announcements‎ > ‎

Putting users in control of their digital identity

posted Apr 13, 2015, 5:25 AM by Ignacio Mas   [ updated Apr 29, 2015, 1:06 PM ]

 [From Center for Financial Inclusion blog, with David Porteous, 29 April 2015] 

In a recent new paper, we look at identity from two opposite but complementary perspectives. The first is a narrow biological perspective, under which identity is associated with one´s uniqueness as an autonomous living organism with a unique genetic makeup. The legal basis for identity tends to be based on this perspective, and leads to questions that focus fundamentally on the confidence with which identities can be asserted and confirmed.

Beyond the definitional question of what it is about one´s person that creates his or her individuality, there is the empirical question of how it can be verified by someone else, such as a financial service provider, through observation. Generally your identity is established indirectly, by demonstrating your command over some proxies (e.g. a signature, a card, a PIN) that have been linked to your identity. The core decision for providers is therefore to determine when they consider that they know someone with good enough probability.

The second perspective is information-based, and views individuals as an irreducibly complex web of personal information and attributes. Digital markets tend to take this view of identity, with customers characterized more in terms of defined attributes, preferences, and transaction histories that can drive customer segmentation than on intrinsic uniqueness. This perspective leads to questions that focus fundamentally on what information about themselves it is legitimate to expect people to reveal to build up their identity, and what information they have the right to keep private.

Why do we so resist websites´ attempts to extract personal information from us? Why do we distrust organizations that appear to squirrel information away and use it to build profiles of us? Oxford University philosopher Luciano Floridi (see chapter 5 in this book) argues that people want to be in control of their personal information because that makes them feel more in control over their own identity. If I were completely transparent and held no secrets, anyone would be as enabled as I am myself to define who I am. By withholding personal information, we feel that we have some control over how we project ourselves. Our management of personal information is central to how we shape our identity in various spheres.

We manage our personal information, and through that our identity, chiefly by compartmentalizing it based on the different roles or personas that we assume in different circumstances. You don´t present yourself in the same way to your employer (you are employee number X and report to Y), your family (you are a stern-but-kind parent), your friends (you want to be seen as fun and easy-going), and indeed at the passport office (you are a neutral, non-suspicious face). Again, you are able to have different personas to the extent that you are able to control which information is disclosed and acted upon in each circumstance, based on what´s most relevant.

These facets of your being can be construed as distinct identities, linked to the same person. Each of these identities is attached to a different —and maybe even contrasting— set of personal attributes. Who we really are is no more and no less than the combination of these distinct identities, but none is necessarily more real than the others. We want to be able to shift easily among them as we go through our daily life.

The two perspectives on identity are profoundly different. You are an unvarying sequence of genes, but also an evolving social being. You are an indivisible entity, and you are a loose accretion of diverse personal traits and roles.

And yet these two perspectives need to be reconciled because they bring together the two key trust aspects or gaps that are at the heart of most identity problems: security (i.e. the confidence with which identity can be established) and privacy (i.e. the sensitivity and sense of personal control with which the information associated with one´s identity is revealed and distributed). These two aspects are often seen as being at odds: to be sure of who you are, I need to know more about you. But when security and privacy are not handled appropriately, trust gaps appear between social entities, between customers and providers, and between citizens and the State. You need to see my full name, exact date of birth, and ID number to let me into a bar or to pick up a parcel at the post office? Really?

The most promising approach to reconciling these diverse notions of identity is building digital systems that (i) permit an unbundling of personal information, and (ii) put users in control of how these unbundled bits of personal information are linked and exposed. Here is how it might work (see this book by David Birch for a fuller explanation):

     My uniqueness can be represented abstractly by a unique number assigned to me by a trusted authority (likely a government entity). Imagine that this number is linked to my biometrics, so that only I can claim to be the person represented by the number.

     I can then link this unique number to different personas (represented by pseudonyms) that I want to assume in different circumstances, for different reasons – say my electric utility, library card, or my Amazon log-in. These entities don´t need to know specifically who I am and what my unique number is, just that I have one so that they can consider me a real person and that a trusted party has this information in case I break the law.

     I can then link specific personal attributes that are relevant to each of these different pseudonyms. For instance, I’d reveal my physical address to the electric utility so that they can service my house and the fact that I am over 18 at a bar, but I may not want the bar to know my address or Amazon to know my age. My personal attributes would be digitally confirmed by a host of different entities that are in a position to verify it.

The first step with dealing with digital identity is, therefore, breaking out from unitary notions of one trusted party knowing everything about me, or one ID card serving all purposes. Users can be in control of their identity, supported by trusted third parties who help them assert digitally whatever personal information they wish to establish. Financial institutions would seem to be well placed to become such trusted third parties, since they acquire substantial amounts of personal information through mandatory Know Your Customer (KYC) requirements, loan and other product applications, and regular customer usage. They could put this customer knowledge at the service of each of their customers, by validating specific attributes that customers wish to have confirmed to others.


Comments