The Biden administration’s latest Executive Order (EO), on “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” focuses on preventing digital identity theft as a critical component to reducing cybercrime and fraud.
By: Tim Spring
Stronger digital identities
The White House released the final Executive Order from the Biden administration today calling for strong cybersecurity measures, and one measure they pointed out specifically was “the acceptance of digital identity documents to access public benefits programs that require identity verification, so long as it is done in a manner that preserves broad program access for vulnerable populations and supports the principles of privacy, data minimization, and interoperability.”
This effectively means replacing the current account and password systems that most online portals use. While these current systems offer a convenient, quick way to gain access, they have been known to be insecure for years.
So what would these “digital identity documents” actually look like?
At the most basic level a digital identity document is a combination of personally identifiable information that you can tie to an individual to prove who they are online. One example that you might have heard of is a Mobile Driver’s License or mDL, which are also referenced in the order as a potential way to gain access to public benefit programs.
Moving past the basics, to get the most functionality and security out of these documents they will need a few additional features.
They need to be stored locally with the end user
Third party storage of personal data for identity authentication is always at risk of a data breach
They need to be tamper-proof and un-copyable
The integrity of the information must be verifiable and it must be bound to the person it belongs to in a way that someone else can’t use it.
They need to be interoperable
Being locked out because you’re on a mac and the other party is on PC and they don’t play well together won’t work at this scale, we need a universal solution
The Executive Order also stresses the privacy preserving nature of these documents, saying they should “support user privacy and data minimization by ensuring only the minimum information required for a transaction — often a “yes” or “no” response to a question, such as whether an individual is older than a specific age — is requested from the holder of the digital identity document.”
Decentralized identity
Decentralized identity is the solution to the White House Executive Order. Everyone controls their own personal data and that data can be verified as authentic, as bound to the person it rightfully belongs to, and that it has not been manipulated.
The benefit of decentralization is portable trust. Any information — and not just personal data — can be sealed in a digital container called a Verifiable Credential. The way that container is created means you always know where it came from. The way the data is sealed means that any attempt to tamper with it breaks the seal.
As an architecture for our information economy, decentralized identity takes out the weak points of our current system — centralized databases filled with personal data for verifying identity — and replaces them with a much simpler, resilient, seamless way of proving who we are to each other.
The result is that information can go from anywhere to everywhere and be immediately acted on — and of course, by providing a reliable method for individuals and organizations to prove their identities online, verifiable credentials help reduce the risk of identity theft and unauthorized access to sensitive systems.
Decentralized identity frameworks offer a transformative approach to identity management. Unlike traditional centralized systems, decentralized identity places control of personal data back in the hands of individuals. This model not only enhances privacy and security but also reduces the risk of large-scale data breaches that have plagued centralized databases.
The Executive Order’s promotion of innovative developments and use of emerging technologies is an acknowledgment of the potential of decentralized identity to strengthen the nation’s cybersecurity infrastructure.
To better see how these technologies work, you can see a demonstration of using Verifiable Credentials to access your bank account, or fly internationally in a joint effort between Indicio, SITA, Delta Airlines, and the Government of Aruba.
The team at Indicio is ready to support this initiative with our proven solutions in Verifiable Credentials and decentralized identity. If you’d like to talk to us about how you can implement digital identities across your organization you can reach out to our team here.
Together, look forward to building a resilient and secure digital infrastructure that protects everyone’s critical assets and fosters innovation in the cybersecurity landscape.
