Approaching the next generation of digital identity


digital passport girl at airport bannerJohan Henrikson, CEO of Verisec Ltd, reflects upon the fact that a digital passport soon will become a reality within the public sector.

Imagine you are on your way to sunny Mallorca for a holiday. The plane has just landed and as you walk off the aircraft, the sun shines from a clear blue sky. When you pass through the arrival hall, a Spanish immigration officer asks you to complete a registration form and takes your picture, before allowing you in to the country. He gives you a copy of the document and assures you that the next time you visit Spain you won´t have to go through this hassle again, as you now are officially registered as a ”Spanish Visitor”. All you have to do is to show the copy of the registration document on your next visit.

Now imagine that you have to go through the same procedure when visiting the USA, France, Sweden or any other country. Not only would travelling become far less efficient but you would also have a large pile of registration documents from different countries to maintain. In the light of this scenario, the passport as we know it seems like a pretty good idea; instead of verifying your identity separately with each country you visit, you have one single document that verifies your identity all over the world.

But what about digital identities? Almost 20 years after the breakthrough of the internet we are still trapped with the hassle of multiple user credentials. Each web or cloud service requires an individual set of credentials which cannot be used anywhere else. These things are about to change. The concept of a single, user centric digital identity – sometimes referred to as Identity 2.0 – has been discussed for years and now things are starting to happen.

The basic concept for Identity 2.0, from a user´s point of view, is that you have a single, trusted identity that grants you access to a multitude of services. Web single sign-on means that once you have logged in to a service, a federation mechanism behind the scenes allow you – as long as your session lasts – to hop between web services without entering username and passwords each time. There is no need to remember dozens of insecure passwords and there is no need to spend time on login procedures. Add to this the increased security possibilities available using strong authentication across these services.

From an organizational point of view the benefits of Identity 2.0 are even greater. With a “digital passport”, issued by the home organization, the employer gains control over the employees´ access to cloud services and shared services as they become a critical part of everyday operations. For the UK public sector, things are now moving fast with the rapid development in the Public Services Network (PSN) programme, led by the Cabinet Office.

One of the core objectives in the PSN is the concept of a single digital identity for public sector employees. This allows secure sharing of services and information between Government departments, agencies, neighbouring councils and access to the G-Cloud services.

While the PSN provides a direction in terms of architecture and technology, Verisec has actively worked for the past 5 years with a number of local and regional initiatives to provide shared services, based on our Freja range of identity products. With a strong, PSN ready authentication solution at the core, the latest addition is the Freja Connect; an add-on component for easy integration of your existing authentication solution within the PSN. We believe that the combined effect of aligning top down initiatives with the bottom-up pragmatic approach stands a greater chance of success going forward.

There are huge gains with the concept of a single digital identity, both for users and organizations. And the new technology makes the transition smooth, as it builds on existing identity management solutions. Looking back, it is a bit surprising that the concept of a digital passport has not had its big break until now. After all, we visit the web a bit more often than we visit Spain.