Digital identity is all the available online information about a person. Digital identity is made up of unique identifiers and behavioural patterns that can be tied to that individual.
The information that forms your digital identity can be grouped into two broad categories: your digital attributes and your digital activities. These pieces of information, either alone or combined, can be used to identify you.
'When strong digital identity systems are available, not only do they protect against fraudulent activity, but they also produce huge savings for citizens, government, and businesses.'
In one study, McKinsey estimated that less than half of the global population has a complete identity - physical and digital - that allows service access. There are at least 1 billion people who have no form of legal, officially recognised identification.
But how do we achieve that trust? How can we be confident that the person asserting a digital identity is who they say they are? At the same time, how do we protect unsuspecting citizens from fraudsters who compromise their identity and pose a personal, organisational, and national risk?
In a pre-digital world, to verify our identity we typically went to a physical location, such as a bank, with our photo ID and presented it to the checker. That person checked our attributes and verified ownership by looking at our face and the photograph on the ID document. Because we were physically present, the checker could be sure that we were verifying ourselves in real-time.
The challenge is how to simulate that process online.
First, the individual needs to scan their government-issued photo ID using their mobile device or computer. This proves two things: it provides the identifiers associated with that individual, and, because it’s a government-issued document, the attributes are endorsed by a legal authority.
The next step is biometric face verification. Because government-issued photo ID carries an image of the individual, face verification is the only way to bind a remote physical user to the ID document to create trust. Now, all this happens very fast, and given the rise of fraud schemes and technology like deepfakes, how do you know that the person is present and verifying themselves in real-time?
Digital identity already underpins many public and private sector interactions and transactions and can leverage the extensive use of online devices in developing countries. When strong digital identity systems are available, not only do they protect against fraudulent activity, but they also have the potential to produce huge savings for citizens, governments, and businesses; increase transparency and accountability, and drive innovation and operational efficiency.
We often come across a ‘good enough’ mindset – ‘our security is good enough and it will be fine’. This is no longer acceptable. To ensure that citizens are properly protected, there is no option but to deploy solutions that offer national-grade security. Selfies and video chats have long been compromised and do not provide adequate assurance of security. And security cannot be static. It has to be sustainable and resilient to future-proof against new attack forms, which are continually evolving.
There is a misconception that the harder a system is to use, the more secure it will be. Not only is this a myth, but it is also counterproductive. If a system does not offer convenience, simplicity, and speed, users will not adopt it. Investment in service digitisation is wasted, and people lose trust. Security and usability have to be balanced.
This editorial was first published in our Financial Crime and Fraud Report 2022, which showcases the innovation and development of the best practices and instruments used by financial institutions in their fraud prevention activities, to improve the digital onboarding process of their customers while fighting against financial crime.
Aarti leads iProov’s Product & Marketing organisation. Before joining iProov, Aarti led international product and market development for SwiftKey, culminating in a successful exit to Microsoft. At Microsoft, she managed the mobile text input business in emerging markets. Before SwiftKey, Aarti led the management of Nomura’s Global Portfolio Sales and Trading products.
About iProov
iProov is the world leader in online biometric face authentication, enabling governments, banks, and other enterprises to securely verify customer identity. Used for onboarding and authentication, iProov’s technologies include Liveness Assurance and Genuine Presence Assurance, which provide the highest levels of security with maximum convenience, privacy, and inclusivity.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now