In an era governed by digital transactions and data, our methods for managing digital identities, security, and privacy are proving inadequate. At the same time, consumers are looking to do business with companies that have minimal friction as part of their overall service experience, and which provide assurance that consumer’s identities and transactions are reliable and safe. Digital identity has matured from a first-in, first-out type of workflow to a multiple-input, multiple-output object-oriented entity, making it more difficult than ever for businesses to know what data to use, how to use it, and when to use it.
Overall trust in digital ecosystems is diminishing, which overlaps with some digital identity concerns, all relating in some way to the unauthorized release or use of individual identity and information tied to identity, often on a mass scale. Common sense tells us that regulations such as the California Consumer Privacy Act (CCPA) are coming to the entire United States, so the timing is conducive for rethinking how we approach digital identity. The vision is one of competent authority supporting private and public sector businesses and interested parties in building digital identity services, fit for their purposes and in their own environments that are secure, reliable, and easy to use.
This paper advances the conversation in the current digital identity landscape. It went “live” on a stage at Sibos Innotribe in London in September 2019 when Eric Sachs and Don Thibeau described ten years of identity “battles”. These are a set of burning business problems facing the internet identity world that no one organization can solve alone. This paper further marks the beginning of a new approach to solving these problems with initiatives in 2020 while referencing prior OIX work and white papers.