Digital Identity will be without any doubt one of the big challenge in the coming months. Why? Because of two important trends:
- The explosion of services targeting segmented needs: from generic ones (email, calendar, feeds) to community oriented (MySpace, pictures, etc…)
- The “mashup/widget” trends, who gives the capacity for end user to aggregate these services to create their own unique application
Each of these service require usually an identity (most of the time a username/ password)
As an illustration, this excellent picture summarize the complexity of the various indentities that you use
(source: FredCavazza blog)
So what happens practically?
Today, you have to create a new login password for each new service you subscribe. The subscription is painful, you enterÂ again your coordinates, if you are lucky you can choose your username/password, if unlucky you are given a password if not an username. So one more to rememer….
The Digital Identity try to solve this by bringing a different mechanism: instead of having to register each time to a new site, the site get a part from your numeric ID and you just have one click to authorize it. Does not mean that they all sites haves the same right , you could provide them different level of access to your personal information if needed.
Seems quite complex, but when well implemented, could be a really good user experience. You can “feel” the concept with sites like Flickr, where third parties can access to your data without having to ask you your username/paswwrod. You can even easily revoke them at any time.
What is the impact on mobile?
Identity management on the web is painful, but it’s a nightmare on mobile. With more “Mobile2.0″ capacities (i.e. more data services) users will want to access to their web data on mobile. The bad news, is that not only you will have to retype all these username password, but with a keyboard not designed for this…
A decentralized Digital Identity approach could easily solve all this problem. By having the ability to easily provide your digital ID to applications (and in an ideal world , linked to your SimCard) these one can discuss with an ID server to ask for informations, and you are just one click to authorize them (which is a small effort even on mobile).
Does this will happens?
On the short term, it won’t be pushed by operators, as they are the only one that can easily knows user identity, and that’s a unique advantage from their point of view. But by opening this, and give easy access to third parties it could boost service usages.
Mobile requires even more than the Web a standard Digital ID approach due to both technical constraint of the mobile and the increase of data services available. The mobile already have the technical basis to do this (SimCard for instance) but no real solution has been yet put in place. So we can only wait more to see if existing Digital Signature solutions from the Web will move to mobile….