By Rob Laurence
I was at the OIX workshop in Amsterdam last week. It was time well spent with an interesting agenda and a high degree of audience participation. Two presentations caught my attention for similar reasons. The first was the LIGHTest project to build a global trust infrastructure. The second was a new OIX-sponsored project to define trust frameworks, in effect a multi-party legal contract that binds organisations under a common set of terms and conditions.
Mention was also made of DIACC – the Digital ID and Authentication Council of Canada – and how it was bringing together a broad spectrum of private and public sector organisations to further the cause of a digital identity ecosystem for Canada.
The reason these presentations and the Canadian initiative caught my attention was because, to me, they indicate that people are “thinking big”. These projects are addressing global and national issues – top down.
Contrast this to what is happening in the UK. We have the well-intentioned GDS-led GOV.UK Verify digital identity scheme. It’s been a long-time in the making, having been conceived following the closure of the ID card programme back in 2010. But adoption has been slow across government departments and agencies. Consequently, a scheme designed to improve the digital life of British Citizens has achieved an unimpressive 5% sign-up rate to date.
From the outset, GDS has always maintained that Verify-issued digital identities could be reused across banking, travel and other private sectors. In truth, GDS needs the banks and airlines on board if citizen sign-up and reuse is going to grow dramatically and meet the aspirations and economics of its design.
And therein lies the problem. Few banks and finance institutions know what GOV.UK Verify is or intended to be. For the foreseeable future, they are fully occupied delivering the new requirements to be compliant with Open Banking, PSD2, 4AMLD and GDPR – all of which perversely could greatly benefit from a common approach to digital identities.
At some point, they are also collectively going to have to deal with the ever-increasing levels of online identity fraud, now at record levels according to CIFAS. A common approach to digital identities could be part of the solution.
We need some “big thinking” here in the UK, to think of digital identities and schemes as a national asset, and to start to realise the value of such an asset to the digital economy, sooner rather than later. The question is: “Where will that vision come from?”