Secure, convenient verification: The future of identity

When did you last reset your password? Was it sometime in the last month? You’re not alone. The Entrust 2023 Future of Identity Report found that four out of 10 respondents in the Asia-Pacific (APAC) region reset their passwords at least once a month.

For a long time, organisations used passwords as their primary identity verification – and passwords remain today’s default login method. However, as more stringent requirements make passwords increasingly difficult to remember and cyber incidents occur more frequently, users in APAC are turning to digital IDs and biometrics for more convenient and secure verification. According to the Entrust report, three-quarters of APAC respondents will choose biometrics half the time or more. Additionally, seven out of 10 respondents in APAC said they would likely use a digital form of government-issued ID if one were available.

But does this mean that organisations and governments should be transitioning to digital IDs and biometrics immediately? While I strongly support digital IDs and biometrics and see them as the future of identity, not all organisations or governments are ready to accept digital identity credentials. To achieve both convenience and security in user verification, organisations must keep user preferences in mind and offer both physical and digital identity credentials. This approach gives individuals the option to choose the type of ID they want to use in different situations.

Different users, different preferences

More than half of APAC’s Generation Z, millennials, and Generation X will opt for biometrics when available. In comparison, only 37% of baby boomers living in APAC answered the same. This comes as no surprise. While ATMs are a permanent fixture of our lives today, initial adoption was slow. Despite ATMs being available, I recall people queueing up to see a bank teller at the counters. Similarly, with contactless payments adoption, we only truly saw an acceleration in adoption during the pandemic.

To ensure a balance of both security and convenience, organisations must remain inclusive and cater to all their users. Offering both digital and physical identity credential options to accommodate diverse user preferences will be vital to helping users transition, especially since those who prefer to only use physical credentials will feel encouraged to explore new options at their own pace.

Education is an ongoing journey

While digital identities are becoming more popular in APAC, there is still a need for education into what they are and how they work. According to the Entrust report, when asked whether they had an electronic ID (eID), one-fifth of respondents in APAC weren’t sure, and more than half of baby boomer respondents said they did not own an eID.

Greater awareness is needed to build on the momentum of digital identity adoption and make it the new normal. Businesses and government agencies can help bridge this awareness gap by educating employees and citizens on how digital identities work and why they are crucial for data protection. When users understand what comprises a digital identity, they can make more informed decisions about which type of credential they want to use for different purposes.

Reassuring users their data is still their own

Although data privacy is a significant concern for consumers, many feel they have little control over their personal information. Respondents across APAC are divided in their comfort levels with organisations owning and storing a digital identity, with 54% stating they are satisfied with this arrangement. This skepticism indicates a need for greater confidence in users’ ability to trust organisations with their data safety.

To earn the trust of stakeholders and stay ahead of the curve, companies need to explore ways of empowering their users to take ownership of their data. While still in the experimental stages, companies can look to decentralised identities to reassure users that having a digital ID is just as safe as a physical one. Decentralised identities return power to individuals by providing a single repository for all confidential information, including their credentials, eliminating the need to distribute the same information separately to multiple vendors.

The future of identity lies in physical and digital

For the most convenient protection of users and their data, organisations and governments alike need to be mindful of differing preferences, invest time in education, and reassure individuals that digital credentials are as secure as their physical counterparts.

By catering to diverse user preferences through the acceptance of both physical and digital credentials, and allowing users to choose on a case-by-case basis, organisations can make identification both user-friendly and secure.