Digital ID blurs sovereignty limits
The limit between sovereign and private domains is increasingly blurry. While a couple decades ago, governments were everywhere from housing construction to train operation, nowadays even the most government privileged operations, such as identity, are increasingly taken care of by private entities.
The evolution from paper to plastic to digital identity is a good example of this evolution. We all have several identities from our official government ID to our multiple account identifications that can be used across several services, think of Facebook ID, Google account and others. These IDs are weak, as they are self-declared and based only on a user-created login and password.
The need for a stronger ID quickly emerged, leading governments to issue digital IDs, based on a secure process, guaranteeing authentication accuracy, bringing trust to the online identification needs. After years of cooperation between industry experts and governments, standardization is now fully developed as the eIDAS Low, Substantial and High Levels of Assurance have become a universally accepted reference.
More governments are issuing digital IDs, but where and how to store these digital IDs remains an incompletely covered topic in many cases. Leading private operators are getting back into the scheme!
Apple has been proposing its wallet for years and, in iOS 17, they are adding the possibility for a user to add their digital ID in their ID Wallet on their iPhone or Apple Watch. For the time being, this option is limited to driver's licenses and state IDs from a few US states: Arizona, Colorado, Georgia, and Maryland.
Also, Google announced that their Google Wallet would be able to include digital ID documents. However, as of now, only driver's licenses and ID cards from Arizona, Colorado, Georgia, and Maryland are supported. Google also says that users can add a digital version of any card or boarding pass that has a barcode or QR code, such as a gym club card, but this is no longer part of an identity discussion.
Unsurprisingly governments, and even more the EU meta-government, are slow movers compared to corporations. The European Digital Identity wallet (Eudiw) project is announced with the ambitious objective to digitize "the right of every person eligible for a national ID card to have a digital identity that is recognized anywhere in the EU," and to allow citizens "to control how much information they want to share with services that require sharing of information." Typically, the EU Wallet will bring online and offline identification, and provide the same rights as classical ID documents. It will provide eID, eSignature, web authentication, and other functions. The EU authorities have already provided the first complete version of the common
EU Toolbox to systems integrators and pilots have been launched in 25 Member States and Norway, Iceland, and Ukraine by over 250 private companies and public authorities. However, no completion nor general rollout dates are published.
As identity is core to all services, the debate is still open about who will win in the long term? The traditional sovereign authorities (governments and the EU), providing an all-secure all-standardized all-encompassing solution, but with no delivery date or the large but still agile GAFAM, which are already on the field with partial solutions.
Photo credits: Bing image creator - Unsplash - Bing image creator