Dr. Heinrich Grave: The expansion of digital wallets and data sovereignty

In a piece exploring the potential of digital wallets and their impact on the payments ecosystem, Dr. Heinrich Grave, Senior Vice President Digital Identity at IDnow, provides deeper insight into data sovereignty on the internet. 

Will identity wallets end the age of anonymity on the internet?

Twitter Blue, Meta Verified and age verification on Instagram – the era of internet anonymity seems to be coming to an end. After more than a decade marked by anonymous bots and cyberbullying on various social media platforms, a new era of authenticity seems to be dawning. But how will credibility and security be maintained in the digital space in the future? A digital identity wallet could hold the answer.

Identity-weary users most likely target of attack

Today, identification on social networks tends to happen in the same way. Every social media platform requires a username, which is chosen by the user, together with a password of their choosing. Depending on the platform, the log-in process may be linked to multi-factor authentication, for example via the user’s mobile phone number. All this information is stored in data silos of the respective service provider.

As such, it is not really possible to know with any certainty who a particular social media user actually is. In addition to this, one’s own digital identity is neither transferable nor constant. In other words, the identity of each individual is scattered all over the internet and often not even traceable by the user themself. Old, unused accounts, which contain personal data – whether in the social media arena or in other networks – lie dormant and prone to identity theft and phishing attacks.

Password management tools and similar services try to counteract the identity fatigue of users so that their repeated, easy-to-guess passwords do not lead to a major cybersecurity disaster. But password services are also vulnerable and are repeatedly at the centre of hacker attacks. The core problem of the structure is obvious: the identifiers generated by the platform are stored in central databases, making them easy prey for attackers.

Revolution in data sovereignty

For users to be able to move securely on social media platforms and perhaps also in the metaverse in the future, they need their own and unique digital identity which must be under their sole control. 

This is where the concept of “Self-Sovereign Identity” (SSI) comes in. It allows ethical data storage and gives the user control over their data and their complete digital identity. Data that is stored in central locations – often in the form of data silos, whether on servers or in the cloud, becomes obsolete. Instead, the user’s identity will be stored and managed on their own device. Therefore, the risk of central attack, for both users and businesses, dramatically decreases.

In this model, the user alone decides what information is shared with a service provider or platform and what is not. A central component of this architecture is the digital identity wallet – and it is these which have the potential to revolutionise data sovereignty.

Store and reuse verified identities

In an identity wallet, users can store their previously verified identities and reuse them quickly and easily to verify themselves with new services or platforms. This not only speeds up the registration process and provides additional security, but it also gives users an overview of the platforms and services that they have registered using their identity wallet. Forgotten and half-orphaned user accounts will become a thing of the past.

For identity wallets to become a more widely accepted solution, it is important that the identification for services works securely and quickly. The user must be able to clearly confirm their identity with just a few clicks. An identity wallet enables precisely this, as the user already undergoes an identity check when they activate their wallet. The verified identity can be used on the desired platform after this one-time identification by using biometrics, such as fingerprints or facial recognition, without losing significant time in the registration process.

Security, data protection and user-friendliness are crucial

Security is a key feature of an identity wallet. According to the IDnow Digital Identity Index 2023 which investigated Germans’ attitudes toward digital services, 55 per cent of respondents noted security and data protection (46 per cent) as the most important parts of a wallet solution. For 36 per cent, however, user-friendliness or ease of use is also a key consideration. 

With last year’s release of the UK government’s Digital Identity and Attributes Trust Framework, which sets rules and standards designed to establish trust in digital identity products, UK users are gradually preparing to ditch the traditional wallet containing cash and cards and looking for alternative ways of paying and accessing private and public services.

Before we step into Web 3.0 or even into the metaverse, it is necessary to abolish anonymity and consolidate digital identities. This consolidation should no longer be in the hands of large companies but must be controlled by the users themselves. Only then can we hope to have an independent, secure and resilient internet.