Reinventing Digital Identity for Global Touchpoints
By Ajay Bhalla, President of Global Enterprise Risk and Security at Mastercard
A child born today won’t have a bank card, hold a passport or carry cash. Her first payment device may be a phone, a watch, or an item of clothing; her signature a thumbprint and her ID card an iris scan. Ultimately her DNA — the very fibre of her being – will be used to underpin her digital identity.
If that sounds fantastical then it’s only because the current situation of identity verification is well past its sell-by date. Fraud in the payments network can be detected within 25 milliseconds, but when it comes to authenticating our identity elsewhere we’re still dependent on physical witnesses, birth certificates and paper utility bills. We have behavioural metrics that can identify a smartphone user simply by the way they tap on the screen, but we still need an average of 30 passwords each (the most common of which is 123456) to prove online that we are who we are.
As the line between the physical and digital worlds dissolves, this is becoming a big problem because to be able to identify yourself online is essential.
What we need instead is a verified identity accepted globally and across multiple digital touchpoints. One that doesn’t involve aggregating information in vulnerable honeypots, but instead gives the individual control over the collage of data that is used to verify their identity. Something that allows me to prove I’m old enough to buy alcohol without revealing my date of birth. Or allows me to vote without revealing my address. Or take out a mortgage without providing three years of bank statements.
We already have the means to do this. In payments technology it’s a target we’ve been closing in on as we move from cash to card, password to PIN, signature to thumbprint, and beyond to artificial intelligence and behavioural analytics. We’ve ended the trade-off between security and convenience. It’s far easier to authenticate with a thumbprint or a selfie, and it’s safer too.
So what’s holding things up? Some countries, like Estonia, have pushed ahead with great success. But that’s with a population of only 1.3 million and its digital identity is unique to the Baltic state. Finding something that works for every country and across borders is more difficult
But consider this: You don’t expect to use a different credit card for every shop you enter, or each country you visit. That’s because a network already exists that facilitates the secure exchange of data between banks, merchants, governments and consumers across the globe. For digital identity to work it too requires agreed standards, interoperability, and most of all the trust of stakeholders.
So why not draw up a Bill of Rights for Digital Identity? At Mastercard we already use one internally to guide our thinking on this. It places the consumer in control and covers privacy, ownership, transparency, security and several other areas. But at its heart it boils down to this: “I own my identity and I own my identity data.”
People want a reusable digital identity that’s as simple as saying “Hi. It’s me.”
It’s perfectly feasible. We can deliver it. And when I say “we”, I really mean it. This is a global ambition that only works as a joint effort, through collaboration between business, government and society.
We’re ready. Are you?
This article was originally published in Cityam.
From the Center: Is the developing world ahead of the curve when it comes to identification? Listen to our President Shamina Singh break down the value of digital id and biometrics in episode 23, Keep Humans in the Equation, of the award-winning podcast Masters of Scale. Hosted by Reid Hoffman, cofounder of LinkedIn. Click here to listen.
Mastercard Center for Inclusive Growth is the proud sponsor of Masters of Scale, Season 3.