Brands must reclaim trust by empowering data ownership
Article by Mobiquity APAC general manager Gustavo Quiroga.
We want to keep our data private, we want more control over how and when it is used, but we also want more personalised and contextual service offerings from businesses. According to Twilio's new State of Personalisation Report 2022, 62% of consumers expect personalisation from brands, and yet only 40% trust brands to use their data responsibly and keep it safe.
The discrepancy puts both customers and businesses in a holding pattern, and brand trust is the crux of the dilemma. If customers can't fully trust businesses with our data, then how can we expect them to offer us a better customer experience?
The first step in solving this problem is to give consumers the opportunity to take back control of their data in the simplest, most frictionless way. At a high level, this is what the Government's Consumer Data Right (CDR) service aims to achieve.
The CDR promises to give Australians more choice and control over how their data is shared within the system, and it can only be transferred to businesses that are accredited to access the service. Under CDR, you can request your data from an organisation currently holding it and provide it to another business that can aggregate and offer value-added services. For example, you could take your data from your bank and opt to share it with a third-party provider such as Frollo to receive access to budgeting and personal finance management solutions.
The CDR ecosystem has already opened the door to the Open Banking regime, from which we will see many practical use cases emerge over the next few years, particularly as we add insurance and superannuation data to the mix in what is being labelled as Open Finance.
These 'Open' ecosystems are particularly beneficial for important subsets of the community, such as under-banked Australians who lack a financial data footprint or savviness and, in turn, are depriving themselves of financial services that can improve their life outcomes in a financially healthy way. Using the CDR, banks and financial institutions can leverage alternative data to support consumers with an optimal outcome.
However, simply taking control of your data in this way does not solve the problem of privacy and trust. The third party still has complete visibility of all your data irrespective of the need for it, which raises a series of concerns from savvy and trust-led consumers.
This is where Self Sovereign Identity (SSI) comes in. The SSI system turns data privacy on its head and gives control of what is shared back to the consumer. A digital version of your wallet is created where you can store any and all credentials, be it your driver's licence, passport or even education certificate.
However, this is not to be confused with a Digital ID. The key difference is that SSI is the collection of personally identifiable data attributes of that physical or digital ID, which are validated in real-time through a confidential digital verification key that is issued by an issuing authority, such as a government body.
The most obvious use case for SSI is to think about going into a bottle shop: if the cashier asks to see your ID, physical or digital, they receive access to your actual date of birth plus full name and address, when in reality, they only need proof that you are in fact over the legal age.
Over time, this could essentially lead to a case of data abuse from vendors and their employees who lack accreditation to access such information.
Whilst CDR and SSI have developed quite separately, SSI builds on the principles of the CDR in that it provides an arch that bridges from a blanket approach to data access into consumers deciding how much of that data verifiers really need to see in order to provide a product or service.
It is made possible by emerging data treatments such as Zero-Knowledge Proof (ZKP) and Decentralised Identifiers (DID). Under ZKP, you can prove something about your identity without explicitly saying what it is, for example, your age or income. While with DID, you don't have to store that proof with any particular organisation.
Sounds far-fetched? Not really. In reality, there are many organisations already offering products based on SSI, such as ConnectID from Australian Payments (previously EFTPOS). However, one of the most complete and market available offerings is Datakeeper.
Built on SSI principles, Datakeeper is a new digital wallet built by Rabobank. It's a great example of a universal digital wallet application that facilitates identification, data sharing and electronic signing in a safe, fast and secure process.
Through Datakeeper, consumers can provide vendors with validated data, such as age and income, which is safely and decentrally stored on a user's own mobile device and nowhere else.
This essentially allows consumers to rent a car or apply for a mortgage all in the palm of their hand and eliminates the need to carry additional documents.
Empowering consumers to manage their own data in the palm of their hands helps businesses restore the trust economy by highlighting the value they provide in return for precious consumer data. At the epicentre of business today, without trust, wary-eyed consumers will continue to hold their data cards close to their chest in order to retain the little control they have left.
CDR is a great initiative in principle, but as we see new innovations such as SSI emerge in parallel, it's likely they are on a path to convergence. SSI takes precedence as it provides the opportunity to secure widespread adoption across sectors and build on the CDR to support various other verticals such as retail, aviation and more, creating a seamless digital ecosystem for all businesses and, more importantly, consumers to benefit from.
Digital wallets underpinned by SSI principles will allow consumers to share what they're willing to share, and understandably those that share more will receive personalised, value-add experiences in return for their trust.