Will Digital Identity Become More Important Than Physical Identity?
Our lives today are a unique blend of digital and physical experiences – and we often intertwine these modes to give us the most insight and convenience. Food delivery serves as a perfect example: many people use an app to seamlessly order takeout from their favorite restaurant. Getting another meal when the next craving hits is as simple as tapping “order again.”
This meshing of digital and physical simplifies frustrating tasks and saves time. Flyers no longer stand in long lines to check in and get boarding passes, as most airlines permit them to check in online and receive a boarding pass they can store in their digital wallet. To pass security and board the plane, they simply open the wallet on their phone to show an agent their credentials.
But the confluence of physical and digital also raises the question of how we prove who we are (known as identity verification) in both worlds. For example, in most U.S. states, that airline passenger with a digital boarding pass will still have to show a valid driver’s license or passport to TSA agents at security. Traditionally, we’ve proved who we are using our physical identity, which combines characteristics like height and weight, a photo ID, and personal information, like age and address. What would our lives look like without any physical credentials needed at all?
The OECD (Organisation for Economic Co-operation and Development) defines digital identity as “an electronic representation of an individual or business which enables them to be sufficiently distinguished when interacting online. The digital identity includes attributes which are bound to a credential that is used to authenticate the individual or business.” The ideas around, and possibilities for, digital identity have captured the imagination of individuals, governments, businesses, and other organizations.
In its article, “Let’s get digital: navigating the evolution of identity,” Techradar writes that, together, generative AI and the move to digital identity “are already reshaping how we live and work and how the global economy operates.”
In “The Digital Identity Wallet is now on its way,” the European Commission reported on regulations adopted on March 26 that introduced the EU Digital Identity Wallet, “which will allow citizens to identify and authenticate themselves online to a range of public and private services, as well as store and share digital documents. Wallet users will also be able to create free digital signatures.”
According to the Geneva Internet Platform’s Digital Watch initiative, “Having a digital identity is becoming critical for individual participation in the economic and social life of digitalized societies. Digital identity is used for access to government, economic, and other services.”
With all the headlines about digital identity, it’s pragmatic to ask if it will soon become more important than physical identity.
Benefits of digital identity
Countries around the world are working to develop digital identities for their citizens. Many of these projects are in various stages, from the 11 U.S. states that have mobile driver’s licenses in the absence of a national approach to digital identity, to the UK government’s digital identity and attributes trust framework (DIATF), to the EU’s regulations for a regional digital identity wallet, to an Australian national digital identity expected to be introduced in November. In the meantime, Estonia has had digital identity in place for 20 years; there are 153 million registered users of the Brazilian government’s digital ID; and more than 1.3 billion Indian citizens use the unique, 12-digit identity number of the Aadhar system.
The Australian government says: “With a Digital ID, there’s no need to run around searching for physical ID documents and getting to a government shopfront or business. You can do your life admin from anywhere, at any time.” It also notes that, with Digital ID, “less of your personal information will need to be stored by businesses and organisations, significantly reducing the copies of your documents that put you at risk of data theft.”
Digital identities can also eliminate the need for multiple usernames and passwords, providing a single source of identity across all online uses. Since Nordpass reports that the average user has 168 personal passwords and another 87 work passwords, digital identity can increase ease and security by reducing the passwords and usernames available for criminals to steal and misuse (and for customers to forget/lose and have to recover).
Digital identities can ease recovery after a natural or manmade disaster. Instead of waiting weeks or months for lost physical ID documents to be replaced, a digital identity can provide the proof that lets affected people start insurance and assistance processes as soon as possible.
Digital identities also increase inclusion. According to the World Bank, 850 million people globally don’t have a traditional ID. This leaves them unable to access services and opportunities, whether they are seeking a job, want to open a bank account, need healthcare, or wish to receive the government assistance to which they are entitled. As these tasks are increasingly done online, this inability to verify their identity locks them out of the digital world.
The Bill & Melinda Gates Foundation has written, “People living in low- and middle-income countries are more likely to go without personal details. More than half of those without proof of identity are children whose births were not registered. One in two women in low-income countries do not have ID. And even among those whose identity can be verified, many lack documentation that is suited to the digital age.”
Yet, for all their ability to simplify access, reduce stored information, and increase participation, digital identities also pose several challenges.
Challenges surrounding digital identity
Whether someone’s ID is a government-issued digital identity or an online ID established by an individual to access an online account or service, a key challenge is how the owner of the digital ID proves their identity, how that identifier is stored, and how it can be accessed. Solving this challenge is at the heart of many proposed identity frameworks, laws, and business security solutions.
Because government-issued digital identity is designed to be a single identifier wherever a customer logs in, many of these solutions require a biometric factor, such as a fingerprint or a facial scan. This overcomes the problems associated with identity based on passwords, identification numbers, and passcodes – all of which are impermanent and vulnerable to fraud schemes.
When they rely on passwords, identification numbers, and passcodes, governments and businesses need to store all the information associated with the identity. These elements are easy for criminals to guess, hack, or steal, and to impersonate the citizen or consumer: they simply enter the known element. KBA (knowledge-based authentication) is the least secure form of identity verification/authentication and, unfortunately, often the most widely used form.
Using a biometric element, such as a fingerprint, voiceprint, or facial scan, overcomes these issues surrounding insecure access. With biometrics, only enough information is stored to create a template that can be matched to the live factor when it is presented, so even if the template is stolen (which is highly unlikely), it’s useless to the criminal without the live finger, voice, or face. The real user is critical, here – not an easily forgettable password.
In addition to being more secure than KBA, biometrics is also easier for a person to use. They simply place their finger on a key, speak, or scan their face using a mobile phone.
Ethics is a key issue with the collection of biometric and other information to create a digital or online identity. Many jurisdictions around the world have put in place privacy laws, such as GDPR in the EU, that dictate how identity information can be collected, how it must be protected, and the control that consumers must have over their identifiable details. Since customer trust is critical to brand reputation and business success, many businesses extend the highest practices required in these regulations to all their customers, regardless of where they reside. In all cases, government and business organizations need to be transparent about the details they collect to create digital and online identity, how those details will be used, and how a consumer can alter or delete the information.
From physical and digital to Identity Continuity
The truth is that the future of identity is neither physical nor digital alone; it’s continuous. While digital identities will likely become more ubiquitous and could very well become as important as a driver’s license or passport, a direct connection to the human that identity represents will always need to exist.
Created by Daon, Identity Continuity is a novel concept as unique as each person who uses it and allows the user to combine physical and digital identity in a way that perfectly fits their situation. It creates a single, central identity for each user that is interwoven into every verification, authentication, and recovery process a customer encounters through their lifetime of interactions with an organization. Customers can onboard with a government-issued physical or digital ID, whichever makes the most sense, and establish the biometric factors that they can use to authenticate themselves for accessing accounts and services, making purchases, and more.
Identity Continuity allows each person to be treated as a known individual, establish a customer or citizen record connected to that unique identity, and to be securely recognized as that person at every interaction – on any channel they use.
Physical and digital elements are central to our real identities. Daon inherently understands that who a person is will always be the one, truly unique variable; therefore, the physical human will always play a key part in an online identity. We’re committed to building solutions that keep physical and digital identities both easy to use and secure. Learn more about Identity Continuity.