A child born today won’t have a bank card, hold a passport, or carry cash. Her first payment device may be a phone, a watch, or an item of clothing. Her signature will be a thumbprint and her ID card an iris scan. Her DNA – the fibre of her being – will underpin her digital identity.
If that sounds fantastical, that’s only because the current situation of identity verification is past its sell-by date. Fraud in the payments network can be detected within 25 milliseconds, but when it comes to authenticating our identity elsewhere, we’re still dependent on physical witnesses, birth certificates, and paper utility bills.
We have behavioural metrics that can identify a smartphone user simply by the way they tap on the screen, but we still need an average of 30 passwords each (the most common of which is 123456) to prove online that we are who we are.
Read more: New app will let NHS patients book appointments by smartphone
As the line dissolves between the physical and digital worlds, this is becoming a problem: the ability to identify yourself online is essential.
What we need instead is a verified identity that is accepted globally and across multiple digital touchpoints. One that doesn’t involve aggregating information in vulnerable honeypots, but instead gives the individual control over the data that is used to verify their identity. Something that allows me to prove I’m old enough to buy alcohol without revealing my date of birth, lets me to vote without revealing my address, or take out a mortgage without providing three years of bank statements.
We already have the means. In payments technology, it’s a target we’ve been closing in on as we move from cash to card, password to PIN, signature to thumbprint, and beyond. We’ve ended the trade-off between security and convenience. It’s easier and safer to authenticate with a thumbprint or a selfie.
What’s holding things up? Some countries, like Estonia, have pushed ahead with great success. But that’s with a population of only 1.3m, and its digital identity is unique to the Baltic state. Finding something that works for every country and across borders is more difficult.
But consider this: you don’t expect to use a different credit card for every shop you enter, or each country you visit. That’s because a network exists that facilitates the exchange of data between banks, merchants, governments, and consumers across the globe. For digital identity to work, it requires agreed standards, compatibility, and – most of all – the trust of stakeholders.
A bill of rights for digital identity may help. At Mastercard, we use one internally to guide our thinking on this. It places the consumer in control and covers privacy, ownership, transparency, security, and other areas. It boils down to this: “I own my identity, and I own my identity data.”
People want a reusable digital identity that’s as simple as saying “Hi, it’s me.” This is perfectly feasible. We can deliver it. This is a global ambition that only works as a joint effort, through collaboration between business, government, and society.
We’re ready. Are you?
Read more: Facial recognition vs. facial verification: Get your facts right