FB pixel

Westminster Forum talks digital ID regulation, rollout and security

Westminster Forum talks digital ID regulation, rollout and security
 

Digital Identity is the focal point of the latest Westminster Forum policy conference, for which key stakeholders and policymakers in the biometrics and digital ID fields came together to discuss the rollout and use of digital identities and identity verification services in the UK by businesses, public bodies and consumers. Topics ranged from regulatory matters such as the Digital Identity and Attributes Trust Framework, to challenges with digital identity rollout, to digital inequality and inclusion.

On policy, Professor Anna Beduschi, a professor of law at the University of Exeter, spoke on the complexity of regulating a system that often focuses on privacy, but in fact encompasses many broader issues. Existing frameworks, rapidly evolving technology and a plurality of interested and affected parties all add to the overall complexity of the digital ID landscape.

Regulation and trust frameworks, Beduschi says, are “quite useful as a way of navigating the complexities of the digital identity landscape, because they provide these agreed set of rules and standards” by which all stakeholders must abide. She points to the pan-Canadian trust framework and work in the EU on digital wallets as solid examples.

She says challenges with implementing digital identity schemes tend to center around surveillance and distrust in digital ID from a data protection standpoint. People do not yet trust digital identity enough to embrace it. Which, says Beduschi, is exactly why privacy and data security need to take precedence in design.

“It is important to have data protection and privacy that should be at the center of the design development implementation,” she says, “but also evaluation of digital identity systems once they are already implemented. In this way, a data privacy centered digital identity framework would be one in which data protection and privacy considerations are not just a mere afterthought – they’re really integrated into the design of this digital identity system.”

To win people’s trust, design digital ID that includes them

Another pathway to trust is inclusivity. Privacy is not always the primary concern, and Beduschi points out that distrust is often rooted in experience. It is important, she says, for people to understand and trust that, on a holistic level, digital identity systems will not exacerbate existing inequalities for marginalized communities, thereby marginalizing them even further. Clear provisions on transparency and compliance mechanisms are needed to win the hearts and minds of a wary public. “So this idea of not leaving anyone behind, I think it’s very important to communicate in this field of digital identity. And that is quite closely linked to the idea of digital identity systems that should enshrine accountability.”

Beduschi’s final piece of advice on digital identity regulation is simple: have a digital identity regulator. Or at least look at places where current roles and offices, such as the biometrics and surveillance camera commissioner or information commissioner, overlap.

Safety and security key considerations in age of hypercharged fraud

Robin Tombs from Yoti is among those who offered thoughts on the question of digital ID safety and security. Reusable identities like the ones Yoti provides via selfie biometrics, says Tombs, are inevitable, given the long list of ways in which highly determined fraudsters can hijack identity transactions for fraud.

“It might feel like very bad news that fraudsters find it very easy at the moment to beat systems,” says Tombs. “But reality is it will drive up the use of reusable IDs. I think that as fraudsters get really, really good at putting your information into web forms, or creating ID documents with your details on the document and sending them in, that becomes a real problem for regulators and businesses and for individuals. And it will drive more and more people eventually to use reusable digital identities where you take control of your unique passport, and take control of your unique face, and you bind them together in a reusable ID.”

Tombs expects policymakers to eventually patch up holes and start expecting businesses to use reliable verification and authentication methods such as encrypted biometric reusable ID. “Regulators are likely to remove the weakest ID methods as they begin to see that most of the ID fraud comes through certain things like just putting stuff into a webform or sending an email attachment,” he says.

Digital ID rollout depends on a foundation of trust

For now, uptake remains a problem on both an institutional and individual level. Interoperability and knowledge-sharing are issues. And while data privacy and data security are ostensibly foundational to digital ID, it always comes back to trust. Not only trust in organizations, digital ID providers and governments, but also in ourselves.

“I think we’re also putting a huge amount of faith in assuming that actually individuals want to take responsibility for their identity,” says Gus Tomlinson, chief product officer at GBG, which offers secure user onboarding services and identity verification. “And when we think about these things that actually have been managed by gatekeeper organizations for such a long time, putting that then into the hands of the consumer, whether digital savvy or not – and whether just turning 18, or getting to a retirement age – that’s a huge, huge thing that we’re deciding to do.”

Regulatory compliance is a key piece of the puzzle. But, like Professor Beduschi, Tomlinson also advocates for a more nuanced view of digital identity. “If we all work together to get a more complete view of a digital identity, and combine those data points to get a more precise and nuanced view of it, we can actually make the whole ecosystem easier, faster, safer,” she says. Tomlinson emphasizes that there is no silver bullet for any aspect of digital ID, and that “understanding the diversity of international identity features is also really, really key.”

Robin Tombs expects that the younger demographic’s love affair with phones will clear some of the hurdles to widespread adoption of mobile digital ID, but that forcing the issue on doubters in the meantime may not be helpful. Make it voluntary, says Tombs – and see how many people decide to stick with the old way.

“You know, let the consumer get on and choose what they want to do,” he says. “If people don’t ever want to have a reusable ID, that’s fine, as well. But I suspect they may find that some of the alternatives are more time consuming and more painful and possibly involve driving somewhere with a paper document. But if that’s what they wish to do, then that works as well. You know, I think a voluntary system is a jolly good idea.”

Related Posts

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

More US airlines, airports moving toward biometrics for security, baggage

From Denver to Salt Lake City to Dubai, biometrics and digital ID are being activated to improve security and efficiency…

 

Isle of Man govt plans public consultation on introduction of FRT at ports

The Isle of Man continues to debate the introduction of facial recognition and identity documents to boost security at its…

 

Scottish review calls for clearer standards for police in biometric data retention

The Scottish government, in partnership with the Scottish Biometrics Commissioner, has published a detailed review of biometric data retention practices…

 

North Korean mobile service apps rely on facial recognition

North Korean citizens are required to submit face biometrics to subscribe to mobile services through the official apps of North…

 

Integrated Biometrics, GripID release ‘smallest multimodal biometric device’

Shaped and sized like a modern TV remote or an early iPod Nano, the new multimodal biometric scanner from GripID…

 

Aware has parted company with CEO Robert Eckel

Robert Eckel is resigning as CEO of Aware. The Massachusetts-based biometrics company has filed a form with the United States…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events