A double-click on the ‘Identity Lifecycle’
One World Identity aims to deliver high-quality news, media, events, research and thought leadership covering all aspects of identity and the identity industry. We intend to reach all audiences, from identity industry professionals seeking in-depth analysis, to a consumer with questions about how biometrics may impact her life next year.
With such a broad audience, we have had to re-think how to deliver content that is accessible to the novice, but with enough depth to satisfy industry insiders.
The OWI Identity Lifecycle was inspired by these unique demands and seeks to make identity a tangible topic for all. Shifting the focus away from industry verticals to a unified view grants us a better vantage point for both spotting trends and drawing meaningful connections.
The Identity Lifecycle
Identity Creation is the act or process of obtaining a legal identity, often created by a government or central body. Without a legal identity, people are often excluded from accessing social services including education, healthcare, and social security.
Identity creation is not only the foundation of the OWI Identity Lifecycle, it also happens to be the most frequently neglected discussion topic within this space. This is due to the fact that many of the developments in identity technology come from the developed world, where identity creation is often taken for granted.
When we extend our view to the rest of the world, specifically to countries in Africa and Southeast Asia, identity creation is anything but commonplace. According to UNICEF, 1 in 3 children under the age of five is not registered at birth (source). Unregistered births are a symptom of the inequities and disparities in a society.
The United Nations recently declared through Sustainable Development Goal 16 it aims to “provide a legal identity for all, including birth registration” by 2030. Since then,, the conversation around identity creation has caught fire. Now more than ever people are trying to solve this problem
So far, we haven’t gotten very far.
A number of nonprofits, NGOs, and governments are implementing programs that attempt to address the reasons that families do not register children, including prohibitive fees, unawareness of the relevant laws or processes, cultural barriers, and the fear of future discrimination or marginalization.
Identity Verification is the act or process of collecting specific personal information to verify that people are who they say they are.
Made important through regulation and fraud mitigation, identity verification and Know Your Customer (KYC) compliance influences top level executives to take hard-line approaches to product development, including compliance from product design through implementation. From opening a new bank account to creating a new Facebook profile, the function of identity verification is to confirm the identity provided by a customer or user is the same as the identity that was created. Often times, this is completed with the help of third-party vendors, such as Experian and CallCredit, who leverage government databases to reach a conclusion on the veracity of the information provided
Over the past 15 years, the USA PATRIOT ACT has forced changes to how the U.S. conducts banking activity. Most financial services firms now have some form of effective KYC program, collecting a name, address, date of birth, and government ID number as minimum standards for all customers.
To arrive at a point of compliance maturity, banks and financial services firms have had to leverage large workforces to complete manual reviews on customer information. Companies are now looking at how they can automate manual processes, helping to reduce headcount, minimize costs, and generate analytical insights to better market to their customers.
Identity Authentication is the act or process of validating credentials that were previously verified, oftentimes granting the person access to a product or service.
People often ask “what is the difference between verification and authentication? Aren’t they the same thing?” I often respond with a short analogy: “Verification is the bouncer checking IDs outside the bar, and authentication is that subtle look from the bartender at the wristband that reads ‘over 21’.”
Unlike identity creation or verification Identity Lifecycle, this element facilitates the friction between a consumer and the product or service being used on a regular and consistent basis. As consumers begin to focus on experience and convenience over security and privacy, companies building authentication solutions are forced to build a seamless UX while maintaining appropriate privacy and security standards.
Although there is no golden set of global standards (yet) regarding identity protocols that enable interoperable authentication, standards setting bodies such as the OpenID Foundation are connecting and collaborating with the top companies and minds in the world to develop open standards.
Identity Security is the act or process of ensuring a person’s identity information is protected from anyone or anything that is not purposefully granted access to that information.
From identity theft — a crime that cost an estimated 13.1 million U.S. consumers $15 billion in 2016 (according to Javelin Strategy & Research) — to large-scale data breaches, such as Yahoo’s breach of 500 million customer accounts in September, security remains a keystone to the identity space. All of this data finds its way to the dark web to be used against unsuspecting victims. It is now not a matter of when you will have your identity information stolen but when and how often.
Companies like Lifelock, Ping Identity, ForgeRock, and LastPass are all examples of companies that protect identity. From fraud detection and prevention to digital identity access management for people, devices, and connected things, these companies provide identity security.
In an increasingly connected world, as we change the way we interact with the internet, technology, and our personal devices, identity security will be paramount in protecting information from potential vulnerabilities.
Identity Privacy is the act or process of ensuring a person retains the ability to disclose data consensually and with expectations about the context and scope of information sharing.
The idea of privacy has changed drastically since the advent of the internet. Prior to the digital age, there was an understanding that information provided by a person would be kept private. That same understanding came with the notion that there was a trade-off between privacy and security.
“I think it’s important to recognize that you can’t have 100% security and also then have 100% privacy and zero inconvenience,” President Barack Obama said in 2013, in reference to the NSA’s surveillance program. With advancements in digital technology, the philosophy has evolved; privacy and security are no longer part of a trade-off.
Following the San Bernardino attacks and subsequent iPhone encryption debate, Apple Chief Executive Tim Cook said he believes there is no trade-off between privacy and national security when it comes to encryption. This fundamental mental switch changes the way product managers approach product design in the digital age.
Privacy is vital to the identity lifecycle and must be maintained through strong governance and universally accepted standards. A breakdown in this lifecycle element leads to a breakdown in trust across the entire ecosystem.Without trust, transaction costs increase, products and services face low adoption, and technological advancement slows down. Maintaining and/or improving trust may lead to a healthy, happier, and safer world.
Identity Inclusion may be commonly associated with financial inclusion, but it also includes the ability to choose if you wish to be included within an ecosystem. Inclusion means choice.
It is no coincidence that the lifecycle element of inclusion leads back into creation. When digging into the issues for non-inclusion, issues such as prohibitive fees, unawareness of the relevant laws or processes, cultural barriers, and the fear of future discrimination or marginalization pop up again.
Identity acts as the perimeter to financial inclusion. Providing individuals with an identity opens the door for them to participate in the global economy, to receive health and social benefits, and to better themselves. Without a focus on inclusion, our world suffers from an identity dichotomy – those with and those without.
As an example of the impact identity and financial inclusion have on the world – for many NGOs and aid organizations, identity solutions enable more efficient cash distributions with lower possibility of fraud to refugees, more savings in a stored account so refugees don’t have to stay refugees and a way to allow families to migrate to a new home vs. spending years of their lives in refugee camps.
The UNHCR is joined by many others, such as the Gates Foundation and the World Bank, in leading the push for legal digital identity around the world.
Over the coming months, we will dig deeper into each lifecycle element to keep you informed of current events, evolving trends, and the future of identity.