Page 51 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 51

ITU-T Focus Group Digital Financial Services
                                              Technology, Innovation and Competition



               in that assertion grows, as illustrated in Figure 5. This might be supplemented by specific checks for services
               that require a level of assurance beyond that currently offered by the digital identity. An example might be
               strengthening the assurance associated with the digital identity through the use of 2FA using a mobile phone,
               which as well as mitigating the risk of account takeover, also strengthens the level of assurance by adding a
               verified data attribute – a mobile phone number. This dynamic approach has the advantage that the necessary
               checks, and the associated expense, need only be undertaken once it becomes necessary for service access
               – an approach commonly known as stepping up.

               An important characteristic of this form of digital identity is the use of multiple sources (including, but not
               limited to, the individual’s mobile phone, their social media activity (also known as their ‘social graph’), pattern
               of usage, location, etc.) can all feed into the level of assurance, so continuous assessment and monitoring
               is essential. Such an approach has clear synergies with the risk-based approach used by financial service
               providers.

               By diligent and continuous application of these techniques, issues such as fake social identities can be addressed,
               though it is as yet unclear what LoA might commonly be achieved using this approach.


               Figure 5: Changing LoA of a dynamic digital identity



















               The dynamic approach to digital identity building has a number of key advantages over the static approach:

               •    There is considerably reduced friction around onboarding, as an initially self-asserted identity has few
                    barriers to entry.
               •    It presents new ways for a citizen to build reputation, and so grow confidence in the quality of the digital
                    identity.
               •    It’s better for financial inclusion, as it enables identification and the consequent level of assurance to
                    grow over time, as needed to access new services, which in this market is preferable to the initial ‘all or
                    nothing’ approach.
               •    It enables better fraud control by making good use of data through active monitoring – always assuming
                    that data protection and privacy requirements can be met.
               However, these advantages should be balanced with the reality that there are currently no clearly defined
               metrics for measuring the strength or assurance of dynamic identities. Without detailed analysis, it is not clear
               that this approach will be reliable enough to meet strict KYC and anti-money laundering (AML) requirements.




               3      Technology supporting digital identity


               Digital identity dictates the use of various solutions to satisfy the requirements of its generic architecture.
               Annex A identifies technologies that are used to support either identification, authentication, or authorisation





                                                                                                       37
   46   47   48   49   50   51   52   53   54   55   56