Identity 2.0 - mashup*

I went to the Identity 2.0 mashup at BT by St Pauls yesterday as part of my commitment to try to get more involved in the London start-up scene. I met some very friendly people including Ian Forrester, Stephan Tual and Paul Walsh and was pleased to catch up with Simon Willison and Natalie Downe.

Although I'm approaching the issue of digital identity from a technical point of view most people who attended were looking at it from a business perspective and frankly seemed a bit behind the times. Overall I was surprised at just how much disagreement there was about about the various concepts surrounding identity. It still means very different things to different people and whilst there was a general sense that OpenID is likely to play a major role in a future identity system for the web, no-one seemed quite sure how. Many people I talked to still had concerns about the basic concepts of the technology and whether it was even secure enough to be able to adopt in real commercial systems.

I still have a lot of faith in OpenID but the one thing that seems clear is that OpenID in its current form isn't workable for the needs of most businesses. Whilst companies may be willing to provide OpenIDs they aren't so keen on accepting them to grant access to systems where users have any sort of sensitive data like phone numbers or addresses. Of course at the moment OpenID isn't really aimed at those markets but I don't think it can really take off until it is.

Anyway, here are some of the points that stuck in my mind:

• Your identity is worth £85,000 to a fraudster - not because that's what you have in your account but because that is how much credit they could get by pretending to be you.
• The value of your identity to a business is not in your identity itself but their ability to tie up different pieces of information about you in order to provide more focussed advertising or marketing.
• Potential revenue sources from digital identity are closely related to being able to provide solutions to areas of risk.
• About 55% of the "UK digital mainstream" are concerned about identity but only 4% do anything about it - a consumer product which was capable of saying "protects you from identity theft" would therefore be likely to sell nicely the same way household shredders do at the moment.
• For consumers identity isn't an intellectual issue, it is an emotive issue.
• Finding language to describe digital identity to ordinary people is a key challenge but at the same time if we were all used to using a digital identity we wouldn't need a language to describe it. After all, most people don't know what a URL is but they can tell you their myspace page.

As an aside. I've had £700 stolen from my account over the last few days by a fraudster withdrawing cash from cashpoints in Milan. I still have my card so the person must have been using a clone. The experience has made me even more aware about of the flaws in current digital identity systems and the risks involved if they fail.

(view source)