Follow Us



The Internet of Things in Insurance: Shaping Strategy, Managing Biggest Risks

Chris Lanzilotta | June 23, 2016

Until recently, the Internet of Things (IoT) was on the strategic agenda of only the largest and most progressive insurers. The IoT was largely viewed as a futuristic concept, and many insurers adopted a “wait and see” attitude.

Such a posture is no longer viable. Early adopters have established a clear and compelling value proposition by demonstrating how data from in-home and automotive sensors, wearable technology, drones, GPS, mobile and telematics devices, networked appliances, and multiple other sources can help grow new business, improve risk assessment and proactively engage policyholders in loss prevention.

The IoT offers truly disruptive and transformative potential to the insurance industry. Substantial upside—even first-mover advantage—exists for insurers that can shape the right strategy. This paper will outline the key components of such a strategy, including:

  • Processes, functions and areas where the IoT could have the biggest business impacts
  • The biggest and most important risks to manage—data security chief among them
  • Best first steps for insurers seeking to operationalize and ultimately monetize data from the IoT

The IoT: what it is, why it matters in insurance

The Internet of Things is the network or system of interrelated computing devices, sensors, living creatures or other objects that have unique identifiers and can communicate with other devices on the network. These objects, or “things,” are capable of transmitting data.

For insurers, the most impactful data streams and sources from the IoT are likely to include:

  • Wearable or personal technology, sometimes called “fit tech,” often used in the context of monitoring heart rate, steps walked, and other health-related metrics. This technology is rapidly developing, with prototype patches already performing blood work, ECGs and automatically administering drug doses.
  • Sensors on objects, including personal and commercial vehicles and shipping containers, that measure distances traveled, speeds and frequency and level of braking
  • Location-based sensors, such as those in factories, warehouses or offices and in-home sensors, including “smart thermostats,” security technologies, such as alarms and cameras, and industrial control systems
  • Other geographic information systems (GIS) that provide geophysical, topographical, climatological, and hydrological data, as well as information about utility grids and flight path, and which may include drone and satellite imagery

While this data is directly accessible by or streams to insurers via sensors or mobile devices, third-party organizations may also play a role in owning, aggregating, and distributing to insurers. All of these data types are potentially useful for the full range of products and lines of business, from commercial (which was an early adopter and has been an advanced user of such data for many years), to life, property and casualty, and health.

The impact: today and tomorrow

The IoT’s impact within insurance is coming fully into focus. At the highest level, better use of IoT and sensor data means insurers have the opportunity to:

  • Establish direct, unmediated customer relationships based on direct access to objective and unfiltered data.
  • Gain more granular and precise understanding of who their customers are and how their needs change over time.
  • Individualize offerings of products, features and access options.

For insurers that have relied on agents and brokers, the ability to directly access objective and unfiltered customer data represents enormous change. Historically, much customer data was unavailable, and the information insurers could access was often subjective or inaccurate. Consider the common misrepresentation of data around certain behaviors (smoking, alcohol intake, exercise regularly, miles driven per week) on insurance applications. The IoT greatly expands the universe of accessible data, opening up new possibilities in many functions.

Coupled with advanced analytics capabilities, new data streams and sources have set the foundation for entirely new business models. Usage-based insurance (UBI)—so-called “pay-as-you-live” or “pay-as-you-drive” business models—have quickly moved out of pilot phases and proved their viability and value around the world. In fact, there are an estimated five million active UBI policies in 35 different countries. From this relatively low base, EY estimates that UBI policies will reach 15 percent market penetration by 2020 in Europe, Asia and the Americas.

Cross-enterprise and cross-industry impacts: the IoT impacts everyone

  • The view from underwriting: The convergence of different data types leads directly to increased precision in assessing risk, pricing policies, and estimating necessary reserves. There are clear advantages over current approaches, which rely on backward-looking claims data and historical risk studies. Through constant monitoring, underwriters can recommend real-time pricing and policy term modifications. They can also model the impact of new health and well-being services to manage mortality and morbidity risk over time.
  • Claims: The IoT is likely to drive further evolution in claims as it orients more toward active loss prevention. For instance, in-home sensors can monitor for fire, wind and water damage. In-vehicle sensors can also be useful in providing warnings in case of dangerous driving patterns. Within group health insurance, the discounts offered to employees who monitor their activity levels and heart rates could be considered a claims prevention program. Increasingly, within commercial lines, fitness monitors may feature in officer-and-director insurance. There are also data-driven opportunities to enhance incident management and claims service, such as proactively offering towing or “loaner” vehicles in the event of an accident, rather than just covering these costs.
  • Commercial continues to advance: In-vehicle sensors and tracking devices were first installed in trucking fleets decades ago and industrial control systems have long been standard within manufacturing environments. Commercial insurers have also matured their modeling capabilities, especially relative to natural disasters. These advancements paid off during the experience of Superstorm Sandy in 2012, where insurers carefully tracked the impact of the storm and proactively alerted policyholders of imminent risks. Combining data—layering wearable technology data with GIS streams, for example, and contrasting real-time data against historical patterns—enables deeper understanding of risk, both in real time and across historical perspectives.
  • Life: Life insurers can now automate and streamline the traditionally intrusive and lengthy underwriting process, because sensor data provides the means to answer a lot of the questions from yesterday’s paper-based application forms. This opens the door to a greater focus on millennials and younger customers, as well as on policies with lower face amounts. Wearable technology allows for ongoing risk profiling, the promotion of healthier lifestyles and potentially pay-as-you-go models. There are even opportunities to automate retirement planning processes and offer simpler and more affordable products.


Ways to get started

Engage customers to help formulate your data strategy: As EY’s 2016 Sensor Data Survey concluded, the opportunity is ripe for insurers to enrich and deepen their customer relationships. Sensor data must be a lever for overhauling the value proposition in ways that speak directly to changing customer needs.

Test and learn with wearables: A test-and-learn approach to wearables can help insurers prepare for the new era of customer relationships. Widespread adoption of these devices presents opportunities to offer new services and improve risk modeling. Increased and connected data streams clarify customer needs and life changes, which enables more targeted service offerings. For instance, insurers, supermarkets and healthcare companies may offer loyalty bonuses or discounts on wellbeing services, healthy food, fitness programs and premiums.

“Featurize” and bundle products: In driving product innovation, insurers should seek to go beyond personalization to truly individualized targeting. More granular and predictive views of customers mean insurers will no longer be forced to generalize product offerings, with the same standard features, pricing and access for everyone. Instead, they can tier, target and “featurize” offerings based on the specific needs of much narrower and profitable segments – even “segments of one.” Product bundling is also critical for breaking down the barriers between lines of business and types of coverage. For instance, life and auto policies can be linked to increase insurers’ share of wallet with individual customers.

Consider downselling as well as upselling: Insurers must be prepared to subtract features and eliminate discounts for those individual customers who are not likely to contribute sufficient premiums or profits. With increased visibility into the cost and profitability of specific customer segments and product components, insurers can offer high-value customers enticements to renew existing policies or buy more products. Riskier and less profitable customers should not necessarily be encouraged to renew or make additional purchases. For an industry obsessed with upselling, such data-driven downselling may seem illogical. The business case is compelling however, as downselling not only boosts profits, but also optimizes the customer mix for profitability.

Engage underwriting: As new data sources enhance the value of existing historical data sets, underwriting teams can and should play a more active role in product design, especially in the realm of modular and customizable product architectures. By marrying different data sets (e.g., GIS and wearable technology), insurers can realize step gains in enhancing modeling capabilities.

Solve for technology: Legacy system limitations and the variety and volume of new data requires an overall ecosystem approach, rather than discrete software or “point” solutions. Such a holistic environment will incorporate both internal and external data sources, and both “live” and historical data feeds, proprietary models and real-time analytical outputs. The goal is to enable more rapid and focused action across the board, from analyzing risk and pricing products to making retention offers and servicing accounts. Finding the right partners and integrating external data sources and establishing the right governance policies will be critical.

Managing the risks: from data security to “perfect” strategies

Data security presents the biggest IoT-related risk associated for insurers. Additional data streams, new access points and the extension of network and enterprise boundaries present as many threats as opportunities. The threats speak directly to the core of the business: do consumers trust an insurance company enough to provide their personal data? And how do insurance companies trust that data is being received from approved sources? For example, if a user’s car insurance is based on his or her driving pattern, how does the insurance company determine when the insured driver is using the car and not an alternate family member?

Other key considerations include:

  • The expansion of enterprise risk boundaries: Currently, insurers focus their security efforts on building fences around internal operations, data, and systems. The IoT extends these enterprise boundaries and makes them more fluid than before. Thus, security teams must look beyond the traditional security perimeter as they seek to protect corporate assets.
  • The emergence of new security technologies and techniques to complement traditional approaches and get ahead of IoT threats: Insurers must also look to leverage emerging technologies, such as the use of blockchain in IoT, and comprehensive approaches to security, such as proactive network monitoring, identity and access management, supply chain security, industrial systems security, and the embedding of privacy and security into product design.
  • Product security framework, program design and integration: Insurers that choose to create or brand IoT products or devices assume product security risk, including those associated with the manufacturing and implementation of the devices. Security questions and issues should be raised and addressed at the earliest stages of product conceptualization and design.

As insurers become more reliant on IoT streams, the stakes surrounding security rise. Among the initial steps to take:

  • Prepare plans to address customers who demand more value (e.g., lower premiums or increased benefits) for sharing information
  • Consider enhancement to generic, blanket privacy policy statements and protocols
  • Don’t store or maintain customer data (especially certain types of personally identifiable information) that is available from external parties
  • Consider engaging regulators and industry peers in developing robust or auditable “Generally Accepted Privacy Principles”
  • Build organizational resilience as part of IoT cyber security solutions to drive competitive advantage

One way to reduce exposure is to focus on finding the right partners and external sources that can provide and maintain high-value data, though insurers will want to vet the security policies and practices of all data suppliers.

IoT security is an ongoing process with a distinct lifecycle. It should begin during the earliest phases of product development and conceptualization, and ends only when an IoT-connected device is decommissioned. The critical steps include identity and access management, product security development, security monitoring and vulnerability management, as well as data protection.

There are strategic risks to consider as well, including:

  • Imitation risk: Fast followers naturally seek to mimic the product features added by early adopters. Data-driven capabilities, such as risk models that allow for clearer assessment and segmentation of customers that enable advanced personalization, are not so easily replicated. Similarly, innovations in the realm of the digital customer experience are rapidly commoditized, while the ability to identify the most valuable and predictive third-party data sources is defensible and offers greater long-term value to the business.
  • Perfection Paralysis: The old saying that the “great is often the enemy of the good” applies here. There is risk that companies will seek ever more clarity or “perfect vision” via sensor data, without seeking to act on incremental gains and the immediately possible (such as alliances with device makers and automakers). Acting too slowly or remaining too long in pilot or “science project” phases raises the risk that insurers will be left behind. This applies to the IoT security space as well. There is no such thing as perfect security. Risks need to be identified using a variety of approaches and managed through a sustainable process.

The interconnectivity of people, devices and organizations and new access points in today’s digital world open up new vulnerabilities where cyber criminals can gain access to sensitive data and systems. The expanded opportunities of the IoT also bring new complexity and risk.

The bottom line: disruption equals opportunity

As usage-based insurance (UBI) applications and pay-as-you-go business models have matured and entered the mainstream, it’s become clear that the IoT is here to stay in insurance. Therefore, insurers must overcome the industry’s traditional reluctance to change and commit to fully developed and risk-informed strategies across all lines of business and within multiple operational areas.  They must focus on capabilities that are not easily replicated and assume a bias toward action in putting sensor and IoT data to work.

Such strategies are necessary to use these new data streams to improve essential business practices and processes. More importantly, they are required to seize the fully transformative potential of the IoT and harvest the substantial value it represents for the insurance industry. 




Featured articles

Majesco RH

Majesco MR


The Email Chat is a regular feature of the ITA Pro magazine and website. We send a series of questions to an insurance IT leader in search of thought-provoking responses on important issues facing the insurance industry.


The tide is up! It's time to register for ITA LIVE 2019, our annual educational and networking conference! Our theme is "The InsurTech Revolution: Cutting Through the Hype." and we'll be bringing in a torrent of industry thought leaders, amazing insight and wonderful perspectives on the world of insurtech and its impact on the insurance landscape.

ITA LIVE 2019 will present real-life examples of true startup technologies that are helping insurers gain real advantage -- and a competitive edge -- in the marketplace. We’ll highlight the more successful InsurTech partnerships, while offering case studies that demonstrate exciting innovation and cutting-edge techniques impacting all aspects of the insurance ecosystem.

Ride the wave to LIVE 2019. Sign up today! We look forward to seeing you in May, 2019!


only online

Only Online Archive

ITA Pro Buyers' Guide

Vendor Views

Partner News