Midway through 2024, we’ve moved beyond digital transformation to become digital first. From shopping to banking to healthcare and beyond, increasingly the expectation is to at least be able to start – if not finish – your journey online. While the pandemic was rocket fuel for digitization, the pace of change is only expected to accelerate – driven by AI, biometrics, and quantum computing.
A 2023 Connectivity Benchmark Report revealed that 72% of customer interactions are digital, and we’re witnessing the convergence of payments and identity in real time with the expectation that 30% of digital identities will be stored in mobile wallets by 2029, according to a 2023 report from Goode Intelligence. Digital first also applies to bad actors, with cybercrime now costing trillions (yes, trillions with a “t”) annually in global damages.
According to former Google CEO Eric Schmidt, “Identity will be the most valuable commodity for citizens in the future, and it will exist primarily online.”
Digital identity is poised for rapid and long-term growth enabled by biometric-based identity verification. From banking to travel, trusted identity is central to enabling secure seamless digital journeys. Digital account opening simplifies and secures a complex digital banking process to accelerate customer acquisition and expand financial inclusion. Seamless travel enables border control authorities to find and focus on the needles in the proverbial haystack, while vastly improving the traveler experience.
Yet the current state of digital identity is more of a patchwork of differing identities across government and commercial systems, which is already leading to the proliferation of digital identities and wallets, reminiscent of the early days of the password.
Today, the average internet user has over 100 accounts that require a password; some estimates put it as high as 240. Just imagine the identity crisis of trying to manage 240+ IDs! Convenience concerns aside, this fragmented approach to digital identity is also ripe for abuse by bad actors seeking to perpetrate synthetic identity fraud, which is being fueled further by generative AI.
With global security, stability, and prosperity hanging in the balance, there’s a lot at stake to get digital identity right. However, the world is not moving at the same pace – or even in the same direction.
Similar to the groundbreaking General Data Protection Regulation (GDPR) and AI Act, Europe is once again taking the global legislative lead with the EU Digital Identity (EUDI) Regulation that gives member states until 2026 to offer their citizens an EUDI wallet built to common specifications. Indeed, some member countries are already piloting EUDI-compliant wallet solutions, while Estonia, an early embracer of digital identity with its e-ID scheme, will have to update its existing framework to adhere to EUDI.
The EU is sending a clear message that they intend to be a leader in the digital economy by accelerating digital identity adoption to increase growth and competitiveness while allowing all Europeans to participate and benefit.
Other jurisdictions, notably the U.S., which typically eschews national identity programs, are relying on big tech players to provide their citizens with digital identity options. Apple clearly signaled its digital identity aspirations at WWDC 2021 when it announced support for storing credentials in the Apple Wallet application. Since then, four states have launched mobile driver licenses (mDLs) via Apple Wallet, with another 20+ states currently evaluating the same. Also, the TSA is testing the use of digital identity credentials stored in some mobile wallets – including Apple, Google, and Samsung – for passenger identity verification at select airports. While big tech continues to be a catalyst for innovation and superior user experience, this direction also introduces added concerns around citizen privacy and control of citizen credentials – especially across national borders.
Whether government-led or tech-led, digital identity adoption is expected to increase exponentially through the rest of the decade … and beyond. Getting digital identity right will be about applying the best practices learned from different approaches across jurisdictions.
At Entrust we are committed to helping our customers realize secure trusted identities that can span our digital and physical world. By leveraging advanced technologies such as phishing-resistant, passwordless multi-factor authentication (MFA) and AI-driven identity verification, organizations can significantly enhance their security posture and operational efficiency.
The post Digital Identity: There’s a Lot at Stake appeared first on Entrust Blog.
*** This is a Security Bloggers Network syndicated blog from Entrust Blog authored by Jenn Markey. Read the original post at: https://entrustblog.wpengine.com/2024/06/digital-identity-theres-a-lot-at-stake/