Future identity is a community of digital identity pioneers exploring the latest intiatives, technologies and concepts powering the growth of digital identity. It unites policymakers, solutions providers, enterpsies and leading associations building our future identity ecosystem.

You can join our community to receive all the latest insights and hot topics across digital identity here. Alternatively follow us on LinkedIn or Twitter.

We currently run four Future Identity events in 2023 with eight planned in 2024. Sign up to our community to receive news on all new events!

Digital identity is a representation of a person’s real self in the online world. Everyone’s digital identity is made up of personally identifiable information (PII) such as their social security number, passport number, login credentials, bank account number, biometric data, and online history. These unique identifiers make it possible to determine who individuals are online.

A digital ID is an electronic version of a physical ID document, such as a passport, driving licence, or national identity card stored on a digital device like a mobile phone. Also known as digital certificates, digital IDs use a digital signature to bind together a public key with an identity. A digital ID can be presented electronically to prove an individual’s identity and their right to access information or services online.

A credential, is an attestation, evidence or proof issued to an individual by a third party with the authority to do so. Credentials are a means to verify identity, status, rights, or privileges, such as a passport, driving licence, birth certificate or qualification. Credentials are issued to us at various points throughout our lives, by governmental organisations, certification bodies or other companies awarded a level of trust.

Verification establishes whether who a person claims to be is who they really are. This step usually take place at the onboarding or account opening stage and often involves validating government issued identity documents and/or checking credit bureau databases. Authentication occurs each time a user re-accesses a system and validates whether the presenting user’s identity matches that of the user who registered for a service. There a three types of authentication factor: something the customer knows (e.g., security question, password), something the customer has (e.g., cryptographic key) something the customer is (e.g., biometric data).

The word biometric is a combination of two words: bio (human) and metric (measurement). Biometrics is the measurement and analysis of physical and behavioural characteristics unique to an individual person. Examples of biometrics include face recognition, fingerprint recognition, voice recognition, iris recognition, gait measurement, palm symmetry and more.

As biometrics are unique to each person, they can be used to verify a person’s identity. Biometric authentication works by comparing two sets of data – the biometric characteristics of the person being authenticated, and the biometric ‘template’ previously stored as a reference model – to determine whether they match.

Biometric identification is different from biometric authentication. Biometric identification is used to determine the identity of an unknown person, by capturing biometric data from the individual – such as a photo of their face, a record of their voice, or an image of their fingerprint – and comparing this to the biometric data of person’s kept in a database. Biometric identification is often used in law enforcement contexts.

Behavioral identifiers are the unique ways in which individuals act. In the context of digital identity this can include typing patterns, mouse and finger movements, and website engagement patterns. These behavioural biometric identifiers can be used to provide continuous or background authentication of an individual as they interact with a service. Behavioural biometrics is a newer method of authentication but has large potential for growth.

As individuals, we use biometric authentication in several everyday situations, including using fingerprint recognition to unlock a mobile device, using facial recognition to make a payment with Apple Pay or Google Wallet, using voice recognition to interact with Siri or Amazon Alexa. The use of biometric authentication on mobile devices has brought the technology into the mainstream.

KYC stands for Know Your Customer and is the mandatory process of identifying and verifying a client’s identity when opening a financial servicees account and periodically over time. The KYC process can include identity document verification, proof of address, and biometric verification. Banks must comply with KYC regulations to limit fraud and help prevent money laundering, terrorism financing, and other illegal corruption schemes. In case of failure to comply, financial institutions can face heavy penalties.

Self-sovereign identity (SSI) – otherwise known as decentralised identity (DID) centres the control of personal information around the user, recognising that each individual should own and control their identity. SSI safeguards privacy by shifting away from storing personal data entirely on a central database and allowing users to share only the necessary information – for example, providing proof of address without having to share a utility bill which contains a large amount of sensitive but unrequired information.

A digital identity wallet, allows individuals to store securely store credentials and personal data in a mobile app. This can include medical records, bank cards, university degrees, identity documents and driving licenses. A digital identity wallet is intended for use across multiple platforms, reducing the need for individuals to create and manage a different account with each service they use.

Digital identity is helping individuals to access online products and services securely and efficiently, whilst enhancing data privacy and control. For businesses, digital identity improves risk management, fraud mitigation and protection against cyber security threats. Good digital identity can also help the nearly one billion people globally who lack a legally recognised form of identification to gain access to aid, healthcare, employment, banking, and other vital services.

Digital identity and blockchain are related concepts but are not the same. Blockchain is a distributed ledger technology that enables a transparent, secure and tamper-proof record of transactions between parties, making it well-suited for applications such as cryptocurrency, supply chain management, and digital identity. Blockchain can be used to provide a decentralised platform for storing identity data, to enhance user privacy, and reducing the risk of theft, but it is just one of many possible solutions for identity management.

Digital identity has the potential to deliver significant benefits to society, but also the potential for misuse. If improperly designed digital identity can be used to target, track, or persecute groups or individuals. There is also the risk that a data breach or system failure will lead to personal information being stolen or used fraudulently. The proper controls and protections are critical to guard against these risks, but good digital identity is completely safe, as well as being secure and convenient for users.

Protecting your digital identity is key to staying safe and secure online. Key steps towards protecting your digital identity are practicing good password hygiene, enabling two-factor authentication where possible, keeping software update with the latest security patches, remaining vigilant against phishing scams and monitoring your accounts regularly for any suspicious activity.

eIDAS 2.0 is the 2021 update proposed by the European Commission to its pan-European identity framework eIDAS – which stands for electronic Identification, Authentication and Trust Services. This regulation establishes that by September 2023, all EU member states must ensure that a Digital Identity Wallet (DIW) is available to citizens, residents, and businesses and usable for identity documents and attestations with sensitive personal data.

The future of digital identity is likely to see continued evolution and innovation, as technology advances and best practices mature. The next phase of digital identity will likely centre around secure, convenient and privacy enhancing solutions that give individuals greater control over their identity information, as well as the development of common standards and protocols to enable greater interoperability across platforms.

You can join our community to receive all the latest insights and hot topics across digital identity here  or follow us on LinkedIn or Twitter.