I recently had the opportunity to speak at Safran’s Digital Identity Day in Paris – a great event that brought together government, business and consumer-focused digital security experts to discuss the big changes needed to deliver the simple, secure yet user friendly identity systems that win trust from tomorrow’s consumers.
One of the best parts of the entire day was the interactive nature between those participating from both the stage and the audience. It was clear that those attending the day shared nearly as much knowledge and understanding of the challenges and opportunities facing digital identity as those presenting and participating in panels).
There were dozens of fantastic questions raised from the audience about where we’re going with digital identity – so many that I thought it would be a waste not to share some even further. A few of the questions that really stuck out to me from that day included:
Banks may be natural identity custodians for digital assets like our financial information today, and our tax or pension information tomorrow, but will they ever be perceived as the best safekeepers of data like our health information or medical history?
Because of the highly sensitive information they store, the banks have really invested heavily, and done a great job in delivering digital products that are rooted in security and privacy – trust. They truly have built an infrastructure designed to protect the information that they hold on behalf of their customers.
BUT – I don’t believe there is any desire or need for these organizations to become the safekeepers of all my other information, such as health records or other sensitive information that is not core to their offerings.
With that said, what the banks can do is to act as a trusted source to authenticate and verify their customer’s identity information when the customer wants to access or give access to things like their health information, and they can do this without ever knowing what the customer is accessing or giving access to – or even from/to where.
Do citizens want to tell governments who they bank with?
I can’t speak for everyone, but I can say for myself that I don’t have much of a desire to tell the government services I use who I specifically bank with. At the same time, I also don’t have any hesitation telling those same services that I do use a bank, and one that is a highly trusted institution, and that they can trust that I am who I say I am because the bank says so and/or confirms I could login to my account, without needing to know the specific institution.
I think that kind of anonymity within trusted exchanges is one of the biggest hurdles – and biggest opportunities – in digital identity, and one that will be a game changer for consumer adoption. Being able to use that trusted relationship – like my bank but also others trusted relationships that I have – to verify who I am with another service, without divulging which institution specifically is authenticating my identity, or sharing any information I haven’t provided explicit consent for, is the key to providing a digital identity experience that is both easy to use, and that consumers can trust.
Could blockchain be applied to digital identity?
Absolutely – in fact, when paired with the appropriate resources, blockchain has the power to improve the state of digital identity altogether by delivering capabilities for data integrity, service resiliency and consumer privacy. Blockchain is at the core of the national digital identity ecosystem that we are working with partners to build here in Canada – an ecosystem supported by Canada’s financial institutions, telcos and public sector partners.
It’s clear that, as we head into 2017, the topic of digital identity is only going to become more ingrained in the mainstream discussion. Conversations like those at Digital Identity Day – and the subsequent questions they spur, are giving us a glimpse into just some of the ways that digital identity is changing, and will change in the future.
It’s an exciting time to be a part of these conversations.
– Didier Serra, EVP of Sales and Marketing for SecureKey