Recent global events call into question the wisdom of hands-off regulatory approaches to internet-based services. The continuing flow of massive data breaches in which millions of customers’ personal and financial information has been compromised serves as a reminder of how critical identity protection is in the digital environment. There are different approaches to digital identity management, most of which are led by internet-based companies, particularly social networks. But none of these players can claim the trustworthy reputation that most service providers have developed over decades when it comes to protecting highly sensitive customer data. Given their experience, customer relationships and role as network owners and operators, it makes sense for service providers to emerge as leaders in brokering digital identity. Here are five compelling reasons why.
It only took a major social network about 10 years to become the dominant player in digital identity and then summarily destroy its reputation through a series of failures that culminated with what may prove to be the most sensational and damaging data heist in history. Contrast that against the decades service providers have spent complying with the tough regulations relating to customer information and telephone records without suffering a similarly massive breach. Trust is a critical aspect of digital identity, and service providers have a proven track record of protecting personal information.
For most people, access to the internet from home, work or via mobile is provided by a communications service provider or cable operator. As the source of access, these service providers are ideally positioned to secure the transactions, communications, information and experiences that traverse their networks in ways that over-the-top (OTT) providers cannot. From defending the transmission of credentials to protecting against spoofing or data interception, service providers can provide far more comprehensive security and defense to customers as they build and transmit digital identity factors.
If one isn’t worried every time he or she creates a new customer profile on a website—or even at a hotel or event—then he or she has not been paying attention. One of the most important but sometimes overlooked aspects of a customer’s relationship with a service provider is that the service provider already has the customer’s personal, financial and device usage information. Service providers face stiff regulatory penalties for failing to protect this information; they have to take it very seriously and are skilled at customer information management. Rather than sharing sensitive information with non-trusted, web-based providers, it makes sense to keep digital identity brokered through a trusted source that already protects customers’ most important personal and financial information.
A smart way to prevent people’s credentials from being hacked is to use multifactor authentication, which has become more common in recent years. Given that service providers are globally interconnected, provide access and devices, are location-aware and have multiple means to verify a customer’s identity, they are well positioned to provide and enforce strong multifactor authentication. This will enable service providers to not only protect digital identity, but to sort out which digital identities are real people and which are bots, spoofs or con artists.
An entire industry of fraud detection and prevention providers has matured, largely to stop organized crime from stealing or illegally reselling telephony and network services. In parallel, service providers have been required to act as a trusted source of information for law enforcement, particularly with regard to accessing usage records and bill details securely. Those teams have critical law enforcement relationships, processes, and tools; they are decades-old institutions within the service provider community. The digital era players don’t have that depth of expertise, which makes service providers a smarter choice as digital identity brokers.
Digital identity is proving to be a critical issue for individuals, organizations and global geo-politics. The most important question is, who can be trusted to manage and defend this information? So far, service providers look like they can be the most logical and trustworthy options.
We have created a low-volume (not-spammy) newsletter so that you can easily keep up with what's going on in the industry.