Digital identity is the new modern identity
The Merriam-Webster dictionary defines identity as “the distinguishing character or personality of an individual”. Digital identity has one primary purpose, which is to verify that we are the person we claim to be, and the disparate methods used to do so are now ripe for reform, with new technology poised to bring about much needed change.
We’ve seen how the pandemic has accelerated the need for robust, dynamic digital identity protection. Over the past two years we’ve needed to access all sorts of services, while to do so, we’ve used different means to share personally identifying information. This is not without risk: some of the methods used do not lend themselves to strong credentials verification, and cybercriminals will look for ways of misappropriating people’s personal information, which highlights the need for reform.
At the beginning of the digital age, many of the initial threats to an individuals’ digital identity were countered by digital identity protection measures evolving at that time. As cybercriminals developed methods to carry out identity theft, these efforts were suppressed with new tools detecting and responding to the threat. Technology and online habits have taken multiple leaps forward and online transactions and verification are a part of our everyday lives.
However, the verification methods used often reveal more than the required information. As an example, if you need to prove your age to make a transaction or access a service, you’re likely providing much more personal information, including your height, eye colour, marital status and address, all information that may be collected and stored by third parties. Furthermore, we want a digital identity system that goes beyond identity protection and enables consumers to live a safe and productive digital life.
Identity theft occurs when an individual’s personally identifiable information is obtained and used without permission, often for financial gain, so identity thieves can make unauthorized purchases on credit cards, take over existing financial accounts and even create new financial accounts, which can lead to financial loss.
We are now at a critical moment. Businesses and institutions around the world recognise the need for change. While we’ve moved past the need for in-person ‘wet signatures’ to prove our identity for numerous transactions, we need a new way to secure legitimate transactions and verify digital identities, beyond the physical.
The next-gen approach should provide users with greater control over their data exposure and streamline the digital identity protection process, to do away with the oversharing of personal data, which exposes sensitive information unnecessarily. A design that delivers these capabilities is Decentralised Digital Identity (DDI) technology. Otherwise known as Self-Sovereign Identity, the technology brings together the needed credentials within a digital wallet, neatly putting an end to the existing complexity.
With credentials stored in your digital wallet, DDI technology enables cryptographic proof to be shared with verifiers – so specific elements of identity can be shared, rather than sending unreliable photographic proof and revealing entire sets of irrelevant personal data. Furthermore, cryptographic mechanisms guarantee the integrity of said credentials and provide the level of assurance required by modern transactions.
The solution is within our grasp, offering people a viable option so their personal information can be transmitted with greater security and privacy controls. According to a *report on cybercrime done recently, we know people in India are already concerned about data privacy, with almost nine in 10 Indian adults (88%) actively taking steps to hide their digital footprint – their online personal information. This is a strong indication of how much Indians already wish to control what information they share and the emerging importance of an electronic identity solution.
This next-gen solution would also promote and streamline options for user consent, as well as standardising the verification in general. Perhaps most significantly, DDI has even been standardised by the World Wide Web Consortium (W3C) and is supported by many other key stakeholders. This level of support enhances the potential success of the standard, even if implemented by completely different entities.
An opportune moment presents itself to reform digital identity, with systems available that are fit for the future, with experts and technology providers standing ready to deliver the necessary support to help bring about this digital identity revolution.
(*Survey for the report conducted by The Harris Poll , between November 15 through December 7, 2021. Based on an online survey of 1,000 Indian adults.)
By Petros Efstathopoulos, Global Head of Research, NortonLifeLock
FacebookTwitterInstagramKOO APPYOUTUBE