3 Things to Know About Digital ID

Find out how a future with digital ID is being shaped by today’s wearable technologies, the need for securing payments and authentication opportunities from Tiffany Conway with Gemalto’s government programs.

2019-02-DDL-on-Apple-Watch-LR.jpg

Whether it’s getting into a secured office building or buying a bottle of wine, there is an increased need for a secure and simple way to authenticate ourselves or prove our identity and increase the efficiency of our transactions in a more automated world -- the digital ID.

Today’s digital driver’s license (DDLs) generate dynamic barcodes that a retailer, security guard or other gatekeeper can scan to confirm that the digital ID is real, that it belongs to the person using it and they’re authorized to do whatever they’re seeking to do.

Testing has been mostly confined to smartphones, but our future world demands greater flexibility. Three seemingly unrelated trends suggest now is the right time to begin storing secure identity credentials in our connected watches, rings, shirts and other wearable devices.

#1 Keeping Wearable IDs Small

The next foreseeable move for DDLs is onto wearable devices, making a wallet-less and phone-less transaction possible for the ultimate consumer convenience experience. We debuted this technology on the Apple Watch at the American Association of Motor Vehicle Administrators’ 2018 international conference in Philadelphia, and we’ll soon begin testing DDLs on wearables in the field.

First, new embedded SIM cards are helping keep device sizes down. A SIM or “subscriber identity module,” best known in card form, is basically a key your device can use to access your mobile carrier’s network and get you online. Embedded SIMs are smaller so devices using eSIMs can stay smaller, too, without sacrificing performance.

This could help designers make more visually appealing connected jewelry and inspire a wave of consumer interest in connected necklaces or rings that do one or only a few things very well (much like today’s fitness tracker craze). A more flexible future could include smart rings or necklaces that could be used for secure out-of-band ID verifications, allow access to buildings or simplify paperwork when the wearer is signing up for a new service.

It might seem strange to present a ring as ID, but the verification process for a digital credential doesn’t require that it look anything like a physical license. In fact, moving away from a user interface that mirrors traditional licenses actually enhances the security protocol in the field; it emphasizes the underlying security process behind digital credentials and that DDLs don’t rely on visual inspection for validation.

#2 Securing Digital Card Payments

A second consumer trend lending support to wearables: contactless data transfers are becoming more common and attractive to consumers. Go to a music festival and you might have the option to pay for food and drink from a contactless wearable device. If you use Apple Pay, Samsung Pay or another of the digital wallets, you’re probably familiar with the tap-to-pay process.

In fact, most point-of-sale devices in retail stores today are equipped to accept contactless payments, they may only need a software update to activate that capability. Customers with contactless payment cards (Chase Bank will be the first to roll them out across all customers in 2019) could tap their cards to pay at retail checkouts and then simply tap a wearable to verify their ID and authorize payment, rather than signing a receipt or entering a PIN.

DDLs make DMV-backed, encrypted ID data verifiable at points-of-sale, which could make payments authorized with wearable IDs significantly more secure and virtually eliminate in-person fraud.

This process would also protect retailers from liability for age-related purchases. Consider buying wine at your local grocery. Rather than having a checkout clerk scrutinize your license, you could tap a wearable device with your digital ID to simultaneously confirm that you’re over 21 and authorize your payment.

The increase in contactless interactions in retail is likely to extend into other areas of life, making access control another perfect use case for secure, reliable authentications via contactless wearable devices. In addition to paying for your morning coffee, everyday situations like getting into your office or visiting hospitals or schools could be easily automated and made secure through these technologies.

#3 Digital ID Authentication

Finally, driver’s licenses themselves are changing. The REAL ID Act mandates that state processes for issuing licenses meet new Department of Homeland Security standards intended to make it even harder to produce and use fraudulent IDs.

The REAL ID Act addresses on a national level the fact that technology and security needs are changing, and there must be minimum standards for the secure issuance of IDs. But changing the standards for the whole country has highlighted the challenge in communicating the scope, impact, reasoning and timing of the change to every citizen. Having a digital ID not only allows for security updates to be implemented in a way that is vastly easier and faster than with physical IDs, but it can also improve the communication of these changes, making the entire process far simpler.

Traditional licenses will certainly stay with us for the foreseeable future, but digital IDs offer a simpler path to keeping driver’s information up-to-date. This is a critically important part of keeping an ID and its owner secure over the long lifespan of a credential, so that in any situation where authentication is needed there’s absolute trust between the ID holder and verifier.

Authentication isn’t the flashiest side of the future, but the ability to accurately and reliably verify citizen identities is fundamental to keeping future transportation, smart government, retail and other connected services straightforward and reliable for everyone, as well as secure against misuse and fraud.

Digital and especially wearable ID technology is a powerful platform for interoperable access control, and it’s time we start building and implementing our more flexible future IDs.

Tiffany Conway
Tiffany Conway

Tiffany Conway currently serves as field marketing director for government programs at Gemalto North America, with a specific focus on the state driver’s license and identification segment. Tiffany is one of the key contributors managing the current NIST-sponsored digital driver’s license pilot project within five jurisdictions – Colorado, Idaho, Maryland, Washington D.C. and Wyoming. She previously worked in the banking and financial services business, playing a critical role during the early stages of the migration to chip cards in the U.S. and the development of mobile payment technology.