Why are there so many digital identities?
With Mitchell Landrigan and Hamish Fraser I co-authored a paper recently published in the open access journal Law, Technology and Humans.
With the language of "digital identity" evidently shifting (in Australia at least) we think transactional identity is a clearer term for the way people are indexed by businesses, employers, governments, licensing bodies and so on (charge card numbers and social security numbers predate the "digital age" by many decades).
Here's the abstract.
领英推荐
This article analyses why people have so many digital identities and offers suggestions to reduce the numbers to more reasonable levels. Paradigmatic digital identity thinking has been dominated by the objective of general purpose reusable identity as a response to the unwieldy profusion of identifiers that came with expanding ecommerce. The things called ‘digital identity’ in this paradigm are intended to be general purpose insofar as they are meant to be relied upon in different settings beyond the immediate control of the original issuer. The notion of reusable digital identity is somewhat intuitive, energised by the mental model of humans exercising a virtual self in cyberspace. Many user interfaces are constructed to exhibit an intentional stance suggestive of humans having a digital counterpart, making our digital actions more lifelike and comprehensible.
A reusable identity can limit inconvenience to end users and some of the risks of loss of personal data associated with end users creating multiple digital identities for discrete transactional situations. In some nations, there is a precedent for ‘national identity’, a concept that manifests as attributes necessary for a person to be identified or distinguished as a member of a state, typically to allow that person to be eligible to receive government services of the state. In these nations, national identity makes general purpose digital identity culturally more logical, even appealing. However, in most countries, the market for reusable digital identity is still not mature, except for low-stakes transactions, such as social media logins. To date, there is no solid business case for general purpose reusable identity—largely because it proves costlier than expected to re-engineer transactional identifiers to align (or federate) with an intuitive singular digital identity. Thus, individuals must manage many siloed, special purpose identifiers, account names, passwords and piecemeal authenticators.
If transactional identifiers go hand in hand with transaction systems, then there will likely remain a need for about as many identifiers as there are transactional services. Recent technology developments, especially in cryptographically verifiable credentials and mobile digital wallets, may provide ways to automate the management of multiple identifiers and achieve the desired usability anticipated from singular identity without disrupting the forces that have led to transaction-specific identification.
The full article "Why are there so many digital identities?" is freely available.
Digital Identity: Head of Identity & Access Management | speaker
1 年Thanks Stephen for sharing it's spot on. Silvia Moschioni?please take a look at this.
#CyberSecurity Strategist | Advisor | Evangelist | Consultant | Hands-On Technologist | Human Router
1 年About as well articulated and descriptive an article on this run away problem as any I’ve seen. If you’ve been in the digital space very long at all, it doesn’t take long to see this as an enormous issue. And even as we (attempt to) manage the *transactions* of these voluminous identities — that is the AuthN and AuthZ of the identities with the intent to transaction… it’s an absolute frigging nightmare demonstrated by our flippant recommendations like “just use MFA.” For your average consumer, these kinds of “solutions” remain a very tall order. Only Stephen Wilson can articulate these problems with such conciseness and accuracy.
Global data privacy professional, ever curious privacy & technology educator, digital rights advocate and GRC executive.
1 年Great article Stephen, very relevant and timely.
Strategic IT-Business Interface Specialist | Microsoft Cloud Technologies Advocate | Cloud Computing, Enterprise Architecture
1 年I firmly believe that blockchain technology, and related innovations, have the potential to transform digital identities by offering a secure and transparent verification system without relying on a central authority. Although a digital identity applicable across various domains would be advantageous, achieving this requires addressing complexities and fostering collaboration between industries. Self-Sovereign Identity (SSI) initiatives, which empower users to control their digital identities, represent a promising development in this field.