Single sign-ons to accelerate growth of digital identity: Study

This is one of the key trends impacting digital identity, the others being multiple logins and blockchain

Single sign-ons to accelerate growth of digital identity: Study - CIO&Leader

It is important to know ‘your identity’. Every organization wants to know, from the e-retailer to the tax office to the bank. However, there are 2 main issues with this:

  • It is very easy for fraudsters to exploit the system when all that is required is an email address or password.
  • When the burden of proof is higher, this can be highly problematic for users.

These users might have to supply passport numbers, bank account details, and letters from employers and so on. This information is hard to access and time-consuming to enter, particularly when, given the continuing digital migration, consumers have to re-enter the same information for a multiplicity of services. Furthermore, with that information now being stored by numerous online providers, it increases the risk (and the consumer’s perception of the risk) that the data will be exposed and potentially misused.

The ability to either create or impersonate identities is a problem for many businesses, particularly those handling financial data.

This is due to multiple points of failure in conventional identification and verification processes, particularly for online payment details but also in a variety of other sectors. Passwords and centralized repositories have both been highlighted as the core issue within the growing problem of identity fraud.

According to Juniper Research, having a secured digital identity is of paramount importance. With regards to this, there are three key market trends which accelerate the growth of digital identity. They are:

1. Multiple Logins

Digital identity online for many consumers is currently a series of separate identities with distinct credentials and authentication methods, typically passwords in the latter case. This has led to many different ‘islands’ of data, which are typically stored in centralized data silos held by each online entity that requires such information. This has created a variety of inefficiencies, which companies have typically solved through consolidation of passwords into additional repositories in the form of password managers, or password retention tools integrated directly into browsers or other programs requiring authentication.

Credential reuse is one of the biggest problems with identity management, as it enables credential stuffing; the practice of applying stolen credentials across multiple sites a fraudster to access more data illicitly. Where credentials are not shared, this is not possible.

The complexity inherent in having multiple logins has encouraged large companies (most notably Google and Facebook) to federated identity provision for consumers through their platforms. Federated identity provision is also typically part of enterprise SaaS (Software-as-a-Service) provision, where logging into a device can also grant a worker access to cloud provision of services. This is typically done through a format whereby requests are sent to an identity provider and then tokenized, such as SAML (Security Assertion Markup Language), OpenID and OAuth (Open Authorization) protocols.  

2. National Single Sign-On Initiatives

Wide varieties of countries have recently planned, or are planning, to bring digital identity to many citizens. It will have an effect on the kinds of digital identity security available to consumers, as many of these initiatives are intended to bring identity verification to those who have never had official identification before. That being the case, these schemes need to be accessible to those with low levels of digital access, and are likely to be SIM-based, rather than relying on an online presence as such.

These initiatives will also be more likely to have a physical card than other forms of digital identity. This impacts a range of use cases and allows a more consistent application of identity verification than in the case of identities that do not connect to a physical asset. This is frequently because the core documentation on which the foundation of the identity is built contains a photograph as the core verification method. Other methods (such as fingerprint sensors) require additional infrastructure and do not eliminate the chance of presenting false data at the point of on-boarding.

So such national initiatives need sufficient drive behind them to establish a large enough addressable base.

3. Blockchain Hype

Despite cryptocurrencies’ fluctuating fortunes, blockchain as a technology continues to attract increasing levels of investment (see Figure 1). With many still sceptical about the promise of cryptocurrencies as viable alternatives to fiat currency, the underlying technology is being applied in other areas at levels sufficient to keep investment high.

Figure 1: Blockchain Venture Capital Investment & Bitcoin Value, 2014-2019 YTD

Note: 2019 VC Investment Data as of April 2019

Source: Bitfinex, PitchBook

One of those use cases is in the self-sovereign identity movement, which typically uses a blockchain to keep a record of who has validated what credential. The credentials themselves are stored in a digital wallet contained on the user’s smartphone, which then sends tokens validated through the blockchain to the requesting entity. This removes the need for a central database that could be a rich source of credential information. However, the companies issuing digital identities through blockchain in particular need to grapple with the problem of credential revocation. This can be solved through the blockchain updating a revocation registry and the identity verifier then checking the revocation set to see if a credential is still valid. However, the perception of blockchain as an indelible record is likely to create the image of irrevocable credentials, which will hold the technology back from its full potential. In all likelihood, a strong set of first movers will establish themselves because companies do not want to use multiple blockchains, regardless of the reality of the matter.  

Civic Digital Identity Forecast

According to Juniper Research, over 5 billion people worldwide will have a civic digital identity document by 2024, from an estimated 1.7 billion at the end of 2019. This will represent 74% of people who have any form of identity document at all.

The growth of digital identity will be at a CAGR of 26.1% throughout the forecast period, with some of the slowest markets being in areas like West Europe and Australia, where other forms of identification are available and widely accepted.

The biggest opportunities for this market lie in Africa. Here, countries unencumbered by legacy systems are following Estonia’s lead of rapid digital identity development. For example, almost 12 million people in Malawi will have digital identities in 2022, with Nigeria and other countries supplying digital identity to over 300 million people on the continent on both cards and apps.

Governments typically provided such cards, which many people in more developed countries have previously rejected. As per Juniper Research, markets across Europe and North America will be led by the financial services sector and digital driving licences, rather than formal government identification.

Figure 2: Number of People with a Digital Civic Identity, Split by 8 Key Regions: 5 Billion in 2024

Source: Juniper Research

Mobile single sign-ons will be a large part of several digital identity platforms, with over 1 billion users by 2023; generating over USD 5 billion in revenues that year.

Blockchain and the self-sovereign identity movement are part of this future, but will be a small piece of the puzzle. Despite average yearly growth of 35%; less than 10% of dedicated identity apps are expected to be blockchain-based by 2023. 


Add new comment