Light Dark
January 22, 2016 By Dan Gisolfi 3 min read
Identity & Access

Personal Identity Instruments

Today our personal identity is collected, captured and rendered by identity-issuing institutions. The plastic card is the common format used to convey that a trusted institution has certified your identity. However, we all know that this trust model is plagued with fraud issues.

The most common personal identity instrument, the plastic driver’s license, is easily counterfeited — so much so that 39 U.S. states recognized the issue as a pervasive problem. The Center for Immigration Studies also recognized that fraudulent licenses are an easy way for illegal aliens to break the law.

Technology vendors and identity-issuing institutions continue to explore new approaches to make identity fraud more difficult and keep personal identification documents safe, secure and authentic. As history has proven, sometimes the simplest policy change is difficult to execute given our existing paper/plastic identity document model. Recently, several state agencies have decided to go mobile by declaring their intentions to move driver’s licenses to a digital format on your smartphone, according to Move Magazine.

As the shift from paper and plastic to digital identity instruments evolves and matures, there will be pilot projects that are still haunted by security concerns in our current model. Yet these approaches only claim to carry the same level of trust and security as our current physical instruments, the driver’s license and ID card.

It’s time to rethink the construction and issuing of personal identity documents by leveraging mobile devices to make digital identification documents the center of your identity.

Digital Identification Documents

Academic institutions, government agencies and even retail companies rely on card data element standards such as ISO 18013 to provide guidelines for the content and formatting of data stored on machine-readable personal identification instruments. These identity-issuing institutions will expect the same level of industry consistency when they move to mobile devices. But individuals have their own set of requirements around digital identification documents — namely instant access, availability and reliability.

To achieve such expectations, we must rethink the entire life cycle of personal identification documents. This new era of digital identification must address transitions across the personal identity ecosystem:

  • Issuing institutions need to manage the life cycle of identification documents in a cost-effective manner while also considering governance processes, user convenience, fraud protection and privacy.
  • Identity documents need to be safe, authentic, secure and accurate.
  • Owners need a convenient mobile offering for their identity documents that safeguards privacy, is secure and provides control over releasing identity information to others.
  • Verifiers need an efficient and secure manner to verify the authenticity of the identity document and obtain information from that document.

This shift requires new technologies to address the issuing, managing and challenging of digital identification documents. This includes offering:

  • Protection against fraud, tampering and counterfeiting;
  • Prevention of fake IDs;
  • Reductions in human errors during validation and governance tasks;
  • Prevention of privacy threats and theft; and
  • Face-to-face identity validation, which reduces broadband dependencies.

Business processes and workflows will be impacted by a move to digital identification documents. There are a number of steps in the typical life cycle that can benefit from the switch:

  • The layout and design of digital identification documents can be created, reviewed and modified quickly and easily.
  • The appearance of existing digital identification documents can be modified and distributed. You can update digital identification documents systemwide all at once.
  • New digital identification documents are generated and pushed out to the owner’s device immediately. There’s no need to create, print and mail a plastic card.
  • Multiple copies of the same digital identification document can be used. An identity owner can have a copy on all registered devices.
  • Digital identification documents can be quickly and easily replaced if a mobile device is lost or stolen.
  • Digital identification documents can be revoked and purged from a device.

An Aberrant Approach

Organizations are attempting to rethink solutions for the personal identity ecosystem. To get started on a mobile identity strategy, IBM recommends that identity-issuing institutions:

  • Perform a costs analysis of the design, production and delivery of cards today. This should include assessing the ecosystem of providers and dependencies.
  • Identify the operational assumptions for the tactical period where both paper/plastic and mobile identity options are available.
  • Spend time examining verifier procedures for the handling of physical cards and mobile IDs.
  • Speak with ecosystem members (e.g., insurance providers, vehicle registration bodies, etc.) to understand how they are proceeding since the pace of adoption will also impact them.
  • Consider a tactical business model for a digital identification document solution. For example, analogous to vanity plates, mobile convenience could be handled as an uplift to offset initial adoption risks and budgetary shortfalls.
  • Approach this technology shift in phases with focused pilots.
 |  |  | 
Dan Gisolfi
Distinguished Engineer and Client Innovation Advocate, IBM

More from Identity & Access
April 23, 2024

Passwords, passkeys and familiarity bias

5 min read - As passkey (passwordless authentication) adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient — possibly a first in cybersecurity.Most of us could be forgiven for not realizing passwordless authentication is more secure than passwords. Thinking back to the first couple of use cases I was exposed to — a phone operating system (OS) and a…

April 16, 2024

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

March 5, 2024

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature