Many believe that identity wallets will save digital identity, but is this really the case? And if so, who will come out on top in the wallet wars?
Material culture is a discipline that looks at the relationship between people and things. These 'things' are typically physical, such as stone tools, but as we all settle into the Anthropocene – regarded as the most recent epoch in human history – these 'things' are becoming digital too.
The digital material culture that we are developing will inform our future, and the here and now is when that future begins. One of the most influential areas of technology comes from the methods used to identify human beings as we interact with this new and evolving culture.
The battle for control over our identity is being fought in earnest across the globe: mobile wallets are seen as the champion of this battle for our identity. But in an increasingly saturated market for identity solutions, who will win the wallet wars, or will wallets go the way of the bow and arrow?
The mobile wallet is convenient for many of the digital tasks we perform. I use several wallets to hold and process tickets, for example. I rock up to an event, hold up my QR code in the wallet, and open sesame, I am allowed entry: convenience encapsulated.
Wallet vendors, the world over, attempt to emulate the convenience of a wallet and apply it to the world of digital identity. But is the ideal of a digital wallet containing your identifying data a panacea, or is it a bandwagon that will roll over vendors and people?
A brief history of digital wallets and identity
To understand where you are going, you need to know where you began. The notion of the digital wallet is not new. A digital wallet is typically associated with financial transactions. If you research the wallet's history, you get back results that mainly talk about that aspect.
However, in the context of identity, I always think of the information card as the founding father/mother of the identity wallet. A Microsoft invention, at the time of their development in 2006 they were neat, but, being tied to a desktop, they soon went the way of the dinosaur, as cloud computing took hold. Information cards contained personal data or “claims" that could be used to provide information to “relying parties” who requested it.
Information cards may be extinct in their original form, but the idea of an encapsulated digital identity is persistent. Today, self-sovereign identity (SSI) or “decentralized identity,” is a movement cementing the notion of identity in a wallet. But SSI has its issues.
In its original guise, it seemed intrinsically, almost philosophically, tied to a blockchain. It has morphed since the early days, and while still decentralized, climate-change issues and speed have meant that SSI vendors are looking at blockchain alternatives. Blockchain and decentralized myths aside, digital identity in a wallet, specifically a smart-device wallet containing verifiable personal data, has heated up: hot markets lead to a fight for the first place, so let the wallet wars begin.
Digital wallets have something about them that seems to be attractive. What's not to like about keeping personal data in one handy place? Also, no more account creation, as you have an overarching 'super account'. As a result, the market for smart wallets is growing, mainly for financial transactions, but identity in a wallet is a natural next step.
Many of these digital identity wallets are decentralized. Some even make wild claims about how they can save the planet; I kid you not. Even the EU is getting in on the wallet act. The European Commission states on its site, "Every EU citizen and resident in the Union will be able to use a personal digital wallet." A laudable goal, there is a problem with it.
Standards are great, but you must support them
New standards for digital wallets are available to handle smart device-based personal data. In the self-sovereign world, the World Wide Web Consortium (W3C) has developed the standard for decentralized identifiers or DiDs. A DiD works to support verified but decentralized identity data.
Other standards, however, will rock the DiD boat. A new standard, ISO 18013-5 mDL (mobile driver's license), is used by Apple to allow several US states to facilitate the storage of a driver's license in the tech giant’s version of the wallet.
Standards are necessary, but they must be supported by those consuming the identity, for example, e-tailers and other online services. Many websites still struggle with mature standards such as OAuth2, and adding new standard support is a hurdle. However, protocol gap bridges can help with this, and a community of vendors is building these.
There are many questions on the usability of digital wallets, especially those holding many verified claims. Expecting users to be able to manage keys if the device is lost or stolen is one such area; folks are working to resolve this, but it is a barrier to usability. Then there is the fragility of the system, how do you get the verified claims back, even if they are stored centrally? If data is held on a device, retrieval and reverification can be a heavy load for a user.
Privacy and security are other areas where proprietary wallets must step up. For example, if a person has a data-rich wallet on their phone or smartwatch, it acts as a honeypot for attackers.
What about retailers and other online (and offline) services
The support from the EU and the resulting tsunami of wallets will create a headache for those services consuming the verified data. For example, the EU Digital Wallet Consortium (EWC) has dozens of members working towards wallet or related offerings. That's many wallets to support.
Sure, standard protocols could help alleviate support, but anyone who works in this area will know that there are still issues in the UI/UX (user interface and experience design) of systems where there are more than a few choices for users. As the overkill of wallets in the market continues, what could possibly go wrong for those who want to use or support them?
The question is not will wallets support identity data; it is more about who will own the space. There may be a shake-down where a ‘universal wallet’ that handles identity 'passes' containing verified claims comes out on top.
Apple and Google are in pole position to own the identity wallet market. However, plain sailing is never part of the tech world, and in 2022, the EU accused Apple of anti-competitive activities in the EU wallet market. The battles continue.
Point wins for identity wallets
I definitely see use cases for identity wallets, although I use the term ‘identity’ loosely. Solutions that provide an identifier for an employee, in much the same way a physical identity card works, is one such use case. These will need proprietary solutions outside the remit of an Apple or Google wallet, as they will need to be branded for the service.
Otherwise, vendors working in the consumer wallet space will need unique and compelling reasons for a consumer to choose their wallet over the incumbent Google or Apple wallet.
In all their forms, wallets are part of the evolution of our technology landscape. Natural selection acts on this landscape as it does in the natural world. Still, in the digital sphere, factors such as investor appetite, the latest buzz tech, technological hurdles, and people pushback will shape the winners in the survival of the fittest: in other words, those wallets that fit the environment best.
This is a big subject, and I have missed out on large parts of the landscape, but the fact remains that the shake-up of the wallet wars is afoot, and people will choose. I’m betting that the winners will be the incumbents, Apple and Google. They are known and on your phone already. In terms of consumer identity wallets, the money will be in the system that can use existing wallets and deliver verified claims in the form of passes.
More from Cybernews:
Subscribe to our newsletter