Building an Effective System of Digital Identification
In previous blog posts, we’ve discussed the potential of a secure, reliable system of digital identification (digital ID), and examined some of the potential roadblocks to the widespread adoption of digital ID, but it’s also worth considering what such a system would look like. What characteristics would define a truly effective system? What role would various stakeholders play? How would it interact with more “traditional” forms of identification?
Need for universal system
One key element, says Bart Suichies, Head of Digital & Software at SICPA, is seamlessness and interoperability. From a user perspective, identification that is limited to a particular geography or ecosystem has significantly limited utility – especially when people and information are so often crisscrossing the globe. Governments and the private sector both have a role to play in architecting such a “universal” system: rather than issuing unique, physical identity documents, governments must create a regulatory framework for certifying digital identity. The private sector can support this transition by shifting from a value proposition that emphasizes control over a unique, proprietary product to one where multiple private sector actors agree to build and improve on shared, open standards – in this case digital ID – and create profit from the value added to both governments and consumers.
Enable easy compliance
Another priority will be ensuring that the burden on companies engaged in the necessary authentication of identity, whether Know Your Customer (KYC) operations or verifying the identity of a job applicant, is minimized. “If a company is trying to conduct itself in a lawful way, the cost of doing business should go down,” said Suichies, “So if a company has to do any KYC-ing or establishing identity for whatever reason, it will want the cost of compliance to be as low as possible – necessitating support from government and regulators.” Hand-in-hand with ease of compliance is assuredness – that companies that count on verifiable identity can feel comfortable that customers are who they say they are. This exemplifies the importance of broad-based agreement on the threshold of data points that comprise digital ID – ensuring that each individual has a unique, accurate digital ID that is secure and related only to them.
User consent, privacy and control matter
Perhaps the most important element, according to Suichies, is that users must be able to trust that their IDs are secure and that any integrated system is acting responsibly on their behalf, in terms of the personal information it shares with other governments, companies, and entities in the system. In describing digital ID, consulting firm McKinsey outlines several important characteristics, including that the ID is:
- Established with individual consent: Consent means that individuals knowingly register for and use the digital ID with knowledge of what personal data will be captured and how they will be used; and,
- Protects user privacy and ensures control over personal data: Built-in safeguards to ensure privacy and security while also giving users access to their personal data, decision rights over who has access to that data, with transparency into who has accessed it.
Trust is ultimate goal
According to Suichies, the ultimate goal is to establish trust to such a level that digital ID fades into the background of people’s experience; similar to how consumers transitioned from being “active users” of the internet and digital solutions, to a world in which we are almost always connected.
While we are still some ways away from a comprehensive, secure, interoperable digital ID system, we are able – today – to define the basic building blocks of such a system, which has the potential to fundamentally transform how we understand and prove identity. And, while digital ID may not immediately supplant more traditional, physical forms of identification, it is valuable to think now – as more and more of our lives take place online – about how we can architect trust and seamlessness in a digital ID framework.
