With the dawn of the internet, online businesses and millions of applications have become part of our lives. But these application and its users does face many challenges. Applications level threats have grown tremendously. Online identity threat, phishing and privacy concerns are on a rise. Almost everyone today has a digital identity and amount of accounts and passwords are getting difficult to track. This paper aims in understanding all you need to know about different ways to prove your identity to authenticate against an application. It discusses present methods like passwords, digital certificates, smart cards to authenticate identities and moves on introducing windows cardspace to manage diverse digital identities effectively. Limitation of each technology and application specific scenarios where these different methods are effective will also be discussed.

What is a Digital identity?


There are tons of definitions out there for the word Identity. One of the most interesting one which I observed is the one from Webster’s dictionary which describes identity as “Collective aspect of the set of characteristics by which a thing is recognizable or known.” It is the sameness of essential character, individuality, or the fact of being the same person as one claims to be. So your identity can include your name, age, your social security number, your DNA, birthmarks, fingerprints, or simply characteristics of your body. Just as the word suggests your identity is something by which you can be identified.

In the physical world each and every one of us are uniquely identified and we possess identity proofs for different purposes. Physical identities ranges from your country issued passport, driving licences, to social security number and credit cards, etc. We can’t even imagine a world without identification, if would have been a nightmare if people did not have names and identity proofs in the physical world. Identities have the same importance in the digital world as well.


But fact today is that we not only live in our physical world but with the tremendous growth of internet where businesses have grown from leaps and bounds, we all live in this digital world as well.

When you identify yourself to this digital world with information about who you are is actually a digital identity which is being represented. Digital identity is how you get identified on the World Wide Web. According to Wikipedia Digital identity also has another common usage as the digital representation of a set of claims made by one digital subject about itself or another digital subject. A digital subject is an entity represented or existing in the digital realm which is being described or dealt with. Digital subjects can be living or non living. They can be humans, devices or computers, web servers or digital resources.

We all have many difficult to manage digital identities as we do in the physical world. Online banking applications, personal and official emails, online communities, blogs and the list goes on and on.

Above is just a glimpse of my new paper around Digital Identities. 
I have started writing on digital identities and various authentication mechanisms available to prove your digital identity- past, present and future.

Stay tuned for more.....

- Anmol Malhotra
Security Consultant
ACE Services Team