Digital identity management with digital wallets
The management of digital identities is a critical issue in the rapid ongoing evolution of digital government services and within digital nations. The widespread use of public and private sector online services as well as via digital devices requires individuals to frequently share personal information. This has created demand for the use of digital identities. Unfortunately, a fragmented landscape has evolved where users must handle multiple usernames, passwords, and authentication methods.
Despite being designed for security, digital identities are usually spread across multiple domains, each requiring unique access credentials. This fragmentation poses risks and cognitive challenges for users, who must manage various personas protected by different security measures. The more credentials users have to handle, the greater the risk of security breaches.
The current digital identity landscape presents a challenging balance between convenience and security. There is consequently a growing need for innovative solutions that simplify identity management while strengthening defences against evolving digital threats.
Digital wallets have emerged as a promising solution for managing digital identities efficiently. These applications allow users to store, manage, and deploy various digital assets, such as personal data, payment information, and credentials. They offer a streamlined user experience and enhanced security.
The necessity for reliable digital identity management
As the delivery of services becomes increasingly interconnected and data-driven, reliable digital identity management will become critical. Solutions such as digital wallets and federated services offer promising avenues for addressing the complexities of identity management.
This discussion explores aspects of digital identity management and its practical applications in digital wallets and federated services. It also examines the use of digital wallets for accessing cloud services, discussing their advantages and potential challenges.
Digital wallets
The rapid digitisation of services, accelerated by the 2020 COVID-19 pandemic, has led to a growing reliance on digital platforms for various activities. Digital wallets now play a critical role in digital identity management, offering a secure repository for storing and managing digital identities and credentials. They provide significant benefits, including convenience and reduced burden on the identity holder by centralising identity management.
The OpenWallet Foundation (OWF) is a key player in the promulgation of digital wallets, focusing on open-source development that supports interoperability across various wallet applications. This aligns with the broader trend toward user empowerment and secure, user-centric digital identities.
It is also important to note the role the ecosystem of federated services and catalogues. Federated catalogues enable seamless discovery and access to services through centralised repositories. These systems synchronise information across various catalogues, ensuring that data remains accurate and up-to-date. When integrated with digital wallets, federated catalogues improve service discovery and personalisation while maintaining security.
The Gaia-X initiative is a European project that illustrates the value of federated services in managing digital identities. It provides a unified digital infrastructure that gives users greater control over their personal information. By integrating a single digital identity across multiple platforms, Gaia-X enhances security, privacy, and convenience while fostering innovation and competition.
Different identity management models
Over the years, different models for identity management have been developed. The isolated model, where each service provider operates its own identity provider (IdP), was the earliest approach. It has since evolved into the central identity model, which outsources IdP functions to a central entity serving multiple providers. However, concerns over centralisation led to the introduction of federated identity management, which builds trust relationships among multiple IdPs. The user-centric model gives individuals more control over their identity data, while the Self-Sovereign Identity (SSI) model represents a shift towards fully user-controlled credentials.
Federated Identity Management System (IdMS)
The federated IdMS model moves away from centralised identity management, connecting identity information across multiple organisations. This approach allows users to access multiple services within a federation using a single authentication process, known as Single Sign-On (SSO). The federated model offers better scalability, adaptability, and user-focused identity management compared to traditional systems.
Requirements for identity wallets in the cloud
As cloud computing continues to expand, secure and seamless access to cloud services is essential. It is important to explore the types of identities needed for various cloud services, future needs for digital wallets and federated identity management, and the challenges associated with implementing these systems in cloud environments.
Cloud-based identity management can be classified into three main categories: user identities, service identities, and device identities. User identities allow individuals to access cloud services, while service identities are tied to specific applications or cloud services. Device identities are used for authenticating and authorising devices that interact with cloud resources. Effective identity management requires tailored approaches for each identity category, considering their unique requirements and functions. Key requirements for digital wallets include:
Secure storage of identity data
In the dynamic environment of cloud services, protecting identity and identity-related data is a top priority. Secure storage underpins trust and data protection by ensuring the confidentiality, integrity, and availability of sensitive information. This protection is achieved through cryptographic measures, access controls, encryption, and continuous monitoring. A robust security infrastructure minimises risks like data breaches and identity theft, preserving the integrity of digital identities essential for accessing cloud resources.
Effective management of identity data
Managing identity-related data within the cloud involves curating, reviewing, and controlling data sharing beyond cloud boundaries. The objective is to empower users by promoting digital self-determination. Users should have the ability to select, modify, or delete identity data stored in the cloud. This highlights how selective data sharing as a privacy mechanism can enhances trust. By prioritising user autonomy, the cloud environment encourages individuals to take an active role in managing their digital identities.
Secure sharing of identity data
Secure sharing of identity data beyond cloud boundaries is a critical component of cloud-based identity management. This involves establishing robust communication channels and protocols to maintain data integrity and confidentiality during transmission. The balance between seamless service delivery and strong data protection lies at the core of this element. Trust and technology intertwine to create a secure digital ecosystem, where secure sharing safeguards privacy and bolsters cloud security.
Secure storage of cryptographic material
Cryptographic elements, such as keys and certificates, form the foundation of trust in digital identity management. This requirement focuses on protecting these components from unauthorised access by using secure storage mechanisms and strict confidentiality measures. The lifecycle management of cryptographic material—spanning generation, distribution, rotation, and retirement—requires careful oversight to remain resilient against emerging threats. Adhering to this ensures the trustworthiness of cloud-based identity management.
Combining identity data before sharing
Selective disclosure is at the heart of this requirement, which allows users to combine and curate identity data according to specific sharing needs. This approach enhances privacy while enabling precise control over which aspects of identity data are shared. It also promotes a more refined data-sharing model, where users can tailor disclosures based on situational requirements. This flexibility fosters trust and reinforces privacy within cloud-based identity management.
Advantages of digital wallets for cloud identity management
Digital wallets offer significant benefits in cloud-based identity management:
User convenience: Digital wallets provide a centralised platform for managing identities across various cloud services, simplifying the user experience and reducing the cognitive load of managing multiple credentials.
Robust security infrastructure: Digital wallets implement advanced security measures, including robust authentication, encryption, and access controls, ensuring the protection of identity data even in the face of potential breaches.
Empowerment and data sovereignty: Users gain control over their personal information, deciding who can access it. This empowerment marks a shift towards user-centric identity management, where individuals are active custodians of their digital identities.
So what are the barriers to the development of digital wallets?
Despite the promising benefits of digital wallets, several challenges hinder their development and widespread adoption. These barriers can be grouped into interaction issues, technical challenges, and trust concerns.
Interaction issues between public and private sectors: One key challenge is the lack of alignment between public and private sectors. Government entities and private companies often have different priorities, which can make collaboration difficult. For example, public institutions may focus on security and accessibility, while private companies prioritise profitability and user experience.
Technical issues: Developing digital wallets requires integrating complex systems that must securely manage and store sensitive information. Ensuring compatibility across different platforms and services while maintaining high security is a significant challenge. These technical barriers include secure data storage, authentication processes, and managing electronic attestations of attributes.
Trust: Trust is a major barrier to adoption. Many users are hesitant to entrust their personal information to digital wallets, especially if they are provided by private companies. Concerns about data privacy, security breaches, and misuse of information make people cautious about using these systems.
Regulatory and compliance: As digital wallets become more integrated across various sectors, gaps in current regulations and governance models emerge. Effective regulatory frameworks are needed to protect users’ rights and ensure secure and ethical use of digital wallets across public and private sectors.
Complexity of diverse needs: Digital wallets must cater to a wide range of services, from government interactions to banking, health, and more. Meeting the unique security and functionality requirements of each domain is challenging and requires tailored solutions.
Addressing these barriers will require a coordinated effort from governments, private companies, and regulators to build trust, simplify integration, and create robust security frameworks for digital wallets. As these challenges are overcome, digital wallets could evolve into comprehensive tools that seamlessly connect users to various services in their daily lives.
Conclusion
Digital wallets and federated services offer significant benefits in digital identity management. They provide secure, convenient methods for managing digital identities, enhancing user control, security, and privacy. Future development could focus on integrating emerging technologies like blockchain and decentralised systems to further improve security and usability. Sustained innovation and development will be key in addressing the evolving challenges of digital identity.
While digital wallets hold great promise in revolutionising how we manage digital identities, their development and adoption still face significant challenges. The misalignment of goals between public institutions and private companies, complex technical requirements, and concerns about data privacy and security all create substantial barriers. Moreover, the absence of unified regulations and the difficulty in meeting the diverse needs across sectors further complicate their implementation.
To overcome these obstacles, a collaborative approach is essential, involving governments, private sector stakeholders, and regulators. By fostering trust, ensuring seamless system integration, and developing comprehensive security frameworks, digital wallets could be used as versatile and secure tools that connect users to a wide array of services.
References
Chuhan, S., & Wojnas, V. (2023, July). Designing and evaluating a resident-centric digital wallet experience. In International Conference on Human-Computer Interaction (pp. 591-609). Cham: Springer Nature Switzerland.
Kersic, V., Vidovic, U., Vrecko, A., Domajnko, M., & Turkanovic, M. (2023). Orchestrating digital wallets for on-and off-chain decentralized identity management. IEEE access.
Lukkien, B., Bharosa, N., & De Reuver, M. (2023, July). Barriers for developing and launching digital identity wallets. In Proceedings of the 24th Annual International Conference on Digital Government Research (pp. 289-299).
Satybaldy, A., Subedi, A., & Idrees, S. M. (2024). Decentralized Key Management for Digital Identity Wallets. In Blockchain Transformations: Navigating the Decentralized Protocols Era (pp. 47-58). Cham: Springer Nature Switzerland.
Schoemaker, E., & Martin, A. (2023). Digital Identity and Inclusion.
Scollan, B., & Darling, E. (2023). Designing digital currency wallets for broad adoption. Journal of Payments Strategy & Systems, 17(1), 96-106.
Sjöholm, M. (2023). Designing a Trustworthy EU Digital Identity Wallet: A study of user needs and preferences.
What is a digital wallet? What is the most popular digital wallet?