UK digital ID shouldn’t be a betrayal of DIATF-certified identity firms

The latest Westminster eForum policy conference looks at the next steps for digital identities and verification services in the UK, and a key area of discussion is the role of government Digital Identity and Attributes Trust Framework-certified providers in providing digital verification services. The issue has become fraught among firms that have worked to meet the criteria of the DIATF and achieved certification, but now feel forced to defend themselves against Big Tech on one side and the controversial national digital ID scheme on the other.

As a featured speaker at the event, Yoti’s CEO Robin Tombs offers his insights on the question, which he sums up in a post on LinkedIn.

“Some pundits already predict big wins for Apple and Google in the UK private sector ‘wallet wars’ and an ‘engineered win’ for the Govt ID wallet in the public sector, with little room left for any UK DIATF certified digital ID businesses to flourish.” Tombs says. “But, as in many markets, I think there’s likely to be more nuance.”

The main thrust of Tombs’ argument is that, “to maximize the benefits and innovations, the government should promote a healthy, private sector ID ecosystem alongside the government digital ID wallet.” It’s a version of the same stance taken by the Age Verification Providers Association (AVPA) and the Association of Digital Verification Professionals (ADVP), both of which count Yoti as a member.

Its nuances cover interoperability, customer choice and trustworthiness. Tombs notes that the government has made OneLogin ID exclusive for government services, which runs counter to the principles of interoperability and reusability in restricting the use of private sector certified digital ID. What, Tombs asks, does one need to do as a certified wallet provider to prove it offers the same high level of assurance as a government product? And will people make their own assumptions regardless? “That’s very messy,” he says. “And messiness reduces investment and reduces adoption.”

Tombs says Yoti’s own success proves the demand: more than 7 million people in the UK over the age of 13 have already downloaded a Yoti ID. Should they not be able to use that digital ID across the identity ecosystem? It will only confuse people, he says, if people can use their certified ID for a right to work check, but not for other government services.

Network interoperability is necessary to meet the challenge. While the government can provide the backbone and backstop, giving free access to OneLogin ID to various services and making it the default choice “is not going to encourage a healthy ecosystem,” Tombs says. The government should be looking to maintain a robust market for digital ID startups and smaller companies, especially as the dominance of Apple and Google raises the threat of a “U.S. business duopoly.”

Reliance on a small number of providers, he says, is also a security issue. “People worry about security and surveillance, and these risks are bigger when there is one, two or three digital IDs dominating.”

In short, don’t undermine trust in businesses you certified as trustworthy.

And don’t stifle innovation. Tombs name-drops a host of UK firms leading in various aspects of the biometrics and digital identity sector: OneID, TMT, iProov, Yoti. The factors driving innovation span proof of age, verifiable credentials and data ownership, and it takes diversity in the market to accommodate its complexity.

“A healthy ecosystem must involve the private sector as well as the government, and the government needs to be more clear that the private sector has a very important role to play in a healthy ecosystem, where innovation helps protect individuals and businesses.”

OneID touts economic benefits of private-public sector hybrid ID model

Also weighing in on the side of market diversity is Rob Kotlarz, director of OneID – another UK DIATF-certified digital ID provider with a significant market footprint. Kotlarz says he is concerned about the “U-turn in government policy creating potential monopolies in the market that would disadvantage a major investment that the private sector has made” in digital identity solutions. Kotlarz says public-private sector collaborations have tended to be the most digestible and trustworthy option for the EU.

OneID has taken 8 million people through its platform, underlining another key point: these companies are already operating, offering digital right to work checks and other services, and it’s confusing to forbid people from using them for what they consider to be equivalent services.

The economic argument is also there, says Kotlarz, noting that privacy preserving digital identity tools can drive down costs, enabling a more efficient economy.

Article Topics

DIATF certification  |  digital ID  |  GOV.UK Wallet  |  identity verification  |  OneID  |  UK digital ID  |  Yoti