Onfido, Deloitte and Evernym today announced the positive results of their Financial Conduct Authority (FCA) regulatory sandbox pilot, confirming that their reusable digital identity solution has been proven with market participants. Testing began in February 2019, shortly after these firms were accepted into the UK’s FCA Regulatory Sandbox (Cohort 5) to evaluate how reusable or ‘portable’ identity can improve customer onboarding journeys and reduce compliance costs for financial institutions.
Portable identity enables people to safely and securely re-use their verified identity across financial services and other organisations, so that they don’t need to be re-verified every time they want to access new services. End-users have control over their identity from their smartphone, being able to provision its reuse across any service they want to access. Such a system means businesses no longer have to choose between security and customer experience, can reduce compliance costs, and are able to respond quickly to changing regulation.
The Reusable Digital Identity Ecosystem
In creating the ecosystem, the firms gained input from across the financial services industry, as well as the FCA while keeping the UK government informed of its progress.
The solution brings the digital world something that already exists in the physical world: A way for individuals to hold and control a proof of identity that they can show to anyone, anywhere. Unlike a physical passport which is accepted at every airport; the digital world is different. Individuals have a unique credential (often, a username and password) for every online service they access to prove that they are who they say they are. With the average person managing over 191 pairs of user names and passwords, this quickly becomes unmanageable and insecure, putting a burden on organisations to verify their customers' identities and ensure that their data is secure.
How the model works
Credential providers are able to verify any relevant information about an individual or organisation and issue digitally verifiable credentials to that person.
People hold multiple digital credentials on their phone and accept or reject requests to share information with institutions (we call these Relying Parties).
Relying Parties request information from the consumer and receive digital credentials.
Piloting portable identity in the financial services industry, one of the most highly regulated industries in the UK, provided some of the toughest conditions and a high bar for testing a decentralised identity ecosystem. Its success therefore marked the next step in the journey to creating an open world where identity becomes the key to accessing online services.
To prove the practical application and business relevance of digital identity, the pilot looked to validate market appetite from end-users and service providers and prove out the technology in a regulatory framework. In total, testers successfully opened financial products using their digital credentials. More than half went on to reuse their digital credentials to sign up for multiple live services. Of those that participated in focus panels, the majority stated they would recommend the solution to a friend.
The participants were also encouraged by being able to hold, manage and control their own data which reduced the risk of their data being breached, since it was encrypted in distributed locations.
In terms of regulatory acceptance, updates to the UK’s Money Laundering Regulations that came into force on 10th January 2020, should allow the use of electronic identification of customers - this will help pave the way for the next phase of this portable identity pilot, a production-ready solution for the UK market.
“This pilot was instrumental in proving that portable identity significantly improves both consumer experience and protection, while accelerating customer onboarding and reducing KYC and compliance-related costs for financial institutions,” said Husayn Kassai, CEO and Co-founder of Onfido. “Now that we’ve proven the model in one of the toughest regulated markets in the world, we’re rapidly proceeding to apply it to other geographies and services as well such as renting a car, self-checking into a hotel and one day, even voting.”
“Our work alongside Evernym, Onfido and other industry participants has demonstrated the practical applications and business relevance of portable digital identity within the FCA regulatory sandbox,” said Derek Ryan, Deloitte Partner. “We believe that the emergence of a portable digital identity provides a unique opportunity to build an open and scalable ecosystem which can help improve customer experience and protection, solve an institution’s onboarding challenges, and also create new and scalable business models.”
“The pilot has been a shining demonstration of how portable digital identity can transform markets and solve real business problems in a way never before possible,” said Steve Havas, CEO of Evernym. “When you put the individual in charge of her digital identity, everyone wins. It gives consumers the freedom to securely move about the digital world, and businesses the ability to finally know and trust who they are interacting with.”
Gartner states that: “Decentralized identity is making a debut in 2021, and will disrupt traditional methods of access for many providers, as it will be used for 25% of all bring your own identity (BYOI) logins by 2023.” “By 2023, BYOI [Bring Your Own Identity] will unlock the value in digital identities, leading to a multi-billion-dollar industry, up from a $50 million industry today.”
The parties are now keen to develop a production ready solution to launch in the UK market. All parties welcome conversations from across the public and private sectors to help bring this model to market. To find out how your company can get involved email firstname.lastname@example.org.
 Gartner: Predicts 2020: Identity and Access Management - December 9, 2019
 Gartner: Innovation Insight for Bring Your Own Identity - December 23, 2019