Page 51 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 51
ITU-T Focus Group Digital Financial Services
Technology, Innovation and Competition
in that assertion grows, as illustrated in Figure 5. This might be supplemented by specific checks for services
that require a level of assurance beyond that currently offered by the digital identity. An example might be
strengthening the assurance associated with the digital identity through the use of 2FA using a mobile phone,
which as well as mitigating the risk of account takeover, also strengthens the level of assurance by adding a
verified data attribute – a mobile phone number. This dynamic approach has the advantage that the necessary
checks, and the associated expense, need only be undertaken once it becomes necessary for service access
– an approach commonly known as stepping up.
An important characteristic of this form of digital identity is the use of multiple sources (including, but not
limited to, the individual’s mobile phone, their social media activity (also known as their ‘social graph’), pattern
of usage, location, etc.) can all feed into the level of assurance, so continuous assessment and monitoring
is essential. Such an approach has clear synergies with the risk-based approach used by financial service
providers.
By diligent and continuous application of these techniques, issues such as fake social identities can be addressed,
though it is as yet unclear what LoA might commonly be achieved using this approach.
Figure 5: Changing LoA of a dynamic digital identity
The dynamic approach to digital identity building has a number of key advantages over the static approach:
• There is considerably reduced friction around onboarding, as an initially self-asserted identity has few
barriers to entry.
• It presents new ways for a citizen to build reputation, and so grow confidence in the quality of the digital
identity.
• It’s better for financial inclusion, as it enables identification and the consequent level of assurance to
grow over time, as needed to access new services, which in this market is preferable to the initial ‘all or
nothing’ approach.
• It enables better fraud control by making good use of data through active monitoring – always assuming
that data protection and privacy requirements can be met.
However, these advantages should be balanced with the reality that there are currently no clearly defined
metrics for measuring the strength or assurance of dynamic identities. Without detailed analysis, it is not clear
that this approach will be reliable enough to meet strict KYC and anti-money laundering (AML) requirements.
3 Technology supporting digital identity
Digital identity dictates the use of various solutions to satisfy the requirements of its generic architecture.
Annex A identifies technologies that are used to support either identification, authentication, or authorisation
37