Harnessing the potential of Digital Identity
In November 2017, more than 38,000 people were preparing to leave their homes on the slopes of Mount Agung to escape the volcanic eruption. Suddenly, one of the villagers, Nora, bolts back into her house.
“Lebih cepat! Truk pergi” — the villagers on the lorry called after her.
Five minutes later, she is back. “Surat identitias keluarga saya”, Nora says, waving her family’s identity papers, “Tidak ada kertas identitas, lebih susah mendapat dukungan.”. She had run back to take her family’s identity papers along with her because she knew how important the family’s identity papers were. She then tucks in her family’s identity papers into her personal bag as the truck makes its way to an evacuation shelter nearby.
In the near future, villagers like Nora no longer need to prioritise their identity documents as one of the things needed to be taken with them in the event of evacuation. This is because the idea of an identity going digital has become known, especially given the recent technological advances.
What makes digital identity so appealing? Digital identity is intangible. It can be accessed, verified and stored from anywhere and at any place. This is a far better resource than a physical identity, because in physical identities, the only proof that they are genuine lies in the paper documents that a person possesses. This results in complications, such as the person having to be always physically present to submit his/her paper documents at every verification process. Meanwhile, the officers at the verification process will have to go through a lengthy standard operating process to confirm the applicant’s identity. In other words, the paper documents offer very limited functionality and points of reference that authorities can tap onto.
This is unlike digital identity, where it increases the number of ways identity can be verified, such as biometric facial recognition technology and optical character recognition engine. These tools can be automated and provide more accurate and useful information on the users — hence they expedite the verification process and generate more accurate results.
Additionally, with physical identity comes a range of political and geopolitical issues that the authorities have to content with. The existence of digital technologies and mobile devices have been promoting the idea of globalisation among the people; thus prompting them to engage in cross-border transactions. However, the authorities have been very slow to adapt to these circumstances — each country has its own rules and regulations that were specifically designed for last century. These rigid rules and regulations have resulted in a clear lack of standardisation; thus making it difficult for countries to establish a common ground to determine what criteria should the people be subject to before authorising their right of access. For that reason, physical identity in the form of paper documents do not work as well as digital identity, because it is harder to set up a collective system that regards all types of paper documents from all the countries all over the world.
Instead, the nature of digital identity allows data to be converted into common data formats. As a result, it is easier for authorities to decide on the mutual benchmarks on the quality of a person even if the person were to be from another country. Furthermore, because data can be shared easily, it is easier for authorities to build master databases that all countries have access to. This practice is not new, as countries and organisations have already long since implemented shared databases. Take Interpol for instance, where it provides its member countries with instant and direct access to a number of criminal databases. This is made possible because of the digital identity’s capacity to be easily converted and exchanged.
On the other hand, digital identity still takes on many different forms. This indicates a strong need for interoperability for authentication purposes. Social networks are the precedents for this. Whenever a user signs into a third-party service on the web, the users are prompted to sign into a service with their social network account. By doing so, the social network vouches for their identity.
Today, the concept of interoperability for authentication purposes has been accentuated by the introduction of Blockchain technology. One key element of Blockchain is the decentralised ledger where anybody can access the database from anywhere. This indicates a universal database where there is updated information which people can both refer to or update the database with. Another key element of Blockchain is its ability to be tamper-resistant, meaning that it is extremely hard for data to be altered. Cryptographic hashes and digital signatures make that concept possible. The former ensures that any alteration to transaction input (in this case, any changes to the user’s particulars) results in a different hash being computed, which signifies potentially compromised transaction input. Subsequently, the people will know that the digital identity has been compromised and will dismiss it as an unauthentic identity. Meanwhile, the latter confirms that the changes are made by the owner himself and not by imposters. For this reason, Blockchain has become the basis of digital identity because of the accessibility and security it offers to the community.
The idea of combining Blockchain and digital identity is not new. In fact, many communities have already implemented Blockchain into their daily activities successfully. For instance, digital identity, together with the underlying Blockchain technology, has reshaped the way refugees can get back on their feet and resume life as normal. This has resulted in law and order in these refugee camps because of how the complications that arise from paperwork have been eliminated through the use of digital identity.
The biggest drawback of having a physical identity is that the only proof of its authenticity lies in the papers. These papers can be subject to misuse and tempering, which can be very difficult to spot. For this reason, lack of transparency, as well as vulnerability to corruption and fraud, lead to disputes. And resolving these disputes are costly. When that happens, chaos ensues. Instead, a decentralised ledger, through the form of Blockchain technology, will serve as a platform to hold the refugees’ digital identity. Consensus will ensure that the shared ledgers are exact copies, which lowers the risk of fraudulent transactions.
Physical identity can also be easily lost and misplaced, just like how the Syrian refugees had lost their identity documents when they fled their homes. However, this is not the case for digital identity. It can never be lost, because as mentioned earlier, there are many copies of the digital identity made in the shared ledgers. This means they can survive disasters that might wipe out more centralised record-keeping systems, which in this case, are paper documents that are created by authorities.
The benefits of adopting a system based on digital identities are evident in the refugee camps. One of them was how smooth the distribution of aid, food and other necessities in refugee programmes, also known as cash-for-food aid programmes that are designed by humanitarian organisations like World Food Programme. In this case, each refugee would be given a digital wallet with a certain amount of cash or credits that they could spend on to purchase the necessities. The digital wallet is accompanied with the digital identity, where the organisation could confirm that that refugee has acquired some of the necessities. In doing so, the organisation is able to keep track of its supplies and ensure that each refugee gets a fair share of aid. All these are made possible because of digital identity, combined with blockchain technology, gives a sense of transparency in the process yet a secure way to verify the user’s identity.
The idea of having digital identity — accompanied with blockchain — is very promising. The benefits it brings is far too significant to ignore. It provides a sense of security to both the users and the organisations: the user can be reassured that their identity cannot be lost while the organisation does not need to content with concerns with whether the user’s digital identity has been tampered with or misused.
Many authorities and organisations are contemplating the use of digital identities. Most of them have recognised the value of having digital identities in automated systems, which save them lots of manpower and eventually, speeds up the identity verification process. At the same time, more accurate results are generated from the automated systems, which enhances these bodies’ decision making.
However, they still desire for a more transparent and updated system where they can easily build their databases on so that they can upgrade their operational and security capabilities. This need has already been highlighted, especially as communities and countries strive to overcome the existing circumstances where there are increasingly limited resources and increased security threats due to the growing cyber and digital ecosystem.
Recently, the ASEAN region had concluded its meeting. They had acknowledged that going digital was one of their immediate priorities to help their countries progress. One of the points that they had touched on was the idea of having a digital identity, such that it can facilitate the travelling experience for both the citizens and companies which transport goods across the borders. They had also discussed on how they could benefit from a shared system so that they could upgrade their operational and security capabilities.
From here, it seems that authorities, communities and organisations are increasingly jumping onto the bandwagon of growing a digital ecosystem. They recognise the value of a digital identity in terms of how much it can help to reduce costs and solve “unsolved” problems, as well as how digital identity forms the basis of a digital ecosystem. For that matter, they are opening up and sharing their data with their counterparts to benefit from more information. At the same time, they are aware of the security challenges that going digital brings about. One of the security challenges raised is how they could overcome the issue of data privacy while supporting the prospects of tapping onto shared data. This will be addressed in the subsequent article.
Nevertheless, Dr Vivian Balakrishnan from Singapore had pointed out how ASEAN were to progress in the ASEAN meeting recently:
By bringing down barriers and ensuring inter-operability and sharing, we will achieve win-win paradigms both politically and economically. The old way of looking for an advantage by hiding behind silos and walled gardens, I think, that’s over. We have to look for open standards, open source, interconnectivity. Learning how to share and yet gain competitive advantage.
And a proper management of digital identity forms the basis of sharing.