Will our physical identification documents such as identity cards or passports, soon be a thing of the past? More and more, we make online transactions or use mobile devices that require our fingerprints or our eyes to access services or travel. That seems to be only the beginning of a future where our digital identity will be key to our daily lives and, likely, our IDs and similar documents will slowly fall into oblivion.
In June 2021, the European Commission (EC) proposed a European framework for a digital identity that will be accessible to all EU citizens, residents and businesses. If the primary challenge is to guarantee everyone’s security, the development of digital identity must also contribute to improving the user experience, namely, bringing forward simple, fast and secure citizen interactions.
Let’s take one step back and take a couple of minutes to discuss the semantics of the word identity. Who someone is: the name of a person, is the succinct definition one reads in the Miriam-Webster online dictionary. But there is a second one on the same page, the qualities, beliefs, etc. that make a particular person or group different from others.
Our identity makes us unique, distinguishable and, ultimately, humans. And, on the more functional side, identity is a precondition for participating in society by facilitating access to health and welfare systems, education, and financial and government services.
What is needed for this proposed EC framework to work? In this blog entry, we deep dive into the opportunities and challenges for developing a viable and solid digital identity ecosystem in Europe and how such a system would work in practice.
Serge Hanssens, Advisory partner specialising in digital Identity matters, collaborated with us to put this article together.
Digital identity in practice
Simply put, once the European digital identity is fully deployed it will no longer be necessary to present or scan our ID card or passport to authenticate ourselves at international borders, during authority checks or when we are carrying out various online operations.
In the pandemic context, It would have been very useful during the current Covid-check regime, for instance!
However, like everything in life, having digital identity also brings challenges, and security risks are topping the list. It is important both to guarantee higher security of people’s identities online to propel and facilitate the use of a digital identity as well as to fight against the falsification of physical identification documents.
And the need for a high level of security is accelerating, pointed out Serge.
In October 2021, The European Committee of the Regions supported the idea of a European Digital Identity Wallet but, at the same time, pointed out the need for strong safeguards, corroborating Serge’s opinion.
Exhibit 1. The e-ID
About citizens’ preparedness for holding an EU digital identity
Identity is fundamental to everyone, of course. But, although new digital technologies are all around and greatly influencing our lives, are citizens aware of what’s coming? How prepared are they to hold and use a digital identity?
We need to see that from a global point of view, suggested Serge, the reality is varied. There are countries around the world where having a digital identity has been a new normal for years. But let’s take a closer look at Europe. Estonia, for example, it’s a country that’s, today, digital by default.
To an Estonian, having a digital identity is, well, the identity, as it is (still) the ID card with a chip for us. It’s a matter of perspectives after all.
What’s undeniable is the fact that the world is becoming more and more digital. E-commerce is far and wide. We identify digitally every single day on social media, with a phone provider, when transferring money online, dealing with countless and sometimes easy-to-forget, insecure passwords. Having a secure digital identity can solve these issues and ease our lives.
More than wondering “if we should do it”, Succeeding in implementing an EU digital identity is, likely, a matter of how to make it happen smoothly and securely to guarantee a broad adoption.
An ecosystem for digital identity
In truth, the digital transformation of the EU bloc has the development of a sound digital identity as a foundation component. However, while moving into that direction, EU countries (and, in general, Europe) have walked different roads and developed different frameworks and use cases.
As a result, the digital identity landscape is fragmented and remains largely unregulated.
One of the main challenges, therefore, is integrating those country-level actions into a single EU standardised system. That’s anything but an easy task. Citizens’ identity is always linked to information control at government level so, when it comes to private or critical data, every country is quite reluctant to completely give up on control.
Interoperability (or the connection between the different digital identities) is pretty difficult to achieve and will take quite some time. That’s why the EC proposed the above-mentioned framework that, in turn, will require an ecosystem to work (See Exhibit 2).
Either broker-centric or identity-provider centric, this ecosystem involves a number of interdependent actors that need to work collaboratively across organisations and industries.
Every actor takes on certain tasks or operations across all stages of the digital identity lifecycle (See Exhibit 3)
Exhibit 2. Digital Identity Ecosystem
Exhibit 3. Digital Identity Lifecycle
Digital identity ecosystems can come in different forms. The number of defined roles and the scope of their activities largely depends on the specific requirements of the country’s legal framework and the players involved.
And to support all that, there is a need for infrastructure. That’s the point when private providers that have already in place a well-developed infrastructure can play a key role. We use, for example, social media credentials to access countless services. Wouldn’t it, then, make sense to involve them in the ecosystem?
We come back to this later on.
The citizen experience is key to a broad EU digital identity adoption
There is the security aspect as pivotal to make a pan-European digital identity a reality, but there is a second important one, the user experience or, more accurately, the citizen experience.
Sergio explained to us that the management of digital identities is already at the heart of the new business models in forward-thinking organisations.
That’s the case, for instance, of payment service operators who are already projecting themselves as trusted digital identity providers.
At the present, they already have in-depth knowledge of their customers and an extensive network of third-party suppliers or merchants accepting their cards, however, these payment operators also could, in the future, enable users to identify themselves in a secure way with many other players.
As a result, the user experience—and, ultimately, the user satisfaction—are positively impacted when performing online operations or even when users wish to take advantage of the service in physical reality.
There are other remarkable cases too, for instance in the airline industry. One of the top three major airlines groups is currently offering an advanced identity management service to travelers, improving the overall on-the-move experience.
Travelers’ identification when boarding, throughout their journey, when picking up a rental car, accessing the hotel, etc. is smooth, secure and practical.
Other providers have joined the digital identity service, improving the experience further throughout the value chain. And, naturally, the airline group reap up the benefits.
Enjoying the reading and want to learn more? Listen to our dedicated TechTalk episode!
The trust issue of digital identities
You may have already thought of this question, but, who will be responsible for management of digital identities? Moving onward, trusted actors, public or private, should ensure an adequate and secure handling of our identities.
Certainly, the EC intends to preserve and secure the digital identity of each and every of its citizens in the same way that it wishes to ensure that everyone’s personal data is protected with the GDPR.
One can indeed wonder if it is appropriate to leave the management of the identities of European citizens in the hands of any tech giant such as the commonly named GAFAM.
Some of the GAFAM already use your eyes or your fingerprints to access a device or an online service. But, did you also disclose your ID or any other sensitive information when you enabled that feature? Maybe yes or maybe not.
We should draw a clear line here. On the one hand, there is the identification system; on the other, the access to the information that is linked to it. The latter is or should be up to the decision of each citizen.
Serge thinks that whoever the custodian of our digital identities is, the initiative in itself shouldn’t be backed down. Having a EU digital identity in place will be an important catalyst for digital transformation and European integration, and a real lever for competitiveness. Beyond the issues of security and sovereignty, the European digital identity should provide access to significant productivity gains and enable cost reductions.
By using the European digital identity, every citizen should be able to easily identify themselves to many institutions and service providers. At the heart of these developments, trust will remain a central issue.
If you want to know more about this interesting matter, visit our website and download our publication.
What we think
Beyond security and sovereignty issues, the European digital identity should be a driver of significant productivity gains and an enabler of cost reductions. It is certainly an important catalyst for digital transformation and European integration, a real lever for competitiveness.