With an increasing number of identity fraud cases occurring in the wake of COVID-19, digital ID solutions are a possible answer. Whether its biometric authentication or or another solution, the need for data privacy in a post-pandemic world will likely speed this up.
Adam Desmond is the UK&I Country Lead at Mitek leading the operations and delivering growth in the region. Mitek works with more than 7500 financial organisations, including HSBC, ANNA Money, Airbnb, and Instacart – to ensure safety and security and improve customer experience through its proprietary digital identity verification tech.
Here he shares his thoughts on how data privacy will accelerate digital ID adoption.
Every time we buy alcohol, and the seller asks for our ID, most of us probably don’t stop to realise that we’re giving away more information than is needed to buy the drink. By proving our age, we’re also exposing our address, signature, and nationality – when all they needed was our date of birth and photograph.
A similar trend can be seen in the online world too. In 2020, 75% of large companies in the UK reported a data breach in the last 12 months – and the numbers show no signs of slowing down. Spurred on by the COVID-19 pandemic, the pool of personal information out in the world continues to grow and as a result of this, we’re seeing an increasing number of identity fraud cases.
While this example is by no means a prominent threat of identity fraud, it begs the question: in a world of constant data breaches and rising fraud, why aren’t we being more careful?
With so much data available on all of us, it’s not surprising people are thinking twice before adopting digital identities. Even though most of us can imagine how much quicker it would be to flash a digital ID when buying alcohol or applying for a loan. What’s stopping this from actually becoming a reality is that it’s not so easy for us to willingly hand over a potential minefield of data time and time again.
However, digital identities could actually be a solution to withholding unnecessary data and protect us from fraud – not open ourselves up to it. The government knows this is a priority too, as they’ve recently launched a framework outlining the future governance of digital identities. For digital identity adoption to be successful, consumers need to trust that their data is safe and secure. This all comes down to how we build these digital identities, and who looks after them.
Revealing only what’s needed
Firstly, the story around digital identities needs to change. What they won’t be is a one-stop-shop to access every piece of personal information about you at the touch of a button, shareable and stealable. What digital identities could be, if we put data privacy at their core, is selective. We have the opportunity to create a technology, which means people only need to share the specific data they need at any one time, withholding as much data as they can to get the job done.
This doesn’t seem too big of an ask, either. Mastercard recently partnered with Deakin University and Australia Post to test out a digital ID solution enabling students to register for their exams digitally. This removed the need for tiresome paperwork and trips to campus but also reduced the amount of data shared about each student. Students created a digital identity with Australia Post, using this to gain access to their university exam portal. With each registration, only specific personal information was required to allow students’ entry to the exam portal – nothing was shared that didn’t need to be.
Now imagine this in our banks, shops, and workplaces. Rather than revealing most of your ‘identity’ with every purchase of alcohol, you only show your ID documents when you first create the identity – to verify that you are who you say you are. Then, each time it’s needed, your digital identity only reveals what needs to be revealed at that time, and keeps the rest of your data safely hidden.
Maintaining transparency to establish trust
While putting data privacy at the core of digital identities is critical, it’s not the only step to take to increase trust. Often, who is holding your data is just as worrying as what data they have to hold.
For example, a digital identity card trial in Taiwan was recently delayed indefinitely until stronger privacy regulations are introduced. The digital ID system would have brought their physical identity cards together with a citizen digital certificate, and their health and driving license data. As the plans were made, citizens raised privacy safeguarding concerns, questioning how their personal data could be protected from potential cyber-attacks. The issue here isn’t the mechanics, or whether or not digital IDs are the right move – it’s simply about ensuring there is enough trust in those who hold the data. In this case, regulation will likely be the answer or allow individuals to hold their own data on their own device like they do a physical document.
Establishing trust with the organisations that will collect our personal data is key. Regulation is one thing, but perception is another. Of all the sectors that have their hat in the ring to create and own digital identities, many are already under intense scrutiny when it comes to data. Big Tech firms have a poor track record of putting user privacy first (two words: Cambridge Analytica), and governments too have come under fire for data privacy issues – most recently in Denmark, which exposed tax ID numbers for millions of citizens. That’s why many industry insiders are betting on third parties, like established payments providers or even new entrants to the market such as the Post Office, to win the trust of weary consumers.
Whoever emerges the victor in the race to create digital identities needs to remember one thing: being transparent with data collection and privacy will be critical to getting people onboard.
The way forward with digital IDs
While physical ID documents won’t be going away so soon, adopting digital identities seems to be looming on the horizon. Think about the range of possibilities they can open up: how much quicker it would be to verify our identities when we make payments or apply for loans. Not only will it enable fast and seamless user experiences, regulatory compliance, and an easier way to do business – they’ll also offer us privacy and protection that we can’t get from an identity system stymied by rising data breaches.
For this to be made a reality however, trust must be front and centre of it all. The future of digital identities lies with consumers. How much they trust the technology and the security will determine whether we’ll be able to pay for our favourite cocktails with a simple flash of our digital IDs.