by Wendell Brown
In 2016, writer Walter Isaacson deemed anonymity one of the original sins of the internet. Users, he said, do not have a choice about whether the network they access has verified identity and authentication.
The lack of a standard identity protocol became the internet’s biggest problem. In a recent episode of the State of Identity podcast, I shared my thoughts on why the internet’s anonymity has led to more repercussions than we expected, the reality of frictionless digital identity verification, and a way forward to improve the user experience by improving authentication.
The Design Flaw of the Internet
The problem with digital identity verification is rooted in the very design of the internet itself. The foundational issue is that the internet has no identity layer built into its standard protocol.
Without a standard identity protocol, banks and applications are left trying to recreate their own. Users are subject to inconsistent, often clunky, login processes, and internal security resources are stretched thin.
For as long as the internet has existed, security and user experience have been at odds. The internet was born so people could easily access information. Two decades later, identity verification tools like passwords and 2FA have made online experiences frustrating.
The Problem with Passwords and 2FA
Passwords are a traditional form of authentication, but one challenge is that the criteria of a strong password – it’s long, it’s difficult to guess – is in direct opposition to "easy to use".
Remembering multiple complex passwords is hard, so most users don’t do it. Instead, people may opt for one single password across all of their accounts, exposing themselves to serious fraud threats. Well-encrypted password managers are useful, but are only a solution for having too many passwords – like patching a leaky pipe that’s bound to burst somewhere else. All headaches aside, with the advent of AI, passwords are easy to crack and offer only a very thin layer of fraud protection.
Traditional 2FA, by way of SMS, requires users to stop what they’re doing, grab a different device, and take multiple steps to log in. It’s so burdensome, oftentimes users will opt out of the extra layer of authentication altogether. How useful is a security measure that isn’t being used? It's estimated that only 10% of gmail users even have 2FA turned on.
Restoring Freedom on the Internet
Businesses and banks know security is necessary, and users do, too. "Easy to use" and "super secure" don’t have to be mutually exclusive. It’s possible to remove the multi-step friction from authentication and still protect people’s accounts from fraud, and that is the motivation behind Averon’s mission.
A lot of what we’re trying to solve comes down to restoring the freedom, the low friction experience, and the pleasure of being able to do what you want, watch what you want, hear what you want, and interact over the internet and through your mobile phone. Restoring that original vision of freedom and easy-to-access information fuels our mission at Averon.
The Digital Identity System in Your Pocket
Billions of users around the world carry a SIM card in their mobile phone. SIM cards are a hardware identity used by mobile carrier networks to transfer data and to identify users for billing purposes. Based on a SIM card, phone companies know what to bill a particular individual.
Using mobile carrier networks and SIM cards for authentication is the next-generation of 2FA. We see the mobile networks, in addition to a worldwide carriage system, as an identity system with billions of people on it. It has many towers around the world, and everyone in the world is walking around with a hardware identity card in their pocket.
Possession of a mobile phone is already an accepted method of identity verification – which is why one-time SMS codes sent to a mobile device have been used as the second factor of authentication. Averon replaces one-time codes and app downloads, instead relying on the verification of the SIM card, through Averon’s technology, as the second factor that transparently and automatically verifies a user’s identity. There are no extra steps involved, making the experience both frictionless and secure. Averon is restoring convenience to consumers, enabling banks and companies to provide their customers with better online experiences – the way the internet was originally intended.
There are huge implications for this simplified authentication process for industries delivering products and services to consumers online – from simplified mobile shopping experiences to simplified mobile experiences for paid subscriptions.
Listen to the full State of Identity podcast for a fascinating, and hopeful take on the evolving digital identity landscape.