Digital Identity and the Power of Me

Just before the end of 2020 , I decided it would be a good idea to switch business bank accounts for the consulting company I co-founded a little while ago with some colleagues. Almost 2 months later we are still trying to make this happen. In these days of instant digital gratification, why is this taking so long? The simple answer is that we are having trouble proving that we are who we say we are. After scanning passports, emailing company correspondence, and enduring several meaningless dialogs with chat bots we still seem to be no further forward.

For all forms of online interactions, one of the most significant issues facing the digital economy is the fundamental need to be able to uniquely identify yourself, and for digital systems to provide trusted ways to verify, manage, and share identities. For many people, this is the Achilles’ heal for just about all major online systems today.

With the recent acceleration of digital transformation, it is becoming clear that all organizations, both in the private and public sectors, will need to consider how to address the opportunities and risks of identity management. It is a critical element of the security and privacy backbone that will allow access to the personalized products and services we all demand.

It is a complex, multi-layered issue for organizations. And two elements of the digital identity challenge have been highlighted recently. The first is that as we connect more and more things to the internet, we’re starting to realize that digital identity is something increasingly important for not just people but also to “things”. As Dave Birch has pointed out, everything from pets and cattle to cars and robots will require unique digital identities. As Dave nicely summarises:

“A quarter of a century ago, on the internet nobody knew you were a dog. Now they don’t know if you’re a fridge pretending to be a dog.”

In fact, Dave is now convinced that we need a new kind of identity suitable for a digital age. Not just a digital version of your analogue identity. He takes this further, and is openly asking whether robots will need passports.

The second element of digital identity raising its head is the UK government role in this area. The government’s experiences indicate that solving this puzzle is far from straightforward. It has quite a long and controversial history of investment in digital identity over more than 20 years with a great deal of UK Government investment. The most well-known effort is Verify with a reported cost of £130M over 10 years before the UK government cut its losses and handed it over to the private sector having missed many of its key targets. This multi-year effort by the UK Government Digital Service (GDS) was widely criticized, including in a National Audit Office report that concluded:

“Unfortunately, Verify is also an example of many of the failings in major programmes that we often see, including optimism bias and failure to set clear objectives. Even in the context of GDS’s redefined objectives for the programme, it is difficult to conclude that successive decisions to continue with Verify have been sufficiently justified.”

In an attempt to move things forward, the UK Government’s Department for Digital, Culture, Media and Sport (DCMS) has announced they are establishing a new trust framework to create a set of national standards to allow interoperability and re-use of digital identities across public and private sector organizations. The framework describes two forms of digital identity: in-store and online. In-store (i.e., face-to-face) is a digital wallet allowing you to store your approved attributes in a “personal data store app”. Adding fuel to the move supported by Tim Berners-Lee and Irene Ng to offer personal data stores to manage your personal credentials.

Lots still needs to happen to bring this to reality. For example, establishing appropriate governance is a key part of any digital identity management approach and the paper says “a governing body chosen by the UK government” will implement the UK’s digital identity trust framework. The draft framework will be tested with industries, services, users, and organisations ahead of a final version being published.

Where does all this leave us? Well, unfortunately we’re still a long way from addressing the digital identity issues in any widely accepted way. Efforts such as those based on blockchain technology may seem promising. But the reality for now is that I still may be exchanging many more scanned documents with my bank before they’ll start to believe it’s me.

Source: AWB Digital Economy Dispatch #24

Alan Brown

Alan W. Brown is Professor in Digital Economy at the University of Exeter Business School where he co-leads the Initiative in Digital Economy at Exeter (INDEX). Alan’s research is focused on agile approaches to business transformation, and the relationship between technology innovation and business innovation in today’s rapidly-evolving digital economy. After receiving a PhD in Computational Science at the University of Newcastle-upon-Tyne, Alan spent almost 2 decades in the USA in commercial high-tech companies leading R&D teams, building leading-edge solutions, and driving innovation in software product delivery. He then spent 5 years in Madrid leading enterprise strategy as European CTO for IBM’s Software group. Most recently Alan co-founded the Surrey Centre for the Digital Economy (CoDE) at the University of Surrey where he led research initiatives in 4 EPSRC-funded research projects.

Explore more content

Improving in the moment

Seeing the opportunity
Read more

Being an Agile developer

Knowledge workers are key to Agile <
Read more

Unit and Integration Testing Overview

The two important types of testing <
Read more
Contact Us