Digital ID developed along with the internet needs. As such, digital ID privileged convenience over security: originally, a digital ID was barely an identity but a means to manage access rights. As online content become always more valuable, digital ID needs to increase its security levels. Enrollment phase has especially been the focus of secure transaction industry developments in order to ensure an individual can have a secure and reliable online Identity. Depending on the certainty brought by the onboarding process, users can be classified according to different Levels of Assurance.
Then, an online identity is verified thanks to a combination of authentication factors: knowledge factors (such as a password or a PIN), ownership factors (ID card, hardware token,) and inherence factors (biometrics). According to application security needs, 2-factor or even 3-factor authentication can be required to ascertain the identity of the user. In order to simplify the architecture of security systems and bring frictionless access to services to end-users thanks to a Single Sign-On, federated ID systems have been built. OpenID and OAuth are models for federated IDS systems, while FIDO (Fast IDentity Online) is a standard setup by the industry blue chip companies.
All of this, and a lot more, is described in Smart Insights White Paper “Digital ID and physical ID on a convergence path.” The White Paper can be downloaded here free of charge.
www.smartinsights.net
www.intelling.com