Thursday, July 1, 2021

What is Digital Identity, and why is it important?

This article first appeared on Philippe Vallée’s LinkedIn

A woman contacts her bank to take out a mortgage on her first house. A group of teenagers excitedly buy tickets to see their favourite musician who is touring through their town. A father sits with his daughter to set up her very first mobile phone, all from the comfort of their own home.

Now on the face of it, there’s very little connecting these three seemingly disparate activities. But dig a bit deeper and you’ll see that there’s a red line tying all of these significant life moments together.

That connecting factor is identity, and whether people think about it or not, it’s perhaps the most important enabler in accessing services in our society today. In 2021, just like everything else, our identity and the way we prove it is evolving too. Thanks to constant innovations in technology looking to serve an ever-connected population, we’ve seen the rise of digital identity.

What actually is digital identity though, and why is it important?

What is digital identity?  

In short, digital identities are the means with which we prove we are who we say we are in an online context.

For many of us who grew up in the ‘analogue’ era showing our passports to go through security at airports or using our driver’s licenses to verify our age at bars, it is second nature to provide proof of our credentials in a physical setting.

Providing this proof of ourselves isn’t quite so simple in a digital world. That’s because the very nature of being online is to be remote – so the actual act of handing over a physical ID document simply doesn’t work here. In the absence of that in-person verification, how can the person and the business on both sides of that interaction know that who they are dealing with is a genuine and trusted party?

The same is also true for machines which speak to other machines as part of the Internet of Things (IoT). In this case, connected devices need to know that the technology they are connected to is what it claims to be.

Trust is vital here – and you’ll see me mention it a few times in this post. Digital identities are needed to bridge that gap and ensure people and machines can trust other organisations, businesses, and devices, and vice-versa.

So, what forms does digital identity take?

Broadly speaking, Digital Identities can take two forms. The first is the digital version of an official physical identity document – such as a digital driving license that lives in a mobile wallet on your smartphone.

The second is a credential for accessing online services. These are typically created through an initial identity verification process, usually involving a check against an official ID document and – increasingly – some form of biometrics. For a consumer, this might be the details they use to log onto their mobile banking app on their phone.

When you think about it, these two areas cover a huge number of interactions – including both day-to-day moments and life milestones. Setting up a new SIM-contract with a mobile provider, connecting a smart speaker to a home smart hub and taking out a loan to start your own business sit at different ends of the spectrum, in terms of significance, but all are enabled by a trusted digital identity.

Why is Digital Identity so important?

Well, at the risk of sounding like a broken record, trust is everything.

Without trust in their customers and citizens, organisations and governments won’t be able to pursue the digital transformations that they need to level up the services they provide. Similarly, in the absence of trust, consumers won’t feel comfortable using online tools, which may mean they miss out on access to essential services – a major barrier to inclusion. Finally, an absence of trust in the IoT sphere can create huge friction in device interaction and could end up severely hampering the development of the technology in the coming years.

When you think that more of us than ever are currently reliant on remote network connections, the Cloud, and home working due to the pandemic, then it’s clear that the lack of trust could be a big problem.

What’s more, ‘traditional’ forms of identity are no longer enough to ensure adequate online security. The use of passwords, for example, in isolation, no longer meets the needs of a society that relies so heavily on being online – given they are a relatively weak form of authentication. With criminals constantly looking for chinks in the armour of consumers and businesses, more must be done to protect these parties.

Digital identities are designed to solve all of these challenges. Not only do they enable 100% trust in all parts of the value chain, but they are also key for driving inclusivity to all parts of society, providing security through unique biometric identifiers – like fingerpints and facial recognition – and creating a frictionless experience for consumers as well as ensuring compliance for businesses. They should also be created along privacy by design principles. The identity credentials should be stored on the device in secure chips or hardened applications, biometric verification happens locally when possible and users should stay in control of the data they choose to share.

Trust is the most important currency in the digital world. Digital identities are how this trust is conveyed and embedded, and therefore their importance to our online society cannot be overstated.

Are you interested in finding out more about how digital identities can help your organisation? This is the first of several posts designed to provide information about the role of digital identity across a number of different sectors, so keep your eyes on the Thales DIS blog to read these as they are published.

We have also published a whitepaper on the topic which you can download for free here.

The post What is Digital Identity, and why is it important? appeared first on Cybersecurity Insiders.


July 01, 2021 at 09:09PM

0 comments:

Post a Comment