"E-Identity in a network perspective: re-use what’s already there
A new paradigm for identity verification services (1 December 2008)
Authors: Leendert Bottelberghs MSc, Senior Consultant at Innopay
Douwe Lycklama MSc, Partner at Innopay
The online verification of identities (of both person and entities) has been one of the paramount issues since the conception of e-business. It is fundamental for online transactional services such as payment, e-invoicing and other exchanges of ‘value
messages’. In the numerous conferences on e-identity, defining the meaning of identification, authentication and privacy forms a substantial part of the as of yet unresolved
discussion. This ambiguity is heightened further when decision makers meet technology experts. It is clear that in order to proceed, different aspects of identity services have to be aligned before anything will happen.
Current authentication mechanisms have low relevance for citizens
So far the main solution focus for identity verification (authentication) has been on technology and privacy. The main initiatives are dominated by governments for egovernment
solutions and by banks who give out authentication mechanisms for accessing current accounts. This leads to multiple isolated and monolithic solutions for online identification with higher costs and more fraud. Further, the usability for users is very low since they have to maintain various authentication mechanisms, which is difficult when the interaction with the service provider has a low frequency (e.g. access to egovernment in The Netherlands is 1,2 times per year on average). The many parallel solutions lead to low usability and bad experiences for users, leading to ever lower
usage. All in all a vicious circle which is limiting the growth of e-business and egovernment.
Re-use what is already out there
Re-use of existing identity verification solutions in different applications is essential for converting this ‘vicious circle’ into a ‘virtuous circle’. Adoption is only accelerated when the habits of users are formed by different online services reusing the same
authentication mechanism. For example, online banking would benefit if every bank would offer the same authentication mechanism. E-government would take off if citizens could re-use authentication mechanisms they already have. In order to start re-using authentication mechanisms we have to redefine authentication into a service model with its own business case, making it attractive for market players. Existing solutions have to cooperate. Last but not least: the commercial sector can also benefit and might prove to
be an essential catalyst in a potential new industry.
Solution: network paradigm
Instead of looking at identity verification as a type of service, or a security problem, we consider it as a two-sided network. This new paradigm reveals some essential characteristics, of which one of the most important is the cross-sided network effect1. By
applying a four-party model to this network, we can define different roles as well as two domains: a ‘cooperative domain’ and a ‘competitive domain’. The cooperative domain is the minimal set of agreements for parties to cooperate in the areas of infrastructure,
applications and business. The competitive domain is the market that is created by the introduction of this common ‘network’ based on the set of agreements. .."
Needless to say that we fully agree - several Nordic and Baltic states are already public-private partnership success stories. Outlined in this blog earlier if-you-really-want-to-save-tax-payers' money