop of rates, we talk about term rates. Then we are clearly in a better situation. And when we talk about registration, then the other thing. So if there's little KYC required, if there's not a regulatory requirement to do a verification, we also can go.
And that would be, if you're not yet a decentralized identity, that would be, we say, okay, let's fill the people, their card.
And that's what I already said.
We, we check out, we pay and then we say, okay, maybe you can really directly register because if you want to come back, it will make your life easier. And if that then is easier, another, another, again, a complex step sometimes is then that creating that account is, is really to cumbersome. If you really simplify that part, then things become easier. And then again, processing marketing automation is not affected. So there are different ways. And I think it's very important that to step back and think about what is the right approach or what are the combinations I can offer.
So D I D can work smoothly with all the other approaches. And that leads to my recommendations right now. What is my number one recommendation? It is adaptive authentication, and it is adapted to the customer in the sense of the customer can use ways for authentication, which are good enough for what we need to do, but which work best for the customer, not adapted to what we just have currently in place.
It's the customer that counts. It is reusable verification.
So don't, so if there's an option to, to reuse the verification, that is, for instance, in the ideas, offer certain other types of identity providers, then do it because verification is so, and I, even if it's done good, it's, it's always a process. Follow the D I D evolution revolution. Look at it, look at what it provides when it's ready, what you can do there. There's a lot of, there are a lot of options offer options for the registration, make it as easy as you can, and always think about what you really need to ask. So what is mandatory? What is optional?
And I see so many scenarios where there's just an ask for too much of technology. And last, at least think beyond passwords because passwords are not a modern approach for modern digital experience anymore. That's it from my end. And I'm open to questions on side of that.
I'm hope, hope we can have a lot of, well, you will have a lot of interesting sessions over the course of these two days.
