In an era governed by digital transactions and data, our methods for managing digital identities, security, and privacy are proving inadequate. At the same time, consumers are looking to do business with companies that have minimal friction as part of their overall service experience, and which provide assurance that consumer’s identities and transactions are reliable and safe. Digital identity has matured from a first-in, first-out type of workflow to a multiple-input, multiple-output object-oriented entity, making it more difficult than ever for businesses to abide by the conventional wisdom of “If you can’t protect it, don’t collect it.”

Overall trust in digital ecosystems is diminishing, which overlaps with growing digital identity concerns, all relating in some way to the unauthorized release or use of personally identifying information, often on a mass scale. Compliance to regulations such as the California Consumer Privacy Act (CCPA) are coming to the entire United States, so the timing is upon us to rethink how we approach digital identity. One vision is that of a “competent authority” supporting private and public sector businesses and interested parties in building digital identity services, fit for their purposes and in their own environments that are secure, reliable, and easy to use.

I recently published my notes from this years Innotribe@Sibos 2019 where I led a discussion to review past experience as we develop and implement community-driven, open standards for digital identity and global open banking initiatives.

There was consensus that existing identity standards need to be utilized to ensure the identity portable and accessible across many trust frameworks. But we still have to work out how we share data among all the actors including relying parties and intermediaries. And we have to ask how we accept data shared with us? What does trust mean for others? How do we interpret their trust scores or trustmarks? How does self-certification help drive trust?

In parallel to preparing for presentations at Sibos, I was working on a white paper, Aligning the Rules and Tools of Digital Identity: Solving Today’s Burning Business Problems”, that advances the conversation in the current digital identity landscape. This paper essentially went “live” on a stage at Innotribe@Sibos when Eric Sachs and I revisited ten years of identity “battles”. These are a set of burning business problems facing the internet identity world that no one organization can solve alone.  This paper further marks the beginning of a new approach to solving these problems with open banking initiatives in 2020 while referencing prior OIX work and white papers.

It is my hope this white paper provides a perspective of digital identity solution challenges and opportunities in 2020 and beyond. Feel free to download the “Aligning the Rules and Tools of Digital Identity: Solving Today’s Burning Business Problems” white paper at the OIX website.

 

Don Thibeau
OpenID Foundation Executive Director