Digital identity 101
Every day, technology users tell the world who they are in hundreds of micro-interactions. To one company, they may be the person who played that one song more than anyone else. To another, maybe they’re the person who can’t decide which winter coat to buy. They’re a thumbprint when they bank online, a collection of biometric data points when they unlock their phone and a password when they check their email.
None of these individual interactions represent the full picture of a person’s identity, but together they can take that shape. Today, the average person has 100 passwords — a phenomenon known as identity sprawl — and that’s likely to grow as we adopt more and more digital services.
Growing in tandem with these services is the demand for trust, safety and security solutions like personal data protections. To answer those demands, a case is being made for a reconciled, centralized digital identity.
What is digital identity?
A digital identity is a collection of data that uniquely identifies a person in the digital environment. That data allows them to be identified securely online while they use certain services.
The financial services industry was one of the earliest adopters of digital identity authentication, using the practice to provide customers with online access to their bank accounts. Over time, the sector developed a process of both identifying and verifying a customer’s identity when they opened an account and at intervals throughout the banking relationship called “Know Your Customer.” The premise of digital identity borrows elements of that process and brings them to other online interactions.
However, having a digital identity isn’t exclusive to people. A digital identity can also be assigned to an entity (like a business), a device (like a smartphone) or an object (like a vehicle) to signify its uniqueness and grant it access to services based on those credentials. While it’s true that these entities already have unique identification numbers, they often only mean something in a specific context. What’s new about the digital identity conversation is the idea of having one singular identity that can be used across all services and access points.
This concept is becoming more pertinent as we hurtle towards the metaverse, an immersive digital space where people interact with each other and businesses entirely through the internet. Digital identity has the potential to give people more control over their personal data when dealing with businesses, government agencies and other organizations that need to authenticate a person’s ID as a measure to detect and prevent fraud.
Giving the power to the individual
In 2021, the World Economic Forum noted in its Davos Agenda that people are becoming more worried about the impact of technology on their personal data. They cite a finding from Edelman’s Trust Barometer, indicating 66% of people lacked trust in data.
“But,” the article’s writers noted, “there is one fundamental digital infrastructure layer that can bring transparency to interactions: digital identity.”
For individuals, digital identity could enable them to securely make payments on an eCommerce site or access government services. It could also verify your existence as a real person on social media, or allow you to cross an international border. For businesses, a digital identity has the potential to reduce fraud while augmenting interactions with customers, and allow companies to track assets and enhance supply chain traceability. In a customer-business relationship, it could improve the customer experience (CX) by enabling meaningful personalization.
“Digital identities give the user control of their data — they provide clear audit trails and streamline how businesses and governments allow people to register and access their services and trade,” the Davos Agenda continues. “It has great potential for online education, issuing employment credentials, fighting fraud or proving one’s health status.”
For organizations and individuals to take advantage of digital identity, the right processes need to be in place to manage and protect individuals’ identities and personal information.
Digital identity management
Digital identity management is a foundational part of the equation, but as it currently stands, access and identity management is fragmented. According to a study by One Identity, half of all companies use more than 25 different systems to manage access rights, and more than 20% use more than 100 different systems. Silos block visibility, muddying who has access to what.
Blockchain could prove to be a solution.
As a decentralized database, a blockchain is an important tool for storing and protecting sensitive personal information. By its nature, blocks are continually being verified and nearly impossible to alter, making them a key part of managing personal identities. According to Microsoft, decentralized digital identities could replace usernames with an ID that is “self-owned and independent” and that enables “data exchange using blockchain and distributed ledger technology to protect privacy and secure transactions.”
Regardless of the platform that is used to manage digital identities, security and transparency will be vital. As the Davos Agenda notes, “Strong governance and transparency of the data and business models behind digital identity provision are key to build trust with people.” For businesses, there will need to be strict oversight in how digital identity data is used.
The future of digital identity
Digital identity is still in the early stages. Some states in the U.S. have piloted digital driver’s license programs, and in Canada, the government allows citizens to use their banking log-in to access services like the Canada Revenue Agency. Beyond these examples, digital identity creates sweeping possibilities.
Consider digital twin technology. From the hyper-personalization perspective, an accurate digital identity could be used to completely overhaul the hospitality experience, for instance. Guests could be authenticated, checked in and even have their hotel room lighting, temperature and other preferences set according to their needs.
Even non-fungible tokens (NFTs) — the blockchain-based records of digital ownership that have gained plenty of headlines for spurring multi-million dollar art deals — could have a role to play, especially within the context of authenticating identity in the metaverse.
As David Lucatch, CEO and president at digital identity company Liquid Avatar Technologies, noted in a recent Forbes article, technology trends such as the metaverse, digital twins and blockchain are likely to bring digital identity to the forefront.
“When we operate in the real world, I see you, I know you, therefore I trust you. Online, these essential components are missing,” he writes.
“If we extend digital cryptographic credential-enhanced human trust into playable areas where people will congregate — chatrooms, social media, messaging apps and all the things we do online — we’re adding a measure of safety, security and privacy controls.”
As our experiences as consumers and citizens become further enmeshed with online portals and access points, the need for a consolidated digital identity will only grow.