Modernising digital identity attestation for a post-COVID world

A post-COVID world means a responsibility to offer services remotely, when possible; especially if the remote-first service is cheaper, better, and faster. 

One such service is identity assertion. In this day and age, there should be no reason for me to need to show up in person for you to confirm my identity, especially given that what you receive from that in-person visit is typically more expensive and lower quality than what can be achieved remotely. 

In addition, the bulk of what is needed for this can be done today, relatively easily. This isn’t a change that requires rebuilding everything from scratch, just rearranging a few pieces. 

Existing tools  

We already have the ability to use passports and other identity cards remotely. Any identity card with an NFC chip can be verified remotely by a modern, ordinary smartphone using the same technology we use for contactless payments every day. When combined with a biometric ‘selfie’ scan, this provides an intuitive method to prove identity to a much higher standard than an in-person visit ever could, while ensuring greater security for the personal data under consideration. 

A trickier problem is proof of residence. The opportunity here is to replace the document with a signed assertion. Instead of a utility bill, the utility provider could provide a signed statement that you’re a customer along with your address on file. This could then be verified against a Certificate Authority (CA), much like the ones maintained for NFC identity cards. Alternatively, the utility provider could be bypassed altogether and the rental agencies, estate agencies, or land registry could assume the role of the nominated agent to assert proof of address. 

In the meantime, remote certification of these documents can be done by a professional person, such as a solicitor; providing most of the benefit and data protection, without requiring coordination or participation of the entity which generates the document. 

Bringing it all together 

Finally, you need a way to tie that identifying data to a user-generated public key. You will often need proof that the user has authorized an action such as use of their data, and the most secure way to do that remotely is a public key signature. 

While in the past, this was cumbersome and error-prone, modern smartphones make generating and signing keys straightforward to use in a secure manner, like when we send encrypted messages via WhatsApp. Done right, you don’t need to know the details of how public key cryptography works, you just have to know that your ‘electronic signature’ is just like your physical signature, and you unlock it with (for example) your fingerprint. 

All of the aforementioned solutions - verifying a person’s identity using a mobile phone to scan their passport, demonstrating proof of residence through a digitally signed assertion, and digital signatures with the use of a biometric confirmation through a mobile phone becoming the accepted standard - are technologies that are available to most UK residents today. While we still have a considerable distance to cover with regards to digital inclusion, it is not inconceivable to imagine a world where most people are able to drastically cut down the time, cost, and risk involved in verifying their personal data, all while raising the quality and security of the information you are receiving and processing. 

This will not be a catch-all that works for every person in every scenario, but reducing the need for interaction in the ordinary case frees up capacity for those who fall through the cracks. In a world where long, winding queues need to be a thing of the past, this can make a large difference. 

Nick Williamson is CEO at Qadre

To read more from #procuring4growth Campaign Week visit our landing page by clicking here.

Share this

FROM SOCIAL MEDIA

Thank you, and thank you to everyone that contributed to our #PlaceLedInnovation week! You can catch-up with all th… https://t.co/pipMh0Gr1v
Mayor of London calls for an Emerging Technologies Charter, with @LDN_CDO & Smart London Board tasked with developi… https://t.co/GMlOlCKGr4
Guest blog: New Tech Solutions to Old Tech’s Environmental Problems by Mohit Joshi @Infosys President as part of ou… https://t.co/1D4ecmKXhF
Guest blog: Don’t take digital access for granted by @NatMitch1 CEO @intechnologySC & Vice-Chair of techUK's Local… https://t.co/Rj0S2xJz4c
On 16-17 September we'll be hosting the first virtual edition of the #techUKSmarterState conference. Delegates an… https://t.co/pTBpTzBRBR
Great to see the Government announce £20 million in new grants to help SMEs adopt digital technology and access adv… https://t.co/LdswpdgSfM
Guest blog: Neil Manthorpe, Associate Director of Design at @atkinsglobal explores how technology and big data can… https://t.co/RoLYmL1tnS
Guest blog: The shared challenge for councils, and why tech is the solution by Robin Barber, Product owner of built… https://t.co/YM14AJp4Nc
Guest Blog: Recovery and building back by leveraging Digital tech by Bhupender Singh Tuteja, @hcltech as part of ou… https://t.co/gQWiLx7z5W
Become a Member
×

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...