Think about this… it is not what you say about yourself that makes your identity strong, it is what other people say. Clearly you have some influences, but it is not you that makes your identity strong, one could say its your reputation that is the backbone for your identity strength. Or is it?
I’ve been thinking about this for a long time now, because you know it really doesn’t matter whether you have a good or a bad reputation. So long as you have one, and people are talking about you, your identity is strong. Your identity cannot be stolen. Persons with strongest identities are prominent figures nationally and internationally. A good President or a bad President, doesn’t matter, their identities are strong.
The fact is the more references, i.e. people that refer to you, the stronger is your identity. Hence your identity is strengthened by exposure, and then by others pointing back at you, and saying that you are who you say you are. This is not reputation, this is your personal ecosystem. It is what they say that makes your personal ecosystem vibrant with positive or negative energy, i.e. your reputation.
Now what about your digital identity? Today in our digitised society your digitalidentity is quite simply an entry in a database, an object in duplicate, triplicate and much more, copied over numerous disparate directories scattered across the globe. Hence your digital identity is not an identity at all. You don’t own it, and you don’t know where it is! The consequences are that your digital identity is easy to steal and use fraudulently, weakening with exposure, the inverse of what happens with your physical identity.
So what could make your digital identity strong?
The problem at the moment is that your digital identities are organised around the information that they need to access, not around you, the identity owner. Pretty weird really, but not so when one understands that the need for information security, i.e. protection of the confidentiality and integrity of information did not happen until after information silos were created. So what happened is that authentication credentials (your digital identities) were added and given access commiserate with what was needed and approved by the information owners. As the silos continued to populate the world, so did your digital identities. So it’s a bit of a mess really.
Security pertaining to a digital identity should be organised around the identity, not the information!
Is there a solution? Yes we need to completely rethink how we do identity control. Note, I call this identity control and not identity management. It is my opinion that security pertaining to an identity should be organised around the identity, not the information. It should be the identity owner that controls their digital identity and whatever is created in its wake (i.e. digital footprint). Now, if the creation of digital identities were to mirror how it works in the physical world, i.e. strength of digital identities grows through referencing, which means the digital identity becomes stronger with exposure, then we have a solution!