Ashley Diffey, Head of APAC and Japan, Ping Identity

GUEST OPINION by Ashley Diffey, Head of APAC and Japan at Ping Identity: When information technology was first embraced by businesses, it tended to be in a very centralised form. Data centres held core applications and databases while users gained access through authorised devices and network links.

Fast forward to 2021 and it’s a very different picture. Applications run on a variety of platforms and in different locations. Meanwhile data can be stored anywhere from a personal computer to a smart watch.

This decentralised approach now needs to be applied to personal identity credentials. Rather than storing this data in a single location, it should be dispersed to individuals to be stored and used as they see fit.

An obvious storage location is the smartphone. From there, an individual could choose which third parties are able to access the credentials and for what purpose. As much or as little data could be shared depending on the context and identity requirements.

A secure digital wallet on a smartphone can store identity data in the same way that details of credit and loyalty cards are stored. All the data can be protected by needing two-factor authentication such as a passcode and biometric input like a fingerprint or a facial scan to gain access.

Individuals should also be able to determine how long shared identity credentials will be made available to third parties. In many cases, as soon as the particular interaction or transaction has been completed, the data should be erased.

A key advantage of this decentralised approach is that it removes the need for a large central store of identity credentials. These stores are likely to be attractive targets for cybercriminals and so decentralising the data removes the potential for break ins and theft.

It also allows different types of identity data to be held in a single location and readily accessed as needed. This can include data from passports, driver licences, and government-issued ID documents.

In the wake of the global pandemic, these secure digital wallets could also contain proof that an individual has had vaccine injections, making it possible to travel oversees once borders reopen.

Guidance and frameworks

To achieve an effective distributed identity system, activity needs to be directed by established guidance and frameworks. Ideally created by central government, these frameworks will ensure that the identity data rights of individuals are upheld and their credentials handled in a secure manner at all times.

Some guidance has already been provided by Australia’s Consumer Data Rights regulations. These dictate how organisations can access and share personal data with an emphasis placed on permissions.

Further guidelines such as these are now required to cover personal ID data, how it is securely stored by individuals, and how and where it can be used.

This is particularly important in the wake of the widespread COVID-19 lockdowns. With an increasing number of people working remotely, there is a need for greater protection of dispersed identity data. Having standards in place that govern how this data is managed and used is now critical.

Staff also need to be educated about the threats they may face when undertaking online transactions. Fraudulent websites requesting that personal details be entered could result in both financial and reputational losses.

Another approach to ensuring the security of decentralised identity information is the use of a blockchain to provide immutable data protection with no single point of failure. This also removes the need to rely on a third party to provide protection and vouch for the validity of the credentials being shared.

While there are clearly some challenges yet to be overcome, the benefits of a decentralised approach to the handling of digital identities is becoming increasingly clear. Taking the required steps now will ensure all Australians can conduct secure online lives in the months and years ahead.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.
ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV
iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.
SEE WHAT'S ON ITWIRE TV NOW!

Why decentralisation is key to ensuring personal privacy

GRAND OPENING OF THE ITWIRE SHOP

INTRODUCING ITWIRE TV

Related items