How identity ecosystems transform access to services
A look at the technologies driving identity systems forward
Mastercard: pioneering capabilities in identity systems
At Mastercard, we are building capability in digital identity systems across various avenues.
The need for a simple, safe, and reliable way of authenticating individuals’ digital identities is more important than ever. There are increasing concerns about how and where individuals’ data is stored, how it is used, and who profits from it. Individuals need to realize the benefits of digital identity while maintaining control over how it is utilized. The acquisition of Ekata, a global leader in dynamic identity verification solutions, is a further step towards building a smarter identity system that balances delivering a frictionless experience while ensuring customer privacy, control, and security. Ekata’s technology can be used to prevent fake accounts, reduce payment risks, and combat transaction fraud.
Dynamic verification with Ekata
TM
Mastercard and Optus
In Nov 2020, Mastercard and Optus announced a strategic partnership to provide customers with a simpler, more secure way to prove their identity online and in-store. In using ID, the Mastercard digital identity service, Optus will strengthen its identity verification and authentication process while retaining its best-in-class, digital-first customer experience. The service will be rolled out to nearly 6 million customers who have downloaded the My Optus app. Customers can create a secure, reusable, and verifiable digital identity that can be used when purchasing a new device, making account changes, buying additional services, and more.
Without a verified identity, millions may be prevented from receiving the best possible healthcare, from purchasing goods and services, from finding jobs, and protecting their assets.
To solve these challenges and create a successful ecosystem, it is crucial that all players — individuals, governments, social service providers, and corporations — adhere to standardized principles.
Let’s explore the various pathways and technology platforms — from creating an overarching authority to using large databases, blockchain, and biometrics — that could allow us to build a secure and efficient digital system for the benefit of all.
Makhtar Diop
World Bank Vice President for Infrastructure
"IDs are taken for granted by those who have them. But lack of identification creates barriers for each individual affected and for the countries they live in."
Consumer Trust
People know and trust physical identification. Adoption of digital identity will require motivating individuals and businesses to change their behaviors. Building comfort around an ‘intangible’ form of identification will take time and effort.
Access
52% of the global population do not own a smartphone, and 41% do not have regular access to the Internet. Unless we bridge the digital divide, it’s clear that we cannot unleash the full potential of the digital identity revolution. A critical concern, particularly for those under-represented populations with the highest needs.
Fraud
Cybercriminals are already working out new ways to steal data and identities. Recently, we witnessed a rise in data breaches. Increasing data protection measures will be fundamental to the success of any digital identity system.
Overcoming the challenges of security and data
As digital identity systems become inevitable, three challenges become evident
Building a new infrastructure for digital identity
The average person will have nearly 5,000 digital interactions per day by 2025. Yet, we still rely on laminated licenses and printed documents for identification. Although there has been some progress, identity authentication has lagged behind the pace of technological change. A digital identity system, both secure and interoperable, as well as fit for the twenty-first century, is long overdue. There are challenges, but choosing the right digital solutions and infrastructure, together with sound policymaking, can remove this friction and close the gap. The good news is that digital identification systems are being explored across the globe. However, while there are many benefits, it is important to weigh these against risks to privacy, cybersecurity, and accessibility. In this article, we evaluate the various options and their implications.
Innovation Insights
Fraud presents yet another challenge - a centralized system where all identifiable information is stored, managed, and accessed could become a target for cybercrime. To avoid this, the right security measures need to be adopted and rigorously maintained, to protect the integrity of the system.
Accessibility to a recognized digital identity system
1.1 Billion
1.1 Billion people worldwide do not have a formal confirmation of identity.
Emergent digital identity systems around the world
While these pathways are evolving, several countries are already laying the building blocks of a nascent digital identity ecosystem.
Early explorations
Estonia
Estonia has led the world in pioneering digital identity systems. Its implementation of a national verification platform began in 1996, and today each of its 1.3 million residents votes, attends schools, starts new businesses, and pays their bills using a single digital identity. Their digital identity platform saves the country as much as 2 percent of its entire economic output annually.
IoT ushers in a new wave of applications
Continuous digitization
The arrival of the fourth industrial revolution marks a new era for the adoption of smart systems across various sectors – and consequently, the Internet of Things (IoT) is expected to have a tremendous impact. As the IoT allows us to electronically monitor and manage objects remotely, we expect data-driven decision-making to take off. With an anticipated 75bn IoT devices adoption by 2025, its impact is almost certain to be felt by both consumers and businesses.
As regards the enablement of digital identity, IoT could be used to verify actions and affirm the next step in an identification and validation process. By leveraging the physical devices around us to transmit our digital identities without friction and in real-time, we can ensure that digital identity is a solution for everyone, including those who do not own a smartphone.
Singapore
SingPass Mobile features a one-tap access to commonly used government digital services with a customizable profile, so users always have access to their important information. It allows users to verify their identity and share personal information for over-the-counter transactions. By August 2020, SingPass Mobile had 1.9 million active users in the city-state.
Sweden, Norway, Finland, Denmark
For more than a decade, the citizens of the Nordic countries use their digital identity systems to access social services, domestic commercial services, and crossing their borders. They have also initiated using Federated e-IDs that can be used across the different Nordic countries.
Ghana
In 2018, the Ghanaian government launched its e-identification project with the Ghana card, a collaboration between the National Identification Authority and subsidiaries of Margins ID Group. By 2020, 15 million Ghanaians had registered. Ongoing efforts focus on registering the rest of the population and, with the help of private sectors, building out citizen-centric services for greater applications of their e-ID program.
Infrastructure in the market
Continued recognition of the digital ecosystem
Infrastructure in the market
Continued recognition of the digital ecosystem
Beyond building and piloting a digital identity system, the promotion of its advantages is equally important. Multi-stakeholder partnerships are key to enabling access to trusted forms of legal identity. Interoperability will therefore be a critical design feature for any digital identity system that can scale applications quickly, securing validation of the ecosystem over time.
Beyond current approaches and present technology, IoT, coupled with 5G, has the potential to actualize the implementation of a digital identity system, improving efficiencies and minimizing latency concerns. More use cases can be put in place and applied at different milestones of a consumer’s or enterprise’s journey.
Edge platforms will also help take identity validation to the last mile of any transaction.
Today, multiple governments and companies are already exploring ID solutions, leveraging smartphones to maximize passport and other ID requirements.
IoT devices adoption by 2025
75
BN
Empowering individuals to use their data without fear or friction
The benefits of a digital identity system are clear: it offers consumers and entities access to a multitude of services and support, as well as their own data. A secure digital identity ecosystem merely marks the start of the journey towards a future where a single interoperable digital identification system reaches across all industries and activities. There is keen anticipation of a world where populations across the globe can seamlessly move through their lives, recognized and permitted access when boarding a plane, entering their workplace or fitness club, shopping, arriving at a government institution, or re-locating-without friction. We want a digital identity system that is responsive to our different lifestyles and is supported by both government institutions and the private sector. The more flexible the application, the greater momentum for universal adoption.
Mastercard Inclusive Identity
Through innovative biometric hashing and AI technology, Mastercard is pioneering a new approach to biometric enrollment and authentication, where individuals can prove ‘they are who they are’ while remaining in control of their data. This new approach eliminates the need for partners to store, share, and reuse sensitive biometric data within databases and/or digital wallets. It also significantly improves interoperability across biometric vendors, as well as reducing operational risks, protecting IT systems from hacking, and enhancing data protection & GDPR compliance.
Image Source: https://www.optus.com.au/
Accessibility to a recognized digital identity system
Any digital identity solution needs to be accessible to everyone, not just those with smartphones. A biometric solution could allow this accessibility, providing convenience and ensuring greater financial inclusion. There are several examples across the world.
Many validation points still rely on physical formats. Even a digital process needs tools to register and authenticate the information offered. Thus, access to technology is key for the accuracy and speed of the verification. For instance, a smart device — with encryption — could easily be tapped to become a registration and authentication device to ensure security.
In 2018, the Ghanaian government launched its e-identification project with the Ghana card through a collaboration between Ghana’s National Identification Authority and subsidiaries of Margins ID Group. As of 2020, there are some 15m Ghanaians registered. Ongoing efforts are focused on registering the rest of the population and, with the help of private sectors, build out citizen-centric services for greater applications of their e-ID program.
Provides a structure that includes advantages of both centralized and decentralized systems.
Enabling efficient ID validation and authentication across IoT devices for data-driven decision-making.
A centralized authority
A decentralized authority
Ensures compliance with recognized oversight.
Puts control fully in the hands of the individual.
A hybrid solution
A single authority endorses a centralized system, which has clear advantages. It stores and manages an individual’s personal, government, financial, health, and other records centrally. With control under the single authority, typically governed by a regulatory body, all participants will accept digital identity validation, public and private.
Addressing Trust and Fraud
For countries whose citizens are more skeptical of authority and overreach, security and privacy may be challenges. Further, the legal frameworks around data are still emergent: despite the roll-out of privacy laws and the implementation of the General Data Protection Regulation (GDPR), many companies are still behind the curve, and not sufficiently protecting third-party data.
Verification, access, and mobility
Verification systems often rely on third-party capabilities to initially register and authenticate, and a user-centric system lacks these capabilities.
DLT relies on the assumption that everyone has a smartphone: fifty-two percent (52%) of the global population does not own nor use one.
Most governments still demonstrate reluctance to accept a foreign identity system, especially a decentralized one.
IoT enables us to more easily connect services to users’ daily lives. The increased adoption of IoT devices highlights the importance of the ability to transfer and process this data efficiently. As we approach the point where Cloud can support all Enterprises’ data storage and processing needs, we are observing a migration towards Edge computing. With notable advances, Edge computing is now considered a more efficient alternative. As Edge computing processes data closer to source, this helps address latency issues associated with traditional cloud models. Edge also saves bandwidth and can better manage existing security and privacy concerns.
6% of GDP
A digital identity system can save 6% of gross domestic product in a typical emerging economy.
1
Digital identities are created from a series of data points, forming a unique statement about an individual that can be leveraged to access goods and services. A secure digital identity ecosystem can, in turn, enable identification to be managed seamlessly and in real-time as we interact with various physical and digital devices around us.
Digital identity ecosystems streamline identification and create multiple benefits for governments, institutions, and citizens alike. As access to smartphones is entrenched and technological growth continues apace, the benefits of implementation far outweigh costs over the long run. Scaling digital identification can bring economic benefits to nations, organizations, and individuals by increasing efficiency, enhancing inclusion, facilitating access to goods and services, empowering individuals, and reducing fraud. Unlocking the value of digital identity can also boost a nation’s economic growth.
Image Source: https://www.optus.com.au/
1. McKinsey Global Institute, Digital Identification, A path to inclusive grow
3, 4, 5, 6, 7
3.https://www.tech.gov.sg/products-and-services/singpass/
4. https://www.id4africa.com/2019_event/presentations/InF14/4-Juliet-Kiluwa-FSDT.pdf
5. https://www.europeanceo.com/world-view/electronic-identification-cards-herald-a-digital-future-for-ghana/
6. Monetary Authority of Singapore, Foundational Digital Infrastructures for Inclusive Digital Economies
7. https://verified.me/government-sign-in-by-verified-me/; https://diacc.ca/the-diacc/
2. https://www.bankmycell.com/blog/how-many-phones-are-in-the-world
2
A decentralized solution can provide freedom, transparency, and control for individuals. This ensures people have full control over who accesses their data. Access to an individual’s digital identity relies on Distributed Ledger Technology (DLT), making it easier for those seeking to verify the individual’s information.
Verified credentials are encrypted using blockchain. Participants in the network agree on consensus updates to the records in the ledger. There is no central authority or third-party mediator. Every record is marked with a timestamp and a cryptographic signature, making the ledger auditable and creating a database of transactions in the network.
Canada
A consortium of public and private sector leaders, the Digital Identification and Authentication Council of Canada (DIACC) put together a framework to develop a secure and scalable digital identification and authentication. In 2012, they launched Verified.me. This platform allows Canadians to use their current online banking credentials to sign in for online government services.
In 2018, the Ghanaian government launched its e-identification project with the Ghana card through a collaboration between Ghana’s National Identification Authority and subsidiaries of Margins ID Group. As of 2020, there are some 15m Ghanaians registered. Ongoing efforts are focused on registering the rest of the population and, with the help of private sectors, build out citizen-centric services for greater applications of their e-ID program.
Inclusion
Ownership
Simplicity
Confidentiality
Consent
Transparency
Security
and Integrity
Data Rights
Fair Use
Choice
Can identity ecosystems integrate with the services we access today?
A series of data points used to confirm an individual, serve as a digital identity to grant access to a service or to perform a particular task. In an ideal scenario, our identity will be recognized seamlessly in real-time, as we interact with various physical and digital devices around us. There is huge value in creating a digital identification system, especially when technology is not slowing down, access to smartphones is increasing and benefits outweigh the costs. Scaling digital identification will bring economic benefits by increasing efficiency, increasing inclusion and access to services and goods, increasing individual control, and reducing fraud.
Potential paths to digital identity
Mastercard’s principles on digital identity for individuals
The need for a simple, safe, and reliable way of authenticating individuals’ identities online is more important than ever. At the same time, consumers are increasingly aware that their personal data and digital behavior are being captured and accessed for various services. There are increasing concerns about how and where this data is stored, used and who is profiting from it. Mastercard built a framework of principles to go by.
In 2019 Mastercard, in partnership with the Gates Foundation, UNICEF, and Uganda’s Ministry of Education, supported the build of a platform that helps families in Uganda securely pay for school expenses using their mobile phones. The platform Kupaa enables the creation and management of digital records of both students’ and teachers’ attendance as well as supports the monitoring and installment payment collection for school feels. The platform also tracks school grants and subsidies to ensure timely and efficient fulfillment goals.
Kupaa was one of our earlier Proof of Concepts on how we could start helping rural communities build out their digital footprint. Getting cash-based rural communities to switch to digital platforms is just a first step. With Kupaa families establish their first digital footprint, which documents the timeliness of their payments. The platform’s dashboard offers schools to track and monitor student attendance. Encouraging rural families and schools to use a platform like Kupaa means we can help individuals to build out a functional digital identity that supports education and inclusive growth for all.
Kupaa
TM
Keeping Children in School while building out the foundation for a Digital Footprint
Mastercard and Optus
In Nov 2020, Mastercard and Optus announced a strategic partnership to provide customers a simpler, more secure way to prove their identity online and in-store. In using ID, the Mastercard digital identity service, Optus will strengthen its identity verification and authentication process while retaining its best-in-class, digital-first customer experience. Optus will progressively offer the service to its nearly 6 million customers who have downloaded the My Optus app. Its introduction will enable customers to create a secure, reusable, and verifiable digital identity that can be used when purchasing a new device, making account changes, buying additional services, and more.
Universal acceptance to power seamless movement through life
The benefits of a digital identity system are clear: It offers consumers and entities access to a multitude of services and support, as well as access to their own data. A secure digital identity ecosystem merely marks the start of the journey towards a truly single digital identification system that reaches across industries and activities. There is great anticipation of a world where populations across the globe seamlessly move through their days, being recognized and permitted access when boarding a plane, entering the workplace or fitness club, shopping at local businesses, arriving at a government institution, or re-locating with little effort. We want a digital identity system that has relevancy and is applicable to various touchpoints of an individuals’ lifestyle, equally enabled by governments and commerce. The more it can achieve a universal application, the better it will create momentum for adoption and scale.
Not having an identity can block millions from receiving accurate healthcare, purchasing goods and services, finding jobs, and protecting their assets.
The average person will have nearly 5,000 digital interactions per day by 2025. Yet, we are still using laminated licenses and paperwork for many identification processes. Authentication of our identity has not progressed alongside the surge of technological change. It has become evident that digital solutions and ecosystems, along with policies must close this gap.
To create a successful ecosystem, it is crucial all players—governments, social services, and corporations—recognize, use and allow authentication via digital identity systems adhering to standardized principles. All entities could leverage the same systems to move transactions more efficiently and smoothly, including tech from large databases, to blockchain, to biometrics.
Makhtar Diop
World Bank Vice President for Infrastructure
"IDs are taken for granted by those who have them. But lack of identification creates barriers for each individual affected and for the countries they live in."
Consumer Trust
The adoption of digital identity systems will require a change in behavior for individuals and businesses. Only if they can be motivated to do so, digital identity can become ubiquitous in daily life. Consumers need to feel secure with intangible verification, and misuse must be prevented.
Access
52% of the global population does not own a smartphone and 41% do not have regular access to the Internet. Without the basic device, only those with access to technology can be admitted to the digital identity infrastructure. A critical concern, particularly for areas with the highest needs.
Fraud
As activities on digital platforms increase, criminals are preparing new ways to take advantage by stealing data and identities. There has been a rise in the number of data breaches. Increasing data protection measures will be imperative.
The digitalization of our lives has accelerated alongside the changing face of industrialization. Industry 4.0 (I4.0) marked the start of the adoption of smart and autonomous systems across various sectors – where the Internet of Things (IoT) has had a tremendous impact. IoT is the ability to electronically monitor and manage objects remotely, making it possible to advance data-driven decision-making. With an anticipated 75bn IoT devices adoption by 2025 its impact is felt among both consumers and in business. Enabling a digital identity of things or objects, IoT could be utilized to verify actions and affirm the next step in an operating process. Digital identity is important as we look to ensure seamless transmission of data and in the future authenticate transactions and payments. But some concerns need to be overcome – namely, security and latency concerns when transferring personal information through such devices.
IoT can also support the adaptation and acceptance of digital identity for consumers if verification can be affirmed seamlessly in real-time - employing the physical and digital devices surrounding us - to confirm an individual’s identity and their access to a service. With an anticipated increased in IoT adoption, its impact is certain to be felt among both consumers and in business – particularly in supply chain systems and industries relating to shipping, transport, and manufacturing.
Coupled with 5G and edge computing improving efficiencies, IoT has the potential to bring digital identity to fruition in every situation where a consumer or business might require identity authentication.
IoT as enabler of
digital identity
Overcoming challenges to digital identity systems
Three challenges become evident as digital identity systems become inevitable
single
authority
Builds out an identity system, backed by a centralized body to ensure full compliance and with recognized oversight
fully decentralized
Puts control fully in the hands of the individual in terms
of usage
and access
Building the infrastructure for digital identity
The world needs a secure and interoperable digital identity system. Nations with developed digital ecosystems are better equipped to emerge out of a crisis. Even in ordinary times, a digital identity system can save developing countries as much as 6 percent of gross domestic product. Despite their value and efficiency, those systems provide risks to privacy, cybersecurity, and fair accessibility. We assess the consequences as digital identification systems are being evaluated across the globe.
Innovation Insights
75
IoT devices adoption by 2025
BN
A single authority endorsing a centralized system has clear advantages. It offers the storage and management of an individual’s personal, government, financial, health, and other records in a single, secure database. And with control under one structure, the digital identity will still be accepted outside of the system.
Addressing Trust and Fraud
For countries whose citizens are more skeptical of authority, it will be challenging to assure security and privacy. Despite the roll-out of privacy laws and the implementation of the General Data Protection Regulation (GDPR), most companies are still not sufficiently protecting and encrypting customer information. Enforcing the rules remain a challenge.
Fraud is another challenge for a single system used to store, manage, and access individuals’ data. The scaling of blockchain technology could help ensure the integrity of government data services and to protect its citizens’ data.
A decentralized solution can provide freedom, transparency, and control for the individual. Relying on Distributed Ledger Technology (DLT), particularly blockchain, one can encrypt their own information and have full control over who uses their data.
Verified credentials are encrypted using blockchain. Participants in the network agree on the updates to the records in the ledger by consensus. There is no central authority or third-party mediator. Every record is marked with a timestamp and a cryptographic signature, which makes the ledger auditable and creates a database of transactions in the network.
Verification, access, and mobility
Verification systems often rely on third-party capabilities to initially register and authenticate, and a user-centric system lacks these capabilities.
DLT relies on the premise that everyone has a smartphone. Currently, fifty-two percent (52%) of the global population do not own nor use a smartphone.
Most governments still demonstrate a reluctance to accept a foreign identity system, especially a decentralized one.
Accessibility to a recognized digital identity system
the amount developing countries can save by implementing a digital identity system
6
%
1.1 Billion
1.1 Billion people worldwide do not have a formal confirmation of identity
of GDP
Establishing digital
identity systems
around the world
Several countries around the world have started to build out the building blocks of digital identity ecosystems
Early explorations
Estonia
Estonia has led the world in pioneering digital identity systems. Its implementation of a national verification platform began in 1996 and today each of its 1.3 million residents vote, attend schools, start new businesses and pay their bills using a single digital identification. Their digital identity platform saves the country as much as 2 percent of its entire economic output every year.
Continuous digitization
The digitalization of our lives first accelerated with the changing face of industrialization. Industry 4.0 (I4.0) marked the start of the adoption of smart and autonomous systems across various sectors – and the Internet of Things (IoT) will have a tremendous impact. IoT is the ability to electronically monitor and manage objects remotely, making it possible to advance data-driven decision-making. With an anticipated 75bn IoT devices adoption by 2025, its impact is almost certain to be felt among both consumers and in business.
In the enablement of digital identity, IoT could be utilized to verify actions and affirm the next step in an identification and validation process. By leveraging the physical devices around us to transmit the data points that make up our digital identity seamlessly and in real-time, we are looking to ensure that digital identity is a solution for everyone, even for those who may not own a personal device to enable the validation of their identity.
IoT enables us to connect services to users’ daily lives more seamlessly. Ever-increasing internet use and adoption of IoT devices highlight the significance of the capability to transfer and process this data efficiently. As we approach the point where Cloud can support all Enterprises’ data storage and processing needs, enterprises are also migrating towards Edge computing, which because of notable advances, is an efficient alternative. Processing the data closer to its source helps address latency issues traditional cloud models were subject to. Edge also saves on bandwidth and can better manage existing security and privacy concerns.
Singapore
SingPass Mobile, features a one-tap access to commonly used government digital services and a customizable profile so users always have their important information available. It allows users to verify their identity and share personal information for over-the-counter transactions. 1.9 million users were actively using SingPass Mobile as of August 2020.
Sweden, Norway, Finland, Denmark
For more than a decade the Nordic countries have their citizens use their digital identity systems to cross borders as well as to access social services and domestic commercial use. They have also initiated the use of Federated e-IDs that would allow acceptance of their respective e-IDs across these countries
Ghana
In 2018, the Ghanaian government launched their e-identification project with the Ghana card though a collaboration between Ghana’s National Identification Authority and subsidiaries of Margins ID Group. As of 2020, there are some 15m Ghanaians registered. Ongoing efforts are focused on registering the rest of the population and, with the help of private sectors, build out citizen-centric services for greater applications of their e-ID program.
Infrastructure in the market
Continued recognition of the digital ecosystem
Infrastructure in the market
Continued recognition of the digital ecosystem
Beyond building and piloting a digital identity system, the promotion of its advantages is equally important. Multi-stakeholder partnerships are dedicated to enabling access to a trusted form of legal identity. Interoperability will be key to scaling digital identity applications quickly, securing validation of the ecosystem over time.
Moving beyond today’s considerations of approaches and technology, IoT, coupled with 5G to improve efficiencies and minimize latency concerns, has the potential to actualize the implementation and use cases for a digital identity system to be put in place and applied at different milestones of a consumer’s or enterprise’s journey. Edge platforms help take identity validation to the very last mile of any transaction.
Today, multiple governments and companies are already exploring ID solutions, leveraging smartphones to maximize passport and other ID requirements.
Many validation points still rely on physical formats. Even a digital process needs tools to register and authenticate the information offered. Thus, access to technology is key to support the accuracy and speed of the verification. For instance, a smart device – with encryption - could be tapped to become a registration and authentication device to ensure security.
A hybrid solution
Supporting each participant in the digital identity ecosystem can create a structure that includes the advantages of both, the centralized and decentralized system.
Broader application through IoT
Managing devices remotely to advance data-driven decision-making, enabling efficient ID validation and authentication.
IoT devices adoption by 2025
75
BN