Understanding Digital Identity

Proliferation of ID Systems

What is Digital Identity?

When these three processes occur digitally

• Identification

• Authentication

• Authorisation

Does Hamlet need an ID

To be or not to be

Identifying books

• Since mid-60s, every copy of Hamlet has its own ISBN
• The Signet hardcover, paperback, large print, and online versions each have their own ISBN
• But Hamlet does not have its own ISBN
• So how do computers know that this edition of Hamlet is the same as that other edition of Hamlet, in some meaningful sense of "same"?

Identifying books

• Folger's Hamlet with a New Introduction by Jim Carrey gets an ISBN, but Hamlet itself does not because no one sells Hamlet-in-general...even though most of us want to find a copy of Hamlet-in-general and don't much care about which version it is
• ISBNs are inventory numbers intended to enable bookstores and publishers to automate the tracking of books.

Providing IDs is an ontological problem. You need to know the level of abstraction at which you're dealing.

Identifying books

• xISBN - returns a list of related ISBNs using WorldCAT
• DOI: clickable hyperlink that takes you to the publisher's choice of pages — perhaps an order page, a page listing etc.
• Talis, Skywalk

Identifying books

• Driven by commerce
• Commercial sense of ontology — two books are the same if the accounting entries are the same
• This isn't the only one that matters to readers.

Does Hamlet, the character need an ID

• Name
• date-of-birth,
• Social Security Number,
• Biometric ?

Solving the Trust problem

• ID systems, at their heart, solve the problem of how to establish trust
• How do I establish I am who I claim to be
• In order to do this, we need frameworks for individuals and systems to agree on what they are talking about

Individual

Identity Systems are created in order to provide means of identification to an identified set of population, such as residents, citizens, individuals above a certain age etc.

In the context of an Identity System, an individual is someone eligible to enroll within it.

Attribute

An attribute is any property, characteristic, or quality, that is inherent to or ascribed to an Individual, and can be associated with them in a stable or reliable manner.

Attribute

Identity System

An identity system comprises all the databases, processes, technologies, infrastructure, credentials, and legal frameworks associated with the collection, use, and management of personal identity data for the purpose of identifying individuals.

Identity Claim

During the process of Identification, Individuals enrolling into the Identity System are often required to produce supporting documents which serve as proofs or identity, address etc.

Identity Claim

In some cases, Identity Claim may also be made through testimonials or certificates from other entities, or through self-assertion in the form of an affidavit or some other means. Based on the priorities of the Identity System such as fraud reduction, inclusivity etc., the standard for what is an acceptable Identity Claims could vary.

Verification

Verification is the process followed during Identification to check the Identity Claims of an Individual, and ensure that they are the true owner of the claimed Identity and the related evidence/documents. This could include inspecting breeder documents such as a birth certificate to verify the date of birth claimed by the entity, or examining a photo ID card to verify other attributes of appearance, name, sex, etc., by the enrolling agent during the Identification process.

Identity Artefact

An identity artifact is a document or object, which can be both physical or digital, that is issued to an Individual at the end of the process of Identification, that facilitates in establishing their Identity. The Identity Artifact will usually involve a registration number assigned to the Individual.

Identification

Authentication

Authentication is the process of establishing confidence that an Individual is who they claim to be.

This involves using an Identity Credential, that was bound to the Identity during the process of Identification (such as fingerprints, a password, a smartcard, etc) to assert that it is in control of the Individual whose identity is being asserted. This is done through a process established within the Identity System to digitally check the Identity Credential usually against the Identity Artifact.

Authentication

Identity Credential

An identity credential is any document, object, or data structure, that can digitally affirm the Identity of an Individual through some method of Authentication in an Identity System. There are several kinds of factors that could be used as Identity Credentials.

Smartcards, Biometrics, Passwords, OTPs

Knowledge Factors

In some Identity Systems, the process of authentication is carried by testing for information that the Individual is expected to know. These include Identity Credentials such as passwords and PINs.

Possession Factors

In some Identity Systems, the process of Authentication is carried out through the use of an object that is supposed to be in the possession and control of the Individual. It includes a card, or mobile phone on which they receive an OTP, or a token device on which they receive a code.

Inherence Factors

These factors rely on the use of physical attributes of the Individual that are digitally measurable for Authentication such as fingerprints, iris scans, facial recognition etc.

Authorisation

Authorisation is the act of the Individual determining what actions may be performed on their behalf, or if their personal data may be accessed, based on the asserted and authenticated Identity. The process of authorisation involves the use of the digital identity to undertake activities and transaction (both financial and otherwise).

Authorisation

It is this aspect of digital identity which leads to both its oft-mentioned benefits such as ease of doing business, cost effectiveness and speedy transactions; as well as its prominent risks such as profiling, digital trail connecting disparate activities and discriminatory effects.

Types of ID System

• Foundational Identity System
• Functional Identity System
  

Types of ID System

• Centralised
• Federated
• Open Market
• Self-Sovereign

Thank you!