Here at Consult Hyperion we tend to go on about the lack of a joined up thinking around government policy on digital identity and source authentication but mostly it doesn’t really affect us personally. I mean, we get this stuff, we can spot a scam a mile off. But sometimes it does get a bit close to home…
I discovered today that my frail but still mentally competent parents have been quarantining for the past week, and a bit, because they received an NHS Test and Trace text warning that they’d been in the proximity to someone diagnosed with COVID-19. As they’re in the very high risk category, you can imagine how worried they were. But here’s the thing – they never give their mobile number to anyone and they wouldn’t know how to download an app even if I spent a year explaining it to them. It was a scam – in fact the text deleted itself, but almost certainly it will have contained “more information” link, which would have downloaded malware onto their phone.
Our friends at Smartex challenged its readership to define Digital Identity the other day, with a bottle of wine on offer for the best definition. I’m pleased to say that the bottle of wine was won by Consult Hyperion, with a couple of competition entries submitted.
Coming up with a definition for digital identity is not easy. It can refer to quite a number of different things, making the task of encapsulating it in a sentence next to impossible. For my attempt I thought that rather than try to describe what it is, it would be better to describe what it does. I came up with this:
Digital identity allows us to trust each other by enabling us to share the minimum amount of verifiable information needed for the thing we want to do.
In one sentence I was trying to capture several points:
- Digital identity is a means to an end not an end in itself
- It’s bi-directional – in any transaction both parties need to have confidence in the other party
- It’s about the information you need to share, which will vary considerably between contexts.
- It protects privacy by only sharing the information (or claims) necessary.
The Digital ID & Authentication Council of Canada (“DIACC”) announced the launch of the Pan-Canadian Trust FrameworkTM (“PCTF”) this week, a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada. Its launch marks the shift from the framework’s development into official operation and will begin alpha testing by public and private sector members in Canada. The alpha testing will inform the launch of DIACC’s PCTF Voila Verified Trustmark Assurance Program (“Voila Verified”), set to launch next year.