More and more of the topics we deal with at Freeform Dynamics now also relate to digital identity. That’s no surprise, of course – digital identity is vital in this online age. We have multiple online accounts, social media profiles, email addresses, and various digital footprints. Each of these is a part of our digital identity, an image of who we are in the digital realm.
And it’s not just at home – it’s essential at work too. Think about the smart passes or ID cards used in many offices, or the secure logins needed for remote working. Managing digital ID is a business imperative now.
One of the first things to fix in mind is that our digital identity is really an extension of our physical identity. Our online presence is as much a part of who we are as our physical appearance and behaviour.
How many digital images do you have?
When I talk about digital images here, I don’t of course mean photos. I’m talking about the way digital systems and services “see” us. Because just as we have different roles in life – for instance, our professional persona might be different from how we are with friends or our children – the same is true of our digital images.
The way we present ourselves on LinkedIn, say, might be very different from the way we present ourselves on Facebook or Instagram, or on a hobby-related app or forum. In fact, having multiple digital images is inevitable, due to the need for data privacy and security. After all, a fundamental principle for data collection in the era of GDPR is “If you don’t need it, don’t collect it.”
So given that Google, LinkedIn, Facebook, your employer and your bank all need to know different things about you with varying degrees of depth and certainty, each of them will have a different digital image of you.
Remember though that those images will all overlap to a greater or lesser extent. We might talk sometimes of “multiple digital identities”, but in reality they are all just different digital images drawn from a single core identity.
So how are we going to manage, secure and verify all those different digital images? Data privacy and governance are key drivers here, of course, along with technologies such as smartwallets, federated authentication and secure attestation, where authenticating yourself to a trusted ID provider (for example a government agency, specialist service provider or bank) could allow you to access multiple online services without having to create separate accounts or share any data with each service other than what’s needed for the task at hand.
What do you actually need to know?
For instance, without releasing any other data an attestation service could confirm you are over 18, that you hold a certain diploma, or that you are authorised to access a particular resource. This reduces the risk of data breaches and identity theft, but you really must trust that trusted ID provider, because it’s now a single point of failure.
We are also going to see more integration between our physical and digital identities, not least because we still need to authenticate a digital image. That means multi-factor authentication using biometrics, verification apps, passwords and so on, which in turn means our physical devices are increasingly connected to our digital identities. This adds both layers of data and nuance to those identities, and new privacy and security concerns.
So the next time you log in, whether at work or at home, remember that you are not just logging into a website or service. You are presenting a digital image of yourself, and like anything digital it needs care and caution, because it’s not just us that digitalisation can make life easy for – it can all too easily enable the bad actors as well.
And for organisations, you should already be working to improve the handling of digital identity for both staff and customers. Whether it’s federated identity, single sign-on or a smartwallet, there’s plenty of options for making things easier while still maintaining security, privacy and governance.