Digital Identities

Design and Uses

A project of the Centre for Internet and Society, India
Supported by Omidyar Network

Digital Identity
A Survey of Technologies

There is a growing trend, in both public and private sectors, to apply digital technologies to the processes of identification of individuals, authentication of their established identity, and allowing authorisation on their behalf, in the context of governance and provisioning goods and services.

Through the use of software and hardware, these digital technologies attempt to create virtual models of the complex, nuanced notions of identity in our analog real world, and allow for individuals and organisations to transact based on them. For narrowly defined tasks that are within the scope of these virtual representations, technology-assisted processes offer a higher level of efficiency and accuracy than solely human-operated ones.

However, these advancements also bring with them unique risks. Individuals whose identities are not adequately represented by their virtual models may face exclusion, and technical faults may impede access to essential services, particularly when the use of technology is made mandatory. Digital processes also generate, distribute, gather, and store more information about individuals than their analog counterparts. This brings risks related to the security of personal information handled by these systems and the privacy of the individuals participating in them.

In this survey, we evaluate technologies used to compose digital identity processes and systems with an emphasis on preventing or reducing the associated risks. It is divided into four parts:

  1. Identification and Authentication Factors are the different kinds of information about individuals that are used by digital identity systems to identify them and subsequently authenticate their identity;
  2. Identity Artifacts are physical or digital credentials assigned to individuals;
  3. Digital Identity Workflows are common configurations adopted by digital ID systems in relation to how identification, authentication, and authorisation are carried out within them; and
  4. Digital Identity Standards which have emerged from public and private sector entities working on these systems.

These are the key considerations in designing technology-assisted processes for functional or foundational digital identity systems.