Internet was designed to connect machines, not people. Its basic architecture maps servers with domain names and uses cryptographic certificates to prove that websites are authentic. However, it has no integrated way to fill the gap between our offline identities – citizen, taxpayer, patient, employee, student – and the digital systems on which we are counting more and more to lead our economic, civic and personal life.
Thanks to the missing identity layer of the Internet, online life has become a painful and repetitive hassle of lost passwords, security code texts and bulky invasive inscriptions. We were going together credit files, blurred photos of driving licenses, clumsy selfies and security issues on our childhood pets. The experience is simply horrible, but it doesn’t work either – and it costs us.
The Americans lost $ 47 billion due to fraud and identity scams in 2024 only. Organized criminal networks have siphone billions of pandemic aid. Fraud in benefits, assistance to students and small businesses has become endemic. At the same time, the generator threatens to make all these problems a lot worse. The physical documents that we download to prove that things about ourselves are now trivial to false, while the amazing quality of audio and Deepfake video means that our own faces and voice can no longer prove reliably that it is really we at the other end of a telephone line or a call to zoom.
This is why digital identity must be treated as Critical infrastructureLike the financial system, the electrical network and the Internet itself. The legislators, regulators and leaders of industry have spoken of digital identity as a question of critical infrastructure for years, but the need has never been clearer or more urgent. It is time to act and create a federal digital identity framework – not to centralize identity (Americans do not want or need a national identity document), but to standardize and govern the federated architecture of online trust.
Without that, we will continue to superimpose brittle bypass solutions on an internet that has never been designed to manage identity and risk safety and performance all The critical infrastructure in which the Internet is increasingly woven.
We know what to do
The good news is that we know what to do. Digital identity technology, built on the same encryption methods as we use to verify the authenticity of your bank’s website, can greatly contribute to the closure of the abyss between online and offline identity. Cryptographically secure digital identity has long seemed to be a simply theoretical solution, but it changes quickly. We very recently reached a technical tilting point. We no longer have a tool problem.
Today, at least 20 US states have moved to launch mobile driver licenses and status IDs (MDL) which can be held in a digital portfolio, offering an overview of how digital identification information can operate in practice. Unlike physical driver permits, MDLs, which are signed cryptographically by the transmitting state, cannot be rigged. They support “selective disclosure”, which allows you to share only the information necessary for a specific transaction, such as proving that you are old enough to buy beer without also revealing your weight and your personal address. It is a rare technology that improves security and confidentiality at the same time.
That said, MDLs are not currently very useful because they have been limited to use cases in person. You can use them to prove your identity on certain airport security lines or press a point of sale system in a handful of places to prove that you are old enough to buy an adult drink. It’s cool and holding a MDL on your phone will quickly become more practical and practical as readers will integrate into more systems.
However, to be Really Useful digital identification information should be shared online. For the moment, if you want to open a bank account, start driving for Doordash or selling owls of Macrame on Etsy, you must download a photo of your driving license. It is an awkward and invasive process subject to all kinds of fraud. But in recent months, new technical standards to share and check MDL online, and to request and receive identification information via browsers and mobile operating systems, were finally deployed. Thus, instead of launching another image of your entire driving license in the ether, you will soon be able to safely share an MDL – or simply the information required for the specific transaction – directly from your phone or browser wallet.
The future of digital identification information does not start and does not end with driving licenses. The same basic technology will make it possible to emit and share digital birth certificates, marriage licenses, student identity documents, professional licenses, diplomas – you call it. If it can be issued on paper or plastic, it can be issued as a secure and cryptographically signed digital diploma.
We have technology, but it will not automatically add to the type of digital identity infrastructure we need – or that we want. The successful resolution of the problem will require a large coordination between government agencies that issue our identity information, organizations that establish technical standards, software companies and manufacturers of devices that create secure digital portfolios and citizens rightly jealous of their confidentiality and their sensitive personal information that do not feel obliged to share their mobile driving license Pizza.
We could easily get stuck with a patchwork
Without federal leadership, we are likely to be stuck with what we already have: a patchwork of identity programs led by DMV, contracts from closed system and partitional solutions that do not establish or do not question. To do things well, we need a federal digital identity strategy that establishes the rules, standards and guarantees on the functioning of identity in the 21st century.
This strategy should do four things:
- Establish shared technical and political standards For the way digital identity information is issued, verified and used. This includes confidentiality by design, selective disclosure, cryptographic integrity and high verification.
- Ensure interoperability Between states, agencies, platforms and sectors. That someone’s identification information is issued by a state, a federal agency or a private entity, this should work wherever identity is necessary, as is passports, but for digital life.
- Build public confidence. This means railings, transparency and legal surveillance. The identity infrastructure must be open, true and protected against the abuses of state and businesses. Clear rules must be limited when sensitive digital identification information may be requested and regulate how our personal information is collected, stored and shared. Digital identification information issues should not know when you presented them. If digital IDs can be used to follow us, we will not use them.
- Promote inclusion and resilience. Not everyone has a smartphone. Not everyone drives. Not everyone wants to use the same platform. A national executive should take charge of public options, such as the digital identification and emission supply offer in local post offices – and neutrality of the device and the platform.
The government has taken a few small steps in the right direction. The text of the Act on Engineering, which creates a legal structure around Stablecoins, orders the Ministry of the Treasury to explore digital identity technology as a tool for combating illicit finance. Similarly, a recent report of the White House working group on digital asset markets notes that digital identity is essential for obtaining cryptocurrency networks against fraud and financial crime in a preserved manner in confidentiality.
It’s great, but in an increasingly online world, identity and confidence problems permeate almost all services and systems, not just cryptocurrency. Infrastructure problems require solutions in terms of infrastructure. It starts with a federal framework for digital identity.
Again, it is not a question of publishing a national identity card. Nor is it a question of replacing paper and plastic references with digital references. There should always be physical identification information and the option of using it. It is a question of creating a layer of public confidence – an identity architecture which allows a secure participation, preserving confidentiality and centered on man with digital systems which came to shape our lives.
It will not work without confidence
None of this will work if people do not trust it. There is a reason why many Americans become nervous when they hear “digital identifier”. And they are not mistaken. Identity systems – in particular those controlled by centralized authorities or linked to proprietary platforms – can become powerful monitoring tools. Without guarantees, they may activate the very abuses that they are supposed to prevent.
This is why confidentiality is not an optional functionality. It is the cornerstone of any legitimate identity infrastructure.
A well -designed digital identity system does not check that you are who tell you. It also protects your ability to Limit what you reveal – To disclose that you are over 18 without putting back your birthday, to prove the eligibility for services without exposing your financial history. We have the tools for this. The question is whether we will use them.
A system of digital identity without democratic governance or legal railings does not improve freedom – it conditions it. This transforms participation into permission. And when identity becomes a proprietary product, the terms of recognition go from public legitimacy to private control.
We built the internet without a layer of identity. We can solve this problem. But it will take public coordination, political will and a commitment to openness, privacy and the common good.
So let’s start. Let’s do things correctly.
The opinions expressed in the Fortune.com comments are only the views of their authors and do not necessarily reflect the opinions and beliefs of Fortune.
