# Current solutions
With the current identity solutions available on the market, people are often sharing too much information about themselves, and in most cases we don’t even know what information a service provider is receiving. In Europe, we might use public electronic identities “eIDs” (e.g., BankID, MitId, FTN, DigiD) when logging in to a large number of different services. But, you can use an eID and have no idea what information is being shared about you with the service provider. In addition, the eID provider may collect information about when you are using the eID, and which services you are using.
There is a high level of trust in the Nordics and most people are not too concerned about using their eID. In addition, according to a survey by NorSIS, 48% of Norwegians agree that the government is able to monitor their online activities.
# Why this model may not scale across Europe
In many other markets, people are more skeptical towards such solutions, which is part of the reason that eIDs have not been as successful in many countries. In addition, the large platform providers like Facebook and Google also offer functionality to log in and sign up with service providers. Their business models are based on collecting as much information about their users as possible and monetising this data. It is sold to the highest bidder, who may use it to impact user behavior e.g. nudging users into buying a product or voting a certain way in an election. This should be a big concern for all of us.
# European identity wallet
To ensure a safer digital online presence across Europe, and to stimulate safe and trustworthy digital interactions, the EU is introducing a European digital identity wallet. According to this, each EU state will offer a digital wallet to all of its residents.
An identity wallet allows the user to collect and store attributes from multiple sources and to decide which information to share with whom. This can be extensive identity information, like your full name, address, and NIN (National Identification Number).You can also prove certain claims without revealing who you are, such as “I’m over 18”, “I’m allowed to drive a car”, “I’m eligible for discount on public transportation”, “I’m a Norwegian citizen”, and much more.
# Are you a service provider?
If you are a service provider, what do you need to do? Decentralised identity is coming, but it will still take some time, so there is no need to rush into it. You should start looking into which information you are collecting from your customers, and why are you collecting this information. Most service providers collect much more than they need, which is a GDPR risk.
When people start using an identity wallet they will be able to decide which information to disclose. As a service provider, you should consider carefully which information you need to collect. Do you need the date of birth, or is it sufficient to know that the user is over the legal age? Do you need to know their income, or is it sufficient to know that they have permanent employment? And is it important to know who the employer is? There are many other examples like this. The good part about identity wallets is that it will be easy to validate that the information is true.
# Signicat and decentralized identity
As a qualified trust service provider (QTSP), Signicat is already providing the largest and most advanced identity hub in the world and we will of course extend this to include decentralised identity. In fact, we already have the first integration with IRMA in the Netherlands, which provides financial, educational, health and other information in the wallet to Dutch citizens.
We are closely monitoring the market on decentralised identity. We are doing proof of concepts and discussing this in international fora. Rest assured, when the time comes, that digital wallets will be handled by Signicat’s platform and will be easily available to our customers.