Digital Identity Interactions

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

Digital identity solutions can be described using a set of identity verification interactions types that pertain to both in-person and online experiences.

Our daily lives are filled with a variety of identity interaction experiences. These daily life experiences may include a visit to the bank clerk, entering the airport or a login to your utility company’s website. Each of these interaction experiences require you to present proof of your identity. These identity interactions may be face-to-face or online. As we migrate away from using physical identity instruments towards digital instruments we need to ensure that these new digital representations of our identity can seamlessly fit into our daily identity interactions. Ideally, overtime we will arrive at a point where citizens will benefit from a unified identity interaction experience regardless of interaction type (in-person, online).

Digital Identity is one of those overused phrases that is typically used without the necessary situational context. The phrase digital identity refers to information stored by computer systems to represent an external agent. Unfortunately, when folks describe digital identity solutions we are rarely offered a cohesive description about the positioning of the solution. Specifically, the conversation should be grounded in a common understanding of the different identity verification interactions types one might experience for in-person and online interactions.

Identity Instruments

An identity instrument is a rendering format of an individual’s PII. Identity instruments can be physical or digital objects. The traditional physical object is a paper or plastic identification card (ID). Many physical identity instruments contain public and encoded information about an individual. The encoded information, which is often stored using  machine-readable technologies (magnetic strips or barcodes), are additional examples of rendering formats of an individual’s PII. Digital identity instruments pertain to an individual’s PII in a form that can be processed by a software program.

Mobile identities are another rendering format for an individual’s PII. For example, regardless of rendering format (physical or digital), a verifiable government issued identity instrument (G3I), that includes a photo, may be a:

  • Passport ID
  • National or State issued Drivers License
  • Trusted traveler ID
  • National or State issued ID
  • Military Identity ID

Reader Types

An identity reader can be a physical or programmatic device that understands how to process information contained within an identity instrument. This includes:

  • Interpreting machine readable data formats (encodings) available on a physical identity instrument.
  • Programmatic processing of a digital identity instrument using peer-to-peer communications in a manner that assures privacy as well as document validity.
Traditional Readers

Any device that can read a physical rendering of an identity instrument in standard machine-readable formats:

  • Magnetic Strip
  • 1d,2d and PDF417 Barcodes
  • DL PDF417 Barcodes (ANSI, AAMVA)
  • QR-Codes
  • Watermarks
Emerging Readers

A new class of identity instrument interpreters are emerging. These Emerging Readers can be described as mobile applications that reside on a device that can communicate with an identity instrument. Unlike Traditional Readers, these Emerging Readers specialize in the processing (reading) of a digital representation of an identity instrument. These readers represent the whitespace area where standards are lacking. Since the digital identification industry is still emerging there will be a timeframe where interoperability between the possible digital representations is a challenge. For now, we can assume that this class of readers includes, but is not limited to:

  • Mobile Device with a mobile reader app
  • Personal Computer or Laptop Device with a desktop reader application
  • In-car computer with mobile reader app
  • A handheld device capable of communicating over various peer-to-peer protocols with the single function of verifying various identity instruments.

Additionally, these readers focus on the electronic exchange of information between an identity instrument and the reader.

Interaction Types

Depending on the situational context of an interaction (identity transaction) concerning an identity instrument (physical or digital), there are standards (existing and emerging) that provide a means for the accessing, presenting and managing of identity information.

Identity Interaction Matrix
Interaction Category Interaction Type Identity Holder’s Instrument Identity Verifier’s Instrument Comment Indicator
person to person card to person paper/plastic card Human Inspection 1
person to person card to device paper/plastic Traditional Reader 2
person to person device to device Digital ID on Device Traditional Reader 3
person to person device to device Digital ID on Device Emerging Reader 4
person to institution device to website Digital ID on Device Online Service 5

Comments

  1. Human inspection and verification has a higher risk for error.
  2. The paper/plastic ecosystem is not going away anytime soon so the market for traditional readers remains relevant.
  3. To enable the mobile convenience benefits of digital identification instruments (digital assets) for citizens, we must ensure that the physical and digital solutions can co-exist. As such, a Digital ID on a Smartphone must be able to render and communicate an individual’s PII in a manner that has been standardized for Traditional Readers.
  4. The technologies, architectures and standards associated with this category of readers is still evolving. IBM believes that a vast array of digital use cases that may emerge from new citizen privacy behaviors and general mobile convenience pressures around all identity instruments.
  5. An institution can be a business, organization or government entity represented by some non-human entity (i.e.: website, vending machine). The requirements and interaction mechanisms for authenticating with an online application are drastically different from the context of physical (in-person) identity interaction.

Conclusion

The next time you are involved in a conversation around a digital identity solution, challenge the conversation participants to associate the solution with one or more identity interaction types. Ideally, the conversation will evolve towards a vision for the solution to provide a unified identity interaction experience regardless of interaction type (in-person, online).

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page
Dan Gisolfi
As CTO for Trusted Identity, Dan is focused on the development and execution of a trusted identity strategy for both citizen and corporate identity interactions using blockchain technologies. This endeavor includes the development of a formal IBM Mobile Identity offering, the definition and development of a trusted identity reference architecture, and the creation of devops tools that streamline the delivery of trusted identity solutions for clients.
Dan Gisolfi
Dan Gisolfi

Leave a Reply

Your email address will not be published. Required fields are marked *