In many countries, digital ID is now the primary route to accessing private and public sector services. In the UK, the government is moving quickly to enable the use of trusted digital identities and has set digital ID as a key focus area for 2024. It will be a critical part of the UK’s national infrastructure.
Adoption, however, has been slow. UK organisations that will come to accept and rely on digital ID – across finance, property, employment, travel, gambling, telcos, insurance, legal and any age restricted service – are hesitant. Part of this is driven by myths and misunderstandings.
Three key areas of concerns – access to services, issues around security and impact on privacy – keep coming up in conversations that we, at the Open Identity Exchange, are having across these sectors.
Will digital ID make access to services harder for many who already struggle?
Concerns around access are understandable. In the UK, six million people already struggle to prove who they are so that they can access the services they are entitled to. Many organisations are concerned that digital ID will make access more complicated, potentially excluding more people, if it becomes the primary route.
However, there is a lot of focus on inclusivity across all the parties, public, private and third sector, involved in driving the growth of digital ID. In the UK, DSIT’s recently released findings from a public dialogue on trust in digital ID placed the need for access and inclusivity high on the agenda.
Alternative proofing methods are being explored and established to varying to degrees for those who do not have digitally presentable evidence (ie a driver’s licence or passport). OIX’s work on a Digital Vouch with Photo capability is an example, enabling a voucher to act on the behalf of those without any documentation. For those who need specific help obtaining or using a digital ID, there are developments in assisted digital capabilities.
It’s worth noting that in countries where digital ID has been embraced, access to services and jobs has in fact increased.
Will digital ID make it easier for criminals to steal personal data?
Security continues to be one of the biggest areas of concern. With fraud now accounting for around 40 percent of all crime in the UK, this concern is justified.
There are, however, stringent rules being put in place across the globe to ensure digital ID is secure. Trust frameworks will play a vital role here, ensuring that ID providers are certified to strict global security standards for data access and management. It means that data will have to be protected by multiple robust authenticators, such as biometrics, which are inherently difficult to copy or reproduce. Only the genuine user can access their data.
ID providers who do not follow the trust framework rules, resulting in fraudsters gaining control of the digital ID, may be held liable. This liability position will depend on the rules of the specific trust framework or contractual position of the offering the firm users to access digital ID.
While fraudsters will continue to look for ways in, the good news is that digital ID is a far safer option with the potential to help reduce current levels of fraud.
Persisting myths around digital ID privacy
The issue of privacy and its protection has been a key talking point throughout the digital ID timeline and organisations are understandably worried about falling foul. There are some major myths at play here. A key one is the fear that the biometrics within a digital ID will be used to monitor behaviour.
Digital IDs, however, will be required to operate strictly to local data protection legislation, such as GDPR. This means that the digital ID and the identity data it holds can only be used in a way that respects privacy. Data can only be accessed and managed by the person who owns it. They will control which third party sees their data, its movement and its deletion. This will apply to every party that operates in the digital ID eco system.
The benefits of embracing digital ID are vast
There are already many countries where digital ID is a proven approach to identifying individuals and businesses – the Denmark, the Nordics, Estonia, Singapore and India – and it’s working well. Even in the UK, there are areas – such as right to work and right to rent checks – where the benefits are becoming very clear.
The reality is that concerns around access, security and privacy are being addressed in detail and digital ID is progressing despite the hesitations of organisations for whom digital ID will have the greatest impact. They need to move into a position where they can start accepting digital ID soon.
