The financial world as seen by RedCompass Labs:
Newer RedCompass Labs team members share their interest in and knowledge of payment and financial crime topics.
A digital identity is information on an entity used by computer systems to represent an external agent. That agent may be a person, organization, application, or device. ISO/IEC 24760-1 defines identity as "set of attributes related to an entity". A digital identity, therefore, arises from personal information used on the web and the shadow data created by the individual’s actions online.
Data points used to establish a digital identity:
Authentication
Authentication is a key aspect of trust-based identity attribution, providing a codified assurance of the identity of one entity to another. The presentation of a unique object, the provision of confidential information, the answer to a pre-arranged question or the confirmation of ownership of an e-mail address are the most common authentication methodologies, and more robust but relatively costly solutions utilizing encryption methodologies are also available. To fight identity theft, physical authentication techniques such as iris scanning, hand-printing and voice-printing are currently being developed.
Risk-based authentication
Risk-based authentication is an application of digital identity whereby multiple entity relationship from the device (e.g. operating system), environment (e.g. DNS Server) and data entered by a user for any given transaction is evaluated for correlation with events from known behaviours for the same identity. In other words, it involves checking if there is anything suspicious about you logging in, say using a device from a different country than usual.
Digital identifiers
Digital identity fundamentally requires digital identifiers – strings or tokens that are unique within a given scope (globally or locally within a specific domain, community, directory, application, etc.). Identifiers are the key used by the parties to an identification relationship to agree on the entity being represented.
Authorisation
Authorisation is the determination of any entity that controls resources that the authenticated want to access. Authorization depends on authentication, because authorization requires that the critical attribute (i.e., the attribute that determines the authorizer's decision) must be verified.
Digital Object Architecture
Digital Object Architecture provides a means of managing digital information in a network environment. A digital object has a machine and platform independent structure that allows it to be identified, accessed and protected, as appropriate.
Handle System
The Handle System is a general-purpose distributed information system that provides efficient, extensible and secure identifier and resolution services for use on networks such as the internet. It includes an open set of protocols, a namespace and a reference implementation of the protocols. The protocols enable a distributed computer system to store identifiers, known as handles, of arbitrary resources and resolve those handles into the information necessary to locate, access, contact, authenticate or otherwise make use of the resources.
The most visible change is the growing multi-channel access to online services, whether through the internet or mobile apps, and vastly accelerated by the pandemic.
As our lives shift towards the digital space, most governments are finding it essential to maintain continuity in the way society is organised, improve economic mechanisms and develop services to citizens.
Hong Kong followed the example set by Finland, Brunei, Malaysia and Macao, and started its own national identity card programme in 2003. Strong and constant political will, and solid technical and legal infrastructure, led to its success. Furthermore, the document is visibly more modern and secure than its predecessor, boosting national pride. The national identity card also has a vital social role: the clear perception that it would protect the rights of its citizens and their uniqueness. The installation of self-service terminals and integration in libraries, online betting and more "classic" examples of Hong Kong e-Government, such as e-tax, have also encouraged adoption.
South Africa is another example of supporting transformation leveraging strong national symbols and values. The country is a young multi-ethnic democracy, still looking for its true identity. A new digital scheme was used by the authorities to strengthen the nation's development goals as a symbol of unity and pride for all citizens. Launched in mid-2013 and replacing the history-laden green book, the biometric smart ID card was indeed presented as part of the national effort to reinstall the:
What next?
Digital ID is probably the future of ID. With the internet spreading to almost all parts of the planet, we will soon say goodbye to plastic cards with our personal information. One cannot forget about the many advantages of digitalisation such as lower costs, higher accessibility, and shorter waiting times. Many of us spend almost as much time online as in real life, so why don't we just make it official there?
Introducing digital IDs is a difficult task that governments and companies are already facing, and many officials seem up to the challenge. Moreover, a well designed digital ID may result in facilitating good payments while making bad payments impossible. This asset may become a great tool to protect the vulnerable and deliver even better digital payments. On the other hand, the risk of identity theft is enormous, as well as the moral aspect of having a digital diary of almost everything you have done in your life. But can we stop it? I don't think so. We can only make the best use of it. I have a digital ID, therefore I am...