There’s no doubt that a full digital ID reality is imminent. But tens of thousands of organisations across the globe have done little to prepare for it. They still have unanswered questions. Despite the myriad of events taking place across the globe exploring, addressing and solving digital ID problems, they’re not answering the key questions for those parties who’ll have to understand and navigate the practical elements of full digital ID adoption.
There are five main areas that need addressing. The good news is that the key forces that are moving to make digital ID happen, also hold some answers.
1# The legal and regulatory implications.
This is the biggest area of concern for organisations – will digital ID be accepted from a legal and regulatory perspective? Unlike the clear requirements of existing due diligence processes, the rules and guidelines around establishing digital ID securely and retrieving the right information from it have been unclear. It means that relying parties are understandably nervous. But this is changing and regulation is moving rapidly in the right direction. Some high trust areas have already accepted the benefits and security provided by digital ID. For example, it is accepted in anti-money laundering and terrorism legislation, and the HM Land Registry recently adopted it in property conveyancing transactions.
Around the globe, governments are developing Trust Frameworks, which will provide clarity around proofing, verification, security, technical standards, certification, liability and compensation. It is these Trust Frameworks that will be crucial in providing the comprehensive rules and guidelines sought by the organisations that will come to rely on digital ID.
2# Will fraud levels increase?
A key theme that emerged from the pandemic was the rapid acceleration of digitalisation, and with that has come a fear that online fraud will hit the roof. With the majority of transactions and interactions with organisations now taking place digitally, it is vital that they ensure confidently and securely that customers are who they say they are. Fraudsters will of course attack digital IDs. But we are also seeing a growth of stronger, more robust ID proofing and authenticators.
The availability of digitally presentable credentials from various trusted sources has increased significantly. From passports and drivers’ licences to the ability to present the NHS vaccination certification through the NHS app. Open Banking has also introduced banking information into this eco-system enabling people to prove who they are as well as what their financial status is.
Add to this the development of biometric technologies, which have now become a daily part of our lives and are playing a critical role in digital authentication. They provide a unique identification of an individual with match success rates now at commercially acceptable levels. Airports, for example, are using biometrics to authenticate travellers against their identity documents in automated border control (ABC) systems.
Ultimately, the strong ID proofing and robust biometric authenticators that come with digital ID means it is more effective in mitigating fraud.
3# Will my organisation be held liable for losses?
Currently organisations are liable for their own losses through fraud. When a digital ID provider (who will be servicing other organisations too) is introduced into the mix, it becomes unclear who would be held liable if a fraud loss occurs. This is another key deterrent for organisations that will come to rely on digital ID. Again, the development of Trust Frameworks will be crucial here. Not only is the framework being designed to enable the various parties (users, service providers and ID providers) to trust each other implicitly, they are being developed to provide clarity around liability.
4# Will the benefits outweigh the cost of adoption?
Technology giants are pouring billions into this space to make the move to full trusted digital transactions happen, which means that the cost of the technology continues to come down.
The benefits for those who will be the heaviest users of digital ID are significant. In addition to reduced levels of fraud, they will see greater user success rates at the point of onboarding. It will enable more positive engagement both first time and when they return. And a more positive user experience will mean reduced risk of loss. Compliance will be more achievable and it will enable a smooth shift to digital. The overall cost of ID per user will also come down.
5# What should a good digital ID look like?
The UK Trust Framework is close to being complete. Thanks to the extensive feedback from OIX adopted by the government in its latest version of its digital identity trust framework, organisations will get much sought after clarity on what a good digital ID should look like, as well as clarity on the standards digital ID services will need to comply with.
Working alongside the development of Trust Frameworks are sector specific projects, namely in finance, house buying and selling, payments, pensions, employment vetting, age, travel and education. They are actively pushing the benefits, driving better understanding of a good digital ID and encouraging adoption of digital ID among organisations in these sectors.
Everyone is talking about digital ID, but it’s clear that there is a need for more initiatives aimed specifically at organisations that have to think about the end consumers, manage their ID and understand what they can access. The answers to their questions are already there. When you consider that these organisations will be the ones that come to rely most heavily on digital ID, it’s concerning that they have not started planning. They face a real danger of getting left behind by the digital ID revolution.