Especially when you get into the world of online digital ID. In this environment, identity takes on a new level of importance. You can’t simply show your driver’s license or passport to authenticate yourself online.
Plus, you can hardly look at the news without seeing more instances of deep fakes, database hacks, cyber fraud, identity theft and more. All of these touch on identity in one form or another.
Still, you may be tempted to ask, “How can something as simple as “identity” possibly involve so many different things?” The answer is that “simple identity” isn’t so simple after all.
The three dimensions of identity
Identity can be viewed through three distinct lenses: the relationships you have, information about yourself, and the agents who represent you. We’ll look at each one. FYI, this post is based on the insights developed by Evernym, one of the world’s leading providers of digital identity platforms.
The relationship aspect of identity
Think of the different ways the people in your life experience you. Your family knows you in one way, your co-workers see you another way, your friends describe you another way, the servers at your favorite restaurant know you yet another way, and your doctor sees you another way still. It’s because we share ourselves differently in different relationships. Even though the real identity is always us, the perceived identity depends on relationships.
Regardless of relationship complexity, some identity formats collapse you into a single aspect. Consider the example of Lightweight Directory Access Protocol (LDAP.) It’s an industry standard protocol for accessing and maintaining distributed directory information services over a network.
LDAP allows different online applications to share information about users with other online applications. The information is usually organized according to a hierarchical structure, such as a corporate employee directory with phone numbers and email addresses.
When you log into Google or Facebook as a proxy to enable you to access an unrelated site, you’re experiencing LDAP. In this case, you’ve become part of a central database of usernames and passwords. This allows many different applications and services to connect to the LDAP server to validate users.
This may strike you as convenient, but consider the privacy implications. If everyone can identify you via the same information, the information is easy to share. It’s a fairly short step from unchecked data correlation like this to virtually complete loss of control of your personal information.
The attribute aspect of identity
This is information linked to our identity that we willingly share. Some ways are obvious, like our driver’s license or our online medical chart. But think about all the other ways information about us seeps out.
Like the online game player who creates an avatar. He shares personal preferences. Or the person who completes a Facebook quiz to identify lyrics from 80’s pop songs. She shares demographic information. We also, in different settings, share facts about our birth, our education, our credit history, and more. It probably doesn’t surprise you that marketeers track and use this information to sell you things.
There are legitimate uses for this factual dimension of identity too. When a credit union extends a loan, it requires a number of facts in order to do so. And doctors need our up-to-date medical information to make accurate care recommendations.
This highlights the connection between relationship and attributes/facts/data. Things you would tell your doctor probably include things you wouldn’t want your neighbors to find out. The ability to control how and what we share about our personal details is at the heart of how MemberPass functions.
The agent aspect of identity
An “agent” is a thing or person who represents us and carries out our requests. When you send a text message to a friend, your phone acts as your agent. In fact, virtually all digital or online interactions depend on agents. After all, we humans can’t directly transmit bytes of data.
People, such as a lawyer or a realtor can also act as our agents. They carry out our instructions and work on our behalf. Basically, to maintain a secure identity, we need to have trustworthy agents. This is normal and expected with personal agents, but far less common with technology-based agents. For example, all cybercrime is carried out by bad actors via impersonation and violation of trust in one form or another.
When two aspects of identity intersect, interesting questions emerge
The “relationship/attribute” intersection triggers the question, “Who knows what about me?” The relationship aspect is oversimplified by some authentication models because everyone has access to the same version of “you.” The attribute aspect is oversimplified by other authentication models because they share your personal information on an all-or-nothing basis.
MemberPass gives members control over both of these identity aspects. Being able to choose what to disclose in a given instance gives them powerful, privacy-preserving control.
The “relationship/agent” intersection answers the question, “Which proxy represents me in which contexts and how?” This matters a great deal in the physical world. A Realtor® can represent us when we buy a house but probably shouldn’t make medical decisions for us. This intersection is oversimplified by some identity models. They treat the agent in one relationship as the agent in all relationships. Or they assume a single relationship is served by all agents.
For example, does it make sense to be able to transfer $2,500 on your laptop but not on your phone? Or should you expect your cloud storage solution to store your documents but not be able to edit them or share them with others?
The MemberPass solution gives the member control in these situations too. It provides the ability to manage how agents share and disclose personal information.
The “agent/attribute” intersection answers the question, “Which proxy can share which elements of my identity?” This is where the member chooses the personal information an agent can know and/or share.
This a useful distinction. For example, consider the difference between your work computer and your phone. Your work computer enjoys network security, IT support, and physical protection against being lost or stolen. Your phone, on the other hand, is easy to misplace or lose in a hundred different ways.
Perhaps it’d be a good idea to limit your phone to spend only small amounts of money while your desktop would have unlimited authority. Basically, this intersection enables a member to minimize mischief and hassle if a phone is lost or a cloud platform is hacked.
Sometimes all three identity aspects are in play at the same time
We make these sorts of choices every day. If we use an iPad, a workstation and a phone every day, each one is likely to have a mixture of work information and individual information. Each has different security, credentials, and personal data. We set them up to share different information about us. These are 3-dimensional identity decisions.
This is the level of identity control offered by MemberPass. It’s the hassle-free way for members to control their identity, verify it when needed, and keep their private personal information private.
Give your members a way to get control of every aspect of identity: MemberPass
Your members will thank you when you help them appreciate the direct and immediate benefits of MemberPass digital ID. It’s fast, secure, virtually unhackable, and immune to identity theft. Plus, members own and control every dimension of their identity and their personal information.
To request a MemberPass demo, email us to set one up. You can also register to attend a webinar or simply visit us online at www.memberpass.com to find out more.
The sooner you get started, the sooner your members can enjoy the benefits!
Bonifii, a credit union service organization, offers MemberPass, a simple, secure and convenient member identity verification method. MemberPass is a digital passport that provides members convenient access to their financial accounts while allowing control and privacy over their personal information. We leverage touchless technology to protect you and your members. Visit www.memberpass.com or email sales@memberpass.com.
