Journey: Why You Need to Know This CX Identity InnovatorJourney: Why You Need to Know This CX Identity Innovator

Customer experience (CX) startup Journey officially came out of stealth mode today with the launch of its innovative cloud identity service, which has a prime use case for contact center interactions.

Though making its formal debut today during an Enterprise Connect Virtual Bootcamp session, Journey has previously earned recognition for its innovative approach for building trusted digital relationships between businesses and their customers. Using a technology known as zero knowledge protocol, Journey’s cloud identity service ensures that no private customer data is shared with contact center agents. For this, Journey won two top honors in the 2020 Best of Enterprise Connect Award program: Best of Enterprise Connect Overall and Best Innovation in Customer Experience, as revealed in March.

In this article, I’ll review the people behind Journey, what the company does, and why its technology resonates with me.

The Force Behind Journey

Many industry watchers will remember Brett Shockley, a longtime influencer and thought leader in the contact center business. Brett was cofounder and CEO of Spanlink, and he spent several years at Cisco as the VP/GM of the Contact Center Business Unit where he launched Cisco’s first VoIP contact center offer. He then co-founded Calabrio, a workforce optimization software and services company. Brett joined Avaya in 2008 as managing director of Avaya’s Unified Communications and Contact Center business; he was promoted to several executive positions, finally serving as SVP of corporate strategy and corporate development, as well as CTO.

Following his tenure at Avaya, Brett teamed up with his son, Alex Shockley, who sold his digital marketing agency to co-found Journey with his father. Brett serves as CEO, and Alex is the company president.

Initially, Journey focused on the customer journey, leveraging analytics and artificial intelligence for personalizing and humanizing the customer experience. About two years ago, Journey pivoted, transforming itself into a communications security company focused on identity. Journey believes that verified identity is the foundation of customer experience and of security — both for the customer and for the enterprise.

From his long experience building and marketing contact center solutions, Shockley knew that secure customer interactions are important, yet personal authentication with contact center agents has been primitive and kind of broken. To do it right requires expertise across different domains of security, privacy, and the contact center. Journey began investigating how to maintain security and privacy for individual interactions while providing frictionless tools for businesses that would allow people to authenticate with their systems in ways that did not expose private information to contact center agents. It is from these efforts in developing a “zero knowledge identity network” solution that Journey submitted its compelling entry for the Best of Enterprise Connect Award.

Brett and Alex are joined by Andy Miller, a board member who is the former CEO of Tandberg and Polycom; industry technology veteran Michael Frendo, who serves as CTO; and former Cisco exec Mark Bakies, who runs product management. The company presently has 34 employees, 27 of whom are engineers. It has filed 13 patent applications around its zero knowledge network, with more filings pending.

Zero Knowledge Verification

Journey provides a zero knowledge verification solution, based on a mathematical technique in cryptography known as zero knowledge proof. A zero knowledge proof is a technique in which one party can prove that they have or know something, such as a password, bank account number, or a Social Security number (SSN), to another party without revealing the password, account number, or SSN itself. Verification is achieved when the person wishing to prove their identity can successfully respond to challenges by the person verifying the identity with enough probability to convince the verifier that the prover actually does possess the claimed knowledge.

To simplify, the key idea is: Can you verify who you say you are to someone else without giving them personally identifying information? In the contact center scenario, this means that a customer can be authenticated to the agent, sharing and verifying a wide array of subsequent attributes, without the agent ever seeing, typing, or having access to their private personal information.

Zero knowledge verification is the problem Journey is addressing… and solving for contact centers. The solution has four critical elements:

To accomplish these tasks, Journey has created what it calls the Journey Zero Knowledge Network, as illustrated in the figure below.

At the heart of the solution is Journey’s Identity Orchestration Cloud. This cloud facilitates the transfer of encrypted identifying information between the various parties in a transaction, including:

For end users, many organizations offer mobile apps that can use facial or fingerprint recognition or other biometric capabilities for authentication. Journey provides an SDK that mobile app developers can use to allow their apps to communicate with the organization’s back-end systems and/or to partner companies in a secure and encrypted fashion.

For example, users can authenticate with a contact center agent using facial recognition on their phone. Once authenticated, the verification status is sent to the agent’s dashboard — driving the veracity of identification to one in a billion or greater and eliminating the need for silly “security” or challenge questions. When contrasted to the industry benchmark of 45-90 seconds for knowledge-based authentication (the challenge questions), or voice-biometric authentication that can reach only around 95% accuracy, achieving such high verification accuracy in one or two seconds while simultaneously protecting the agent environment and the user’s private information is a big deal.

Click to Page 2 to see how Journey's zero knowledge verification would work for an inbound call to a bank contact center

To make this more concrete, let’s consider how zero knowledge verification would work for an inbound call to a bank contact center. The account holder calling in must authenticate with the bank before the contact center agent will discuss anything about the caller’s accounts. At the present time, the bank authenticates the account holder by having the agent, or the IVR, ask for information such as the last four digits of the caller’s SSN, mother’s maiden name, and account number. Not only has this private information been revealed to the agent, but it is now also part of a recording, and possibly a permanent transcript.

Using Journey’s solution, the bank could take several easy zero knowledge verification steps:

1. After receiving a call, the contact center sends a notification to the caller’s mobile device asking the caller to log into the bank’s mobile app on the phone. Logging into the app using facial recognition provides one in a million accuracy; the bank could also use more complex back-end facial recognition provided by a third party that would provide one in a billion accuracy.

2. The caller is authenticated in a couple of seconds and the bank can send a message via the secure Journey orchestration layer telling the caller that they’ve been verified and sharing the name of the agent to whom they’re talking.

3. The bank may require additional verification information, such as the account holder’s address, date of birth, or SSN. Rather than sharing this private information with the agent, the caller enters it into the mobile app. The data is sent through Journey’s orchestration cloud to the bank’s back-end systems for validation.

4. Once the account holder has authenticated, following the bank’s rules and protocols, Journey sends a signed, digital certificate to both the call center software on the agent desktop and to the user’s mobile device. This certificate is proof that the person has properly authenticated. If the call is passed to another agent, this certificate flows with the call so that the new agent knows the user has already authenticated, simplifying identity authentication even during call transfers.

Using zero knowledge verifications, the agent can see verification certificates without ever needing to see or hear any confidential information, yet the caller is securely authenticated, which increases customer privacy and improves the customer experience throughout the interaction.

Journey estimates it can save its customers at least $1 per call through faster authentication. Plus, the Journey solution eliminates silly or painful security Q&A experiences. In addition, it solves some issues for the contact center:

Journey sees several other fertile application areas for its technology, as shown in the graphic below. Another one that I can see moving to the forefront in coming months is voter verification, should we still be in quarantine or under other physical distancing guidelines and people don’t want to go to a polling location. A voting application embedding Journey’s technology on a mobile device would enable millions of people to cast ballots remotely, securely, and with less fraud.

Conclusion

As one of the judges in the Best of Enterprise Connect competition, I found Journey’s technology and demos quite persuasive. The capabilities, while not the typical communications and collaboration ideas we encounter in the industry, may have far-reaching effects on how contact center software stacks are built and how people interact with the companies that make the products and services they use.

If you want more information about Journey, watch this video demo. In addition, listen on demand to the EC Virtual Bootcamp session, “1 Million+ Agents Working from Home…What Could Go Wrong?"