As we discuss in our latest digital identity research
, the use of digital identity as a replacement for traditional physical documents is growing fast, both in the public and private sector.
One notable example is the increased adoption of digital driving licenses. These typically comprise a picture of the licence and a QR code. This latter element is particular important as alongside confirming that the holder has the right to drive, this QR code allows law enforcement to scan the licence without the individual needing to hand over their mobile device.
Some digital driving licences also show a restricted version of the licence that only has the individual’s picture, name, and confirmation of whether they are of drinking age; enabling the licence to be shown to law enforcement and other authorities, while, at the same time, protecting as much of the individual’s data as possible.
Within the private sector, digital gym memberships are also growing in popularity, in part because the data is seen as less sensitive, and therefore, less risky to carry around, than digital government documents.
In most cases, these schemes utilise a dedicated app that provides proof of membership via, for instance, a barcode that needs to be scanned when entering the gym. This is not unique to gyms by any means, and many member-based businesses (including hotels) now use digital proof of membership or ownership. It is also common for these apps to convey access to loyalty schemes and other marketing partnerships, making them a powerful tool for membership -based businesses.
There is also a significant overlap with digital wallets
; primarily used to store digital debit and credit cards, digital wallets are increasingly being used to store identity documents such as event tickets and insurance documents, along proof of ownership including hotel room and car keys.
In theory, any government credentials could be stored in a secure digital wallet, allowing for savings on the creation and re-issuing of physical credentials. This would also make it much simpler to update information on these credentials, as new identity documents would not need to be physically reissued when an individual moved home or got married.
In some US states, for instance, digital driving licences held within Apple Wallets are fully recognised by state officials and local law enforcement. However, it must be noted these digital wallets will struggle to monetise identity in the same way as they have payments, due to competition from government-run schemes limiting adoption.
Security & Privacy Concerns
One recurring issue that government documents have always faced, and will always face, is forgery.
This was highlighted in 2022 in New South Wales, Australia, when it was discovered that a flaw with the system governing digital driving licenses
could be easily brute-forced by cybercriminals, making it “trivial” for anyone determined enough to forge new fake identities.
In addition, digital identity documents, such as those issued by governments, require centralised identity systems; where digital identity credentials are held in a single place, and each identity is used for a single purpose, ie. a digital driving license.
The simplicity of centralised identity systems over other forms of digital identity, such as federated identity and decentralised identity, makes them ideal for issuing and managing digital government-backed identity documents. However, their nature means that data breaches can be catastrophic; a situation compounded by the fact that, owing to budget constraints, many governments use older, less secure computer systems.
Consumers are becoming increasingly conscious of data privacy issues, meaning that the future adoption of digital identity documents is entirely dependent on users’ level of trust in the institutions issuing them. In countries where there is high trust in institutions, national digital identities will be more widely adopted. In nations with lower institutional trust, the role of digital identity provider will be assumed, at least, to some degree, by the private sector.
This creates an opportunity for private identity providers. However, much like government institutions, these private firms also need to earn consumers’ trust. At this early stage, it is unclear the extent to which a high-profile data breach would impact adoption of digital identity among consumers, but making significant investments in authentication, encryption, and cybersecurity best practice would go a long way to avoid testing this.
Our complimentary whitepaper, Digital Identity ~ The Next Frontier of Cybersecurity
, examines the driving forces behind the increasing merger of digital identity with cybersecurity.
“Juniper Research’s new Digital Identity research report presents an independent analysis of the future evolution of this highly dynamic market. It provides a comprehensive study of the growth of the digital identity market, resulting changes in how national IDs are issued, the way identity is authenticated and regulatory compliance around identity. The report positions 18 vendors via the Juniper Research Competitor Leaderboard; providing an invaluable resource for stakeholders seeking to understand the complex competitive landscape in the market.”