What happens to MyCUID if my member’s phone is compromised?

Posted by Julie Esser on May 15, 2019 9:00:00 AM

what if your phone is stolen

Self-sovereign identity (SSI) provides members with a lifetime portable digital identity that does not depend on any central authority and can never be taken away. The benefits are far-reaching for both members and credit unions.

One of the main benefits of SSI is that the numerous and cumbersome usernames and passwords that consumers currently have become irrelevant. But, since biometrics and smartphone technologies drive the SSI platform, what happens if a person loses his or her phone, or that phone is hacked or has an injury that impedes a biometric login? Does that member’s SSI become vulnerable? This question is especially important for credit unions to consider as a recent Bankrate survey found that 63 percent of smartphone users in the U.S. have at least one financial app.

The short answer is that a person’s SSI is only in jeopardy if certain recovery steps are not taken. Once a person discovers the phone is missing, for instance, he or she should access the application from another device that also communicates with the network to report the issue. This process, which can be completed in seconds and is effective worldwide, does not require connection to the stolen or hacked device.

And, it doesn’t completely remove the person’s ability to use their credentials on other devices. Once the issue has been reported, which happens in real time, the credential block is only on that stolen, lost or hacked device. If the person realizes that the phone wasn’t stolen, but merely misplaced, the report of a lost or stolen device can be reversed as quickly as it was initiated and the member can go back to using his or her device for self-sovereign identification.  

There are additional steps members can take to ensure security. Once the phone is recovered or the application is installed onto a new mobile device, it is critical that all private keys the stolen phone knew are also revoked. This step, which may take minutes more so than seconds, will prevent a hacker from encrypting and signing in as the user.

The MyCUID Advantage

The reason CULedger developed the MyCUID is because the CUSO believes that each credit union member should have their own SSI. With this new technology, credit unions are leading the way in data security and making the banking experience more seamless. And, while SSI is a groundbreaking use of blockchain technology, there still need to be safeguards in place to protect credit unions and their members. CULedger works with SSI and blockchain industry leaders to ensure credit unions utilizing CULedger’s network of digital exchange have the highest protection available.

SSI is still a somewhat new concept, so the technology and security protocols supporting may seem nuanced or require additional education, but it is important for credit unions to understand how it benefits their members unlike any other technology. Through applications built on blockchain, such as SSI, credit unions can offer their members more security, convenience and independence. These new experiences through SSI will quickly become the expectation from consumers – and credit unions have the opportunity to be among the first organizations to offer it.

Get Involved

Topics: Digital Identity