By Darrell Geusz, Product Lead, Ping Identity
Airline travel has resumed in full force following years of the COVID-19 pandemic impacting the industry, especially around the holiday season. The Sunday after Thanksgiving this year saw a record-high number of travelers with nearly 3 million passengers taking to the skies, according to the Transportation Security Administration (TSA).
Airport and TSA requirements have evolved to keep up with the latest security measures and utilize the newest technology. For example, passengers must present a form of identification to pass through the TSA checkpoints at airports in the United States. While physical identification cards have long been required, new technology has enabled digital IDs for a quicker and more secure travel experience. This holiday season, some people will be presenting a mobile driver’s license (mDL) using their smartphone at select TSA checkpoints in airports in the United States. This increases the privacy, convenience and security for the transaction all simultaneously, a benefit rarely experienced with identity and security technologies.
As technology has rapidly evolved, so have user expectations for an innovative, yet secure, experience. This is also true for travelers as they interact with numerous touchpoints and stakeholders starting on their couch at home and ending in their hotel room at the other end. The benefits of using digital IDs along the way from a security and convenience perspective can not only enhance a traveler’s experience but also give them peace of mind knowing that their personal data is safe and secure.
The implementation of decentralized identity
The use of digital IDs and verifiable credentials put to use the concept known as decentralized identity. Decentralized identity refers to a model of identity verification and authorization management, and methods of integration and authentication, where individuals have more control over their own personal information and how it is shared with service providers. In traditional identity systems, such as those used by governments, financial institutions, or online services, a central authority typically provides federated authentication services and data sharing as a trusted “third party” in the transaction. This approach is not very scalable or affordable due to the heavy backend integrations required, is less portable including not effectively supporting in-person experiences, is less secure due to added unnecessary attack surface with every new service provider supported, encourages warehousing of stale data by the service providers, is more difficult to implement proper consent management, and is more difficult to implement while supporting emerging privacy laws and protections including because tracking is inherent to the architecture.
In contrast, decentralized identity systems aim to shift the control and sharing of identity information back to the individual. This includes built-in consent, choice and control including selective disclosure, supporting autofill of verified information, stronger authentication and cryptography with nonrepudiation, privacy-enhancing usernameless and passwordless experiences, optimized personalized and VIP experiences both online and in-person, easy approvals with digital signatures, more secure delegation options, more affordable to light up usage endpoints, and better compliance with privacy regulations.
We are not far from a future where decentralized identity solutions – in the form of digital credentials and wallets – will enable fully digital and personalized VIP interactions while traveling, including buying your tickets online, accessing the airport lounge, shopping in duty-free shops, boarding an airplane, renting a car, or checking in for your hotel. These new experiences will also support more individual privacy and control of personal data. This means sensitive information or unnecessary data may not need to be shared to obtain services.
An added layer of security with digital IDs
Although the use of digital IDs and verifiable credentials is still new for many, financial institutions, transportation and hospitality companies, and government agencies are quickly working to plan for and adopt more of these capabilities.
Digital IDs and verifiable credentials will make travel interactions not only faster, but more secure and private, as no unnecessary personal information is at risk of being compromised. Biometric data, such as photos, as well as PIN codes, can be incorporated into digital IDs, making it difficult to impersonate the user. In addition, each Digital ID or verifiable credential issued is tightly bound to the user’s pre-registered wallet using strong cryptographic methods. This means the credential issued to the particular digital wallet can only be presented by that specific device owned by the user.
If sensitive data has already been exposed to bad actors, digital IDs and verifiable credentials would offer affected users robust verification and better tamper resistance due to the stronger link between the physical person, their personal device and their digital identity. Digital IDs and verifiable credentials also offer expedited revocation or deactivation of access. Even if this sensitive data is shared and subsequently compromised, digital IDs and verifiable credentials, when implemented correctly, make it more difficult for bad actors to impersonate users and monetize the stolen information. Even better, it’s much harder for hackers using adversarial and generative AI to impersonate a user or to take over a user’s account that leverages digital IDs and verifiable credentials for identification or authentication and authorization.
Implementing the art of the possible
Once an organization understands the power of digital IDs and verifiable credentials, it doesn’t take too long for them to begin reimagining the user experience and adding in new interactions that were not even possible using traditional architectures and approaches. This is also true for the travel and hospitality sector, and government agencies that regulate access to services along the way.
They quickly begin to understand that this in effect moves the user’s account from countless service providers to their personal device opening up an entirely new channel of communication and interaction that is secure and privacy-enhancing. Wherever they go, the user can prove their identity, affiliation, privileges, entitlements, and purpose or eligibility. Credential issuers and service providers (verifiers) don’t need to implement expensive backend integrations to enable cooperation or to enable usage endpoints. In some cases where cooperative business and legal agreements are not needed, users can literally just show up and their credentials that are issued by recognized brands can be accepted and trusted.
Look forward to the day when you can interact quickly, securely and safely while you are on the road, and at the same time be treated like a rockstar through personalized VIP and concierge experiences by the brands that you trust, without compromising on your privacy.
About Darrell Geusz:
Darrell Geusz has 25 years of experience in identity, credentialing and access management (ICAM) systems and solutions for both the public and private sector. Darrell managed his first mobile identity solution in 1997. Darrell is product lead for PingOneNeo, a modern identity verification and digital credentialing solution delivering a safer, more secure, more affordable, and privacy-by-design paradigm that bridges from today’s reality to the user enjoying an omni-channel, Trusted First Party experience in every transaction.
Recently, Darrell led the development of the world’s first ISO compliant interoperable mobile IDs being used by multiple US state, international government, and commercial issuers. Darrell also pioneered the design, patenting, implementation and usage of cloud-based trust frameworks for two nationwide systems in North and Latin America used by over 1,000 organizations including cache clients such as Chevron, Cardinal Health, Lowes, State Farm, and Walmart. Previously Darrell designed and implemented nearly a dozen turnkey large scale identity systems, including several that currently manage between 10 and 100 million identity records each. Darrell has also served as Subject Matter Expert, Solutions Architect and Technical Policy Advisor for NATO, United Nations (UNDP), US Coast Guard, US Department of State Mérida Initiative, US House of Representatives, US National Sheriffs’ Association and the DHS Emergency Services Sector Coordinating Council (ESSCC).