The digital identity landscape continues to rapidly evolve. Apple is progressing its phased rollout of support for digital government IDs, with Google following suit. Internationally, the EU is piloting its European Digital Identity Wallet, which could see users seamlessly claim prescriptions, access social security benefits, and even file their taxes.
These changes are exciting. The evolution of digital interactions and the opportunities they provide, however, is also accompanied by challenges. Unless businesses and governments reliably and securely verify an individual’s identity in a low-friction manner, they risk hindering user adoption and becoming vulnerable to security incidents.
The dangers associated with digital identity have been recognized by the U.S. federal government. Senate Bill 884, otherwise known as the Improving Digital Identity Act of 2023, was introduced in the Senate in March and aims to establish a government-wide approach to improving digital identity. The Bill included some alarming contextual findings: more than 293 million people were affected by data breaches in 2021 and in 2020 and losses resulting from identity fraud totaled $56 billion.
In this landscape of rapid growth and security challenges, what do consumers think about new tech? And how will businesses safely enable the transition to widespread adoption of digital identity? Curity’s latest report, Plotting the Roadmap for Digital Identity, sought to answer these questions, surveying 200 IT decision-makers and 1,000 consumers in the UK and U.S. to understand their attitudes towards digital identity, adoption of digital wallets, challenges to established security practices, and the future landscape of digital identity.
Consumer Trust and Uptake
The majority (59%) of consumers are already currently using a digital wallet, with eight out of 10 (79%) adopters using it at least once per week, and one-third (32%) using it every day. Among the 41% of consumers who don’t currently use a digital wallet, almost half (48%) say they would “definitely or probably” consider using one in the future. There is a huge opportunity for growth here. Now is the time for businesses to invest in technology that supports secure digital identities to help build consumer trust and to further develop the adoption of a digital wallet.
Regarding consumer trust, financial institutions are leading the way. Financial institutions (38%) are current leaders in public trust when it comes to storing personal data in digital identity wallets, followed by medical providers (35%). Meanwhile, government agencies (22%) and transportation providers (17%) were the least trusted. This relatively high trust in financial institutions is logical as they already manage a great deal of sensitive consumer and financial data. Financial services are the most-used service among consumers, with digital wallets (62%), followed by retail (61%), travel (46%), and event passes (34%). All these digital wallet services require personal data to build a digital identity within them. Financial institutions have the chance to build on this trust and pave the way for broader adoption of digital identity and digital wallets.
The study found that age is a factor for digital wallet adoption. Consumers aged 18-45 are more likely to use digital wallets than those aged 46 and above. Among those surveyed, digital wallet usage and trust in tech companies decline with age. However, there is an appetite among older age groups for digital wallet services. One-quarter (25%) of consumers aged 66 and over currently use a digital wallet, and 37% would consider doing so.
Organizational Attitudes and Adoption
The research found that there’s broad awareness around the concept of digital identity and how it works, with the vast majority (87%) of IT decision-makers (ITDMs) saying they are familiar with it and more than one-half (54%) saying they are familiar. Additionally, organizations recognize the transformative impact of digital identity: 60% of the ITDMs surveyed anticipate digital identity will have a transformative impact, and 71% are already using digital identity or are planning to do so. Larger organizations are much more likely to be currently embracing digital identity, with ITDMs in larger organizations around three times as likely to be already using digital identity than those in smaller organizations.
This commitment to digital identity doesn’t come without security concerns. Among ITDMs who agree that digital identity will transform their organization, the top security challenges they mention are hacker sophistication (39%), lack of appropriate infrastructure (33%), lack of team knowledge (27%) and lack of organization buy-in (19%). These findings show that though technology sophistication and improved infrastructure will be key in meeting the threat of malicious actors, there is a corresponding need for organizational culture change and education to ensure those with the most experience are mitigating these issues. Interestingly, Curity found that less senior ITDMs were more conscious of security challenges, indicating they are more likely to be dealing with the issues on a more regular basis.
The Future of Digital Identity
The growth of digital identity may come with new security risks, but digital identity advancements are also part of the solution. In fact, 8 in 10 (79%) of the ITDMs Curity surveyed believe digital identity will enhance security practices.
For instance, passkeys and decentralized identity (also sometimes referred to as Self-Sovereign Identity, SSI, Web3, or Web5) offer organizations huge opportunities to enhance authentication processes, mitigate risk and improve privacy and security. Some of these new innovations will greatly reduce the amount of personally identifiable information (PII) that organizations process and thereby significantly diminish consumers’ exposure to risk. Additionally, decentralized identity allows users to control their online identity and choose which information they provide to authenticate their login when accessing digital services. Through methods of identity management, decentralized identifiers (DIDs), and verifiable credentials (VCs), users can form a self-controlled identity housed in a digital wallet.
Businesses are recognizing the importance of decentralized identity to their digital future: 57% of the organizations surveyed have plans to introduce decentralized identity solutions into their operations. However, Curity’s research found a correlation between the size of the organization and the speed of decentralized identity adoption. ITDMs in organizations with more than 500 employees are almost four times as likely to be “definitely planning” to incorporate a decentralized identity within their organization as those in organizations with less than 500 employees (37% vs 9%). Smaller organizations have the advantage of being able to pivot more quickly when they do commit to change, yet they need the confidence, tools, and knowledge to do so.
Digital wallets and digital identity solutions are already transforming the way consumers move through the world and how organizations conduct transactions. This technology represents a huge area of growth for businesses — but also for bad actors. If organizations want to protect consumers, in addition to their own assets and infrastructure, they need to explore decentralized identity to ensure that their digital identity infrastructure remains secure and safe over the long term.
