fgnopporn - stock.adobe.com

What the UK can learn from the Nordics when it comes to digital ID

The UK and other countries can learn from the Nordic region when it comes to digital identity

Proving who you are can be tricky. Passports and driving licenses work, of course, if you have one and can present the document.

But you’re likely out of luck if you’re applying for a bank account or other financial service online, for example. The chances are you’re going to have to visit a branch or perhaps take an awkward selfie that includes both your face and the document.

The UK has tried to fix this, and failed. The sorry saga of Gov.uk Verify went from ambitious launch to managed expectations to attempts to sell it off. The scheme’s biggest misstep was its first – it tried to forge its own path and failed to follow schemes that had already solved digital identity.

Sweden, Norway, Finland and Denmark all share more than a love of licorice – each has a successful digital identity system used by more than 70% of the population. In Finland, its online identification Tupas scheme has 87% penetration. Meanwhile, Gov.uk Verify has a mere 3% of signups across the UK.

So what did the Nordics get right and the UK get so wrong?

The first mistake in the UK was for the government to create the scheme alone. Not all the Nordic schemes are built the same, but each has the core involvement of banks in common.

This makes sense. Regulations demand that banks know exactly who their customers are to help tackle money laundering, and the majority of people have a bank account.

By deciding not to compete on digital identity and instead work together, the banks were able to create identity schemes that consumers could use with a number of providers and which were accessible to the majority of the country’s population immediately.

Onboarding to Gov.uk Verify, on the other hand, was only available through a handful of providers. Even putting aside the reported problems with the onboarding process, anyone signing up to the UK’s digital identity had limited choice in how to do so.

The services available also had an impact. Norway and Sweden’s digital identity schemes had their intent written in the name, Bank ID. Anyone looking to sign up to a financial product could use their digital identity.

More financial services providers got on board as it became clearer that it was better to be part of the scheme and risk customers migrating to new suppliers with ease, than to be outside the scheme and lose customers to this new bloc of digital identity-enabled providers.

This momentum has led to a whole raft of services using digital identity – secure post, public sector services, signing leases, even age identification when using a tanning salon.

Gov.uk Verify was and remains purely for the public sector, which meant people used it very infrequently if at all, and never remembered their credentials when it came time to reuse it. While the Nordic digital ID schemes helped to enable commercial activity, Verify just got in the way of people and public services.

Norway originally had a separate government identity scheme, but use of online services went up when the government started to integrate taxes and student loans into BankID. Starting with a commercial proposition and integrating public services worked. The UK’s experiment in starting with the public sector, on the other hand, never got off the ground.

If the UK government wants to revitalise digital identity, it should look to successes elsewhere to inform how this should be done. Denmark’s NemID started 10 years after Sweden’s BankID, but by using the learnings and best practices that Sweden had to figure out the hard way, it has become just as successful. There’s no reason why the UK can’t do the same.

Read more about online identification


John Erik Setsaas, vice-president of identity and innovation at Norwegian digital identity company Signicat.

This was last published in May 2019

Read more on Identity and access management products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close