The digitalisation and decentralisation of individuals’ identity data for verification purposes will deliver an “identity revolution”, a new report states.
According to GlobalData’s Digital Identity report, the technology’s initial “killer app” of vaccination certificates on smartphones has been superseded by the need to verify age, social and financial credit ratings, certification for the right to work and rent, criminal records checks and digital wallets.
The report notes that up to 1.1 billion people worldwide have no proof of their identity, and it cites a prediction by management consultancy McKinsey that seven countries – including China, Brazil, the UK and the US – could unlock economic value equivalent to between 3% and 13% of GDP by 2030 from implementing digital identity programs.
With this in mind, it asserts that digital identity is one of the world’s most significant technology trends.
The term refers to “a set of validated digital attributes and credentials for the digital world, like a person’s identity for the real world.” Unlike physical forms of ID, however, digital identities can verify who people are both online and offline.
Of the technology’s maturity around the world, the report states: “China is a clear leader in digital identity. It has the world’s most advanced social credit and surveillance systems and is planning a digital ID card to enable citizens to access services online.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData“Elsewhere, the Nordic countries are well aware of the benefits of digital identities, as is India, with its Aadhaar ID system. The EU wants to give every citizen digital identity credentials accessible from digital wallets by 2026. Australia, New Zealand and the UK are adopting legislation, and the US is playing catch-up.”
Digital identity models
There are three primary models of digital identity – centralised, federated and self-sovereign – each suited to different use cases and at different stages of maturity.
Centralised identity involves the collection and storage of user identity data by a second party such as an organisation and is employed for accessing the likes of applications and websites.
GlobalData report notes that most online identities today are centralised. It explains: “The primary advantage of this model is that it is widely established, well-understood, and straightforward to use. It helps the organisation providing the digital identity manage compliance, liability and other risks by keeping data in-house and directly controlling all the actors and workflows.
“The drawback of the centralised model is that it offers the worst customer experience of the three identity models. It forces the user to maintain multiple credentials (typically one for each app, service, or relationship), resulting in many forgotten or reused passwords, which create security vulnerabilities. It also requires organisations to treat customers like strangers at the beginning of each interaction. When there is a data breach at an organisation using siloed identity, the outcome can be disastrous, potentially exposing the personal data of millions of people.”
Federated identity sees a second party provide verification to any number of third parties. Individuals can store a single set of digital credentials with an identity provider (IDP) and use it to access multiple applications and domains. It allows identities and attributes to be shared across trust boundaries, providing a degree of portability and allowing users to log in to one service using the credentials of another.
“The benefits of federated identity in lower-trust environments are that IDP-generated social login enables users to access many applications with a single credential, simplifying authentication, slowing the proliferation of usernames and passwords and improving customer experience,” the report says. “However, the primary downside of the IDP model concerns higher-trust applications because a third party is inserted into the middle of every interaction, effectively saying, ‘You can trust me’.”
Self-sovereign identity (SSI) gives an individual or business sole ownership over the ability to control their accounts and personal data, which can be stored on devices and provided for verification and transactions without relying on a central data repository.
SSI is the newest digital identity model and is still evolving. It is a portable identity owned by any person and typically comprises the use of a digital wallet that contains the user’s digital credentials.
The report says of it: “Although there is momentum behind SSI, there are several hurdles to overcome in its adoption. One of the challenges is ensuring interoperability. Self-sovereign identity will probably not replace all existing identity management systems, but it must coexist with them. It is also expected that different self-sovereign implementations will appear in the future. Therefore, interoperability with existing identity management systems and other self-sovereign identity systems is required.”