CEOs Are Beginning To Get Sovrin.
I was happy to talk about Sovrin with a Silicon Valley-based CEO earlier this week. Hearing that he understands that the costs and liability of digital identity can be turned into revenue (from cost) and asset (from liability). His business is all about enabling better customer retention – the focus here is on the relationship – not the discrete digital identity that comes with costs.
Let’s back up just a minute for a bit of background.
Digital Identity has been known as a cost for the vast majority of companies since the web went commercial. It is treated as an expense and a liability actually. The reasons are pretty simple and well known, but a short explanation will help here.
- Expense – The expense is usually problematic and CIOs all over are feeling pressure from their CFO to reduce the costs but that’s presenting a problem as they need more controls, authentication, and integration than ever. The problem is that the systems that companies have were never really meant to keep a digital identity for you and I. They were meant to hold employee information for authentication and authorization. Costs for controlling employee’s digital identity are usually warranted. The system falls apart when you look externally.
- Liability – Here’s the killer problem. Holding a digital identity for each customer or even prospective customer is a huge problem. Think of all the breaches like Yahoo and Equifax to name just a few. The legal ramifications of these won’t be fully understood for a while but company risk and legal teams are rightfully very, very concerned about where things can go.
Notable exceptions are the big internet players – Facebook, Google, etc. They provide their “product” free, which feels odd until you consider what my friend Drummond Reed has figured out. “If you’re not paying for the product, YOU are the product”
OK – back to our CEO and how Sovrin is shifting the thinking about the cost and liability of digital identity.
Business is About Relationships – Not Digital Identity
By focusing on the business relationship with the customer, the CEO realized that they can turn digital identity costs upside down. Digital Identity creates an ecosystem where businesses can thrive – by building relationships.
One of the biggest concerns that CEOs and their board of directors have is the risk of holding a database that contains millions of digital identities – a huge target in today’s cybersecurity world. Given that the industry our CEO is in has some KYC (know your client) requirements the types and amount of information that they may have needed to hold can make the C-Suite and Board feel very nervous. Every day CEOs and directors hear about new breaches and imagine it happening to their company – not a happy place.
With Self-Sovereign Identity, particularly Sovrin, most of the information can stay under the control of the individual they are concerned about – at minimum the encryption used should be on a per-Identity basis – meaning that getting access to a database of identities provides millions of heavily encrypted identities – each one just as hard to crack as the other. Kind of like a big vault with millions of vaults inside it – each one just as hard to get into.
The main purpose of many businesses is to create a trusted relationship with their clients. That relationship is the true asset for many businesses. To date though, holding the information required to really make that relationship work was tough – fraught with security issues and risk.
Further – the CEO realized that one of the pushbacks he was getting from customers was that they needed to hook deeply into the enterprise systems of their customers – to enable the Identity services that they provide. The cool thing here is that Verifiable Claims make the need to connect systems together directly disappear. Shifting the focus to creating claims that can be shared around and verified later, instead of hooking deeply into sensitive systems, simplifies things for all players.
Instead of hooking deeply into sensitive systems their customers generate Verifiable Claims that can prove where they came from, that they haven’t been tampered with, and that the data are valid (e.g. haven’t been revoked). This allows the recipient to trust information that they receive without incurring the cost of hooking into those sensitive systems. Both sides win here.
The digital identity costs, in this case, turned around and digital identity becomes a revenue driver (arguably both top and bottom line) and turned digital identity from a liability into an asset.
This financial aspect of Sovrin is something that took me a while to realize but once I did I realized that the game was changing. I am happy to see that some in the Valley are jumping in on this shift.
Also published on Medium.