Among the questions we’re asked most frequently about NSTIC is: why are trusted identities good for business? The NSTIC pilots have collectively started to answer that question, highlighting how better privacy, security and convenience are enabling new online business models, and driving higher sales and profits.
One of the better examples of this has been the work done by NSTIC pilot awardee ID.me. In 2013, ID.me received a $2.8M cooperative agreement from NIST to pilot its trusted identity solution, which enables members of the military community and their families, First Responders, and students to access exclusive benefits and services online both securely and efficiently without having to share sensitive information with the brands directly. While this easy-to-use and interoperable solution aligns with the NSTIC guidelines, it also benefits partner companies’ bottom line.
Among ID.me’s many successful collaborations is with KISS. When KISS wanted to offer discounted concert tickets to the military community, the band faced a challenge: how could they verify that the people trying to access the tickets actually were service members or Veterans? ID.me’s solution enabled KISS to easily validate this single attribute, without requiring the band’s fans to share additional information about themselves. This partnership was just what the doctor (of love) ordered; KISS went on to sell more than 5,400 tickets to ID.me verified service members and Veterans as of July 14th.
While identity management is traditionally only seen as a risk mitigation capability, ID.me is helping partners like KISS leverage it to grow sales while simultaneously reducing fraud. ID.me, acting as a trusted intermediary, reduces the amount of information a company needs to collect in order to verify an attribute about its customers.
Previously, service members and Veterans had to bring physical military ID cards or hard copies of their military discharge documentation to claim benefits in-person. This process was inconvenient and vulnerable as the transported paperwork contained all sorts of personal information beyond what was needed for the transaction. Veterans’ discharge papers (DD-214), for example, reveal: blood type, home address before and after active service, social security number, date and place of birth, details of active service, and reasons for separation from the military – not exactly the type of information Veterans should have to carry with them, let alone share with companies to get a discount.
ID.me has transformed this experience, allowing service members and Veterans to access benefits by verifying a single attribute: that they have served our country. This has an incredible impact on user privacy, allowing consumers to leave their discharge papers – and related PII – securely at home.
KISS’s story isn’t the only example of an identity management effort that produced tangible positive results. Under Armour saw a 30% growth in affiliate revenue after partnering with ID.me to extend its long-standing in-store military 10% discount online. According to the case study, 70% of those who used ID.me credentials at checkout since November 2012 were first time customers to Under Armour.
These examples demonstrate how investing in new NSTIC-aligned identity solutions may not only increase security and privacy – they can also positively impact a company’s bottom line. As these platforms enhance privacy and reduce the risk of fraud for consumers, they also create more user-friendly online processes that attract customers eager for simpler ways to complete a transaction. They make targeted discounts and services easier for companies to disseminate. They make the need for a plethora of unique passwords a problem of the past. And by giving the user transparency around the information needed to access a given benefit, they increase trust online.
The FICAM Trust Framework Solutions (TFS) Program approved ID.me as a Credential Service Provider at OMB Levels of Assurance (LoA) 1, 2 and 3, following an assessment from Kantara. This means that the same credentials can not only be used to buy concert tickets and access discounts, but can now also be used by Veterans to log in to government services. This is a textbook example of the NSTIC vision: enabling consumers to use the same secure, privacy-enhancing credential to log in to both commercial and public sector sites.
As identity platforms evolve, it is important to recognize the wealth of benefits online service providers and consumers reap. When a company chooses to work with one of these platforms, it is not only about risk mitigation, but also a business growth opportunity. And, it demonstrates that privacy and security are not just good for consumers, but also good for business. New customers, increased profits, and reduced fraud are within reach.
When President Obama visited DC startup incubator 1776, he spent time with the founders of ID.me to discuss its work and partnership with NSTIC. (July 3, 2014)