With physical contact discouraged and a need to track potential cases of Covid-19, will the concept of digital identity be reimagined?
The entire world has been turned upside down in recent months by the outbreak of Covid-19. In the space of a few weeks, countries shut businesses, severely limited travel and more than 1.5bn people were told to stay at home.
Such a sudden transition to this ‘new normal’ brought a number of concepts to the forefront, among which was the idea of ‘digital identity’. This is a broad concept but, at its most basic level, it might be the personalised swipe card you use to enter your office building.
These cards are now likely gathering dust in drawers across the world as many workers stay home for the foreseeable future. But while digital transformation has been a topic of discussion for years, the sudden need to transform companies with potentially thousands of employees into remote businesses has seen a call by some for digital identity solutions.
Recently, digital identity provider ForgeRock closed funding worth $93.5m in the wake of a surge in demand for a secure platform to access cloud services. Meanwhile, governments are quickly transitioning to digital identity systems to bring everything from social welfare payments to marriage licences into the online world.
Biometrics taken out of the cloud
But a digital identity isn’t just assigned, it has to be backed up by proof of ID. This is increasingly being achieved through the concept of biometrics, a collection of an individual’s biological information that can range from a fingerprint to their speech patterns.
Last year, it was predicted by Gartner that by 2022, biometric information will be used by 40pc of medium to large global businesses for information security.
But the very concept of biometrics is not without controversy. You only have to look at the ongoing saga involving the Irish Government’s Public Services Card and concerns about facial recognition to see that biometrics without transparent security practices raises a number of serious privacy issues.
According to David Orme, a senior vice-president at Norwegian digital identity firm Idex Biometrics, one solution is to take biometrics offline and into a person’s own hands – or in this case, a card you put in your wallet.
The idea is that a person’s biometric data – their fingerprint – is stored on a credit card or access card. When a person wants to use it, they press their fingerprint to the card to confirm their identity and a confirmation message is sent to the terminal.
That fingerprint is only stored on the card, Orme said, meaning that it can’t be accessed by a third-party through a central location.
“I think one of the reasons why this type of form factor is so appealing is that it’s not really a scalable fraud because I would have to hack every card as there is no central database,” he said.
So has the onset of the coronavirus pandemic affected the world of digital identity? According to Orme, a noticeable shift is taking place among companies both large and small right now, with a “surprising” lack of awareness of the concept.
Surge in demand
“We’re definitely getting more inquiries,” he said. “I think the market is at the pilot stage. We did an education session for German banks recently and we found that, basically, people aren’t aware [about digital identity]. There’s a huge education process to go through with the companies that are likely to deploy it; the same with end users.”
In China, Idex Biometrics recently secured a deal for its authentication technology on a biometric payment card that can be used by China UnionPay.
This may come as no surprise given China’s reputation for using biometric technology such as fingerprint scanning and facial recognition. China was recently ranked by one study as the world’s number one in terms of extensive – and invasive – use of biometric data. This has surged since the outbreak of Covid-19, with buses in the city of Guangzhou having tablet devices installed for biometric identification and tracing of passengers.
“We’ve been talking to some of our card manufacturing partners there about a sovereign digital currency for all the upcoming events that are planned now in China,” Orme said of one example. “Foreign visitors could be issued with the biometrics smart payment card that would be accepted at sporting events, hotels etc.”
It appears that in some corners of the world, the acceptance of biometric information being used more in a post-Covid-19 world is growing.
A survey conducted by Idex Biometrics towards the end of last year claimed that 62pc of a group of ‘Generation Z’ consumers said banks should offer biometric payment cards to reduce fraud. A study from a few years before found a similar demand for biometric security.
This demand, Orme said, could rise further in years to come as people hesitate to touch any public surfaces for fear of contracting the coronavirus or something else.
‘An everyday part of our life’
But despite this eagerness from some, there is still the overarching issue of privacy, especially when it comes to a world changed by Covid-19. For example, the OECD recently gave a number of recommendations on using biometric information for technology used to create contact-tracing apps, particularly facial recognition.
As debate continues over whether to use centralised or decentralised data collection for these apps, the organisation warned that any solutions need to take citizens’ privacy into account.
While many of questions are yet to be answered about where digital identity goes from here, Orme of Idex Biometrics believes that, in time, biometrics will soon be ubiquitous in everything from paying for goods at the supermarket, to using a card with your biological data to access an apartment block.
“I’ve got a high level of confidence that it’ll be an everyday part of our life,” he said. “It’ll be something that we won’t talk about because we accept it.”