When someone mentions “digital identity or digital credentials,” chances are you know what it is. If you don’t, it’s simply a way to verify you as a person when you access an online service. Depending on what service or system you are accessing, it usually means, one or several things, such as your:
- Username and password
- Social Insurance Number (SIN)
- Driver's license
- Bank account number
- Twitter/social handles etc.
Still confused? To simplify it further, digital identity is any personal information that you can use to identify the real you and access services. This opens new possibilities for digital services and access without the use of physical documents.
There are some excellent explainers on the basics of digital identity to get you started. In this episode, we’ll delve into the evolution of digital identities and how they work for government.
The evolution of digital ID
We’re focusing on how the concept of digital identity is evolving: from where we started, to where we are, and to where we are going. As we undergo digital transformation within government, we have a mix of technologies from the past, present and future. Unfortunately, the future is not equally distributed across programs and services yet, but we’ll get there soon!
Since 2009, the Government of Canada has had the Directive on Identity Management, but it was only in 2019 that a formal policy definition for a trusted digital identity was introduced:
Trusted Digital Identity: an electronic representation of a person, used exclusively by that same person, to receive valued services and to carry out transactions with trust and confidence. - Policy on Government Security
Trusting the technology
You’ll notice the word trusted is an integral part of the definition. It’s one thing to have a digital identity to use, but it’s entirely another thing for a federal program or service to trust that it is you and not someone else that is trying to be you. The definition of trusted digital identity was introduced to confirm that it must be trusted by government programs and services.
To ensure this trust, the Government of Canada is collaborating with the provinces and territories to develop a trust framework that enables the government to accept trusted digital identities. Currently, two provinces are providing trusted digital identities to the Government of Canada – Alberta and British Columbia. If you are a resident of either of province, you can use your MyAlberta Digital ID, or the BC Services Card as your trusted digital identity to securely access Government of Canada Services.
Using your provincially issued or territorially issued digital identity will be the future as the other provinces and territories go through their digital transformation; but in the meantime, you can still use the existing sign in services of GCKey, Government Sign-In by Verified.Me or CRA sign-in. These sign-in services are excellent, but there’s an added step for the user because they still have to to prove their identity before they can access services.
For many, these different options and approaches all sound needlessly complex. That is in some way true, but we are on the pathway away from legacy systems to a simpler future. There will come a day when details about how to create your password, how you securely sign in, how you add a second factor will all disappear into the simple concept of a trusted digital identity that you can use anywhere. Are you excited?
Simplifying it for the user
Besides a delay in proving your identity, another challenge is that trusted digital identity is described from a program-centric point of view. This means it appears complex and appropriate for those who are building and maintaining these systems, but it is confusing to users who are not aware or don’t care about the details behind the scenes. Fortunately, the language to describe digital identity is becoming more user-centric for the average person. The Government of Ontario, for example, is describing their digital identity program with more user-centric terms:
- Convenient - it lives on your mobile device and is always ready to use whenever you need it
- Secure - your data is protected using strong encryption and, unlike your physical wallet, your digital ID can easily be turned off if your phone is lost or stolen
- Privacy-preserving - for example, if you need to show you are age of majority, the verifier will only know you are over 18, not your date of birth or actual age
- Verifiable - just like a driver’s license, a digital ID is certified government proof that you are who you say you are
- In your control - you have full and complete control over what bits of your information you want to share and with whom you want to share it – no one can access your data without your agreement
- Voluntary - signing up for digital ID will be optional – you can still use physical ID whenever you want
The description of digital identity is now shifting from a program-centric perspective to a user-centric perspective. This shift is a result of how we, as the public sector are changing our thinking about digital identity. In the past, digital identity was conceptualized as very narrow IT-centric means of logging into a system or service with little regard to who you were as an individual. Fast forward to today, the concept of digital identity is evolving toward a more holistic view of what is actually needed by the individual so that they can have the best experience possible, without barriers, and in a way that empowers them. This user-centric model is different way of thinking, and it will take time for the many legacy systems to get to this new state. But, we are getting there and the proof is what we have done in Alberta and BC.
Emerging technologies are now evolving away from centralized architectures, to decentralized approaches that better fit into the ebb-and-flow of an individual’s life and needs. New terms such as ‘digital wallets’, ‘verifiable credentials’ and ‘zero-knowledge proofs’ are entering the technology, policy and strategy lexicons.
What does this mean for me?
As an individual, digital identity is evolving to put you more in control on how you want to interact with online government services, or for that matter, any online service. Legacy and centralized sign in and authentication systems are giving way to ‘citizen-centric’, ‘user-centric’ and ‘self-sovereign’ digital identity systems. The unexpected benefit is that as these new systems are evolving; they are bringing back the ways we have always interacted for millennia – using wallets containing proofs who we are (i.e., digital identity) to access services.
In the end, the better way to think about digital identity is not what it is, in terms of technologies, but rather what digital identity can enable you to do as an individual within the digital realm, such as:
- Gaining secure access to online services
- Proving something about you (e.g., age, vaccination status)
- Expressing a right or privilege (e.g., citizenship, age of majority, privilege to drive)
As the technology evolves, you will no longer have to remember a username and password for each service that you want to access, you will be able to reach for digital your wallet, say, "Hey it’s me!" and the service will securely let you in and provide you with what you need. That’s essence of the vision we crafted over three years ago, and it still holds today.
To conclude, while technology is changing, it’s the change in thinking and describing digital identity that is important – about the user and how to best empower them to access public services, and more generally empowering them as individuals interacting in a broader digital society.
Self-paced | Best Practices for Digital Transformation (DDN214) (less than 1 hour)
Self-paced | Developing and Supporting an Agile Mind-set (TRN227) (less than 1 hour)
- President of the Treasury Board Mandate Letter
- Digital credentials
- ISED | Digital Trust Series: Digital Identity
- CSPS | The New Economy Series: Digital Identity as a New Policy Frontier (Video)
- CSPS Virtual Café Series | A Conversation on Cyber Security with Melissa Hathaway and Scott Jones (Video)
- Ontario Digital Service | Ontario’s Digital ID: Technology and standards
- Privacy Act Consultation | Digital ID & Authentication Council of Canada