Mobile Marketing talks identity with Paul McGuire, CEO of tru.ID.
Mobile Marketing: Paul, let’s start by zooming out and talking about digital identity. What do you mean by that?
Paul McGuire: We all have a “real-world” identity – a person with a name, address, a bank account, a passport or ID card, perhaps a driving licence. When we go online, our identity becomes more flexible. We may have two email addresses – one private and one for work, or a social network login, or increasingly, our mobile phone number. We have freedom to choose any of these digital identities. But such freedom comes at a cost – it is hard to prove a digital identity, and many of the current approaches (email + password + SMS PIN code) add complexity for the user, without actually addressing the core – which of these identities can be trusted?
MM: And what are the implications of the answer?
PM: Trust is essential in our everyday activities. Online, trust is even more important because it is much easier to create fake identities and much harder to know who can be trusted. The Internet is a wonderful thing, but with some unintended consequences
– fake news, fake accounts, fake followers, fake reviews, bad actors. These things always existed in the real world, but the enormous scale of the internet means that the problems are much greater. You only have to look at the recent WhatsApp story and how easy it is to hijack accounts using SMS, or when even Twitter CEO Jack Dorsey’s account was compromised. We put a lot of faith in old-fashioned account paradigms which are no longer reliable – it’s time to approach account authentication differently.
MM: How do we even begin to tackle such a huge problem?
PM: Firstly, acknowledge that the current identity paradigm is flawed. Just because it’s worked for us for decades, doesn’t mean it’s going to work indefinitely. Why would you want your customers typing usernames and passwords into your app, or entering passcodes – that’s all legacy desktop thinking. And even with SMS codes for verification, that’s just verifying the phone number itself, not whether it’s on the right device.
Then, we need to look for a source of security and trust in the real world and unlock its potential for digital. Think of it as “offline to online”. For example, biometrics is a way to translate a passport or national ID card into a face scan to register for digital banking. But that could be overkill for other apps.
That’s why finally, we need visionary app businesses to take the leap and redesign their identity journeys. Digital identity is much more than simply registering app users. It’s about brand safety, and ensuring a positive and safe experience for genuine customers.
MM: So is there a middle ground between fake-friendly and biometrics?
PM: A better approach is to move away from email as the digital identity and adopt the mobile number instead, and replace the password with powerful tech, that we already have, that’s the perfect solution to both scale and security – and that’s the SIM card.
So, instead of asking for email, password, and wrapping it up in two-factor authentication with SMS, you can just ask for the phone number, check the SIM card, and you’re done. The SIM card is cryptographically secure, and the pairing of the mobile phone number and the SIM card is unique. That's a much simpler and stronger authentication method, that’s better for both the user and the app developer. And that is what the tru.ID platform makes available to mobile developers.
MM: So let’s talk about tru.ID. How does tru.ID work?
PM: tru.ID is a new authentication method. It replaces usernames, passwords, SMS validation, authenticator apps and other legacy registration methods that are all contributing to a cluttered UX and security loopholes. We connect directly to mobile network operators to validate the mobile phone number against the registered SIM card. It’s the same functionality that carriers use for enabling customers to access the mobile network itself. We’ve just made it available to app developers via APIs.
MM: How would an app maker use tru.ID?
PM: tru.ID enables you to take a significant chunk of friction out of user registration journeys. We have a strong belief that good onboarding equals good business, and have published a piece on how to optimise conversion.
We also help eliminate this big issue of real versus fake accounts. It used to be that if you made it easier to register, you also made it easier for bad actors to register. By using the tru.ID authentication method, you can achieve both low friction and low fraud.
MM: tru.ID seems like it would be a game-changer in user authentication. How come we’ve not heard about you before?
PM: Yes, tru.ID is really new and the mobile operator technology that makes tru.ID possible is really new too. We’ve just released our APIs after a year in development, and we are starting to build awareness of our technology. The more apps use tru.ID verification, the better app UX and account security will become.
MM: So what are your goals for this year for tru.ID?
PM: tru.ID provide the building blocks for app owners to create new onboarding and engagement journeys. Our goal therefore is to partner with as many visionary mobile businesses as possible, for them to try our technology and really demonstrate the difference in customer experience. We need those early adopters to join us as we scale, which is why we’re offering free credits and special deals for early adopters.
MM: Final thoughts?
PM: Next time you register for a new mobile app, or login to an existing one, notice how clunky all that typing is on your mobile, or how cumbersome it is to tap here, click there or wait for the SMS. There is now a better way, and we look forward to showing it to you at https://tru.id/.
tru.ID is the simpler, stronger alternative to SMS passcodes, social logins, usernames, passwords and other legacy authentication methods. By integrating with tru.ID APIs, mobile app developers can verify real phone numbers and subscriber SIM status directly with global carriers, and build innovative user journeys, ensure continuous security and embed a private digital identity by design. Find out more at tru.ID, or follow us on Twitter or LinkedIn.