Many would be surprised to find that purchasing a bottle of alchohol in our local corner shop is a security risk. But how? When the seller asks to see our proof of age, it's customary to wip out a physical ID whether it be a driving license or passport.
However, in doing so, we present a wealth of personal information – our address, signature and nationality – that doesn't need to be shown.
This issue isn't limited to just shops as we're seeing this trend in the digital world too. In 2020, 75% of large companies in
the UK reporting a data breach in the last 12 months. Undoubtedly, the global pandemic has impacted the surge in personal information online as more and more people turn to digital services and in turn, we’re seeing an increasing number of identity fraud cases.
Since we're data breaches are rampant and fraud is on the rise, it's time we take extra precautions, or fall victim to identity fraud.
It's understandable people are thinking twice about adopting digital identities considering how much data is available on all of us. Even though we all know buying a bottle of wine or signing up for a new bank would be much easier and quicker with a simple
flash of a digital ID. Our concern for data privacy is what’s hindering digital ID’s becoming widespread.
Rather than expose unnecessary data, digital identities can actually be the key to withholding it which will help protect us from fraud. The government is aware of this too, as they’ve recently
launched a framework outlining the future governance of digital identities. To roll out digital identity adoption the right way, consumers need to trust that their data is safe and secure. This all boils down to how we build these digital identities, and
who looks after them.
Protecting our personal information
Firstly, the story around digital identities needs to change. What they won’t be is a one-stop-shop to access every piece of personal information about you at the touch of a button, shareable and stealable. What digital identities could be, if we put data
privacy at their core, is selective. We have the opportunity to create a technology, which means people only need to share the specific data they need at any one time, withholding as much data as they can to get the job done.
This doesn’t seem too big of an ask, either. Mastercard recently partnered with Deakin
University and Australia Post to test out a digital ID solution enabling students to register for their exams digitally. This removed the need for tiresome paperwork and trips to campus but also reduced the amount of data shared about each student. Students
created a digital identity with Australia Post, using this to gain access to their university exam portal. With each registration, only specific personal information was required to allow students’ entry to the exam portal – nothing was shared that didn’t
need to be.
Now imagine this in our banks, shops, and workplaces. Rather than revealing most of your ‘identity’ with every purchase of alcohol, you only show your ID documents when you first create the identity – to verify that you are who you say you are. Then, each
time it’s needed, your digital identity only reveals what needs to be revealed at that time, and keeps the rest of your data safely hidden.
Bridging the trust gap
While putting data privacy at the core of digital identities is critical, it’s not the only step to take to increase trust. Often, who is holding your data is just as worrying as what data they have to hold.
For example, a digital identity card trial in Taiwan was recently delayed indefinitely until stronger privacy regulations are introduced. The digital
ID system would have brought their physical identity cards together with a citizen digital certificate, and their health and driving license data. As the plans were made, citizens raised privacy safeguarding concerns, questioning how their personal data could
be protected from potential cyber-attacks. The issue here isn’t the mechanics, or whether or not digital IDs are the right move – it’s simply about ensuring there is enough trust in those who hold the data. In this case, regulation will likely be the answer
or allow individuals to hold their own data on their own device like they do a physical document.
Establishing trust with the organisations that will collect our personal data is key. Regulation is one thing, but perception is another. Of all the sectors that have their hat in the ring to create and own digital identities, many are already under intense
scrutiny when it comes to data. Big Tech firms have a poor track record of putting user privacy first (two words: Cambridge Analytica), and governments too have come under fire for data privacy issues – most recently in Denmark,
which exposed tax ID numbers for millions of citizens. That’s why many industry insiders are betting on third parties, like established payments providers or even new entrants to the market such as the Post Office, to win the trust of weary consumers.
Whoever emerges the victor in the race to create digital identities needs to remember one thing: being transparent with data collection and privacy will be critical to getting people onboard.
The way forward with digital identites
Digital ID's will open up doors to seamless user experiences, regulatory compliance, and an easier way to do business – but also, they’ll also offer us privacy and protection that we can’t get from an identity system stymied by rising data breaches. When
verifying our identities to purchase online or apply for loans, think about how much speedier the process will be. While physical ID documents won’t be going away anytime soon, it's clear this technology is a step into the future.
However, to make this into a reality and accelerate rollouts, trust must be at the core of it all. The future of digital identities lies with consumers. Ultimately, the level of trust of this technology will be the deciding factor to getting consumers on
board, and eventually enable us to quickly flash our digital IDs when we buy a bottle of alcohol.