September 21, 2022
‘We cannot build services for the post-industrial age using the identity infrastructure of the industrial age. We need a new digital identity infrastructure.’ - David G.W. Birch
No doubt that digital transformation is crucial for a modern business of any kind. According to McKinsey’s 15 years-long research, “the more transformation actions a company takes, the greater its chances for success.” And we all are not just aware of it, we act. The pandemic pushed us hard to force these programs. In 2020, according to a survey made on behalf of DELL Technologies, 80% of businesses worldwide fast-tracked at least some digital transformation programs, 41% accelerated all or most of them.
And yet, successful digital transformation is more an exception than a common situation. Only 31% of respondents in McKinsey’s survey confirmed that their digital transformation efforts helped to improve organizational performance and it was sustaining results over time. But, and I quote, “even companies with successful transformations don’t always capture the full financial benefits of these efforts.”
There are so many explanations of why it’s so difficult and what may go wrong. The main objectives of DX are to provide an excellent user experience to customers and convert an organization into a flexible, efficient supermachine ready to respond to any changes in the environment and customers’ behavior. Now, we have to admit that it didn’t do much in both areas, and in many cases, the result was quite the opposite.
Digital Transformation is a massive project in converting “an elephant” (a functioning business that you can’t just stop, upgrade and go) into a cyber-robotic beast with an exoskeleton and tusks made of titanium. There should be a strategy and a clear plan. Otherwise, it can be a waste of resources and possibly cause damage to the living creature. And, probably, there is no single company that would start DX without a strategy. But all those plans are detached from reality; there are too many unknown pieces and factors that you could never include in consideration. Most of the problems with DX accrue at the stage of implementation (see the same McKinsey study). Their causes are beyond IT and are mainly connected to our mental habits that define how corporates are organized and how they operate internally.
The reality is that the elephant is way too big for organizations, they can’t eat it in small bites and it’s not the IT department’s fault. According to Convey’s law, an organization designs systems that mirror its own communication structure. Ruth Malan, a senior architecture consultant at Bredemeyer Consulting, put it this way: “if the architecture of the system and the architecture of the organization are at odds, the architecture of the organization wins.”
The consequences of this — a beautiful DX strategy smashes against a wall of harsh reality. IT departments can’t simply follow their step-by-step plans. Their bosses and other internal customers want something new every day.
The nature of the corporate world is the crucial reason why just a few companies made it to the stage that can be called a digitally transformed organization with a stretch. Many companies got stuck with a patched elephant with somewhat digitized feet (infrastructure) and digestive system with customers' data going through it.
Not many companies were able to overcome those obstacles. After more than a decade of DX efforts, we see a dramatic change in many aspects of consumers’ lives. Media, entertainment, retail, travel, and many other industries have learned to deliver high-quality digitalized services with a smooth user experience to consumers. But even in these industries, the most successful companies were born digital. The digital revolution happened around consumers' data and digital customer interaction channels. Retailers and firms that sell mass products and services know nearly all about our habits and behavior patterns. They harvest this data and some, the most advanced, are able to harness AI to make more money locking-in users to their ecosystems.
The corporate world outside Big Tech was far behind. But the example of those few successful players from other industries was too contagious. It's somewhat responsible for a boom around Big Data, which, as many have hoped, could become a crucial DX enabler. It brought fancy and expensive data storage systems as well as cloud services to high demand in the last decade. And now they store a vast amount of unstructured and unanalyzable information of all kinds, including contracts, partnership agreements, free-form documents, invoices, transactional data, various document scans, social media posts, and others. Many of these documents were collected and inputted manually. As the result, one of the most significant issues for companies that are trying to squeeze some value from their data is that it’s cluttered and incorrect. It causes an annoyingly long time of getting needed data and documents, and a vast money loss.
“We have over 30 years of data spread across data centers, servers, storage, and distributed endpoints and were challenged with finding the data, ensuring regulatory compliance, and reducing costs without introducing more complexity," said Jim Solomon, Director of Infrastructure at A. O. Smith. His words could be repeated by many companies. And it’s certainly the opposite of what DX was supposed to bring to the table.
Unstructured data still takes over 80% of those expensive storage system space – the number which IBM, Gartner, IDC, and other thought leaders agree with, and which hasn’t changed for a decade. This unstructured and unanalyzed data is worth $430 billion if companies make use of it. There is precious information buried in free-form documents, texts of emails, scans of contacts, social media posts, news, etc.
Natural Language Processing (NLP) algorithms little by little allow us to unpack huge archives stored for better times and get some valuable insights. But it’s just a drop in the ocean.
Without knowing and using that unstructured data, without tightly bounded incorporation of it into current and emerging business processes designed for a rapid change, it is not really a transformation. It’s just a simple replacement of vast shelves with heavy folders and couriers with papers by data centers and overloaded email boxes. It doesn’t change much.
Greediness in data collection became a common approach. Companies try to get as much data as possible, forgetting that the data is not what they need. Every business needs a growing flow of good clients. Instead, it gets a tremendous amount of information about potential and current clients together with the necessity to properly store this data and keep everything in compliance with regulations.
Despite companies spending a fortune on data storage and ML/AI software and being unnecessarily greedy while collecting clients’ data, a customer in a corporate system is a pale shadow of a person. There is an alive human behind their static digital profiles, who are changing constantly, switching from one service provider to another, moving, getting and losing jobs. All the point of DX is to serve customers better to win a competition, and operating a static and vague “portrait” instead of dealing with a real person, doesn’t help with this.
Besides this, a customer doesn’t have much control over their own data, contracts and doesn’t have much choice in how to interact with an organization, which services to get and when. Companies have some data about their customers; they link it to information from outside sources (like social networks). They launched "Customer 360-degree" initiatives to know clients better; they classified them and attributed them to like-minded groups. But all this is happening without a customer being involved. A person lives beyond the company's systems. And it's not a real collaboration; it's not an actual customer-oriented approach. In the best-case scenario, the client has a personal account and a dashboard on the website of a service provider. In many cases, they just receive reports and other documents by email.
All the above is true when a client is an organization. Almost nothing has changed in the way how organizations interconnect with regulators and each other. There are some cloud storage services with functionality allowing access to someone outside of an organization but the majority of communications between companies go via emails. Email remains the number one threat vector for people-centric attacks and costs a large organization $15 million of loss every year or about $1500 per employee (by Gartner). So, it’s insecure, inconvenient, and creates even more mess, generating more unstructured data.
Years of pseudo digital transformation made organizations separate feudal states with specific internal compliance norms, documents and data formats, complex processes. Data exchange and system integration between such feudal states are hard and almost impossible. That is why such a beautiful concept as Open Banking hasn’t succeeded widely and become a niche solution.
As a result, a customer suffers despite DX being meant to benefit them. You can’t easily switch one service provider to another without filling up countless paper documents with precisely the same data that your previous provider already has and waiting for an unpredictable time. It’s not an intentional obstacle that your previous provider created, it’s just the way the industry works due to factors that we described earlier.
Can IT departments do anything to fix the situation with DX? Digitalization is inevitable and necessary, right? Let’s think about it. The daily life of IT departments is tough. Their backlogs are overflowing with urgent tasks. New tools requested by C-level execs are hard to implement. As soon as another fancy trend comes up, like chatbots or a marketing automation app, it adds to an IT department’s backlog pile.
There are three typical ways to get things done in IT: buy a boxed software, develop a solution inside or hire an outsourcer to create it. The first choice is rarely the best. It’s as if you would buy a bicycle as a box with some components like wheels and pedals that must be assembled and fixed to a frame that you already have.
Many heavy IT projects go via the third and costly path, with the hope that more experienced colleagues from outside would do better. But vendors’ and integrators’ services are pricy, and the stage of learning the domain and the company’s specifics takes a long to spin up and eat precious time. As a result, such projects take way too many resources.
Development in-house is the alternative. As we discussed earlier, automation looks tempting and promising until you try it. Each year, a more acute deficiency of IT professionals makes DX efforts less realistic and the life of CTOs and CIOs more complicated. Experienced employees hold domain knowledge that is difficult to transfer to the new generation of workers because it’s non-formalized and stored only in their minds (see above about sociotechnical approach).
IT as a sphere of knowledge is expanding, and it narrows down the number of architects with a high-level view of the company’s systems and how they work (or should work) together.
Large-scale projects suffer from a lack of IT professionals able to work together in big groups. The Scaled Agile Framework is an attempt to solve the problem. But the Agile hasn’t become a common successful practice.
Another factor that makes the life of CTOs harder is compliance and constantly changing norms. GDPR initiative was a sobering shock to businesses, and they realized how their corporate ITs were not ready for such change. A year passed but most of the businesses were not ready yet. According to research done by Capgemini Research Institute, after over a year since GDPR went into effect, just 28% of businesses were in compliance with the new regulations. And others overestimated their readiness. And GDPR is not even close to being as complicated as financial norms and regulations. Read about what exactly is wrong with current compliance systems in this post: “Compliance Headache and How to Treat it”.
The pandemic added wood to the fire. The shift to remote work brought more mess in stored data, more errors, and a painful headache due to cybersecurity and new compliance issues.
“An ideal system is a system that does not exist, and its functions are performed”
TRIZ, Theory of Inventive Problem Solving
A company can improve itself until the environment starts limiting further progress. The government shapes the business environment in many ways by introducing rules and norms (limitations) and constructing an economic infrastructure (enablers). Today, governments worldwide are transforming their economies into digital ones by building the “new Internet” infrastructure and creating a trust layer on top of it.
The GDPR was one of the major steps forward to a digital economy for the EU. Also, many other countries initiated programs to convert their economies into digital ones. To get more details on what’s happening and where read this post: DX on a government level. A rise of Digital Identity. Most if not all of them planned their programs around a Digital Identity concept. This topic has been discussed for several years already but wasn’t taken as a high priority. The COVID-19 catastrophe made the need for a proper digital ID implementation acute and urgent. As David G.W. Birch pointed out in his Forbes article, now, we can estimate with high accuracy how much it cost not to have a digital ID infrastructure. According to Aite Group research, in 2019-2020 loss from identity theft cases, fraud and scams accounted for about $1.25 trillion in the USA. One of the main victims was the US government which received 394,324 fake applications for benefits (32% of all the identity theft cases in 2020).
But this problem is not just about individuals and their identities, it also appears in connection to companies’ digital profiles. The UK, for example, lost up to £26bn because the government dropped the basic fraud checks for loan applicants in a COVID-19 support scheme for businesses. This number doubles if you include theft cases of individuals’ identities.
The European Union had already started several DX programs that include initiatives in creating Digital Identity infrastructure and speeded up them in the last two years. In March 2021, European Commission published a document “2030 Digital Compass: The European Way for the Digital Decade.” According to the plan, there are four objectives in the focus: digital skills of the population, secure and sustainable infrastructure, digital transformation of businesses, and digital public services enabled by digital ID. Later the recommendations on how to prepare for eIDAS (electronic ID, authentication, and trust services) were also published.
Currently, the fact is that some countries of the EU have created their own eIDAS; some haven’t even started yet. There is a long way to go, but it is clear that a digital economy is impossible without digital identity, not just for individuals but also for companies and legal entities. And electronic or digital ID must be good. The concept of “good Digital Identity” is described in the White Paper published by McKinsey in 2019. In the document named “Digital identification. A key to inclusive growth” the group of authors predict that the well-developed and implemented technology of digital ID can help Institutions benefit from improved customer registration, reduced onboarding costs by up to 90%, and reduced payroll fraud, saving up to $1.6 trillion globally. In some countries, extending full digital ID coverage could allow adding 3-13% to GDP in 2030.
Let’s talk about technology. According to the World Economic Forum’s view on Digital Identity and the Korean Institute of Science and Technology (KAIST), “blockchain can enable greater trust and transparency due to decentralization, cryptography, and the creation of new incentives.” Also, a Self-Sovereign Identity framework is close to ten principles of good identity defined by Kim Cameron, Architect of Identity, Microsoft Corporation. This is the EU’s and several other countries’ choice. In 2018, Paula Berman, the head of the Ambassadors Program for Democracy Earth Foundation (DEF), called digital identity a basic human right and described SSI as the most beneficial approach to building the digital ID infrastructure.
Many articles and papers describe how great SSI will be for people. From a business point of view, a government initiative to implement new technology may look like another hustle and a new source of headache for IT departments. But in reality, it’s quite the opposite.
Let's look inside one company's corporate system. We can find tons of information about customers there — date of birth, marital status, the first bank account open date, etc. And absolutely the same data we'll see in databases and data storage of another company. The idea of SSI is to take all those many times duplicated and stored in thousands of corporate systems data and put it to a publicly available (yet potentially distributed) infrastructure with access across industries, institutions, and businesses.
This is the way to achieve two main goals that DX was supposed to bring but couldn’t: structure and harness valuable customer data, and deliver high-quality UX to customers. If you add details about other companies, like address, name of CEO, figures from contracts, etc. it makes the SSI system even more beneficial for everyone. And, governments and institutions that will develop the SSI infrastructure will play the role of the ideal implementer of an ideal identity checking and authorization system that doesn’t exist in the company's perimeter but its functions are executed (check the TRIZ principle in the quote above).
So, when such a cross-industrial SSI system will be developed it will bring a lot of good things to businesses.
The future is already here — it's just not very evenly distributed.
Reinventing corporate core parts of the business and transforming them into a new, digitalized form, is a comprehensive problem that needs to have the right tooling that started to emerge nowadays around Digital ID.
To unlock new revenues, opportunities, and increase the market for IT services for the further steps of digital transformation, we need to prepare new parts of IT infrastructure to step into the complex industries with higher requirements for security, service resilience, and overall operational excellence, robustness, and ongoing business changes.
Keeping in mind the risks that digital transformation could expose when it comes to the very core of an established corporate business, we need to act with outperforming pace while employing the most advanced tech as well as complex newly discovered organizational technologies.
We witnessed a revolutionary shift in IT infrastructure with rising of cloud computing. Managed ID will make the change of the same significance. Companies don’t need to purchase expensive servers anymore, they rent them from cloud service providers preconfigured and customized to fit all the nuances of the business. This cloud infrastructure is taken care of, maintained, and served by someone else. The same will happen with Digital Identification thus it’s a part of business infrastructure as, let’s say, email. There will be no need to create and request countless forms from customers, partners, and others with the same information over and over because everybody will operate inside the rusted and secure IDverse, one of the universes of raising metaverse. It will be a global metacommunity of businesses, professionals, and institutions marked with a seal of reliability; a layer on top of the Internet that allows companies to deal with other firms and potential employees with assurance that they are trustworthy.
This revolutionary shift will not happen immediately but for sure, the transition to SSI will bring a real Digital Transformation on the level of one company, industry, and on a scale of the entire economy. And hopefully, the world will indeed become a global space with compatible Digital ID standards for citizens, businesses, and institutions. It will bring underserved population that doesn’t have access to modern digital services due to missing ID to the market. We talk about a billion people left behind of technological progress, financial services, communications, and many other benefits that developed counties enjoy.
During the Great Migration, it takes a certain significant amount of animals to change the direction of a swarm movement. When one macroregion will successfully adopt the new framework and start building the trusted layer, others will follow sooner or later.
We unveiled the problems of DX and just started to talk about solutions. Keep tuned and we’ll continue. Join the conversation in the commentaries. Subscribe to our updates or monthly digest.