Everything becomes mobile – even identity

The mobile phone has become the Swiss army-knife of the digital era. Calendars, maps and clocks have all become integrated onto the phone, making it the single device for all our needs. Even cameras are feeling the pinch. These multi-purpose digital assistants handle our communications, store our memories and bring all the data and services of the world to our finger-tips.

In our daily lives we have permission to enter a building, such as home, if we have the correct key. When buying from a store, we prove our creditworthiness and authorize payment with a piece of plastic, containing an identifier credit-card number and related PIN-code. Both keys and credit cards are on the way to moving into the mobile phone – witness the increasing prevalence of electronic keys in office buildings and the talk of wallet wars with different companies and industries competing to offer consumers the more user-friendly and “secure-enough” mobile solutions for payment.

One of the few things not yet mobile is our identity. In fixed internet, digital identity is already somewhat established, but the tools for using it are still cumbersome. Most of us have digital bank-credentials – usually in the form of customer number, PIN-code and a one time-password or security token – with which we can log onto our bank’s internet-banking services, authenticate online transactions and even use public services in many countries.  Every one of us has large amounts of username-password combinations. The more security-oriented boffins among us have tried to increase security by using different combinations in different services, but most of us just don’t bother and use the same set over and over again. This opens huge risks as digital villains gain access to all services just by hacking the weakest one of them (the money involved in digital fraud is already staggering and growing fast).

We can’t afford to share increasing amounts of our newly created wealth with these digital shop-lifters and identity thieves for much longer. But change is coming. In many ways, it has already arrived. It is coming in the form of constant data-connectivity and the need to take care of things in real time, at home and while on the move. Our daily life will be simplified and enhanced by m-commerce, NFC, mobile wallets, digital keys and other forms of connected living.

To use these exciting new services we need to be able to establish our identity and credentials conveniently and from wherever we are. Like the keys to our home, we need to have our identity mobile, safe and under our own control. The entity which is able to deliver this service for us in a trustworthy, easy-to-use solution is sure to make good long-standing business: what could be more valuable than to be the issuer and broker of identity and trust for a whole nation (or more) of individuals, to be the facilitator of transactions and the “central banker” of digital trust?

Many competitors are already moving in as they recognise the many ways of monetizing this position.  Today there exist only a few ways to make identity ‘mobile’ while still keeping it easy-to-use and secure. In the future, new solutions will be invented as long as no dominant approach has been established globally.

One of the strongest contenders is the SIM-card.  Sitting inside the phone, it fulfils the requirements of usability, security, multi-channel operability and scalability. It has a few extra benefits: first, it is linked to the GSM-number, which is by far the world’s most widely used individual identifier. Secondly, it is issued by the operator at the start of a customer relationship and carries an element of trust with it, especially if the subscription is post-paid. Thirdly, operators are integral providers of digital services for societies and thus follow local rules, regulations and customs. You can even call an operator if you need help!

Having identity mobile on the SIM completes a circle. There are over 2 billion SIMs out there, though not many support strong Mobile ID yet. And why are they there? They are there to authenticate the phone to the network and allow the user to make calls. They establish trust and billing between the user and the operator. Now the only thing that is needed for operators is to upgrade the core service from authenticating and connecting mobile phones to authenticating persons. That doesn’t sound like a very large step considering how much is at stake, how it would take society forward and benefit the operator’s business with it. It’s time to get going. The window of opportunity is wide open now, but many competing players are squeezing in to gain the central role of mobile transaction facilitator…