Digital Identity or Digital ID is the digital representation of a subject. More specifically, digital ID is a set of attributes related to an entity that is used by computer systems to represent an external agent.
Digital ID takes a different form from paper-based ID. For example, unlike driver’s licenses or passports that need to be physically presented during authentication process, a digital ID can be authenticated remotely over digital channels. Some digital authentication technology that are commonly used are smart token, biometric scan, or one-time passwords that you can perform with a personal device, such as your mobile phone. Just like paper-based ID, a digital ID could also be issued by government bodies, nonprofit organizations, or even private entities.
According to McKinsey Global Institute, a good digital ID could unlock economic value equivalent to 3-6 percent of GDP on average by 2030. So what constitutes a good digital ID?
Verified and authenticated to a high degree of assurance
Government and private-sector institutions possess certain high-quality standards for initial registration and subsequent acceptance. A good digital ID ensure it maintains the same standards each time the digital ID is authenticated. A range of credentials could be used to achieve high-assurance authentication and verification. For example, a good digital ID will require its users to register their biometrics, create passwords, or connect their smart devices with their digital ID information embedded in them.
Digital IDs with characteristics similar to emails or social media accounts are usually free and easy to use. However, it rarely occurs that email or social media provider limits the number of accounts a user can have. With a unique digital ID, an individual has only one identity within a system, and every system identity corresponds to only one individual.
Established with individual consent
Consent means that individuals knowingly register for and use the digital ID with knowledge of what personal data will be captured and how they will be used. User consent is particularly important for the use of advanced digital ID. Whereas basic digital ID only enables verification and authentication, an advanced digital ID enables storing or linking additional information about individual ID owners and thus can facilitate advanced data sharing. Due to the sensitive nature of this feature, it is therefore mandatory for users of advanced digital ID to make informed consent and exercise control over the use of their data.
Protects user privacy and ensures control over personal data
While digital ID can reduse risks associated with conventional ID programs, digital ID also has the potential for misuse. A digital ID user can be exposed to risks that are already present in any digital technology, such as cybersecurity breaches and privacy violation. A good digital ID should have built-in safeguards to ensure privacy and security. Going back to the principle of individual consent, a good digital ID will also give users access to their personal data, decision rights over who has access to that data, with transparency into who has accessed it.