Building Blocks

Identity Building Blocks

A framework for the five core identity uses

Identities are at the core of nearly every interaction of individuals, companies, and even devices, as the internet of things continues to expand. Users rely on a variety of identities depending on the transaction at hand. The identity used for a Facebook profile, for example, relies on substantially different attributes, review procedures, and access protocols than, say, the identity a bank uses to establish a new customer account.

The problem of identity involves multiple distinct processes, including determining what attributes can be used to identify an individual, how to prove them over time, when to share them, and what a person can do with them. Talking about identity at large is a concept vague enough to be operationally ineffective.

To avoid falling into this trap, OWI has developed a basic framework to understand the five core identity use cases, along with the challenges and priorities inherent in each. Some of these may overlap in certain use cases, but establishing clear definitions for each is critical for identifying existing problems in the identity ecosystem.

Five core identity uses


Creation is the new rendition of an identity that can be used in future transactions.


Verification is proving that specific identity attributes are actually connected to the person, entity, or thing that they’re intended to represent. As verification is relatively new, another phrase you might hear it be referenced as is “Identity Proofing”.


Authentication is demonstrating ownership and control of a unique feature connected to an identity over time. This process is often referred to as the what you know, what you have, and what you are paradigm. A helpful rule of thumb to think about authentication is to ask yourself is: “Could I use a password for that?”


Authorization is determining what a user can and can't do based on their identity. For example, which bank accounts you can access after entering a password or which doors you can open with a specific key.


Federation is conveying identity attributes and/or authentication across multiple parties. Imagine using one online service host to log into another online service, or using your AARP card to get a discount at a hotel.

Private & secure



Work with us

OWI is an independent advisory and digital strategy consultancy that can help you generate actionable market and business insights.