Digital Identity Perspectives

We usually speak of identity in the singular, but in fact, entities have multiple identities. From our point of view, they tend to seem like different facets of our identity, but other entities have a specific view that corresponds to only a subset of those attributes. For example, my bank sees a set of attributes for me that correspond to my credit card numbers, account numbers, credit score, and so on. My employer sees a different subset that overlaps only in a few points such as name, social security number, and the one bank account I give my employer for depositing my paycheck.

My multiple identities are linked by me and little else. They represent different perspectives on who Phil Windley is and what attributes I possess. Most of these attributes are stored in various formats in myriad databases. In the State of Utah alone, there are over 250 different databases that portions of my digital identity might be stored in depending on my interactions with the State. These multiple identities, or personas, as they are sometimes called, are tied together by a few common data elements that are used, imperfectly, as keys for accessing them: my name, my address, my social security number, and my birthday.

To make sense of all of this, Andre Durand introduced the concept of "tiers of identity." The figure below shows a schematic of these tiers. At the core is the first tier labeled "My Identity." Tier 1 consists of attributes that are assumed by the entity and are both timeless and unconditional. For example, I have blue eyes, my name is Phil Windley, and so on.

Identity Tiers
Identity Tiers (click to enlarge)

Tier 2, labeled "Shared Identity," consists of the attributes that are assigned to us by others. These attributes are shared because they are used to identity the individual, but are temporarily issued based on some kind of relationship. Your wallet is filled with Tier 2 identities; your driver's license, your employee badge, your credit card, your health insurance card, your library card, and so on are all examples of identity information that is assigned to you. Once the relationship that defines the identity is terminated, the attributes associated with it can no longer be used.

The outermost layer, labeled "Asbstracted Identity" establishes the identity of groups. For example, I may be identified as a "Utahn," a "white male over 40", or any number of other so called demographic groups. Companies may classify me as a "frequent flier," or a "first time customer." All of these groupings identify me in some way, but only abstractly. Tier 3 is largely about marketing.

Tier 2 identity relationships happen with our consent and are mostly welcome because of the benefit we perceive. Tier 3 relationships are usually forced upon us and most people resent them. For example unsolicited commercial email (UCE, sometimes called "Spam") is a Tier 3 identity issue. So are telephone solicitors and even TV advertisements. The problem with Tier 3 identity is that it is inaccurate and non-specific and thus rarely meets a real need. The benefit is so small as to be inconsequential and so most people perceive Tier 3 identity efforts as bothersome.

Identity Powershifts

How your employees and customers perceive your efforts to build a digital identity infrastructure depends largely on being cognizant of people's inherent dislike of what we can now classify as Tier 3 relationships and sensitive to their desire that you give them real value in any Tier 2 relationships. The identity problems and potential faced by organizations, the very subject of this book, happen at Tier 2.

For the most part Tier 2 relationships are dictated on the terms of the business or organization and consented to by the individual. This one-way relationship is likely to change over time as service-oriented business become more sophisticated. This powershift is brought on by more sophisticated standards and improved systems that make it easier for customers to switch their allegiance. Also, businesses are beginning to offer more customized services, making it more likely that customers will begin to dictate some of the terms in their relationships. It will no longer be a "take-it-or-leave-it" world, but a world based on what some have called "mass customization."

One of the fallouts from this powershift is identity aggregation. As we've noted, individuals mentally aggregate their Tier 2 relationships much more than is possible in the real world. I don't tend to think of myself as a Key Bank customer; I think of myself in holistic terms with Key Bank being just one of many relationships that I am part of. Federation and other means of aggregating identity are one answer to the identity silos created by the multiple Tier 2 relationships. I have completely separate relationships with my airline and my rental car company and that creates extra work for me each time I travel. Getting back to value, I'm willing to have those identities aggregated in some way if it makes booking travel more convenient.

Another fallout from this powershift is the disappearance of Tier 3 identity. As identity infrastructures become better at identifying individual customers and businesses adapt by providing more fine-grained service customization, the need to market to broad demographic groups disappears. I'm not about to predict the disappearance of Spam anytime soon, but it and other mass-market approaches are becoming less and less effective. Good businesses will recognize this shift and move their operations away from broadcast and mass marketing and towards more individual specific marketing efforts.

I believe that over the next decade we will see brand new mechanisms spring up by which customers can telegraph their desires to businesses and businesses will find new ways to meet those demands. As an example, not too long ago, I was at a conference and got an email from Doc Searls asking if anyone had a spare power adapter for a Mac. He'd forgotten his at home. This simple act was Doc signaling a need to the group he knew was at the conference and used Macs. We posited later that it would be nice for Doc to be able to let local businesses know of his need as well so that they could solve his problem--for a fee of course. At present, the only way to do this would be for Doc to actually look up local businesses and call or send email, but that needn't be the case in a world with good networks and better identity infrastructures. Doc calls this "demand informing supply."

Regardless of what you call it, business is more than just transactions. Business is about relationships. Relationships with customers, employees, suppliers, and partners. These relationships, especially those with customers, have tended to be one-way and very impersonal. Identity changes that and just in time because customers are demanding more custom service delivered to them wherever they happen to be and exactly when they want it.

Last Modified: Monday, 25-Jan-2021 16:02:46 UTC