What role will digital IDs play in our everyday lives in the coming years? This week, Samuel Stuart dives into the heart of the digital identity revolution. He explores its utility for consumers, how companies like Mastercard are managing security, and why education must always remain front-of-mind.
What is the utility of a digital ID for customers?
I think about the challenge that we’re seeing in the market at the moment; when consumers sign up to a digital service, they don’t have a good means of securely – and with consent – sharing their ID.
For example, a company would say, ‘Give me your driver’s licence number, your date of birth and your name, and we’ll put it into this text field and submit it.’ The issue is that I could pick up your documents instead and I could enter those details. The company receiving that information would be none the wiser.
There’s a high degree of fraud that occurs based on the current process. Then also from a consumer perspective, the convenience and control on what identity data should be shared and how they share it is another challenge. Consumers are having to always pull out their driver’s licence or their passport and share that information with companies that don’t need all that information – they don’t need to know where I live. They just need to know that I’ve got a valid driver’s licence and that I am who I say I am.
Those problem statements drive the utility. For organisations, they want the ability to quickly and securely sign up a consumer. For consumers, they want to be able to securely and quickly share that information. So it really goes hand-in-hand.
How do you educate a larger audience about digital IDs and all the workings of it?
It’s a question that a lot of organisations, businesses and people in the identity space grapple with regularly; how do we educate consumers? You and I might know the space really well, but for an average consumer they don’t. So it’s often taking a step back and looking at it from their lens.
A lot of that comes down to education through utility and use cases. If a consumer knows how they can use a digital ID and they’ve got use cases where they can actually utilise and share their ID and sign up, I think that’s when we’re going to see a lot more progression in the space.
Then it comes down to establishing a framework and establishing trust. Who manages that is critical.
As we start to look at the idea of providing secure and private services to consumers, do we then have to change our mindset around how the data – even if it’s just anonymised data – is actually used to influence certain outcomes?
Firstly, it’s about data minimisation – so it’s only sharing the core data that you need for a particular transaction. For example, if you’re shopping online and you need to provide your age and your address, you don’t need to provide documents like your driver’s licence and your passport. It should be down to a binary yes or no. ‘I am over 18 and the networks verify that I am over 18. And here is my verified address.’
That concept should be front-of-mind first. You don’t want to be sending your blood type to an online e-commerce platform because ultimately, why would they need that? That also helps with any misuse of data down the track.
Then from our perspective, it’s also about making sure the participants on the network are doing the right thing – that they’re not sharing this data with marketing companies and it’s not being used for nefarious purposes. That’s really what it comes down to with the rules and the governance as well. But more so I think it’s data minimisation and making sure that you are sharing only the required information to complete a particular transaction.
With a global lens on, is there any particular region that is more advanced in terms of customer and citizen adoption of digital IDs?
I think we’ve been really lucky in Australia. We’re a tech-savvy nation. We’re often good at accepting and trying new technology and innovating, so we’ve been quite a good market to work in.
We’ve seen a lot of progress both in the public sector and in the private sector. There have been a few players in here for a while as well – the likes of Australia Post who we’ve partnered with and run a couple of pilots together.
Then there’s the US, which is always an advanced market, but I guess the spread and the different areas sometimes make it more difficult to get that adoption and acceptance. You can look at Silicon Valley and how the innovators have changed, but at the same time some of the other states aren’t necessarily as technologically-advanced or open to adoption as others. So I think it’s a challenging market, but in a lot of ways it is still driving a lot of change in the industry.
Do you think that the specific technology we’re building our digital IDs on will also drive adoption? For example, will the concept of a self-sovereign blockchain-based identity sway customers one way or another?
Personally, I don’t think so. I think what self-sovereign has done is establish principles and foundations, which a lot of organisations have looked at and taken input from. Regardless of whether it’s self-sovereign or it’s a particular scheme or network that you’re enrolling your ID through – ultimately you own that ID.
I look at it from Mastercard’s eyes. We’re not holding or storing any information within Mastercard. It’s all stored locally and securely on the phone. So from our perspective, we have a decentralised model whereby we store the ID on the consumer’s device – it’s not stored anywhere else.
You then look at the self-sovereign model and doing this on the blockchain, and I think that’s a great approach too. Regardless of how you’re decentralising this and what technology you’re using, I think it really just comes down to those key principles.
It’s about the ownership. It’s about the consent. It’s about the privacy. It’s really about putting that control back in the consumer’s hands.
Want more insight into the world of security, identity access management, biometrics and more? Get your weekly fix with the Identity Today podcast, hosted by Daltrey MD Blair Crawford. You can start on Episode 1 here or listen via Apple Podcasts, Spotify or your favourite podcast app.