Digital Identity

Identity and Access Management (IAM) relies heavily on digital identities. In this article, we explain what a digital identity is and why digital identities are important for organizations. Before we examine digital identity, we first discuss what identity means. You have an identity from the moment you are born. It is what is unique or intrinsic to something or someone. Identity can be divided into two levels: the personal and the group. The personal level is what makes you unique and includes attributes such as your name, age, address, character, and image. At the group level, identity is the group you belong to or a passion or interest you share with like-minded people. For example, being a supporter of a particular sports team or your preference for a specific music genre or subculture. Nationality is also often an important part of a person's identity. In addition to those identities in the physical world, almost everyone now also has multiple digital identities. This is the type of identity that plays a role in Identity and Access Management (IAM). It is time to examine this construct of identity in more detail.

What Is a Digital Identity?

A digital identity is the type of identity that enables a person to identify themselves within an IT system or application. It is like an online passport that grants access to the digital world. A digital identity contains a collection of verifiable data and your digital footprint: from a username and password to personal interests and online behavior. It is the way you present yourself online and communicate with others. Your digital identity is not only important for gaining access to digital services and information, but it also determines how others perceive you online and how you position yourself online.

Why Is a Digital Identity Important for IAM?

Identity and Access Management is about identifying, verifying, and managing users within an organization. The goal? To ensure that the right people gain access to the right data and IT applications.

Assigning a digital identity to a user is crucial for this. You can only verify whether someone is who they claim to be and assign access and modification rights once they can identify themselves within your IT systems. Only with a digital identity can an organization verify whether someone is who they claim to be and grant access and modification rights to the right people.

The Difference Between People and Digital Identities

Within Identity and Access Management, it is important to distinguish between people and identities. Why? Because a person can have multiple digital identities.

Consider a situation in which, as an employee of a company, you have a corporate email address but also use a personal email address for activities such as online purchases. In that case, you are the same person but have two distinct digital identities.

Although the example above focuses on the separation between professional and personal contexts, multiple digital identities also occur within the same context. Suppose that, as an employee of that same company, you also need access to other systems and applications with different usernames and passwords. In that case, you not only have multiple digital identities, you also have different sets of access rights linked to each of those identities.

IAM solutions must not only identify individual user accounts but also manage all digital identities and access rights for people and integrate them into a central system. This enables organizations to ensure that employees have access to the right information and applications, regardless of which digital identity they use. This is very important at a time when people have numerous digital identities, and managing them can be challenging.

What Makes Up a Digital Identity?

A digital identity is composed of several verifiable data points and attributes. In an IAM context, it usually includes:

• A Username and Password: Think of this as your digital ID or business card.

• Any Additional Verification Factors and Keys: It is increasingly insufficient to enter only your username and password; biometric data, unique codes, or your device may also be required for verification.

• The Organization You Are Part of: To verify a user and assign the right rights, it is important that a system or admin knows whether they are dealing with an internal user or an external guest user.

• Department, Job Function, and Role: This is a particularly important part of the digital identity during the authorization phase. This information indicates the tasks a person performs and the permissions required to perform them.

How Do You Verify an Identity?

Verification of a digital identity occurs through authentication. Authentication is the process by which a user is asked to provide evidence that they are who they claim to be. Authenticating a digital identity usually starts with entering a username and password. With two-factor and multi-factor authentication, additional verification factors and keys are added. Examples include biometric data (fingerprint, facial scan), a unique code, an SMS message, or identification of a device (smartphone, tablet, computer) associated with a known digital identity.

Related Articles

• What is a good order for an IAM implementation?
• Identity & Access Management vs. Identity Governance & Administration