Anywhere you are asked for a form of identification, such as the airport or the DMV, acceptable documents typically include a driver’s license, birth certificate, passport or Social Security card. But in an increasingly online world, digital identity credentials are becoming more common. In fact, 98% of security professionals have reported an increase in the number of identities they manage within the last year – meaning there are more digital identities than ever before.
It’s important to realize, though, that a digital identity is built from the same personally identifiable information (PII) as traditional credentials. Their exposure can harm your digital safety and security in the same way a lost wallet or passport can.
A digital identity is an online profile generated by information gathered from your historical activity on the internet. This identity makes it possible for computer systems and databases to detect you on different networks or applications to personalize your online experience. A digital identity often comprises various forms of PII such as:
Together these data points reveal patterns and create a body of information for a unique digital identifier, such as an email address or personal domain name. Through the use of a digital identity, computers can mediate the relationship between your digital presence and the networks or databases you might be using. This PII verifies you online.
Unfortunately, it is possible for someone to compromise this information and use it in your place to take over an account or commit identity theft. These online authentication data points must be protected in the same way you would safeguard your physical PII documents.
“As long as we continue to depend on apps and our online accounts, our digital identities will need protection,” says Margaret Poe, head of consumer credit education at TransUnion. “We use the internet to do online shopping, transfer money from the bank, go to school, work from home, or go to a doctor’s appointment. It’s all from our phones and laptops, so this is a huge amount of data that must be defended.”
Poe noted there are a few steps that individuals can take to protect their digital identities:
More than two in three people use the same password across multiple accounts. To reduce the risk of an account takeover or a credential stuffing attack, strengthen your logins. The standard 6- to 8-character password is not enough to block a hacker from accessing your information. Instead, upgrade to a secure passphrase. Secure passphrases are at least 12 characters long and include a mix of upper- and lower-case letters, numbers and symbols.
Utilizing MFA or two-factor authentication (2FA) adds an extra layer of security to your online accounts. Both require at least one additional verification step beyond your password before granting access to your account. (MFA requires two or more verification steps, while 2FA requires only two). The additional steps can include a one-time code sent to your phone, an email confirmation, or biometric checks such as facial recognition or thumbprint scans. These additional steps help keep a hacker who may have your username and password from accessing your account.
Virtual private networks (VPNs) encrypt the data your device sends and receives, making it more difficult for any bad actors who might be trying to intercept it. A mobile VPN, for example, provides more secure access to public Wi-Fi networks when using your smartphone or tablet. It can also continue protecting your device when bouncing between different network connections.
Of course, identity theft can happen even if you take precautions. If you suspect that your identity has been stolen, it’s important to act quickly. Take these steps if you’re a victim of identity theft to get you on the path to recovery.
As we continue to rely on technology, our digital identities will only become more prominent in our everyday lives. Soon, we may no longer have to bring our driver’s licenses and passports as we move about the world, but instead use a digital ID.
Both our physical and digital identity documents contain information that is desirable to fraudsters, scammers and identity thieves. As more documents become digital, it is important to remember that we all must take steps to protect our valuable information.