This article was originally published on May 6, 2019.
Privacy and security are major concerns for Canadians who live in an increasingly online world.
Whether you’re checking your email, updating your social media account, renewing your driver’s licence, or opening a mobile banking app, you need to be confident that your personal information is safe and won’t be used for purposes outside of your consent. Without that protection, information could be misused or, worse, stolen by fraudsters.
Currently, governments and industry experts are working to develop digital IDs: secure, privacy-enhancing methods of proving your identity online as you would in person with a driver’s licence or passport. In doing so, developing protocols and aligning with industry standards for keeping personal information and data safe and secure, while protecting the privacy of users, will be critically important.
With this in mind, here are just a few of the security methods that are paving the way for the development of digital identity.
How tokenized credentials contribute to cyber security
Already present in technology such as mobile wallets, tokenized credentials will play a major security role in future digital IDs. The process involves abstracting valuable personal information such as addresses and bank account numbers with randomly generated numbers. Since these numbers don’t correspond to the personal information and have no real-world value, this makes them worthless to hackers and fraudsters. As a result, tokenized credentials are a valuable tool in preventing identity theft, which makes them an essential part of any digital ID.
How authentication works with digital identity
Authentication and verification have always been an essential component of digital payments. Without confirming the identities of everyone involved in a transaction, it’s impossible to know whether it’s legitimate. While organizations such as Interac already employ authentication methods, future digital ID frameworks will require a trusted operator to verify activity and keep users safe.
Encryption and cyber security
Closely related to tokenized credentials, encryption encodes information to prevent access by unauthorized parties. While financial institutions already encrypt personal and payment information, the same technology will need to be applied to digital identity. For example, if a police officer asks a person to present their digital identity for scanning, encryption processes will be essential to protecting that information as it travels through the network.
Authoritative record-keeping and digital identity
Authoritative record keeping is crucial to the success of any digital ID framework. Eventually, governments could issue fundamental credentials such as birth certificates and citizenship documents digitally. These permits will continue to necessitate the collection of personal information, so governments and industry will need to develop record keeping processes that preserve users’ security while still offering them easy and convenient access.
Together, these security measures will help guide the way for digital idenity in Canada. From tokenized credentials to authoritative record keeping, the security of tomorrow starts today.