Digital identity-Improving Security and Customer Experience

 

Trusted interactions are key to well-functioning digital economies. Across the globe, we’ve seen the emergence of national digital identity programs, aiming to establish this trust. Such schemes are generally created with the intention of facilitating trusted interactions between individuals and relying parties (for goods and services), however these trusted digital identities can also be used to strengthen security within organizations—to both improve security and user experience.

 

 

A digital identity is a digital representation of verified attributes and credentials that can be used to transact online. Generally housed on a smartphone and based on a range of evidence types checked against authoritative sources that may include biometric matches and liveness tests, digital identities increase assurance that someone is who they claim to be.

 

When combined with organizations’ identity and access management (IAM) systems, a trusted digital identity can increase security and reduce risks associated with usernames and passwords and at the same time offer a consistent and frictionless user interaction.

 

This interaction of digital identities with IAM is illustrated in the diagram below. My digital identity confirms who I am. When used with IAM, it specifies my persona within an organization-specific context. The IDAM system manages what I can do within the organization.

 

As an individual, I can have multiple personas when dealing with different organizations or even within the same organization, but my “identity” always remains the same. For example, I access my bank account online as a customer (persona), but as an employee (persona) of the same bank, I need access to different systems to perform my job. In both cases, who I am (my identity) does not change, but in the context of the bank, each persona has different permissions.

 

For individuals, the real power of a digital identity is a simple, trusted, and consistent interaction to prove identity regardless of which organization they are dealing with. In the bank example, my digital identity can be used to interact with the bank, removing the need for a separate customer identifier and employee identifier. Likewise, my digital identity can be used to interact with my university as a student or with my local government as a resident.

 

Only information relevant to a specific interaction needs to be requested and shared with express consent, putting the individual in control of their identity information. This not only enhances trust but also reduces organziations’ storage and management of personally identifiable information (PII). As a customer purchasing alcohol online, I can share an “18+” attribute to prove my age, rather than my exact date of birth, protecting my sensitive personal information.