National Australia Bank and Commonwealth Bank have switched on a new identity checking service, ConnectID, which will allow companies to tap banks for information about customers rather than gathering it themselves, minimising the risk of another Optus-style attack.
The development of “reusable digital identity”, also known as “identity-as-a-service”, will become an incremental revenue stream for banks by allowing them to charge merchants and customers to validate an account holder’s age, or other identity information.
NAB and CBA are rolling out the service this week, after Australian Payments Plus formalised it just over a year ago. Banks will compete with government identity providers such as MyGov.
Westpac and ANZ support the regime and expect to join in the coming months. Initial demand may arise from small businesses that don’t want to store data such as birthdates or driver’s licence numbers, both honeypots for hackers.
Start-ups Referoo, Credenxia, ServiceSeeking, OnePassport, RentBetter and Shaype are already using the regime. It is expected to be attractive to real estate agents, whose IT systems often lack solid cyber protections, to satisfy rental tenancy requirements; along with utilities, including mobile phone providers.
Endeavour Group plans to come on board to check that customers buying alcohol online from Dan Murphy’s, BWS and Jimmy Brings comply with the legal drinking age. A new law in NSW will require age checks to be made at the time of sale from June next year, rather than having delivery drivers make the checks.
The bank will allow the retailer to check the information, without taking a copy of it.
“This new service will help customers reduce oversharing their data, giving them greater control
Read more on afr.com