Rising incidences of wide scale data breaches and identity theft means that cementing trusted online relationships is now harder than ever – for both consumers and businesses alike.
The villains are fast, flexible and inventive
Organisations need to know who they are dealing with, but it’s not always easy to establish a person’s identity, or to keep trusting it over time.
So what is the future for identity checking? Here are our four possible scenarios:
1. It’s all on my profile
Facebook and similar social media are ubiquitous and people are providing plenty of details about themselves on those channels – some might say there’s rather a lot of ‘over-sharing’ going on! So if it’s all out there on social media why not develop that to be the identity checking tool of the future?
2. The government gets in on the act
A scheme with consistent rules and regulation could help to protect identity. Current developments with federated identities such as GOV.UK Verify, use a model where citizens manage their own identity through approved 3rd party identity providers. Extending this into the private sector would mean individuals utilising their trusted identity with their suppliers, rather than having to prove who they are each and every time.
3. Identity Armageddon
In this scenario continued data breaches and clever crooks are the norm– we can no longer trust any identity solutions to really provide us with the level of confidence needed to know that customers are who they say they are. While establishing identity remains reliant on data that is easy to find out and not possible to change – such as your mother’s maiden name and your date of birth then we remain on the road to Armageddon!
4. We muddle along
There remains many, many different ways of establishing identity some of which work better than others and some which work for a while – until the crooks find a way around them. In general no significant strides are made in reducing identity related fraud and consumers still have to go to great lengths to prove who they are, with each of their service providers – multiple times. The solutions available are good enough to stave off Identity Armageddon but the threat is always there.
We’re at an interesting point in time where any of the above scenarios could prevail – what do you see as the future for identity management?