Digital identity offers an easier way to sign up for a service or prove who you are online. Even more importantly, for 1.1 billion people who don’t have any ID, digital identity offers a path to actually having a usable proof of identity. For many without traditional ID documentation, digital identity is the first step to gain access to basic financial services and help lift them and their families out of poverty.
Many of us who have an official identity document, take it for granted, whereas in other parts of the world, the idea of having an identity is a luxury. Identity is the fundamental key that unlocks the ability to open a bank account, vote, drive, start a job, receive medical services, fly on a plane, participate in online marketplaces, and even buy products and services with one click.
Effective identity systems are a cornerstone element of a modern, functioning society, helping to establish trust between organizations and individuals to ensure products and services are delivered to the appropriate party. A reliable identity system can mitigate the risk of fraud and effectively manage access to various levels of service.
To fight against corruption and terrorist financing, organizations require identity systems to help meet compliance requirements, such as Know Your Customer (KYC) and Anti-Money Laundering (AML) rules. These requirements can’t be understated; identity rules are the front line in the fight against criminals, as bad actors try to hide who they are when moving laundered money.
Digital Identity for Different Use Cases
Technically, ISO/IEC 24760-1 defines identity as “set of attributes related to an entity.” Digital identity, therefore, is determining which set of digital attributes to ascribe to an entity.
In this era of big data, there’s a lot of information collected on people and their digital activities. What set of data is most effective for building trust? Offers the most security? Protects personally identifiable information (PII)? Delivers effective levels of risk-mitigation? Ensures compliance? Provides a seamless onboarding experience?
There’s not one use-case, so there’s not one answer; different data sets will offer different trade-offs and it’s up to the parties involved to determine how they balance the value of each set.
That’s not to say it’s impossible to create a workable digital identity framework. Rather, a ubiquitous digital identity requires being adaptable, offering effective levels of security, being reliable and allowing the individual certain controls over their information.
In Europe, eIDAS “seeks to enhance trust in electronic transactions in the internal market by providing a common foundation for secure electronic interaction between citizens, businesses and public authorities, thereby increasing the effectiveness of public and private online services, electronic business and electronic commerce in the Union.”
eIDAS lists 77 objectives to build trust online and create a digital identity system that works across the EU. The regulation will apply to public services and require member states to accept other member states electronic identity schemes. Creating a proper digital identity scheme is arduous complex task. For example, eIDAS stipulates 52 articles to reach the objectives.
There are numerous other digital identity schemes on their way and not all are from countries which are considered leading edge. Samoa, a small Pacific island country of 190,000 people is planning a national digital ID system. Thailand will launch their digital ID system by the end of this year. Estonia has had digital ID capabilities on its national ID card since 2001. There are 60 different countries that currently offer some form of electronic ID.
While adoption of new identity schemes help advance the use of digital identity and offer clarity within a jurisdiction, other considerations include cross-border business, travel, payments and other international identity use-cases.
With the various use cases and values placed on attributes (security vs privacy, individual power vs central control), having one grand identity scheme does not seem practical.
Even with all the support from EU nations behind eIDAS, it only covers public entities at this point. Extending it to cover all private companies is a work in progress.
While one single digital identity system might be unattainable, on a more practical level, it doesn’t matter. With digital information that is configurable, translatable, adaptable and computable; digital systems can communicate with each other automatically to determine verification and authentication.
As long as systems account for the various stipulations, scenarios, requirements and limitations, the objective is the same – an identity system that effectively verifies individuals to enable them to partake in the services and opportunities that they require and desire.
The promise of digital identity is one that is easy to use, both for consumers and businesses. It’s secure, allowing only legitimate users access to the specific service. It ensures compliance. It builds trust online, across the globe.
The fact is, this identity nirvana is close at hand. Smart companies are building it now. Before long, all global citizens will have access to digital identity and we’ll all be able to partake in the full range of opportunities the future holds.