Digital Identity (R)evolution
Traditionally identity verification was based on human interactions and physical documents, mainly issued by governments. But in today's world where relentless digitalization and 24/7 connectivity continue to transform everyday life, you cannot rely anymore only on those physical identification.
The expectations on consumer's side have also changed looking for more convenience, real time, mobile first for a seamless experience and in the same time looking at all data breaches hitting the headlines, data privacy has become a real concern for many people requiring more security and trust to ensure data privacy and protection.
It's become clear that future growth of online business requires the existence of reliable and strong digital identity schemes that allows new players and incumbents (both public and private) to
authenticate, identify and operate in an efficient and safe way using latest technologies such as
biometric, blockchain and AI.
Moreover, regulators are taking an increasingly active role. In the EU, for example, the GDPR (General Data Protection Regulation) is the latest addition to a raft of new initiatives that already includes
PSD2 (second Payment Services Directive) and eIDAS (electronic Identification Authentication and Trust Services). Going forward, compliance will demand robust protection, privacy and control for users.
Digital Identity Provider
The key issue to operate with our digital identity is the validity that others give to the veracity of the attributes of our digital identity. A digital identity needs therefore a provider that will bring enough trust, security and convenience at the same time
In the private sector, many service providers have built their own identity system, often based on user and password and failing to provide consumers with data privacy, security and seamless authentication experience.
On their side, the public sector have started surfing those new
digital identity trends and technologic wave. More and more countries are building national eID schemes using it mainly to offer access to governmental and public online services. One of the most successful and highly developed is the
Estonian digital identity scheme.
Nevertheless with the increasing emergence of different services that require identity validation, the private sectr may expect identity provider systems that can administer identities and credentials differently for multiple service providers, that can also be linked to govenrment systems in some cases.
"As public identities have been created by different authorities, interoperability and the collaboration between different entities to offer complete solutions is decisive" said
The weaknesses of those fragmented and siloed identities schemes have paved the way those last years for new pioneer ID federation initiatives that have met broad service provider and end-user adoption, with leading banks offering a nationwide Digital Identity solution.
In most of the case those federations have been pushed by banks, bringing the natural trust for securing data, protecting privacy and being the fundamental basis to reach many user and offering more innovative services.
One of the most successful Mobile ID federation in Europe is for sure the mobile application itsme® built by Belgium Mobile ID, a wide consortium of Belgium's leading banks and mobile network operators
itsme® - pioneer federated Belgium Mobile identity scheme
An advanced mobile authentication solution from Gemalto is securing Belgium’s fast-growing itsme® Mobile ID scheme, which offers the convenience of a single enrollment, log-in and signature process for numerous different online services.
Launched with the backing of four leading banks and three of the country’s biggest telecoms operators, this pioneering initiative aims to a significant part of the Belgian population in the years to come.
As mentionned in our Digital Identity white paper, those federated identities schemes will continue to develop as they answers properly to consumers and services expectations:
User-centric solution with streamlined on-boarding process
- Cooperation among
major stakeholders across segments for a broad consumer reach is key for mass
adoption & trust
Strong brand to bring trust and confidence to all parties
Key initiators typically
include banks as critical identity providers
High security with authentication solutions brought by the latest technologies
More recently, another type of Digital Identity Provider is emerging, more decentralized, based on technology such as blockchain, putting end user fully in control and allowing different service providers to share identities verifications attestations. This type of scheme is called Self Sovereign Identities and this is exactly what is
Gemalto Trust ID Network.
This new Digital Identity Solution, built in partnership with R3 and deployed on financial-grade distributed ledger Corda, is a decentralized digital ID platform based on Blockchain. It allows service providers to simplify customer identity management and streamline the due diligence process while enabling end users to be in total control of their identity.
GemaltoTrust ID Network entitles end users to full ownership of their identity and total control over who can have access to their personal information.
And from banks' point of view, it helps streamlining onboarding process of new customers, having access to up to date, accurate, and reliable data about their customers and limiting risk of ID theft and fraud while providing a convenient and secure Identity Management service.
Looking at the future, no need to have a crystal ball to bet on the development of many digital identity schemes based on consortium, where financial institutions will have a clear role to play. For those that take the opportunities available to them, there will be many decisions to make – not least between the Federated and Self-Sovereign models. Ultimately, there is no 'one size fits all' solution. For a start, identity is very much tied to a country's cultural characteristics and regulatory framework; a successful Digital ID scheme will need to reflect these local factors too.