As banks struggle to find new sources of revenue, Citigroup (NYSE:C) is starting to cash in on an area of expertise that most banks are yet to monetize: identity authorization.
In so doing, Citi, like other top banks, hopes to tap into what might become an extremely lucrative market, experts say, and one where banks are uniquely poised to deliver a valuable set of new products and services.
"We are talking about a multi-billion dollar business opportunity here," says Karen Wendel, chief operating officer of IdenTrust, a provider of digital authentication services and an organization that worked recently with Citigroup's Global Transaction Services unit in an important identity management pilot with the Department of Defense.
(IdenTrust was originally founded in the 1990s by Bank of America (BAC), Citigroup, JPMorgan Chase (JPM), and four European banks.)
Yet the opportunities with identity management are also fraught with enormous risks, experts say. Fraud committed with one bank's identity mechanism would likely be the responsibility of all the other banks too, particularly where the interlocking worlds of transactions are concerned. If a fraudulent transaction occurred between banks, there would be questions around who'd be liable. Such scenarios are particularly pronounced in the current security environment, where recent high-profile break-ins of computer systems have put the information of millions of consumer credit cards at risk.
"No one wants the liability and the banks have not figured out how to deal with that yet," says Avivah Litan, a vice president at research company Gartner Inc., of Stamford, Conn.
Still, banks are in a unique position to be identity managers because they already provide a host of identity authentication services, experts say. They are required to comply with "know your customer" laws, for example. And they also collect significant amounts of information from customers when they open accounts, as well as throughout the course of customers' transactional lives.
Citigroup has developed technology that supersedes these most basic building blocks of identity management.
(American Banker reached out to half-a-dozen of the top U.S. banks about identity authentication and management efforts, but only Citi agreed to speak.)
In late June, Citi began a program with the Department of Defense in which it issues physical access identity cards to contractors and subcontractors, including first responders to emergencies such as firemen and emergency technicians. Citi is using the IdenTrust Trust Source Infrastructure platform, which supports multiple different types of digital certificates, combined with a subordinate Citi certificate, also issued under the IdenTrust Trust Network, Wendel says.
The cards, which contractors use to access DOD facilities, are chip-enabled and perform under a standard called PIV-I, which means the federal government has endorsed them for use by non-federal employees, although the cards do not meet federal guidelines for top security clearance.
Shirley Inscoe, a senior analyst for Aite Group, says the cards could soon be equipped with a payments component.
"This could open a whole world of customers to Citi who don't need retail branches, and where Citi does not have to have a broad retail network," Inscoe says.
Citi, which declined to talk about its work on the Department of Defense project, made a representative available to talk about its other identity verification efforts, which don't entail using identity cards for physical access to buildings, as is the case with the Department of Defense project.
"Digital identity is a broad set of solutions depending on what type of application we are looking at and the type of transaction," says Sabine McIntosh, director and global head of eBAM (electronic bank account management) and identity management for Citi Transaction Services.
Be the first to comment on this post using the section below.