As global economies move from being paper-based to digital transactions, our existing ways of managing personal identifiers and data security needs to evolve.
The creation of the Internet of Trusted Identities could provide secure online access, enable digital inclusion, and allow better service delivery and consumer engagement.
Identity is used to access services, but there have been flaws in translating traditional physical identity documents for use online.
Identity, whether personal or organisational, is the key to unlocking other data and data sharing.
An Internet of Trusted Identities based on a maturity model which scores digital transactions and allows incremental access to an identity, based on risk-managed situations, could provide a trustworthy relationship between and individual/organisation and a third party.
An identity for digital transactions needs to be unique, strong, verifiable and unforgeable.
An Internet of Trusted Identities would provide an architecture where individuals have ownership of their identity and can regulate when other entities can have access to their unique attributes.
Within that list of attributes, they could create ‘personas’ for different transactions.
Health and some government services may need a more robust persona, whereas social media access might be more of a light touch.
Such personas need to allow two parties to transact without prior engagement in a trustworthy manner.
The answer is usually the creation of government legislation or regulation, or a step-up by corporations who trade on our personal data.
The real answer lies with individuals who – on the whole – don’t have the inclination, time or tools to manage their own data.
Some may argue for GDPR-type standards to be globally implemented with a ‘privacy by default’ as the standard, but why not have information brokers who can allow internet users to operationalise the data they create, much of which is valuable to a start-up just as it is to a mature organisation?
Every consumer survey tells us individuals are concerned about their identity during online transactions, yet their actions reveal the complete opposite.
It is well known that social media companies profiteer from their user’s data but in reality, just about every mature business collects, stores and analyses vast tracts of identity based data to monitor consumer behaviour.
If we empower individuals to manage their personally-identifying information, then surely they should be able to not only control their data, but also monetise if they so choose.
Some individuals may choose full anonymity (where possible) some may open their data up fully (and profiteer accordingly), and some using different personas may take a middle ground.
We need to create principles, performance, and outcomes-based criteria’s to establish the required attributes, identity evidence and processes which allow individuals to prove official digital identity and make subsequent choices on how they will use it.