An opinion from Trulioo, an industry player in ‘Identity’
When trying to understand the new ‘Advanced Electronic Signatures’ (eIDAS)* regulations set to go officially online in the EU in September, it helps, Trulioo GM Zac Cohen told Karen Webster, to take a step back and look at the general purpose of the European Union. If one were to take a very quick trip back in time to the year 2014, when the eIDAS regulations were first passed, they would see the EU was lagging behind when it came to offering the same single market harmony that was the expected norm across most trade relationships in the single commerce zone, Cohen told Webster.
“I think what they were seeing is this convergence of that vision and value statement they have [for the EU] and the reality of how much of consumers’ lives are lived online,” he said. “That single market for goods and services was very much tied to historical notions of commerce – and they realized they had that same common market for the next generation of commerce, which is eCommerce.”
These regulations that are going online now, Cohen noted, are part of a bigger story of building digital inter-operability and creating a single common language for logging transactions and activity. Which, he added, is why regulations like eIDAS are all about trust in general – and trustworthy digital identities specifically.
From Diffuse to Cohesive
For any modern economy to efficiently function, it first and foremost needs to feature effective identity systems, Cohen noted. He said that identity is the cornerstone service, because it enables all involved parties to trust in the transaction itself. The problem in the EU today – in the pre- eIDAS world – is that currently, different member states have different digital identification schemes, and there’s very little standardization or cross-border cohesion.
That means what works in one member state almost certainly won’t work in another – and there is no such thing as a portable digital identity. Anytime an EU citizen relocates to a new member nation, they have to start over with establishing their digital identity. It’s a process that generally involves manual documents, in-person checks, third-party notarizations and multiple government-issued identifications. It’s both inefficient and unpleasant, Cohen pointed out – and hopefully a bit of unpleasantness that will be ameliorated by eIDAS.
“The two biggest pieces of the new regulations are around eSignatures and creating a digital identity that can cross borders. The problem it is directly solving is making it much easier for someone new to a member state to be able to access public services.”
On the eSignatures side, the new regulations make it easier to provide an electronic signature and to guarantee they will have legal standing throughout the EU. The regulations do not come with any specific technology recommendations, but do come with guidelines for time stamping, electronic seals, electronic delivery and website authentication.
The area of regulations that is a bit more relevant to Trulioo – and much more directly in line with their goals – lies in digital identity.
“What these regulations will basically mean is that if I as a consumer create an electronic ID in my home country to access services, I will be able to go to any other member state and leverage that same local ID to use the public services in my new country,” noted Cohen.
A Changing EU (and Landscape)
The EU, Webster noted, was not quite the same place in 2014 as it is in 2018. In 2014, the idea that the U.K. would be stepping out of the EU via Brexit would have been a genuinely shocking notion. Today, it is a rapidly approaching reality.
But, Cohen noted, though the landscape in the EU – and the rest of the world, for that matter – is ever shifting, the constant for any player is looking at the systems as they are developing, and then thinking about how they can best take advantage of what is happening on the ground.
What is going into effect in the next few weeks, for example, only directly affects the public sector, which is required to have created and submitted its eIDAS-compliant rules by next month. As of now, the public sector has announced no timeline for when they have to accept or use the EU-wide identity framework enshrined by the eIDAS regulations. But, he noted, what is going into effect will have far-flung ripple effects, as the rules and infrastructure it puts into place will make it easier for private sector firms to accept and implement similar processes.
“I think this will look a bit like GDPR – even if it doesn’t directly hit you, it will end up being something you need to take into consideration if you are working with a global base of consumers and businesses,” Cohen said. “The market that is the EU is so big one would have to be pretty short-sighted to ignore what is happening.”
The Rising Trend
Cohen noted that Trulioo can’t help but like at least the intention behind the EU’s push toward unified digital identity, since it in some ways mirrors the services the platform and network provides for private firms. And, he added, they can look at the now emerging EU digital IDs, which create an opportunity to tie the platform’s offerings to the emerging digital ID infrastructure.
“I think what I am going to see in years to come is Trulioo customers coming in and wanting to launch in 20 or 30 countries at the same time and tapping into this new way to validate customers,” Cohen said. “Trulioo is in a position to create that connective tissue between those two networks.”
And he doesn’t believe Trulioo will be unique in this regard. Once that infrastructure is out there and functional, he thinks that private firms will look broadly to see how it works, and then build off of it using their technology to improve its operation of functionality.
Because, he noted, in the EU – and also in the U.S. and around the world – the trend line is established, and clearly pointing at real ID and portable digital identity. There are always ways for this go to wrong on the regulatory or implementation side – many governments have started out with their hearts in the right place, only to have implementations go wholly pear-shaped. But, Cohen noted, so far in the case of eIDAS, as milestone are being cleared on the way to September’s deadline, this looks more like an opportunity to radically simplify and improve the digital environment.
“What we have been working toward all these years is to make the environment less complex,” Cohen said. “And I think what is emerging here is something that will start on the public side that can work hand in hand with the private side – and to have both sides grow and feed off each other.”
*Karen Webster is CEO, Market Platform Dynamics. Entrepreneur, advisor and board member for companies operating in the payments/commerce, mobile, software platform, technology and digital media industries. Platform innovation and monetization is a key focus, particularly in the commerce sector. Founder of PYMNTS.com, the industry’s leading B2B marketing platform. Recognized industry thought leader and frequent industry speaker, ranked among the top 10 money and finance writers on LinkedIn and among the top 50 retail industry influencers ranked by Vend University. Author of numerous published articles and whitepapers on payments, mobile, social strategy, product design, pricing/incentives, and customer acquisition, retention and loyalty.
**The eIDAS Regulation is an EU Regulation that sets out rules for electronic identification and trust services. These services help verify the identity of individuals and businesses online or the authenticity of electronic documents.
‘eIDAS’ is shorthand for ‘electronic identification and trust services’. It refers to a range of services that help verify the identity of individuals and businesses online or the authenticity of electronic documents.
What is the eIDAS Regulation? The eIDAS Regulation is Regulation (EU) 910/2014 on electronic identification and trust services for electronic transactions in the internal market. It came into effect on 1 July 2016.
Source: Trulioo Blog