About MemberPass®
What is MemberPass® and how can it benefit me?
MemberPass® is a new form of account authentication all done through your digital device. This authentication uses “bio-metrics”—individual features including fingerprint or facial recognition to confirm your identity. The combination of these enhancements result in authentication that is very efficient and highly secure to use. Benefits include:
– Offers full control of your personal information, on your own device, with each interaction.
– Removes the need for using or others handling your physical identification.
– Provides a single verification method for your interactions with our Branch and Contact Center teams.
How does MemberPass® work?
– MemberPass® is established through the digital wallet app, called “MemberPass®.”
– After you are connected to the app, you can receive the MemberPass® credential.
– The digital wallet stores your MemberPass® credentials; there is no information stored with your credit union.
Is a digital device required to use MemberPass®?
– Yes; your digital device needs to provide access through bio-metrics (facial or fingerprint recognition).
– The MemberPass® app is also secured with bio-metric access; MemberPass® stays secure if your phone is lost or stolen.
Is my information secure if I lose my digital device?
Your personal information in MemberPass® remains encrypted within the MemberPass®; your individual bio-metric identifications are secure and protected.
Does my credit union use an outside company to offer MemberPass®?
MemberPass® is provided from a credit union service organization called “Bonifii,” on behalf of your credit union; This technology is built upon globally accepted standards designed to protect consumer privacy in all digital exchanges.
Can MemberPass® be removed for my account authentication at any time?
Yes. Simply contact your credit union and a team representative will assist you.
How do I enroll in MemberPass®?
You have two options:
– Visit any Branch Location
– Call your credit union’s contact center, available 24/7.
Key Benefits of MemberPass® Include:
MemberPass® makes the member identity verification process faster, more efficient, and more friction-less than ever before. |
MemberPass® protects both you and your Credit Union from identity theft and fraud in all financial interactions – from call center authentication, to lending, branch visits, and more. |
MemberPass® is a simple and secure replacement for identity verification questions, like your account number, birthday and social security number, making your experience convenient and stress-free. |
MemberPass® protects both you and your Credit Union from identity theft and fraud in all financial interactions – from call center authentication, to lending, branch visits, and more. |
MemberPass® will seamlessly authenticate both you and SIU Credit Union through one verification method, which provides you an easy-to-use experience to help you safely manage your finances. |
Other MemberPass® FAQ
No, credit unions are not required to establish and maintain a node on the network. Our partner, Evernym, hosts a validator node on the Sovrin Network on Bonifii’s behalf. The Sovrin Network is a public-permissioned blockchain or distributed ledger network. Public means anyone can use the Sovrin Ledger to make transactions. Permissioned only relates to who can actually operate the network and run the validator nodes. Unlike bitcoin that allows anyone to run a node and become a “miner,” Sovrin only allows trusted entities called Stewards to run the network of validator nodes that achieve consensus of the transactions on the Ledger.
We have become aware of this issue with the carrier, T-Mobile. During enrollment, the member will need to call T-Mobile to unblock the short code to they can install the MemberPass app on their phone. This applies to cell phone uses who may be on corporate plans or who have explicitly turned on a blocking feature to prevent the delivery of SMS text messages from short codes.
There truly isn’t anything like MemberPass in the market today. Other identity-related products have a central authority between the credit union and the member, can contain outdated security features, like SMS text messaging, are geared toward a channel-specific use case and not across all channels (current and future) and don’t allow the consumer to own and control their personal information. Barclays predicts that by 2022, 40% of all customer interactions will be based on self-sovereign identity. MemberPass was developed by credit unions for credit unions and their members, keeping their privacy and safety interests in mind.
The average standard implementation time frame is 6-9weeks.
The member’s personal information is encrypted and stored in a secure location on their mobile device. It is not stored in a central database that could be hacked or otherwise accessed by others. And because the member’s biometrics is used to unlock their MemberPass digital identity wallet app, only the member can access and use the MemberPass digital identity. A permissioned-based distributed ledger is a central part of a self-sovereign identity network. There is no personal identifiable information that is ever stored on the distributed ledger. The information that is stored are about the issuing credit union: the public decentralized identifiers or DIDs, schema/credential definitions and revocation information.
There are four differentiating factors that makes MemberPass different from voice biometric solutions used in the call center.
1. MemberPass provides two-way, bi-directional communication assurances. Not only is MemberPass effective for the credit union to identify their members’ identity, but your members can trust they are speaking with your credit union when you call without the fear of being spoofed.
2. Voice biometrics is only effective in one channel—the call center. MemberPass works across all of your channels.
5
©2021 BonifiiTM. All Rights Reserved. Proprietary & Confidential
3. The member does not control or decides when or how to share their digital ID.
4. Voice biometrics only works for the credit union that uses it or contracts for the service. Other credit unions can have the opportunity to utilize a MemberPass credential issued by another credit union in the case of shared branching, making it interoperable.
Evernym is Bonifii’s technology partner that created the user/member interface for MemberPass and integration with the Sovrin Network, which is a global distributed ledger (or blockchain) designed exclusively to support digital trust networks and verifiable digital credentials. Evernym provides both the credit union’s and member’s agent software stack and hosts a validator node on the Sovrin Network.
The credit union receives the cryptographic response from the member that can be stored to meet their needs. Bonifii does not currently keep record of this information.
Because MemberPass uses an out-of-band data channel that is tied to the device with a secured, encrypted connect, if your phone’s SIM is ported or swapped, the thief will not have the secure encrypted connection. The only time SIM porting is a risk is during onboarding—when the member receives the text message to download the MemberPass app. However, there is a very short time window (seconds) where we are dependent on the SIM/phone number.
We have created a product implementation guide (PIG) that aids the MemberPass implementation process and provides technical for the core platforms we have integrations with.
The issuance of MemberPass relies on the credit union’s KYC, customer identification processes to determine whether or not a member should have a MemberPass digital identity. The weakest link will always be a human mistake in the process.
We are working with some of the key mobile application providers like NCR/Digital insight, Alkami, Q2 and others to allow credit unions to use the MemberPass digital identity wallet inside their applications.
We are happy to provide your credit union with a proposal and a customized ROI model upon request.
Yes, we currently have integrations with Symitar’s Episys, Corelation/Keystone, FIS Miser and Fiserv DNA and have plans to expand into other core platforms. For a non-core integration, your credit union can consider using a data warehouse approach. This approach is a custom integration effort on the credit union’s part which will require us to scope the development costs and resources required to do this work. We have developer interviews available upon request to assist with this approach.
Yes. We are more than happy to share a reference list with you upon request.
The core processor houses the record that indicates if a member has been enrolled with MemberPass and has a digital ID credential. If the member is not enrolled, the enrollment function would not appear on the teller screen. We are not dependent on the core so long as there is a place that determines whether or not a member has been enrolled with MemberPass.
Yes, we are currently working on a vendor integration roadmap and will make it available in Q3 and upon request.
Yes! The first step is getting your credit union registered in the MemberPass Digital Trust Registry, which establishes your credit union’s unique public identifier on the Sovrin Global Identity Network. This public identifier, or decentralized ID, is like the credit union’s public domain and will be how a credit union is recognized in the decentralized identity ecosystem. Visit www.memberpasstrustregistry.com to get started.
It is possible MemberPass could replace e-notary services in the future. We are working with those providers to explore integration opportunities. The MemberPass digital identity comes with an audit trail feature automatically and all transactions are date/time stamped.
Portability and interoperability are two important features that makes MemberPass unique and gives your members freedom to use their digital identities anywhere and not just your credit union and regardless if your credit union participates in a shared branching network. The member may choose to use their MemberPass attributes from verifiers in other organizations, like employer, healthcare, insurance or government.
Yes, MemberPass can be used and integrated with ITM technology.
The MemberPass digital identity wallet is portable and they can take it with them as it will remain on the member’s smart phone until they delete it. However, the MemberPass credential issued by your credit union may not be. Your credit union is able to disable the MemberPass credential if a member leaves your credit union.
Credit unions that are implementing MemberPass have started with the call center channel as it has seen an increase of fraud.
If a call center fraud attempt happens, the actual member will get a message on their phone asking if they are on the phone with their credit union. If they say “no,” the MemberPass digital identity wallet will transmit a response, a big red “X” will appear on the MSR’s screen and the transaction/call will end.
Currently there are no credit unions using MemberPass at their ATMs, but we have many who have expressed interest in that particular use case, even to the extent of going completely cardless and using MemberPass to facilitate a transaction.
Yes, a MemberPass digital identity can be used for multiple accounts under one member.
Bonifii will provide training materials which can be used as is or modified to suit the needs of your credit union. Onsite training is available upon request and for an additional charge.
Three: call center, branch lobby and drive up. The list of use cases continues to grow as more credit unions become involved with deploying MemberPass to their members.
PSCU is one of our investors and we have been working with them very closely on integrating MemberPass into their call center operations. There will be more details available about this integration opportunity with PSCU in the coming year ahead.
We have a marketing deployment toolkit to assist the credit unions with promoting MemberPass to your members. This marketing deployment tool kit includes templates for items like statement inserts, table tents, brochures, buck slips, banner and more.
While we don’t have any credit unions currently deploying MemberPass inside of their own mobile banking application, we have received interest from credit unions to pursue this capability. We are working with multiple mobile banking providers to develop standard integrations of MemberPass.
MemberPass® is a digital identity that will be issued by credit unions only. Members may have more than one MemberPass® in their digital identity wallet if they belong to more than one credit union. The MemberPass® digital identity wallet will allow the member to determine the source of truth (or the issuer) to vouch for a certain identity attribute that is being request by a verifier.
No, iPads do not currently support the MemberPass app.
The member can delete their MemberPass by contacting your credit union or by deleting the MemberPass app from their device. When the member deletes their MemberPass app, all of their personal information will be permanently removed from their device and they will no longer be able to use their MemberPass. If the member wants to move their MemberPass to another phone, they should follow the instructions in “What happens if the member gets a new phone?”.
We recommend having recurring weekly calls but are open and flexible to accommodate your credit union’s needs.
MemberPass can be backed up and restored using your iOS or Android device backup capability. This device-level backup uses the security embedded in iOS and Android to protect it from misuse.
Yes, Bonifii will assign a project manager to work with your credit union’s project manager.
Portability and interoperability are two important features that makes MemberPass® unique and gives your members freedom to use their digital identities anywhere and not just your credit union and regardless if your credit union participates in a shared branching network. In the future, your member will be able to use their MemberPass® for things outside of the credit union, like an employer or government.
The project team should consist of a mix of cross-functional team members to ensure the success of your MemberPass deployment, such as project management, technical support, quality assurance, info security team, risk management, training and marketing, to name a few.
The enrollment process for the member is quick and easy. Most credit unions are choosing to educate the member in the call center or branch and asking them to download the app at that time. They walk them through the download, connection, and authentication process so the member feels comfortable with what to expect the next time they interact with the credit union. Early credit union adopters of MemberPass are surveying their members about the experience and receiving feedback, such as 87% of members reported the process is “very easy” and the members plan to use the credential in the future.
Currently you can use MemberPass® at any participating credit union any time you interact with your credit union whether you log in online to access your accounts, visit a branch or call into the call center.
In the future, you will be able to use your MemberPass® for things outside of the credit union, like an employer or government.
The way multiple owners are set up with an account depends on your credit union’s core processing system. MemberPass® supports this in several different ways but the integration is on the core side. For Symitar as an example, the credit union can treat each phone number and the relationship with the member, be it a primary or joint, as their own entity. If a joint member calls or comes in requesting information about their account, the credit union can ask for the account number and then the teller is able to select who is being authenticated (primary number or joint number) via MemberPass®. That lets the credit union know who they are supposed to be speaking with and then tailor what information that member is are allowed to access.
As of right now, we have a number of credit unions that are coming out of their pilot programs, which were focused on a specific use case, and now expanding into other areas within their organization and to their membership. As of February 2021, we have more than 16,000 MemberPass digital IDs in live production.
Only the member has access to their MemberPass personal information. MemberPass allows the member to manage who they share their identity with; ensure the member is sharing their identity with the intended recipient (i.e., they are sharing with your credit union versus a bad actor imitating your credit union); and store their digital credential on their secure device and never in a central database subject to compromise.
MemberPass® puts the member in control. The member is the only one in control of their identity information and share it only when giving their permission. And only the intended recipient can access information from the member’s MemberPass.
MemberPass® can be owned by individuals, small businesses or any organization of any form that has a membership with an issuing credit union
Our Fall 2019 pilot projects were intended to provide early proof points of use cases, member experience, and technology readiness. We received positive credit union and member feedback in all three areas, which is why MemberPass is now commercially available to any credit union wanting to create a safer member experience.
The good news is the vast majority of Americans (81%) now have a smartphone, according to Pew Research Center and nearly all Americans (94%) have access to the Internet, according to the FTC. If your members are interacting with you in your branches, MemberPass can be utilized using your credit union’s wifi connection. If there is no alternative for phone service coverage, a backup authentication method will need to be used.
Yes. The image below is our diagram.
The Sovrin Network is the first public-permissioned blockchain or distributed ledger designed as a global public utility exclusively to support decentralized identities and verifiable claims. Recent advancements in blockchain technology now allow every public key to have its own address, which is called a decentralized identifier (DID). A DID is stored on the public ledger, on the MemberPass Digital Trust Registry, along with a DID document containing the public key for the DID. The primary objects stored and updated on the Sovrin Network Ledger are public DIDs, MemberPass credential definitions/schemas, and revocation updates. No personal identifiable information is ever stored on the Ledger.
Yes, our User Support Agreement contains service level agreements ensuring we maintain a certain percentage of availability and uptime. We are in the process of developing a dashboard for each credit union customer to view MemberPass usage and performance statistics.
MemberPass leverages distributed ledger technology, biometrics and P2P enhanced encryption. No personally identifiable information related to a credit union member is stored in a central database anywhere on Sovrin, Evernym or Bonifii networks. Because biometrics is used to unlock the MemberPass digital passport wallet, only the member can access and view the contents of a MemberPass credential. A permission-based distributed ledger is a central part of a self-sovereign identity network. The only information that is stored is about the issuing credit union—the public decentralized identifier or DID, schema/credential definitions and revocation information. The MemberPass API endpoints for the credit unions are protected by a SSL certificate and oAth2 (Active Directory). Lastly, the MemberPass credential information is stored directly on the member’s device and protected by biometrics and a passcode they specify.
A verifiable claim is a piece of information that is cryptographically trustworthy. With MemberPass, a verifiable claim is shared as a proof and is anchored to the public ledger by a credential definition and public DID written by the credential issuer, which is the credit union. Typically, this proof is in the form of a digital signature. A MemberPass Verifiable Claim may be verified by a public key associated with the issuing credit union’s DID. An example of a verifiable claim could be a digitally issued driver’s license.
One of the main advantages of MemberPass is that it features decentralized credential data storage, where public keys and authorized credentials are distributed on the member’s smartphone devices. Unlike other IAM solutions where credential information is centralized which makes these solutions more susceptible to hacks and data breaches. Identity management aims to cover the whole lifecycle of identity in a specific context. A significant challenge is to identify the responsible person who is authorized to approve whatever access can be granted or if it needs to be revoked. With MemberPass, it allows roles-based access to be tackled from another direction—it’s a user-centric identity. The identity comes with a set of credentials that represent physical identities, like a driver’s license. Using security-and privacy-by-design technology, IAM processes can be simplified and accelerated. MemberPass can help replace common IAM systems and it utilized best when it acts as the single source of truth.