January 29, 2016 By Dan Gisolfi 3 min read

Several years ago, a GEICO commercial featuring Maxwell the Pig used a traffic violation scenario to promote digital insurance cards. While this advertisement demonstrated the convenience of instant access to personal identity information, it also raised privacy concerns about the unwarranted search of a device.

Clearly, security and privacy were not the focal points of this mobile solution. However, a new era of mobile identity solutions is upon us. The technology needed to address Maxwell’s privacy concerns has arrived.

Digital Identity

Imagine a day when you enter a public event or venue, such as a local tavern, where your proof of age is required. Instead of presenting an identity card, you use your mobile device to respond to an identity challenge.

Today, such identify verification activities lack adequate privacy protection. Why does the bartender need to see your address, eye color or organ donor preferences? He or she is entitled to see only two identity traits: your photo and the fact that you are of drinking age. This does not include your actual date of birth.

With mobile identity solutions, you now can be granted the flexibility to choose, from the corpus of all your identity instruments, which identity traits you want to use to satisfy an identity challenge.

Imagine a day when your hunting trip is not impacted by an identity challenge deep in the woods while your wallet is back in the car. Today, a ranger would haul you back to the station so that he can check your hunting privileges and possibly issue you a fine. But with mobile solutions, you and the ranger can use peer-to-peer device communications to conveniently exchange identity information to satisfy the verification request.

IBM has imagined such scenarios and has considered the benefits digital identity documents can have on the personal identity ecosystem.

Mobile Identity

IBM Mobile Identity (MI) is an emerging technology that has embraced the challenge to rethink the current card-based approach to personal identity documents. It is a cloud-based cryptographic framework for issuing, managing and challenging digital identification documents.

IBM Mobile Identity isn’t just putting an image of your driver’s license on your mobile device; it allows institutions to easily issue digital identity documents and creates an easy-to-use system for securely storing and managing those documents on any mobile device.

By centralizing the transport of digital identity documents, the IBM Mobile Identity framework provides an end-to-end mechanism for ensuring that your identity information is secure and private. It also provides a means for accurately verifying the minimal set of information needed to satisfy a challenge.

For example, suppose a law enforcement officer needs to verify your driver’s license information. The officer would need to see information from your license such as your physical characteristics and license type. The officer can request these specific identity traits, and the identity application will send only that information. IBM Mobile Identity provides the framework for managing the ecosystem of digital identification documents.

MI leverages the convenience of the device in your hand to avoid some privacy concerns associated with handing over identity instruments to verifiers. When a police officer needs to verify identity credentials, the driver unlocks the owner app while the officer brings his or her device, running the verifier app, close enough for the two devices to communicate.

The verifier app receives the allowed information from the driver’s digital identification documents. The officer can return to his or her vehicle to review and process that information. The driver maintains possession of his or her device the entire time and that device is not touched by the officer.

Solution Benefits

Digital identification documents have the ability to reduce costs compared to physical IDs in several areas. For example, they can:

  • Reduce costs associated with printing and mailing applications by converting to online forms.
  • Reduce costs associated with printing and mailing plastic cards by converting to digital IDs on mobile devices.
  • Reduce costs associated with the design of paper and plastic licenses by converting to digital documents designed with digital tools and workflows.
  • Reduce workflow and production costs for personalized or custom vanity sales models, thereby making alternative revenue opportunities by the identity-issuing institution more compelling.

Solution Security Properties

IBM Mobile Identity is yet another provably secure cryptographic solution that offers both data privacy and security.

Learn More

Each industry has a different identity story; explore how your industry can leverage the convenience and privacy benefits of digital identification documents.

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today