Revolutionizing Credit Union KYC: Reusable Credentials

1. Initial identity verification: When a member joins a credit union or starts an account, a decentralized identity (DI) system verifies their identity using robust authentication methods.

2. Creation of reusable credentials: Once the member’s identity is verified, the DI system generates reusable credentials. These credentials are encrypted – making them tamper-proof and secure.

3. Ownership and control: Unlike traditional identity systems where organizations manage and store user data, decentralized identity gives ownership and control to the individual. For credit unions, this means the member owns their credentials and they are stored securely on their device, including the ability to store and present credentials from within your app and interfaces.

4. Verification at touchpoints: For every interaction with the credit union, whether it’s logging into an app, contacting the call center, or visiting a branch, the member can present their reusable credentials. These credentials serve as irrefutable proof of their identity without the need for repetitive verification processes.

• Enhanced security: Reusable credentials enhance security by reducing the reliance on traditional methods prone to fraud. For example, traditional security measures, such as security questions that can be exploited through social engineering or SMS-based verifications that are susceptible to phishing, are replaced by reusable credentials.
  

• Frictionless member experience: Reusable credentials ensure a seamless and frictionless experience for credit union members. Once verified, members enjoy a continuous and secure interaction across various touchpoints without the need for repeated identity checks.
  

• Privacy protection: Since members control their reusable credentials, they have the flexibility to share only the necessary information at each interaction. This is a privacy-centered approach that gives individuals greater control over their personal data.

Reusable credentials redefine the way identity is managed, placing control in the hands of members and ensuring a secure, convenient, and privacy-focused experience across various credit union touchpoints. 

See how reusable credentials can affect credit union operations here.

Decentralized identity (DI) is a shift in the way identity is managed. It is moving away from centralized systems controlled by organizations to a model where individuals have greater control over their own identity information.

A decentralized identity looks like this:

• Reusable credentials: Identity credentials, once verified, can become reusable and portable across various services and applications. Users can present their credentials without the need for repeated identity verification, streamlining interactions and reducing friction.
  
• Tamper-proof technology: Decentralized identity uses technology, such as blockchain, to record and verify identity information. This technology ensures that the data is secure, tamper-proof, and resistant to single points of failure.
  
• Secure communication: By its very nature, decentralized identity provides perpetual, irrefutable, and secure communication across all channels, with built-in, ultra-secure and immediate authentication and identity validation.
  
• Reduced identity fraud: By giving individuals control over their identity and leveraging advanced security technology, DI can drastically reduce the risk of identity fraud.
  
• Privacy by design: Privacy is a fundamental principle of DI. Users have control over what information they share. This approach contrasts with centralized systems where users often give over control of their data.
  
• User control: Individuals own and control their identity information. Unlike traditional systems where large organizations store and manage user data, decentralized identity empowers individuals to own and manage their digital identities. Protecting both individuals and organizations.

Decentralized identity has the power to reshape how individuals interact with digital services, ensuring greater privacy, security, and user control over their identity. As the technology continues to evolve, DI solutions are becoming increasingly relevant across various industries, including finance, healthcare, and beyond.

Dr. Paul Ashley, who’s spent over 25 years in the privacy and security space, says this about DI: “There’s been a decade of work before the projects the world is looking at now. I have rarely ever seen a technology that has been so thoughtfully designed as this from a security and privacy point of view.”

Listen to the Privacy Files podcast episode where Dr. Paul Ashley explains decentralized identity to get the full picture. 

• Cryptographic security: Reusable credentials use advanced tech (cryptography) to secure information. This makes credentials tamper-proof which reduces the risk of fraudsters attempting to manipulate or replicate identity information.
  
• Irrefutable proof of identity: Once a user’s identity is verified and made into a reusable credential, it is irrefutable proof of their identity. Traditional methods, such as security questions or SMS verifications, are more susceptible to social engineering or phishing. 
  
• Reduced weak security points: Traditional KYC methods often include the exchange of sensitive information, creating potential attack points for fraudsters. Reusable credentials limit the places where fraudulent activities can occur.
  
• Decentralized ownership: With decentralized identity, users own and control their reusable credentials. This decentralization minimizes the risk of large-scale data breaches, as there’s no single data center storing a vast amount of sensitive user information.

• Seamless interactions: Reusable credentials streamline user interactions across various touchpoints, eliminating the need for repetitive identity verification. Once a user’s identity is verified and a reusable credential is established, subsequent interactions, whether online, in-app, or in-person, become seamless. This reduces friction and enhances the overall member experience.
  
• Single verification point: With reusable credentials, the need for repeated identity checks is gone. Users can verify their identity once, and the credentials can be used at different touchpoints without the necessity for additional verifications.
  
• Privacy and consent control: Users have control over what information is shared with service providers. They can selectively disclose only the necessary information for a particular interaction. This privacy-centric approach minimizes the amount of data exchanged, contributing to a smoother, more privacy-respecting user experience.

Reusable credentials are gaining traction and being explored in various industries beyond finance. Here are some examples:

• Healthcare: In the healthcare sector, reusable credentials can play a vital role in securely managing patient identities, medical records, and access permissions. Patients could have portable credentials for verifying their identity during medical visits, and healthcare providers can access relevant information securely.
  
• Government services: Governments are exploring DI and reusable credentials for services such as issuing digital IDs, driver’s licenses, and other official documents. This approach can enhance security, reduce identity fraud, and provide citizens with more control over their personal information.
  
• Education: In the education sector, reusable credentials can be used for academic certifications and transcripts. Students could have a secure and portable credential that verifies their education, which they can present to employers or other educational institutions.
  
• Farming and mining: Regulated industries, such as farming and mining, require members to comply with established regulations and to perform compliance reporting to government agencies. Reusable credentials can be used in these two industries when submitting reports to government agencies or receiving certifications – even across wildly disparate certifying bodies and reporting organizations.
  
• Supply chain and logistics: Reusable credentials can be applied in supply chain and logistics for secure tracking of products and verifying the authenticity of goods. This can help prevent counterfeiting and ensuring the integrity of the supply chain.
  
• Travel and hospitality: The travel industry is exploring the use of reusable credentials for seamless and secure identity verification at airports, hotels, car rentals, and other travel-related services. This could simplify the check-in process and enhance the overall travel experience.
  
• Retail and e-commerce: Reusable credentials can enhance the security of online transactions in retail and e-commerce by providing users with a secure and portable identity for authentication. This can help reduce fraud in online purchases.
  
• Human resources and employment: For employment-related processes, reusable credentials can be used for verifiable employment history, certifications, and qualifications and even background checks. This can streamline the hiring process and provide employers with confidence in the candidate’s credentials.