As the summer holiday season draws to a close, it’s interesting to see the cultural differences when it comes to taking annual leave. For our Finnish colleagues, the summer break is a chance to switch off and recharge, going completely off grid for 4 weeks, perhaps connecting with family in lakeside cottages. And oftentimes, off-grid means off-grid.
Contrast that to the UK where we don’t allow ourselves to disconnect, always able to respond. I’m pretty sure that’s a win for the Finns – we could probably learn a few things from their approach.
The same holds true for the acceptance of national level identity.
National-level identity in the Nordics
In Finland and the rest of the Nordics, digital identities are embraced. The ability to digitally assert your identity, or your rights, is almost taken for granted. The national level schemes are well developed and integrated into most services.
I’m purposefully referring to them as national level IDs (rather than National IDs) as most are not government-issued identities but originate from the private sector. They result in the secure delivery of (for example) your social security number, but the schemes are set up, managed, and delivered by large organisations, banks, telcos etc.
Of course, a government-issued national identity card does exist in Finland but, in common with most national ID schemes, has adopted a PKI-/smart card-based approach, requiring non-trivial infrastructure at point of use. It consequently has limited use.
National-level identity in the private sector
Banks and telecoms operators are typically using mobile devices on the front end for authentication. Smartphones allow simple, engaging, branded authentication experiences, but basic feature phones are still well catered for to ensure accessibility for most people. In rare cases, printed OTP (one-time password) lists still exist.
Identity schemes are being driven by the organisations that derive the savings benefits from them, and then being adopted by government services as well. Of course, these ID schemes are not free to use and this has seen some friction between government and scheme providers, the end result being regulation over charging levels for authentication.
What can the UK learn from existing national-level identity schemes?
It would seem like there is a lot to learn from the success of these schemes, indeed, the UK would benefit from the introduction of national level schemes if we could culturally accept that we might just be identified by a number in some scenarios.
It’s not all roses though, there are still challenges to be solved. Let’s take a simple example I personally encountered recently. I went to Turkey for a short holiday, and I enquired about getting in some ‘sport model flying’ whilst out there. The sport is well-regulated and pilots must register with the government, with the first part of that registration requiring a Turkish citizen ID. Therefore, only Turkish citizens can register. In this instance, the availability of a national ID has restricted a service, rather than opening up new identity opportunities.
This is not an isolated case. Looking towards Finland again we see the Population Registry planning to invest in ‘non-citizen’ ID support to allow uniform delivery of services. However, it is almost certainly going to be implemented by using an internal ID backed by verification of external identities, rather than being able to directly use another national or global ID.
This problem is not unique to individual identity, with UK corporates primarily identified by their national Companies House number. However, we have seen how the introduction of the globally unique Legal Entity Identifier has enabled a solution to the issue of cross-border identification and will lead to easier cross-border transactions.
Can we learn from this for individual identity? Probably, yes. Although will the UK be restricted by our hesitance to accept a national-level ID, or, does that leave us in a better place – skipping the first (national) implementation and going directly to global?