Digital ID Technology Promises Stronger Security

More robust sign-on security is on the way, just don't expect it to arrive anytime soon.

2 Min Read
Digital ID Technology Promises Stronger Security
(Source: Pixabay)

Despite multiple shortcomings, passwords remain the most common authentication method for accessing financial, e-commerce, healthcare, and an array of other services. People generally prefer passwords over more secure authentication methods, due to their convenience and ease of use.

Despite the best efforts of security experts, passwords reign as the primary way for people to verify their identity online. “However, as we all know, passwords are easily compromised and forgotten, leading to both security issues and pressure on IT resources,” observes Ian Mulholland, an analyst in the security, risk, and compliance team at the IT research firm Info-Tech Research Group.

Security professionals know that username/password approaches to managing identity risk and authentication are obsolete or, at best, severely compromised. “So, these processes are [now] changing,” says Dan Barta, principal enterprise fraud and financial crimes consultant at analytics software firm SAS.

Digital Identification Technology

For decades, people have carried various forms of physical identification, such as driver’s licenses, health insurance cards, and passports. Emerging digital ID technology attempts to replicate this concept in the online world. “This could mean having digital versions of traditional physical documentation,” Mulholland says.

With digital ID, individuals are verified via an authoritative entity, such as a government body or global consortium, after proving they are who they claim to be. “The digital ID is then stored in some sort of ‘digital wallet,’ which may be accessed in multiple ways when permission is granted by the subject,” says Doug Saylors, co-leader of the cybersecurity unit of global technology research and advisory firm ISG.

Put simply, digital identity is a person’s online profile, Barta says. Digital identity is derived from web-accessible personal data that can be traced and connected to a given individual.”

Digital ID, when combined with a Zero Trust Architecture, aims to provide a strategic approach to cybersecurity that secures a user by continuously validating every stage of a digital interaction. A digital ID would move users away from simply typing in a password to validate identity. Instead, a combination of factors would be used to validate and continuously verify an individual's identity throughout the duration of their interactions with a service. “Establishing additional methods and complexity to an online service or resource decreases an attacker's ability to gain access to that system,” notes Matt McFadden, vice president, cyber, at General Dynamics Information Technology (GDIT).

Read the rest of this article on InformationWeek.

Related articles:

About the Author

John Edwards, Featured Contributor

Technology JournalistA veteran technology journalist, John Edwards has written for a wide range of publications, including the New York Times, Washington Post, CFO Magazine, CIO Magazine, InformationWeek, Defense Systems, Defense News/C4ISR&N, IEEE Signal Processing Magazine, IEEE Computer, The Economist Intelligence Unit, Law Technology News, Network World, Computerworld and Robotics Business Review. He is also the author of several books on business-technology topics. A New York native, John now lives and works in Gilbert, Arizona.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights