Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Long reads

Channels

Identity
Editorial | what does this mean?
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The Future of Digital Identity 2022: Data sovereignty and interoperability

Paige McNamee

Paige McNamee

Senior Reporter, Finextra

This is an excerpt from Finextra’s report, ‘The Future of Digital Identity 2022: Inclusive, secure, fit for purpose.’

Extensive discussion around who should be the guardian of digital identity solutions are well established, and sophisticated models outlining the strengths and pitfalls of multiple approaches are abundant. However, when it comes to the question of whether financial institutions or governments are better placed to design and implement such solutions, there is no unanimous answer.

Dr Whitley sees multiple aspects to this question, with the first tied to who shapes or owns the standards for digital identity systems.

“In the UK, the general sense has been that government plays an important role in helping set the scene for digital ID solutions but that a government only solution is unlikely to be successful. Other countries might have very different priorities. A common reason put forward for financial institutions to lead on digital identity is that, because of their know-your-customer requirements, they have good identity data and processes for onboarding customers and thus could be authoritative sources for many attributes.”

The counter argument, Dr Whitley continues, is that “doing digital identity” is not a core business for financial institutions and, as with other non-core business services, “digital identity is something that they should be procuring from the open market rather than doing themselves - the arguments for and against ebb and flow over time.”

Putting data control in the hands of users

Roberts explains that digital data sovereignty is critical to financial services institutions (FSIs) for both regulatory and data security purposes. This is because it provides users the ability to have control of the digital data, hardware and software that they rely on or create. “Essentially it’s about people deciding for themselves how their data is used, data sovereignty from a government’s perspective ensures appropriate controls can be established and enforced over data based in its jurisdictional boundaries.”

Referring to a recent report by Oliver Wyman: ‘Digital Trust: How banks can secure our digital identity’, Roberts notes that that banks’ involvement can ensure digital identity schemes are trustworthy, secure, and convenient. In terms of a best solution, however, Roberts believes that the design and implementation of digital ID solutions requires a joint effort between FSI’s, regulators and the government. FSIs and policy makers all have their roles to play in implementing robust digital ID solutions. “Banks have already built trust in their ability to securely manage our finances, the regulators to regulate the banks, and the governments to set policies and laws to protect our data – this, in my view, is a dynamic that works and can be relied on.”

Roberts explains that the EU's eIDAS (Electronic Identification and Trust Services Regulation) provides a consistent legal framework for digital identities and signatures to be accepted. The UK eIDAS regulation was adopted into UK law following the UK exit from the EU, and supports the argument that it is possible to have private-sector driven digital ID networks alongside state led schemes.

“It is important to have regulations to govern what service providers protecting electronic data need to comply with to be listed as a qualified trust provider. eIDAS supports organisations in both the public and private sectors to transact securely using electronic signatures, improving user convenience, whilst saving time and money.”

This approach is echoed by Grunberg, who argues that digital ID solutions can be provided either via multiple co-existing commercial standards or via a government-backed dominant standard; it would depend on the use cases that are enabled by either of the schemes.

“However, multiple schemes will come at the cost of consumer experience. In the first case, private companies or alliances of companies establish their own digital ID standards, which operate in parallel with each other. In the second case, governments — potentially in global coordination — lead an effort to establish ‘a monopoly standard’ for digital ID, which is secure, open, and easy to use for a wide variety of stakeholders.”

Building trust through interoperability

Grunberg also raises the point of interoperability, which many view as a key factor for success of multiple digital ID schemes. Governments, through policy and frameworks, can institute interoperability standards for private and public stakeholders, Grunberg explains, and adherence to these standards can expand the use cases and acceptance of digital ID. “We believe that Digital Policy should aim at establishing a government-backed, dominant, digital ID standard. Similar to currencies and the financial system, national authorities would set rules for governing the dominant digital ID standard, which will be open to all stakeholders.”

Governments may also benefit from the use of trusted intermediaries to handle sensitive digital ID and related data, according to Grunberg. This is because intermediaries may play a crucial role in protecting the confidentiality of counterparties in certain transactions, while assuring that such transactions are secure and lawful.

“The most important attribute of such intermediaries is trustworthiness and execution excellence while working under regulatory oversight. In finance, that role is usually fulfilled by a bank operating under license-based regulatory oversight. In our view, digital ID is posing a similar opportunity for banks willing to enter this innovative area. However, it will be important for all the economic actors (Corporates, society, financial services, and governments) to come together to ensure success of the initiative,” notes Grunberg.

Dr Whitley, confessing that he is slightly obsessed by questions of interoperability, comments that if public and private sectors understand and agree on what they want digital identity systems to do, then it should be possible for both to build systems that the other would or could accept.

“Where such interoperability doesn’t happen, I suspect it often signals a lack of trust between the parties,” Dr Whitey observes. “Perhaps more importantly, from the customer perspective, having to go through essentially the same processes to create (and populate) a digital identity or wallet for government and for the private sector is a total waste of everyone’s time.”

Channels

Identity

Comments: (0)

Join the discussion
Paige McNamee

Paige McNamee

Senior Reporter

Finextra

Member since

16 Sep 2019

Location

London

Comments

1

More from Paige

/Latest long reads
See all long reads»
How to define cloud sovereignty and the quest for balance

How to define cloud sovereignty and the quest for balance

Madhvi Mavadiya

What Gen Z want from UK fintech

What Gen Z want from UK fintech

Sehrish Alikhan

Madhvi Mavadiya

What will the UK climate fintech space look like in 2035?

Scott Hamilton

Will embedded finance change UK fintech by 2035?

Sehrish Alikhan

IFGS 2024: What do the 2024 elections mean for international finance?

Karan Jain

Top technologies that will disrupt UK fintech

Madhvi Mavadiya

What will UK fintech look like in 2035?