Digital Identity [Part 1] — Concepts

An Introduction

This is my first introductory blog on Digital Identities and this blog will mainly focus on some of the basic concepts in the Digital ID space. The concepts are primarily based on ID4D standards.

Digital Identity Requirement

In accordance with United Nations Sustainable Development Goals (SDG 16.9) [1] and the Principles of Identification [2], all people must have access to proof of their legal identity, no matter their age, nationality, or where they were born.

UN SDG 16.9 — by 2030 provide legal identity for all including free birth registrations

Not only 16.9, having a legal ID will help multiple other SDGs targets such as access to finance and economic inclusion, social protection, healthcare, education for all, gender equality, child protection, agriculture, good governance, etc.

As of 2018, the ID4D global dataset estimates that there are 1 billion people worldwide who do not have a basic identity document. This global identification gap is a result of the fact that many low income countries lack well defined Civil Registration (CR) systems, which can record vital events of people such as birth, marriage and death. Even there are CR and identification systems do exist, they are often paper-based and fragmented across several government entities. In addition to that, these ID systems lack trust and convenience of the populations over the years.

For any ID system to succeed, they require a high level of political commitment and a defined “Whole-of-Government” approach with a shared vision.

Advantages of an ID System

Having an inclusive and trusted ID system can help citizens to:

1. Enhance access to rights, services, and the formal economy.
2. Improve the transparency, efficiency, effectiveness, governance and service delivery — The government’s ability to deliver services such as education, healthcare, safety nets, pension payments, land registrations, agricultural extensions, etc. With an ID card, governments can identify whom have got all those benefits with a greater transparency.
3. Support private sector development and service delivery — by giving a standard citizen authentication to the private sector can improve their services immensely.
4. Regional and global integration — Digital IDs can be recognized as a travel document in place of your passport. Digital id issued by one country could be recognized by another country, enabling trusted transactions can take place across boarders.
5. Generate reliable and continuous statistics to measure progress and inform policy — ID registries such as civil and population registries can be great sources of demographics and vital statistics, which can help governments to implement their future strategies.

Digital Identity Systems

Digital ID Systems are those that use digital technology throughout the life identity life cycle, including for data capture, validation, storage, and transfer, credential management, and identity verification and authentication.

The basic role of ID Systems

ID systems primarily can help answer one or more of the following questions:

1. “Who are you?” — [Identification]
2. “Are you who claim to be?” — [Authentication]
3. “Are you authorized for something?” — [Authorization]

Identification — Establishing / determining a person’s identity by collecting and proofing relevant identity information. This includes registration of a unique identity record and issuing credentials.

Authentication — Checking that a person who assets (claims) an identity is the true owner of that identity based one or more factors that they have. This includes the confirmation/ rejection that the person is the same individual to whom identity credentials were initially issued.

Authorization — Determining whether a person is authorized or eligible for some task such as accessing to a given e-service, information, etc.

Foundational ID and Functional ID

According to above the primary scope of a Foundational ID is Identification and Authentication.

Under authorization, the Foundational ID systems can verify only basic attributes, where Functional ID can manage credentials that serve as authorization for specific purposes (See Figure 01).

Functional ID systems are typically not considered as a legal ID system unless it is officially recognized for this purpose.

Figure 01 — Foundational ID vs Functional ID

Foundational ID Models

There are a few foundational ID models in operation.

1. Centralized — There is a single ID system provider, which is recognized by the government as the legal digital identity. ( i.e. India’s Aadhaar, Belgium’s eCard, Netherlands DigId, Sri Lanka’s SL-UDI)
2. Federated / De-centralized — There are multiple entities provide a government recognized digital ID in this model (i.e. Denmark’s NemID, Bank ID in Sweden Norway Finland, Canadian Digital ID). Unlike a centralized identity framework that puts the control of identity under one key player, a federated identity system leverages multiple systems, eliminating reliance on a single service provider and single point of failure.

Out of these two main models, the best model will be country specific and depends on the countries historical and political setup. There are a few other models, which are adopted by a few more countries, but the majority have adopted one of the above two.

Identity Lifecycle

Identity lifecycle has multiple stages (See Figure 02). It is a process, which is started when a person gets registered and the identity is created. Then it is continued with authentication and is updated with attributes and credentials over time until the identity record is retired or invalidated.

Figure 02 — Digital ID Life Cycle

Identity Stakeholders

1. End Users — [Subjects of the ID system] — e.g. Residents, Citizens, Beneficiaries, Customers, etc
2. ID Providers — [Issue and Manage IDs] — Government Agencies, Private Companies, International Organizations
3. Relying Parties — [Rely on ID systems provided by others] — Government Agencies (Passport Office, Tax Office, Election Commission, etc), Private Companies (Mobile Network Operators, Financial Service Providers, Credit Rating Agencies, etc)
4. Enablers — [Support the development, implementation and oversight] — Regulatory Bodies, Standard Setting Bodies, Trust Frameworks, Donor Partners, etc)

Identity Principles

There are ten (10) principles on identification [See Figure 03] for sustainable development, which were developed through a series of stakeholder consultations and have been endorsed by 25 international organizations and associations. These 10 principles are categorized under three (03) pillars such as inclusion, design and governance.

Figure 03 — Principles of Identification (Source: World Bank ID4D Practitioner’s Guide [2])

References

1. UN Sustainable Development Goals Report 2022 : https://unstats.un.org/sdgs/report/2022/The-Sustainable-Development-Goals-Report-2022.pdf
2. ID4D Practitioner’s Guide: https://id4d.worldbank.org/guide
3. Atick,Joseph J; Gelb,Alan Harold; Pahlavooni,Seda; Gasol Ramos,Elena; Safdar,Zaid. Digital identity toolkit : a guide for stakeholders in Africa (English). Washington, D.C. : World Bank Group. http://documents.worldbank.org/curated/en/147961468203357928/Digital-identity-toolkit-a-guide-for-stakeholders-in-Africa
4. Understanding Cost Drivers of Identification Systems (English). Identification for Development Washington, D.C. : World Bank Group. http://documents.worldbank.org/curated/en/702641544730830097/Understanding-Cost-Drivers-of-Identification-Systems
5. MOSIP — https://www.youtube.com/watch?v=7ahhMDjiO4A&t=213s
6. How digital IDs can reduce poverty — https://www.gatesfoundation.org/ideas/articles/mosip-digital-id-systems