Retail banks are transforming their mobile apps into real experience apps. They add non-financial services, such as tickets, bike rentals or even soccer highlights. Access to such a ‘digital ecosystem’ must, of course, be properly secured, and that is the task of TrustBuilder. TrustBuilder provides an IAM platform (IAM stands for Identity & Access Management), which ensures a ‘trusted relationship’ between banks and customers. In this way, they combine optimal security with great ease of use.
Frank Hamerlinck has been CEO of TrustBuilder for six months now. A true entrepreneur, with a background in application services and customer data platforms, and he was involved with imec as an advisor and entrepreneur in residence.
In this interview with Johan de Wit (founder of SaaS Bazen) he talks about how he introduced TrustBuilder to the market based on new business models, how he implemented a change in mindset in the organization and why TrustBuilder is unique as an IAM provider. Add to that a number of tips on leadership and his vision on the developments in Southeast Asia, and there you are: the recipe for an interesting and instructive conversation.
IAM stands for ‘Identity & Access Management’. In other words: by means of someone’s identity you give that person authorized access to applications and data. The rules and policies for this can be very detailed, for example access based on device, location, types of transactions a person does, etc. Depending on those rules and policies, the appropriate security is then applied.
Today, more than ever, we are discovering the value of a digital ecosystem. Such a system can be described as the entirety of services and products offered to a consumer within the app of a bank, for example. Banks (and insurers) play a leading role in this field. In addition to their own banking services, they offer the services of, for example, mobility partners and real estate partners within their app. We call this a digital ecosystem.
If you, as a bank, want to give your consumers access to such an ecosystem, you’ll need a security framework and an IAM. And that’s where we come in.
If I may translate that concretely into a case study: normally a consumer can arrange banking via his bank’s mobile app, but by linking to an ecosystem, which you facilitate, the user can access other systems too – and you provide the technology, security and authentication to make that possible. Is this true?
That’s absolutely right. A user authenticates himself in the app and this can be done by means of various techniques, such as an IdP (Identity Provider), Digipass, username/password, etc. Once the user is inside, he also has access to third-party applications. This access is based on a trusted relationship between the bank and the project partners, which means that the consumer does not have to identify himself further. This is called Single Sign-On which, of course, greatly enhances ease of use. In addition, certain characteristics of a user can be passed on (with his permission, of course) to a transport company, for example, so that additional information does not have to be filled in again.
IAM is therefore the means, and the goal of your customer (the bank in this case) is to provide faster access to other services in the ecosystem. Can you give an example of a customer case you have realized?
At a large European bank, TrustBuilder has made it possible for their end customers to familiarize themselves with various techniques. This can be via their own authentication app, via a Digipass and bank card or via an official IdP (in Belgium this is itsme®, in the Netherlands for example eHerkenning) – the customer can choose, bring your own authentication. This is already the first convenience for the customer. Next, regardless of which method the customer uses, the security policy is applied and the customer can make transfers, purchase products and check his balance. Moreover – and that’s where it gets interesting – the customer can also buy a ticket for the Belgian railroads, reserve a parking space at Q-Park, or reserve a bicycle at the rental network affiliated with the bank. All these services are available via that single app.
Did I recently see in the news that this bank even offers soccer summaries via the app?
Sure, that is also an example. The bank has a clear objective to turn the app into an experience app, so much more than just a banking app. A smart approach, because that way people who are not customers yet can start using the app as well. This will make it easier for the bank to subsequently approach those users for banking products.
Now I’m curious what the collaboration with such a bank looks like. You could say that you help them transform their business model, in addition to the piece of technology, software and implementation. Do you agree and what does such a project look like?
Yes, that has definitely been an evolution in recent months. Initially, the emphasis was on the security features of the software, but through the thought leadership that TrustBuilder puts forward and through the Corona crisis, you can see that these new business models are also being given room. Although this specific bank is a forerunner in that area, other banks too are considering that digital transformation (because it is often part of a broader reform within an organization).
This also means that, in addition to the IT managers, we are increasingly talking to the product managers of banks and insurers, not to mention other companies that are able to connect a large community. These organizations all have the ambition to maintain and grow their community, to increase the loyalty of their customers, and to sell extra services.
Why don’t organizations develop such a digital ecosystem and everything that goes with it themselves?
There are several reasons for this. Time-to-market is one. Building a system like this costs time and money. Secondly, it requires specialization and you, the client-company, operate in an ever-evolving world: new standards, new service providers, new IdPs,… Then it’s easier to use a platform that takes all those things out of your hands.
We did this, for example, at the insurance company Allianz. We started in Belgium, then we added the Netherlands, and the full rollout for them was out-of-the-box.
The time-to-market has been greatly reduced for these organizations. Our service offering, within TrustBuilder, is also only getting richer and they can simply surf along on that growth.
This approach probably ensures that the purchase of your platform is something that involves multiple layers of an organization. Strategic sales in other words.
Absolutely true. Previously, we were mainly in contact with the IT managers, and they were also often the decision-makers. Nowadays, an IAM platform is becoming more of an enabler of new business, which means that several parts of a company are starting to look at the business case. We talk a lot with product managers and digital channel managers. These are more on the inside of an organization, and they are taking the initiative more and more. The question arises more often in these places. If we focus our branding and marketing efforts on that, we’ll get more response than if we only focus on IT.
So a bank sees the urgency to innovate and gets in touch with you. Can you give us a glimpse into such a sales process?
We always try to start from business cases and use cases. This is the most tangible and easiest to understand. Then we take the step to the complexity that the platform brings to the underlying applications. Sometimes there is nothing in that area, other times there is an implementation but the scope is insufficient. Usually, organizations will realize, at that moment, that TrustBuilder will be a cross cutting component in the bank architecture. We’re soon talking about a long-term relationship or a strategic investment – and that makes us pretty sticky. We also feel that way with existing clients. Once you’re inside, the next step is to grow, grow, grow, and there’s very little churn.
Are there also obstacles within the sales processes, or rather: challenges?
Of course there are. It’s key to bridge the gap between the vision behind the development of a digital ecosystem on the one hand, and the practice of effectively realizing something like this at a bank on the other. So, as you mentioned earlier, it does indeed extend beyond a purely technological implementation. A bank must also be ready for a digital transformation. That’s the obstacle: the speed with which an organization as a whole, in mindset, can move forward. That is even more important than the speed of implementation or the associated technology.
Usually we really take the customer by the hand and handle it, use case by use case, and for each provider pair. We prefer that to a big bang approach.
This is perhaps even more true in this day and age where developments happen so fast that organizations can look years ahead and thus rely on your expertise?
Indeed, after having done a number of these trajectories, it struck us that people are not only looking for guidance, but also for answers to the question, ‘how do I bring something like this to the market in a contained form? ’
There are any players offering this kind of services. What makes TrustBuilder unique?
Our ease of use.
We are actually a turnkey solution and that’s a real advantage over American players in this market, for example. That’s really our sweet spot.
We also find local anchoring very important. We have an office in the US and we have customers there, but we mainly operate in western Europe. We also do this together with IT partners such as E&Y, Cap Gemini and other implementation partners. TrustBuilder specializes in opportunities in western European countries, while other international providers traditionally underestimate the complexity in Europe. Our integration with certain service providers is a bridge too far for the competition. They do have general APIs, but they actually shift the problem to the customer. We solve that problem.
TrustBuilder is a company that is very future-oriented by building digital ecosystems. It’s no longer about technology, but about business applications and business impact. What major developments do you see in the coming years in the digital economy?
I mainly expect integrations of different ecosystems. You can already see that in banks and travel agencies. The broader that optimal service can be drawn for clients, the more interesting it will be for them. So I expect integration and perhaps also consolidation.
The second major trend is on the privacy side: self-sovereign privacy in which you, as an individual, can enforce the rights to integrate your identity with any provider. eHerkenning and IDIN are the forerunners in this. Over time, consumers will have that right and be able to decide, for themselves, which data will be shared with which ecosystem.
What impact does this self-sovereign privacy have on connected suppliers in the ecosystem?
On the one hand you need open architecture. On the other hand, it’s an opportunity to learn more from a customer and offer a better service. And if you, as a customer, can share more, also share intentions, then a dynamic will arise between consumer and supplier. This makes you more and more relevant to the offer.
When I spoke to you earlier, you indicated that there will be a new product: TrustBuilder.io. Can you share something about that?
Actually, it is a catalog of services we offer within our IAM framework environment. In concrete terms, it means that we develop links with service providers and identity providers once, and then make them available to each customer of TrustBuilder Identity Hub via a subscription model.
Will customers even be able to use a drag-and-drop interface, for example, to create combinations of services?
Yes, user-friendliness is very important at TrustBuilder.io. We call that Self-service capabilities. Customers will be able to add building blocks to their environment in a graphical way via a menu structure, without coding or development, in a very intuitive way.
We developed that idea using customer feedback. When I did a tour of our existing customers, the overriding message was: TrustBuilder is powerful, but complex. That’s why we took usability as a key deliverable for TrustBuilder.io.
You also immediately add another important USP: an even shorter time-to-market and even less dependence on vendors.
Indeed. We also offer templates of existing flows. There is a finite list of banking transactions, and if you can apply them based on predefined rules, it becomes even easier.
When will TrustBuilder.io be launched?
We will start in Q4 of this year with a pilot customer and it will be available for the wider public in early 2021. So we have a busy six months ahead of us. (he laughs)
Does this new product also require a different way of thinking within your organization? You may need to have other conversations now, since TrustBuilder.io is almost a self-service SaaS product.
That’s right. A number of product managers will be added who will, for example, work on the themes of mobility, real estate, travel and even entertainment. That’s less of a purely technological approach. These market specialists are more important now than they were a few years ago.
Furthermore, everything around thought leadership will be of decisive importance. When selecting an IAM vendor, you not only want to buy a solid security solution but, above all, a futureproof solution that takes market trends into account. So they also buy the vision – and this must be reflected in all our teams.
When I started at TrustBuilder as CEO about six months ago, that’s also the change I’ve made: from almost fully feature-driven to working from the issues in the business and underpinning that with technology.
So you focused more on the product-market-fit?
Absolutely. I believe in that very strongly. For many SaaS companies this is a critical point to scale. Drawing a strong roadmap and a strong line gives you a framework with which you can mirror feature requests and take your client with you.
A recurring topic in my interviews is the question about the challenges you have encountered lately. You mentioned one yourself: the development towards working from a well-defined vision, from the product-market-fit. What else has surprised you the most in the past seven months?
The potential that is present in TrustBuilder. There is a customer base of 25 paying customers, which is very good for a newly-formed SaaS company. They are also some big names: KBC, ING, Allianz.
That was a positive surprise, but not all the potential was exploited. And so I seized that opportunity: to expand thought leadership and take everyone with me into that story. And also:
The IAM world is more fascinating than I could possibly have imagined.
How would you describe your leadership style?
I am somewhere between a reformer and a decision-maker. That is also what I often do. I try to analyze on the basis of concepts, and I make a judgement on the basis of information from others. Then I take a decision to go in a certain direction, in which I then work in a supportive and coaching way. In this way I try to take everyone with me in the vision, and make sure that we no longer have to fall into the trap of customers who bang their fist on the table with certain feature requests. At a SaaS start-up, that happens sometimes, and that’s not a bad thing, but it shouldn’t be a constant. A good roadmap provides that framework.
Which developments, technological or in general, are you most curious about?
Difficult question. The balance between privacy and the public interest is an interesting issue in the Corona crisis. The evolution of software systems will largely depend on it. And more generally, from a societal point of view, I am curious about how lasting the new lifestyle, driven by ecology, will be. How strongly will it continue? How will it combine with online shopping? Is this trend always beatific? For banks online and mobile first are certainly important; it is a strategy that consumers are grateful to use.
Very different question: what would you do with two extra hours in a day?
Cliché but true: sports. (he laughs) Hobbies and family. I would also like to read more. I like to run, that takes the least time, but I also like to cycle. Those things clear my head a bit at difficult moments.
So you like to read. Do you have a book tip for your readers?
On the one hand, I am a fan of Dan Olsen’s books, about product-market-fit, and how you can save a lot of time and money by defining a clear need and having a sharp focus.
On the other hand, I’ve done a lot of business in Singapore, and I’ve read the book by Kishore Mahbubani, Has The West Lost It? A Provocation. It is a short book, in which the new world order is sketched and in which a number of confrontational ideas can be found. It is clear that the market in Southeast Asia is very interesting. So if you have an international product, then despite the distance and possible language barrier, it might be worthwhile to delve into it.
The youth there, one notes, is very optimistic, unlike young people in Europe. In Asia, they also see that their standard of living is rising, and they often have vigorous policy-making. It’s not always democratic, I won’t dwell on that, but it sometimes works out well economically. That makes a lot possible.
Finally, do you have a tip, a quote, an experience you’d like to share?
When building an organization, keep your focus, but make your field of vision as broad as possible. In SaaS, developments take place all over the world and there are many opportunities. Believe in your own strengths.