With the usage of more and more internet services which most of the time are delivered via web applications (you performing a Google search means that you’re using a web app), the mechanism for registering for the services remained unchanged for years.
This means that depending on the service you’re accessing, you are being asked to insert an e-mail address and to secure it with a password. Sooner than later that web-app that had delivered just a type of service introduces new features, and now you’ll have to submit your home address and mobile phone. They might even collect your credit card details, just to make future orders much more comfortable to complete.
That web application since gets a lot of traction, and millions of people are using it, becomes the target of hackers. Again, sooner than later, these will find their way to the gold mine. To that customer database where all the users’ personal data is saved.
From that moment, there is just a question of how many fake accounts with your credentials will be created. How many “shopping sessions” your credit card will support.
Depending on your job and company you work for, your identity will be substituted by someone else, used in social engineering to obtain something valuable: passwords, infiltrate trojans into your company network.
You could have your social media accounts taken over, your Spotify account shared between continents or completely lost control over your Fitbit smartwatch, fridge or AC.
You know how you became the victim here? The only victim?! Because you gave your details on all sorts of web-apps and they failed to protect them. It’s true,the company running the app apologized for the inconvenience, but in the end, you are the one who ends up paying for that credit card issued by someone in a country thousands of miles away from you, a country you never visited.
Did I get your attention? Let’s see what can be done, because not everything is lost.
The challenge here is that the companies offering their services over the internet, they need to comply with internal regulations or if we are talking about financial services, local governments agency has issued several regulations already to must be followed by the letter. In most of the cases, all your details are required because there are regulations in place (in the first place) or the marketing people forget that they are consumers too and collecting data about their clients is a double sided sword (in the second place).
The solution is to be able to prove that you are who you say you are without actually allowing the company you’re onboarding with to become the custodian of your personal data. In the end, the local regulation stipulates that they need to make sure that you are who you claim to be, not store everything about you (note: in some geographies, for financial institutions there is a regulation in place that forces banks and such, to maintain a hard copy of your details).
And precisely this is what Persona does. It allows us to be in control over our personal data, to let us decide what and with whom we are sharing our data, for how long (just at the onboarding moment or for financial institutions we are maintaining a live share to our details).
Since the verification and the validation was done face to face, we are in control over our personal data at all times. After we’ve been verified and validated, depending on the entity we’re onboarding with, we can prove that we are who we claim to be without actually giving any details or use the granularity Persona makes available, choosing what we share: only mobile number, address, or we can go up to share our SSN.
You decide the amount of personal data that you want to be verified and validated (note that lately, for the majority of services you could sign up, a minimum set of personal data is requested).
Persona does not access any centralized, government ran databases to check your data unlike the rest of remote KYC solutions.
With Persona, once you get the necessary trust, can sign-up for all the services that are accepting Persona as a means of identification and establishing trust.
Most of us have or at least had trust in banks (after all, we trust/trusted them with our hard work earned money). Imagine having your identity verified and validated by the bank (which they were doing anyway), but now you can use that one time KYC (Know Your Customer) enrolling in or with a various web-applications.
You don’t have to sign-up anymore, you don’t have to share your home address (you can do it only when you order something only at that moment, without being stored).
So, it a nutshell, Persona is about keeping you and every one of us safe. Is about how to meet in the middle with all the third parties whom services we’re using without exposing personal data or more than is necessary to receive that service.
It’s about maintaing the individual in control over its data at all times.
It’s about meeting the latest personal data regulations while controlling who and why and for how long has access to our SSN.
It’s about a smoother, a seconds taking signing up process no matter we are talking about renting a car in a city break or booking a hotel room.
And if you want to be safe, in this more and more intre-connected world of applications all you have to do is to claim your identity in Persona, get verified and validated and start be in control over your data. Stop being the victim.