We use it every day to get access to services quickly. Every time you need to use an online service, install an app, or entertain yourself with a game on Facebook. In each of these actions you make use of your Digital Identity (ID).
Unlike your Analog Identity, such as the identification you have on paper, whether it’s your ID card, passport or driver’s license, Digital Identity involves “remote authentication through digital channels” which is much more complex since human verification and reasoning is replaced by a series of parametric validations performed by computer systems that are not always performed in environments with sufficient privacy or security.
According to the McKinsey Global Institute, the ID can be issued by any institution – from the state, private organizations, profitable or nonprofitable – and is independent of any technology used for authentication. “It could range from the use of biometric data to passwords, PINs or smart devices and security tokens,” it says. In Chile, there is the use of Advanced Electronic Signature that corresponds to a standardized use of Digital Signature infrastructure.
To sum up, Digital Identity – according to Techopedia – is “an online identity adopted or claimed in cyberspace by an individual, organization or electronic device”. It is present on many platforms, from social networks, websites with user registration, banks, retail stores, etc. To do this, the person is linked to digital identifiers, such as email, phone number, among others.
This influences our own Cybersecurity when we interact online.
Attributes of a Good Digital Identity
We don’t always look, but before we give our personal data, we should pay attention to several features when creating a new Digital Identity.
For McKinsey, a good ID should be:
- Verified and authenticated with a high degree of security: Secure digital identification must meet high standards in government and private institutions. To do this, you can use a variety of credentials to achieve high-security authentication and verification. These are biometric data, passwords, QR codes and smart devices
- Unique: The person must have a single identity within a system, and each identity of the system must correspond to a single individual. Example of this is what happens with the Unique Key provided by the State to use its services.
Moreover, a single digital identity must be used in a single system. An example of this is to avoid using the same password across multiple online services, unless you use a federated authentication system such as Facebook or Unique Key (Clave Única).
- Established with individual consent: Consent means that people knowingly register and use digital identification with knowledge of what personal data will be captured and how it will be used.
- With protection of the user’s privacy and ensuring control over personal data: ensuring privacy and security while giving users access to their personal data, decision rights over who has access to that data, with transparency about who has accessed them.
Digital Identity Protection: What Happens in Chile?
A couple of days ago, the Council for Transparency (CPLT) / Consejo para la Transparencia published study on citizen perception of the Protection of Personal Data in Chile in 2019. It stated, in the words of the president of the CPLT, Jorge Quemada, that “8 out of 10 people expressed some level of concern about the use that institutions can give to their data, whether private or public”.
The study indicates that the biggest concern for Chileans is that personal or family photos (68% of preferences) are disseminated, followed by the RUT (67%). In addition, 6 out of 10 respondents indicate that they are more concerned regarding the use of sensitive health information.
For people who claim to frequently use the internet, for 61% of them, their concerns “focus on the use of tools or applications that access their location.” 60% of them care about the use of HR. Ss. and the same percentage for information shared via instant messaging systems such as WhatsApp or Messenger.
What’s at risk: measures to protect your Digital Identity
The biometrics company Jumnio makes a compilation of what we should understand as Digital Identity. For them, information in cyberspace can be grouped into two categories: attributes and digital activities. This information, if readily available, will make it simple for a hacker to “identify” you.
To avoid this, the company suggests several behaviors to be performed and protect your personal cybersecurity. Some of these measures are:
- Do not expose yourself to Wi-Fi-public networks.
- Do not send passwords by mail or chat.
- Do not access unsafe or uncertified websites in browsers.
- Do not provide the phone to strangers.
- Use two-factor authentication.
- Do not fall for phishing attempts (identity supplementation of organizations such as banks).
- Create strong passwords, with combinations of numbers, letters, capital letters and symbols.
- Use different passwords for each online service.
Here are just a few of the steps you can take for your Personal Cybersecurity.