Published on the 16/07/2019 | Written by Newsdesk
The perfect storm is brewing for the digital ID market as analogue thinking finally starts to get a digital makeover…
From your average online retailer to your employer, your bank to the taxman, airport security to foreign governments, we live in a world where everyone wants to know who you are.
In 2019 however, that can be a pretty old-school proposition – users find themselves photocopying birth certificates, securing letters from employers and quoting birthdates over the phone to unverified callers. Has the ID challenge always been this… analogue?
And there’s more to the issue than a thoroughly whack user experience. Not only do current methods of establishing ID online require repetitive, time-consuming manual login and verification actions from the user (the average user has about 23 accounts that require passwords, estimates McAfee), the commercial model which they serve has created a digital landscape characterised by vast data silos, each and every one a separate and distinct security risk.
“Companies and operators will need to be the ones to drive the use of self-sovereign identity forward.”
“Digital identity online for many consumers is currently a series of separate identities with distinct credentials and authentication methods, typically passwords in the latter case,” says Juniper in its recent Digital Identity: Technology Evolution, Regulatory Analysis & Forecasts 2019-2024.
“This has led to many different ‘islands’ of data, which are typically stored in centralised data silos held by each online entity that requires such information.”
Change is coming however. Driven by government will and the fintech sector, we find ourselves on the verge of a big identity rethink says Juniper, with the number of people using government-issued digital identity credentials expected to hit five billion come 2024.
“Emerging economies in Asia and Africa are some of the biggest markets, as countries leapfrog analogue identities to benefit from the efficiencies digital registration and management bring,” says Juniper. “We expect almost 12 million people in Malawi to have digital identities in 2022, with Nigeria and other countries supplying digital identity to over 420 million people on the continent on both cards and apps.”
Around 60 countries already have some form of digital ID program underway, including Australia. The Federal Government started rolling out its beta test of the new MyGovt digital ID system last month, an app-based system that is stored on the users’ phone and gives secure access to a range of government services.
At least that’s the plan. Despite its AU$67+ million allotment from the 2019 Federal budget, the mobile app and MyGovt portal has had an inauspicious debut, crashing for most of Friday as thousands of Australians unsuccessful attempted to file tax returns.
But the private sector, may succeed where the public has faltered. Fujitsu is one of several companies currently exploring digital identity exchange tech designed to make establishing ID between users and businesses considerably more secure.
According to the company, Fujitsu Laboratories has developed digital identity exchange tech “that enables users to confirm the trustworthiness of the other party, drawing on factors including the status of previous transactions and evaluations by users who had engaged in transactions with the party in question, as part of a decentralized identification system.”
Fujitsu says it plans to focus on the finance industry in the short term, with aims to implement the technology during fiscal 2019. While the specifics of what’s being created hasn’t yet been completely revealed, Fujitsu’s solution seems to stop short of promising to put full power and control in the hands of the user.
For that, one can turn to the small but burgeoning ‘Self-sovereign Identity’ community, a movement that asks the question: What if users actually owned their own data, kept it with them in encrypted form and only shared what they wanted with whom they wanted to share it? Using blockchain technology, such a system could conceivably be hyper-secure and user-centric, say enthusiasts – while presumably sticking it to those billion dollar surveillance capitalists.
While that’s an attractive idea, the technology is developing and despite average yearly growth of 35 percent, less than 10 percent of dedicated identity apps are expected to be blockchain-based by 2023 says Juniper.
“We expect strong growth in blockchain-based digital identity solutions over the next five years,” remarked research author James Moar. “However, with simpler apps being quick to develop and almost indistinguishable from a user perspective, companies and operators will need to be the ones to drive the use of self-sovereign identity forward.”
And in the age of the GDPR – and increasingly spectacular fines for companies accused of data mismanagement – we seem to be entering an age where expectations around privacy, user-experience and even consumer data sovereignty are actually starting to shape the conversation.
Andrew Weaver, Digital Identity NZ executive director concurs. He says research from DINZ shows a clear gap between what people want to see and what they are being offered now.
“A total of 85 percent of people simply do not know what organisations are doing with the personal information that is entrusted to them, and they are concerned about who has access to it and who may be making money from it,” he says.
“We recently commissioned a survey which found that 89 percent of people were worried about their data being shared with a third party without their permission. And 88 percent of people were worried their credit cards would be stolen and their personal data being leaked or hacked online.
“These sentiments are further highlighted when people are asked if they like the idea of being more in control of their digital identity.
“Ninety-three percent of people [are] saying yes.”