This week I had the pleasure of visiting NORSIS event IDentitet 2016 in Oslo. Very well structured the event started with presentations around the capturing and validation of identity data which is fundamental for the trust in eIDs (and of course other types of credentials). Many good points around the difficulties in validating physical identity documents that are later used to issue digital identities, points that also validated with real life examples in the next sessions around Identity Theft.
In the identity theft session we got to hear Marthe Lunde, a victim of identity theft, speak about her experiences from several aspects and how easy it is to perform an overtake of some ones identity due to lack to good controls and secure distribution and use of identity information, in Marthe Lunde’s case it resulted in a number of purchases for a significant amount and over 200 hours work for Marthe to reclaim her identity and eliminate the damage the criminal caused. I especially noted the inability from the society and the merchants to help Marthe, in the end she has not caused this, she is a victim of weak controls and processes and of course criminal activities.
The later sessions went over to the digital identity side but with links back to the earlier session with a clear message that we need a secure capturing and validation of the initial identity data and if we then link that to a secure digital identity which can present the initial data in the digital channel we can raise the protection of users and reduce identity theft significantly. There is obviously so many great services we can build on an improved system that combines a secure identity capturing and validation with a convenient eIDs in order to establish a trusted identity that can work across borders as well. But to establish the trust it is necessary to address the complete chain not just the indiviudal parts.
Read more about NORSIS here