Michael Kubach and Heiko Rossnagel - Fraunhofer IAO
Michael and Heiko - both from Fraunhofer IAO - are old work colleagues from the Horizon 2020 LIGHTest project. They share with me a passion for a viable and successful digital identity ecosystem that can serve and improve society. For this to be the case, financial and societal sustainability is essential. Their thoughts below, echo mine:
The dissatisfaction with current digital identity solutions is widespread. In particular, politics and business are pushing for the development of new identity ecosystems. State eIDs have been rolled out in numerous countries and are now compatible with current smartphones (e.g., Italy, Austria, Germany, Estonia). However, actual usage figures vary widely. Major IT companies such as Microsoft (Cardspace, U-Prove) and IBM have supported the development of privacy-friendly identity management procedures and attribute-based credentials – but these have never been widely adopted. With the European eIDAS regulation (eIDAS “1.0”, from 2014/2016), an established legal framework for privacy-friendly and secure digital identities has already existed for some time.
In fact, digital identities are used daily by most of the population, for example for online shopping and online banking. However, ID silos and federated IDs of American IT companies (Facebook login, Google login, Apple ID, Amazon account) currently dominate practical use. Despite or perhaps because of their wide distribution among end users and service providers, these platform IDs are criticized. On the one hand, this criticism arises from a privacy protection and IT security perspective. These identity providers have the ability to track their users’ login behavior and reuse the data for their own purposes. On the other hand, they are increasingly seen as a threat to Europe’s digital sovereignty in view of their broad success among users as well as service providers and their central position in the digital value chain.
Hence, a lack of widely available, secure, interoperable and easy-to-use digital identities has been identified. This is seen as a major hurdle for the digitization of public and private organizational processes in Europe, as well as for the digital sovereignty of businesses and citizens. The development of corresponding solutions is also associated with great potential for economic growth for entire economies and a correspondingly significant growth potential for the identity management market. Accordingly, the European Union has become active with the eIDAS 2.0 regulation and the development of a European Digital Identity Wallet.
The development of new ID solutions - also around eIDAS 2.0 - is currently strongly focused on the technical architecture regarding data security, privacy protection and usability (as can be seen from the discussions around the first version of the Architecture Reference Framework). However, in order to actually realize the benefits resulting from broad adoption of these solutions, the market for digital IDs and the underlying economic relationships must also be considered - if ecosystems are to be operated as public-private partnerships based on market mechanisms, in which the state (and ultimately taxpayers) do not simply bear all costs.
The multi-sided market for digital IDs is very challenging in terms of value capture by actors in ID ecosystems. Service providers who use digital IDs for their services have the best opportunities for value capture. End users can also benefit clearly from a functioning ID ecosystem, but willingness to pay is low or non-existent. If issuers and data sources for digital IDs also benefit as service providers from the ecosystem, they have potential for value capture through this. Otherwise, they face the question of why they should make the investments to enter the ecosystem and possibly even take on liability risks for the correctness of the digital IDs they issue. For other ecosystem participants (manufacturers of wallets and other infrastructures), it is largely unclear how opportunities for value capture can be realized through various fees without creating adoption barriers that are too high in view of limited willingness to pay by the other actors.
The value capture in ID ecosystems is therefore limited to a few participants, and fees for participation in the ecosystem can quickly create adoption barriers due to low willingness to pay. Thus, doubts remain as to whether economically viable ID ecosystems can be built and operated purely through market mechanisms without significant government intervention or permanent support. Accordingly, further discussions and research on economic design and political preferences are urgently needed. From a societal perspective, ID ecosystems could also be considered important digital (public) infrastructures. In this respect, it would be a political decision whether these digital infrastructures should not be permanently subsidized by the state if they are socially desirable. Accordingly, a sober discourse on the technical design but also on the economic relationships and the role of the state in building these infrastructures is necessary.
Since 2013, Dr. Michael Kubach has been researching issues around digital identity and trust, where he takes a socioeconomic, user oriented perspective, at the Fraunhofer IAO Team Identity Management. Michael Kubach works/has worked in several European and national cooperative research projects such as the EC-funded projects ESSIF-TRAIN and LIGHTest (on trust infrastructures) and FutureID (federated identity management) as well as in national projects such as ONCE (combining self-sovereign identities and other eIDs in a wallet to build an ecosystem for secure identities), ENTOURAGE (ecosystems for smart assistants), and SkIDentity (cloud identity management). Moreover, he is consulting international corporations and NGOs on identity management and blockchain/DLT topics. His research interests are in the areas of socioeconomic aspects of identity management, IT-security, privacy, and blockchain/DLT and their importance for building trustable ecosystems, e.g., for self-sovereign identities.
Dr. Heiko Roßnagel is head of the Team Identity Management at the Fraunhofer IAO. He studied computer science at the Technical University of Darmstadt. He received a PhD in business administration and economics at the Goethe-University Frankfurt. He has coordinated the EC-funded H2020 project LIGHTest and the FP7 project FutureID. He has been participating in several European and national cooperative research projects such as the EC-funded projects Wireless Trust for mobile business (WiTness), Future of Identity in the Information Society (FIDIS), Scoping the Single European Digital Identity Community (SSEDIC), SECUR-ED, NGI Trust and MGov4EU and national projects such as VeRSiert, VERTRAG, SkIDentity, SANDRA, CUES, Industrial Data Space, DAMA and ENTOURAGE. His research interests are in the areas of security, privacy and identity management with a focus on human factors and technology development and adoption.