The future of digital identity
Introduction
The word identity describes
who a person is or more specifically what kind of qualities a person or group possesses that distinguishes them from others.
A digital identity, however, is the body of information about an individual, organization, or electronic device which is adopted or claimed in cyberspace. It arises organically through the online actions of each individual and is formed through many different characteristics and attributes. But unlike with a physical ID, it is possible for one single user to have many different digital identities all over the web, and users are also able to give selective information when providing authentication information.
Some examples of identifying data points that form digital IDs include:
- Date of Birth
- Medical history
- Online activity, e.g. search history or electronic transactions
- Password
- Purchasing behavior/history
- Social Security Number
- Username
These unique identifiers and use patterns make it possible to detect individuals and their devices. At the same time, users are able to share their data with multiple service providers.
Website owners, advertisers, and many other companies often use this information to identify and track users and their online behavior. This allows them to customize their offers and create targeted ads with specific content tailored to the user’s interests.
When talking about digital IDs, it is also important to mention concerns in regards to security and privacy, especially in the area of digital identity management. Digital authentication and validation are critical to hinder identity theft and ensure web and network infrastructure security, both in the public and private sectors.
What makes a digital ID trustworthy?
Although digital IDs open up a lot of possibilities, they are also very complex and hard to navigate. How can you be sure that the information provided through this digital ID is authentic?
First of all, every ID should be verified and authenticated to a high degree of security. These so-called high-assurance IDs have multiple use cases in both the civic and economic sectors such as gaining access to education, opening a bank account, and establishing credentials for a job. The reason and necessity for their easy implementation and acceptance are that they meet government as well as private-sector institutions’ standards for initial registration.
The second characteristic that a “valid digital ID” should fulfill is uniqueness. This means that an individual has only one identity within a system, and every system identity corresponds to only one individual. As you probably already know this isn’t the case for most social media identities, so multiple identities are often used to hide or to act fraudulently.
Furthermore, digital identities should be established with individual consent, meaning that users knowingly register for and use a digital ID. This also includes total knowledge of what personal data will be accessed and how it will be used.
And last but not least, a digital ID should protect the privacy of the user and give him/her control over their own personal data. This could be achieved through decision rights concerning who can access the data and built-in safeguards to ensure privacy and security for the user.
If these requirements are met and the information that is provided through the digital ID is verified and authenticated, a so-called “trusted digital ID” is formed. This special form of a digital ID provides a certifiable link between an individual and their digital identity because it consists of a set of verified attributes. Some examples of such attributes are verification with third parties such as Government databases, social identity, credit card numbers, or mobile records.
Benefits of digital IDs
When it comes to Public Administration, the most prominent benefit of implementing digital IDs is the increase of digitalization as well as security. A trusted digital identity could lead to users accessing multiple security-sensitive services such as mobile money, eGov, and online banking, allowing mobile network operators (or MNOs) to take a lead in these fast-growing sectors.
In the private sector, certain enterprises like MNOs, OEMs (or Original Equipment Manufacturers), and others could benefit from improved efficiency and reduced expenses on identity and access management, faster customer acquisition processes, and consistent customer data improved security as well as enhanced user privacy.
The end users would also benefit from a secured and authenticated digital ID in the form of more security, enhanced trust, improved UX as well as accessibility to public administration.
Use Cases
Now, this all sounds very convincing and useful but are there any real-life examples?
In many countries, digital identities are already being used in many different ways. In Estonia for example, digital IDs are used to access all citizen’s accounts. This includes eHealth, eVoting, eBanking, eSchooling, eSignature etc. In Indonesia they are trying to synchronize all IDs (personal, tax, etc.) into a single digital ID and India already has a UPI system for mobile-to-mobile payment system in place. 1.4 Mio. people have already registered for a digital cash transfer program launched in 2020 (Novissi program) in Togo. Countries such as Finland, Germany, and Mexico are planning to push their digital ID systems even further by the end of 2021 while Australia has already implemented such a system.
The availability of technologies that make these initiatives possible is expanding exponentially over the years. Among these, a technology like Self-Sovereign Identity (or SSI) could reshape the way personal data is stored by providing a faster, more efficient, and user-centric decentralized approach as by using this technology, data would be stored on the customer side, instead of on the merchant side, eliminating many threats stemming from centralized storage.
To give you a better understanding, the following programs are SSI developments using digital IDs:
✈️ IATA Travel Pass, the first verifiable credential capable of providing proof of COVID-19 test and vaccination
👤 GLEIF(Global Legal Entity Identifier Foundation), committed to following the SSI model for digital ID credentials for companies
👤 MemberPass, bringing SSI to financial services with Credit Union customer ID verification
🇩🇪 SSI4DE, co-funded by the German Federal Ministry of Economic Affairs, supports showcases for secure digital IDs
🩺 NHS Staff Passport, the first portable digital ID credential for doctors and nurses
🩺 Lumedic Exchange, the first network designed exclusively for the patient-centric exchange of healthcare data
🌾 Farmer Connect, enabling and empowering individual coffee farmers to more easily work with global enterprises
Summary
All in all, there are numerous benefits of digital IDs and the technology to implement them already exists, especially when it comes to SSI which offers numerous possibilities. In addition, they could offer huge social advantages such as reducing fraud risks, increasing privacy and security, and making public services more accessible. So as long as they fulfill all the requirements for trusted digital identities there is no reason to ignore this technological development.
This article was written together by Elena Sergiampietri and Sofia Knoll after intense research on the topic of identity and digital identity with the goal to break down the topic and summarize our learnings.
