Author: Kurt A Cagle
This morning, I downloaded an app that puts my vaccination record on my phone, including the two Covid-19 vaccinations I received earlier this year. What drove me to do so was simple – Washington State is now under a vaccine mandate, meaning that you cannot sit down in a restaurant without some proof of vaccination. I have my card, but it’s definitely getting dog-eared, and increasingly, my identity is tied up with my phone, which is also both fingerprint and PIN secured.
I have had my wallet stolen before. When that happened, it kicked off a full month of getting credit cards changed, getting a new driver’s license, even switching out bank accounts, which in turn proved a real pain in the butt given how many things were on automatic payments which were suddenly bouncing right and left. Today, if I lose my phone, I can automatically trace it from my laptop (via a secured account) and, worst-case scenario, I can get a new one and have those accounts automatically transferred within a day.
The reality for me is that my identity is digital, and it is becoming increasingly difficult to hack that digital identity. My credit cards are now protected under cryptographic keys, meaning that, more and more, I can leave the house without my wallet. My insurance cards for my car are similarly secured, and I have PDFs of my registration. Driver’s licenses are not yet fully implemented yet: several states are currently rolling out pilot programs, which include, among other things, the ability to secure the information so that, if you go out to a bar or similar restricted venue, the license will show that you are over the legal drinking age but not where you live, if you so choose not to show that information.
This is an ongoing process. Not everyone has a smartphone, and not all smartphones have the capabilities necessary to secure this information. However, for those who do, that smartphone is becoming the wallet of choice that people are using, and individuals, companies, and governments are increasingly utilizing such digital identity systems. It is very likely that by 2030, the physical wallet will have all but disappeared.
There are some significant advantages to this process. For starters, the need to actually pass an identifier in the clear is disappearing. This has been one of the central problems that credit cards have, and until you have some mechanism to tie the identity of the card with the identity of the user, such cards are inherently risky. Once you remove this need, if you can verify identity across one channel, you can verify it across every channel. We’re beginning to see this now with applications that let you validate based upon your LinkedIn or Google accounts, via the mechanism called single sign-on. As more keys become biometric or are similarly generated via secured tools, the need to even use passwords drops as well.
The disadvantages come down to trust. It becomes marginally easier to trace a person’s activities if you have a known key – if you can in fact link that key to the individual. This is not a new problem, and ironically, the changes that are happening as we move to a device-centric trust model actually mitigate this risk considerably. The less often I have to actually send my keys out into the ether, the less likely someone will be able to intercept and use those keys for nefarious purposes.
The growing use of both distributed ledgers (such as blockchain) and decentralized identifiers (DIDs) are also changing the landscape. Most identifiers are issued by authorities – organizations that have an explicit interest in identifying and tracking their resources. Such authorities are known as sovereigns and are as diverse as governments, banks or similar financial institutions, companies, and so forth. Distributed identifiers are self-sovereign – they use mechanisms to “secure” a particular identifier so that it represents one and only one object, and such identifiers do not need to be explicitly tied into a given organization. Because such DIDs are cryptographically secure, they can be used to create verifiable credentials (VCs) to identify any resource of value (or any individual). Blockchain will likely be one mechanism for securing such VCs, but there are others as well.
Establishing global digital identity mechanisms is a major step towards any kind of seamless transactional experience, and likely will play a huge part in everything from the digital economy to augmented reality to education within the next decade. It unfortunately also has the potential downside of exacerbating the digital divide, as those who do not have such an identity will find themselves increasingly disconnected from that same economy. Already, paper money and coinage are beginning to no longer be accepted among vendors, and what will be transactional transparency for those who have taken the plunge will become transactional opacity – significant obstacles – for those who don’t, creating yet another flashpoint between two increasingly divergent economic models.
I believe the next ten years will become both a crucible and a rubicon, as the fundamental nature of identity and how it becomes verified works its way through the economic, social and political process. Recognizing its impacts now will be the key to how much of an impact this change will ultimately have.
To subscribe to the DSC Newsletter, go to Data Science Central and become a member today. It’s free!
Data Science Central Editorial Calendar
DSC is looking for editorial content specifically in these areas for December with these topics having higher priority than other incoming articles.
DSC Featured Articles
Picture of the Week