Digital identity is your verified online persona with assigned credentials to be able to access, communicate, or, otherwise, transact digitally. As a consumer, citizen, worker, student, etc., you may have several different digital identities today. Both centralised and decentralised digital identity schemes exist, each with their respective pros and cons, and there are many competing programmes and standards across different organisations and governments.
However, with digital-first being the new normal, we expect to see a shift away from centralised identities – which are unsustainable for users and administrators alike – to more decentralised schemes. One form of decentralised identity, self-sovereign identity (SSI), allows citizens to have their full personal identifying credentials at hand in a secure manner and adds the unique benefit of allowing users to only share what is necessary for certain transactions.
As it relates to the financial services, sector digital identity verification enables consumers to verify they remotely and securely are who they say they are for the purpose of opening an account or transacting – this helps prevent account opening fraud and account takeover fraud, all the while delivering a superior digital-first experience. And the latter prevents abandoned applications which translates to more customers, and, therefore, more revenue for banks.
Balancing accessibility, convenience and, most importantly, trust, governments treaded lightly towards replacing the physical ID with a fully digital ID, often opting for hybrid identity credentials. With the pandemic accelerating digital transformation in banking, travel, and other sectors, the identity landscape has since seen significant innovation to prioritise digital-first consumers and citizens.
Different approaches to digital identity in the EU and US are less a reflection of the available technology choices and more about different perspectives regarding the role of the government and enterprise related to identity. For example, most Americans eschew the idea of a government-issued national ID perceiving it as an overreach of the state – while national ID is an acceptable (even desirable) concept with EU citizens.
Outside of the US, we’re beginning to see National ID plans increase in visibility and there are several regulations and technologies supporting these roadmaps. For starters, trust frameworks for digital identity must prioritise privacy regulation, consumer confidence, local legislation and consistency across international identity definitions and assurance levels. Unfortunately, the world is not moving at the same pace or even in the same direction, which is growing the divide between the “haves” and the “have nots.
Additionally, decentralised identity continues to gain traction with many standard bodies including the Decentralized Identity Foundation, which focuses on developing the components for an open and standards-based digital ID ecosystem. And, as of August 2020, governments around the world have launched approximately 165 digital or partially digital identity schemes. Besides Estonia, Singapore, Australia, New Zealand, and Canada, there are already well-established examples of EU member states having advanced Digital ID programmes with foundational government support.
Moving to the US private sector, Apple has registered several patent claims related to ’verified claims of identity’ and is pursuing a decentralised approach to control the verification of traditional forms of identity like driver licenses and passports via the iPhone. However, whether citizens of the EU or the US will continue to place their trust in large technology giants remains to be seen.
Identity and payments have become inextricably linked, and this brings both exciting opportunities and emerging new risks for the payments industry.
The financial services sector has already displayed it can provide uberised experiences where users can conduct their financial affairs from an app or digital wallet, but the next frontier in payments will focus on creating a superior and seamless digital-first consumer experience.
Although digital ID frameworks can drive inclusion and economic opportunity across the US and Europe, they will not come without risks. Today, identity-related breaches account for the largest source of cyberattacks, and both governments and organisations must take the proper steps to defend against fraudsters trying to exploit the system.
Some emerging risks are biometric identity fraud which can compromise an individual’s unique genetic code and synthetic identity fraud, where a bad actor can create a new identity by blending the credentials of several different people.
Furthermore, industries such as financial services and healthcare could be at elevated risk due to the data they possess, which needs to live and remain confidential for 10 years or more. To stay secure, organisations will have to adopt security behind the scenes such as device reputation checks and behavioural biometrics.
Another option is adaptive risk-based authentication, which provides step-up authentication challenges only when conditions warrant, like a login on a new device, at an unusual time of day, or from a new location.
One of the main barriers to adoption is the competing interests of governments and large technology giants. The lack of standardisation and a universally accepted approach has acted as a huge impediment to growth and inclusivity. Furthermore, interoperability remains another challenge to digital ID adoption.
Digital IDs can make public services accessible to more people and allow for more inclusive economic growth, but for those benefits to materialise, interoperability must be a priority for digital identity schemes. If your identity can’t be verified across borders and on different platforms in different countries, then it won’t be as useful to citizens in the first place.
Jenn Markey leads product marketing for Entrust’s payments and identity business units. She is in charge of developing and driving the implementation of go-to-market strategies to grow Entrust’s share of this rapidly transforming market. Jenn brings 25+ years of high-tech sector experience to her current position, predominantly in senior marketing and product management roles across many different technology domains including cybersecurity, SaaS, IoT, telecom, and semiconductors.
Entrust keeps the world moving safely by enabling trusted experiences for identities, payments, and digital infrastructure. We offer an unmatched breadth of solutions that are critical to enabling trust for multi-cloud deployments, mobile identities, hybrid work, machine identity, electronic signatures, encryption, and more.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now