- Part 1: What a smart and humanistic approach to digital identity would like
- Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today)
- Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity
- Part 4: Why every company is an identity company
- Part 5: What is Bring Your Own Identity?
- Part 6: Reusable Identity
Historically, our digital identities have been based on what we know.
Do you know your username, email, and password? Then you can log in.
Do you know your social security number, home address, and mother’s maiden name? Then you can sign up for the service.
You can probably see why this is a problematic way to deal with something as important as your identity. If someone nefarious finds out what you know, not only could they access your existing accounts, they could open up new ones in your name. With data breaches on the rise at a mammoth scale, that proposition becomes likelier by the day.
Anyone who has had their identity stolen knows just how painful the process of getting things back in order can be. For some, it unfortunately becomes a lifelong pursuit.
A much more secure way for managing our digital identities is to base it on what we have.
For instance, do you have access to your smartphone?
It’s immediately clear why such a framework is far more secure than the former. Wouldbe criminals would need to physically have your phone in their possession. They’d also need a way to get in — a tough ask if you have a PIN or fingerprint security set up. That’s something that might be possible for the FBI but likely outside the wheelhouse of most fraudsters.
Traditional digital identities still based on what we know have gotten the memo. It’s why two-factor authentication is highly recommended if you want to keep your accounts secure. Now, it’s also about what you have.
But that transition is still only a half measure.
Eventually, it makes sense to shift toward a completely device-based identity. That way, your sensitive personal data is stored locally on your own device rather than hosted on some company’s server that becomes a target for hackers.
With device-based identity, you’re in complete control of your data as well as your private keys.
This also opens the door for additional features that should become commonplace in the future such as identity portability and reusability.
We’ll be able to bring our identities with us from one service to the next. The reputation and social connections you create on one platform will be easily transferable if you ever decide to venture elsewhere.
We’ll also be able to verify our identities once and never again, re-using that verified identity for any additional services we sign up for. That minimizes the amount of data we share with other parties while still allowing businesses to trust who their customers are who they say they are.
Best of all, it reduces friction for everyone. No more selfies. No more taking photos of your passport. Set up your identity once, and you’re good to go.
If you’d like to learn more about GlobaliD contact our sales team or follow us on Twitter, LinkedIn and YouTube.