1N/ Digitized vs Digital / Heather F
Session 1N
Digitized vs Digital Credentials
Session Convener: Heather Flanagan
Notes-taker(s): Heather Flanagan
Tags / links to resources / technology discussed, related to this session:
https://sertifier.com/blog/the-future-of-digital-credentials-smart-certificates-badges/
https://openwallet.foundation/
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Digitization is the process of transforming information from a physical format to a digital version.
Digital is something more native, more flexible.
Other thoughts in the room: these concepts are coming into the edu and employment space in a big way. As people grow skills and certifications (for example) are still paper based. The info isn’t getting leveraged because they can’t access it. When you talk about digitizing all that info, reading a JSON and turning it useful and turning it into a digital credential is going to take years.
What would the value be of a standalone, digitized credential without an anchor to a digital identity? Where is the original source?
Digitized credentials are (probably?) a relatively short-term concept between now, with so much paper history, and the future of 100% digital. Though much earlier history like WW2 records will always be digitized only (and only on request).
We’re at an inflection point.
Looking from a content perspective that is digitized, digital is fluid content coming in, active while you’re working on it, but digitized is solid, stable, fixed content. Digitized in photography would be to turn a digital photo into an NFT.
NFTs add a dimension into digital content of ownership.
Identifying yourself is the first step in digitizing your own content.
What would a bank account use case look like? Right now, it’s an account number with a routing number, but there’s no other metadata associated with it that makes it a solid credential. You could route money to an account, but it’s much harder to get money out of an account. Third party transactions going through something like Venmo that requires verification would benefit by digital credentials, but every bank would have to agree.
The paper diploma isn’t generally actually used; the verification happens regardless of the piece of paper. There has to be a trust anchor. The answer in the room is that driver’s licenses are making that jump from digitized to digital credentials. It gets complicated as driver’s licenses are being used for more purposes than just proof that you’re legal to drive. When you digitize the credential, you can digitize part of it and spin off only the information relevant to a given transaction (e.g., age verification). There is a pilot program in Virginia for that. It’s about delivery, online purchases. It’s in transition, so it’s still very much built on the “paper” model still, but that’s changing.
The meeting ground for digitized and digital is what we’re calling eKYC. At the OIDF, they’re trying to standardize how those two sets of credentials can be combined in globally interoperable ways to meet KYC requirements.
At google, looking at handling mDL in the google/android wallet. Digitized would be taking a photo of the credential and using OCR or something to verify the info. mDL is digital because the info comes straight from the DMV. The credential is issued and signed in a digital manner and directly issued by an authoritative source. With a digital wallet, we have something that hasn’t happened in the identity ecosystem before: something everyone can relate to, from technical to entirely non-technical people. We also have something that all regulators can get behind, which is requiring more than two wallets. There is a new Open Wallet Foundation that is looking at how to develop wallet consortiums outside their ecosystems. We have a destination point for all things digital and digitized that everyone in the chain can relate to. We can create these wallets outside the two market players right now.
What’s stronger, digital or digitized? What’s more trustful? Hard to say at this point; we need a trust framework that allow people to make those judgements. (Some work here from the Privacy-Enhanced MObile Credential working group within the Kantara Initiative).
Just a straight photo isn’t enough to be trusted; that’s not really digitizing. It’s more about digitalization. YOu can’t compare digitized vs digital; you can’t just digitize a credential.
Similar to biometric vs biographic. Realistically, we’re talking about having a token, you validate it with state or local info that you get to have a drivers license. They’ve already taken a photo of your face, so realistically they could run your face. Are we after digitization so you’re carrying a token, or are we talking digital where they can get all of that from taking your photo. The challenge is getting that info to the person on the front line.
Why get rid of tokens? Because you have so many of them. When you talk about digitization, you’re taking your birth certificate, drivers license, marriage certificate, etc, and carrying all of them. YOu don’t want to have all those aspects of documents. YOu want to have access to them, and you want them to be secure, but you need to worry what the security is going to look like and you need to worry about what people are going to do with it (Privacy).
Some of the branches that make up a digital identity will include digital info and digitized info.
Full digital systems suggest centralizing info, which goes counter to SSI principles. We have different levels of trust with our governments, and governments change over time, so you need to think about how to retain control of your digital identity.
To what end is all this work on digital identity happening? It’s about quality of life, but how do you bring that all together?
Identification, verification, credential = that’s the three areas that encompasses digital identity. Some concern that credential isn’t defined well enough.
Are we getting close to a real digital identity via the work Apple is doing across the board with their wallets? It’s got biometric, it’s got something that you are, it’s got a variety of credentials. Private industry is moving pretty quickly in this space, possibly faster than government.
Regulator in the room states that the public-private partnership is now working as well as we’d like.
