City A.M. is London's most-read financial and business newspaper, and its digital version, CityAM.com, has approximately 3.2 million unique visitors per month. It covers the latest economic, political, and business news as well as comment, sport, and lifestyle features.
Recently, ForgeRock CTO Eve Maler wrote an Op-Ed for City A.M. regarding skepticism around the UK's proposed introduction of digital ID cards. She has spoken extensively on issues related to digital identity, including security, privacy, consent, and user experience. Here, she offers her perspectives on technology, transparency, and trust — a future in which people can simply and safely access the connected world while retaining control of their data.
Technology can make processes simpler, faster, smarter. And there are definitely efficiency gains to be had by joining things together digitally and making better use of data. Where we think Blair and Hague's intervention will stumble is by calling for the introduction of digital ID cards. This issue has led the headlines and drowned out what are probably good ideas in the rest of their package.
People in the UK already have a Government Gateway ID to submit tax returns and get their driving licenses and passports, and another digital account for benefits. But, as a nation, the UK just does not trust ID cards. That might stem from skepticism of political leaders to use this power responsibly, as well as a general distrust around how data will be used and whether people will be tracked. Let's not forget the number of times government officials have misplaced citizen data on public transport.
But it's important we don't let this reluctance about digital identities hold the UK back. Many countries around the world are already beginning to embrace digital wallets — the amalgamation of IDs, payment cards, and train tickets. The United States and Australia are examples where they are moving deliberately towards digital driver's licenses. But for this to be embraced here, we need incremental change backed by transparency and safeguards. The UK must incorporate a standards-based approach that ensures individuals remain in control of their data, by enabling them to only share specific bits of information to a service provider, such as verifying your age or your NHS number.
People want to access the digital world simply and safely without needing to log in constantly, just like we do with Apple Pay or Google Wallet. When you go to purchase a restricted item such as alcohol at a self-service checkout, there is friction in the form of a manual verification check. The future is to have your credentials, like your date of birth, stored alongside your payment method to act as a form of validation, which would improve the buying experience and keep it secure. This approach could be extended to opening a bank account, taking out a mobile phone contract, or booking a GP appointment. For consumers, it is important to know that your credentials in each of these cases wouldn't be controlled by the service or authority, and ultimately you would always need to provide consent — and you may be able to avoid sharing your actual birthday and just share a trusted statement that you are "old enough."
The more the public accepts digital IDs for services we trust, the more open they'll become to expansion. Eventually, there may not even be a need for an official digital ID card, as citizens' wallets will hold the full range of information available and make its use controllable. Imagine a world where you never need to log in again.